Search in sources :

Example 1 with TokenDestinationItem

use of password.pwm.bean.TokenDestinationItem in project pwm by pwm-project.

the class ForgottenPasswordServlet method processTokenChoice.

@ActionHandler(action = "tokenChoice")
private ProcessStatus processTokenChoice(final PwmRequest pwmRequest) throws PwmUnrecoverableException {
    final ForgottenPasswordBean forgottenPasswordBean = forgottenPasswordBean(pwmRequest);
    final List<TokenDestinationItem> items = ForgottenPasswordUtil.figureAvailableTokenDestinations(pwmRequest, forgottenPasswordBean);
    final String requestedID = pwmRequest.readParameterAsString("choice", PwmHttpRequestWrapper.Flag.BypassValidation);
    if (!StringUtil.isEmpty(requestedID)) {
        for (final TokenDestinationItem item : items) {
            if (requestedID.equals(item.getId())) {
                forgottenPasswordBean.getProgress().setTokenDestination(item);
            }
        }
    }
    return ProcessStatus.Continue;
}
Also used : ForgottenPasswordBean(password.pwm.http.bean.ForgottenPasswordBean) TokenDestinationItem(password.pwm.bean.TokenDestinationItem)

Example 2 with TokenDestinationItem

use of password.pwm.bean.TokenDestinationItem in project pwm by pwm-project.

the class ActivateUserServlet method processTokenChoice.

@ActionHandler(action = "tokenChoice")
private ProcessStatus processTokenChoice(final PwmRequest pwmRequest) throws PwmUnrecoverableException {
    final ActivateUserBean activateUserBean = activateUserBean(pwmRequest);
    final UserInfo userInfo = userInfo(pwmRequest);
    final MessageSendMethod tokenSendMethod = pwmRequest.getConfig().readSettingAsEnum(PwmSetting.ACTIVATE_TOKEN_SEND_METHOD, MessageSendMethod.class);
    final List<TokenDestinationItem> tokenDestinationItems = TokenUtil.figureAvailableTokenDestinations(pwmRequest.getPwmApplication(), pwmRequest.getSessionLabel(), pwmRequest.getLocale(), userInfo, tokenSendMethod);
    final String requestedID = pwmRequest.readParameterAsString("choice", PwmHttpRequestWrapper.Flag.BypassValidation);
    if (!StringUtil.isEmpty(requestedID)) {
        for (final TokenDestinationItem item : tokenDestinationItems) {
            if (requestedID.equals(item.getId())) {
                activateUserBean.setTokenDestination(item);
            }
        }
    }
    return ProcessStatus.Continue;
}
Also used : UserInfo(password.pwm.ldap.UserInfo) MessageSendMethod(password.pwm.config.option.MessageSendMethod) TokenDestinationItem(password.pwm.bean.TokenDestinationItem) ActivateUserBean(password.pwm.http.bean.ActivateUserBean)

Example 3 with TokenDestinationItem

use of password.pwm.bean.TokenDestinationItem in project pwm by pwm-project.

the class NewUserServlet method forwardToEnterCode.

static void forwardToEnterCode(final PwmRequest pwmRequest, final NewUserProfile newUserProfile, final NewUserBean newUserBean) throws ServletException, PwmUnrecoverableException, IOException {
    final TokenDestinationItem tokenDestinationItem = NewUserUtils.tokenDestinationItemForCurrentValidation(pwmRequest, newUserBean, newUserProfile);
    pwmRequest.setAttribute(PwmRequestAttribute.TokenDestItems, tokenDestinationItem);
    pwmRequest.forwardToJsp(JspUrl.NEW_USER_ENTER_CODE);
}
Also used : TokenDestinationItem(password.pwm.bean.TokenDestinationItem)

Example 4 with TokenDestinationItem

use of password.pwm.bean.TokenDestinationItem in project pwm by pwm-project.

the class NewUserServlet method handleEnterCodeRequest.

@ActionHandler(action = "enterCode")
private ProcessStatus handleEnterCodeRequest(final PwmRequest pwmRequest) throws PwmUnrecoverableException, IOException, ServletException, ChaiUnavailableException {
    final PwmSession pwmSession = pwmRequest.getPwmSession();
    final NewUserBean newUserBean = getNewUserBean(pwmRequest);
    final NewUserProfile newUserProfile = getNewUserProfile(pwmRequest);
    final String userEnteredCode = pwmRequest.readParameterAsString(PwmConstants.PARAM_TOKEN);
    final TokenDestinationItem tokenDestinationItem = NewUserUtils.tokenDestinationItemForCurrentValidation(pwmRequest, newUserBean, newUserProfile);
    ErrorInformation errorInformation = null;
    TokenPayload tokenPayload = null;
    try {
        tokenPayload = TokenUtil.checkEnteredCode(pwmRequest, userEnteredCode, tokenDestinationItem, null, TokenType.NEWUSER, TokenService.TokenEntryType.unauthenticated);
    } catch (PwmUnrecoverableException e) {
        LOGGER.debug(pwmRequest, "error while checking entered token: ");
        errorInformation = e.getErrorInformation();
    }
    if (tokenPayload != null) {
        try {
            final NewUserTokenData newUserTokenData = NewUserFormUtils.fromTokenPayload(pwmRequest, tokenPayload);
            newUserBean.setProfileID(newUserTokenData.getProfileID());
            final NewUserForm newUserFormFromToken = newUserTokenData.getFormData();
            final TokenDestinationItem.Type tokenType = tokenPayload.getDestination().getType();
            if (tokenType == TokenDestinationItem.Type.email) {
                try {
                    verifyForm(pwmRequest, newUserFormFromToken, false);
                    newUserBean.setRemoteInputData(newUserTokenData.getInjectionData());
                    newUserBean.setNewUserForm(newUserFormFromToken);
                    newUserBean.setProfileID(newUserTokenData.getProfileID());
                    newUserBean.setFormPassed(true);
                    newUserBean.getCompletedTokenFields().addAll(newUserTokenData.getCompletedTokenFields());
                    newUserBean.setCurrentTokenField(newUserTokenData.getCurrentTokenField());
                } catch (PwmUnrecoverableException | PwmOperationalException e) {
                    LOGGER.error(pwmRequest, "while reading stored form data in token payload, form validation error occurred: " + e.getMessage());
                    errorInformation = e.getErrorInformation();
                }
            } else if (tokenType == TokenDestinationItem.Type.sms) {
                if (newUserBean.getNewUserForm() == null || !newUserBean.getNewUserForm().isConsistentWith(newUserFormFromToken)) {
                    LOGGER.debug(pwmRequest, "token value is valid, but form data does not match current session form data");
                    final String errorMsg = "sms token does not match current session";
                    errorInformation = new ErrorInformation(PwmError.ERROR_TOKEN_INCORRECT, errorMsg);
                }
            }
        } catch (PwmOperationalException e) {
            errorInformation = e.getErrorInformation();
        }
    }
    if (errorInformation != null) {
        LOGGER.debug(pwmSession, errorInformation.toDebugStr());
        setLastError(pwmRequest, errorInformation);
        return ProcessStatus.Continue;
    }
    LOGGER.debug(pwmRequest, "marking token as passed " + JsonUtil.serialize(tokenDestinationItem));
    newUserBean.getCompletedTokenFields().add(newUserBean.getCurrentTokenField());
    newUserBean.setTokenSent(false);
    newUserBean.setCurrentTokenField(null);
    if (pwmRequest.getConfig().readSettingAsBoolean(PwmSetting.DISPLAY_TOKEN_SUCCESS_BUTTON)) {
        pwmRequest.setAttribute(PwmRequestAttribute.TokenDestItems, tokenPayload.getDestination());
        pwmRequest.forwardToJsp(JspUrl.NEW_USER_TOKEN_SUCCESS);
        return ProcessStatus.Halt;
    }
    return ProcessStatus.Continue;
}
Also used : PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) NewUserProfile(password.pwm.config.profile.NewUserProfile) TokenDestinationItem(password.pwm.bean.TokenDestinationItem) TokenPayload(password.pwm.svc.token.TokenPayload) PwmOperationalException(password.pwm.error.PwmOperationalException) ErrorInformation(password.pwm.error.ErrorInformation) PwmSession(password.pwm.http.PwmSession) NewUserBean(password.pwm.http.bean.NewUserBean)

Example 5 with TokenDestinationItem

use of password.pwm.bean.TokenDestinationItem in project pwm by pwm-project.

the class UpdateProfileUtil method tokenDestinationItemForCurrentValidation.

static TokenDestinationItem tokenDestinationItemForCurrentValidation(final PwmRequest pwmRequest, final UpdateProfileBean updateProfileBean, final UpdateProfileProfile updateProfileProfile) {
    final List<FormConfiguration> formFields = updateProfileProfile.readSettingAsForm(PwmSetting.UPDATE_PROFILE_FORM);
    final LdapProfile ldapProfile = pwmRequest.getUserInfoIfLoggedIn().getLdapProfile(pwmRequest.getConfig());
    final Map<String, TokenDestinationItem.Type> tokenTypeMap = FormUtility.identifyFormItemsNeedingPotentialTokenValidation(ldapProfile, formFields);
    final String value = updateProfileBean.getFormData().get(updateProfileBean.getCurrentTokenField());
    final TokenDestinationItem.Type type = tokenTypeMap.get(updateProfileBean.getCurrentTokenField());
    return TokenDestinationItem.builder().display(value).id("1").value(value).type(type).build();
}
Also used : TokenType(password.pwm.svc.token.TokenType) FormConfiguration(password.pwm.config.value.data.FormConfiguration) LdapProfile(password.pwm.config.profile.LdapProfile) TokenDestinationItem(password.pwm.bean.TokenDestinationItem)

Aggregations

TokenDestinationItem (password.pwm.bean.TokenDestinationItem)19 ErrorInformation (password.pwm.error.ErrorInformation)6 UserInfo (password.pwm.ldap.UserInfo)6 PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)5 ForgottenPasswordBean (password.pwm.http.bean.ForgottenPasswordBean)5 MessageSendMethod (password.pwm.config.option.MessageSendMethod)4 ForgottenPasswordProfile (password.pwm.config.profile.ForgottenPasswordProfile)4 FormConfiguration (password.pwm.config.value.data.FormConfiguration)4 TokenType (password.pwm.svc.token.TokenType)4 ArrayList (java.util.ArrayList)3 PwmOperationalException (password.pwm.error.PwmOperationalException)3 HashSet (java.util.HashSet)2 List (java.util.List)2 UserIdentity (password.pwm.bean.UserIdentity)2 Configuration (password.pwm.config.Configuration)2 LdapProfile (password.pwm.config.profile.LdapProfile)2 PwmSession (password.pwm.http.PwmSession)2 ActivateUserBean (password.pwm.http.bean.ActivateUserBean)2 SearchConfiguration (password.pwm.ldap.search.SearchConfiguration)2 TimeDuration (password.pwm.util.java.TimeDuration)2