Search in sources :

Example 6 with TokenDestinationItem

use of password.pwm.bean.TokenDestinationItem in project pwm by pwm-project.

the class UpdateProfileUtil method checkForTokenVerificationProgress.

static ProcessStatus checkForTokenVerificationProgress(final PwmRequest pwmRequest, final UpdateProfileBean updateProfileBean, final UpdateProfileProfile updateProfileProfile) throws PwmUnrecoverableException, ServletException, IOException {
    final Map<String, TokenDestinationItem.Type> requiredTokenValidations = determineTokenValidationsRequired(pwmRequest, updateProfileBean, updateProfileProfile);
    if (!requiredTokenValidations.isEmpty()) {
        final Set<String> remainingValidations = new HashSet<>(requiredTokenValidations.keySet());
        remainingValidations.removeAll(updateProfileBean.getCompletedTokenFields());
        if (!remainingValidations.isEmpty()) {
            if (StringUtil.isEmpty(updateProfileBean.getCurrentTokenField())) {
                updateProfileBean.setCurrentTokenField(remainingValidations.iterator().next());
                updateProfileBean.setTokenSent(false);
            }
            if (!updateProfileBean.isTokenSent()) {
                final TokenDestinationItem tokenDestinationItem = tokenDestinationItemForCurrentValidation(pwmRequest, updateProfileBean, updateProfileProfile);
                final TimeDuration tokenLifetime = tokenDestinationItem.getType() == TokenDestinationItem.Type.email ? updateProfileProfile.getTokenDurationEmail(pwmRequest.getConfig()) : updateProfileProfile.getTokenDurationSMS(pwmRequest.getConfig());
                TokenUtil.initializeAndSendToken(pwmRequest, TokenUtil.TokenInitAndSendRequest.builder().userInfo(pwmRequest.getPwmSession().getUserInfo()).tokenDestinationItem(tokenDestinationItem).emailToSend(PwmSetting.EMAIL_UPDATEPROFILE_VERIFICATION).tokenType(TokenType.UPDATE).smsToSend(PwmSetting.SMS_UPDATE_PROFILE_TOKEN_TEXT).tokenLifetime(tokenLifetime).build());
                updateProfileBean.setTokenSent(true);
            }
            forwardToEnterCode(pwmRequest, updateProfileProfile, updateProfileBean);
            return ProcessStatus.Halt;
        }
    }
    return ProcessStatus.Continue;
}
Also used : TokenType(password.pwm.svc.token.TokenType) TimeDuration(password.pwm.util.java.TimeDuration) TokenDestinationItem(password.pwm.bean.TokenDestinationItem) HashSet(java.util.HashSet)

Example 7 with TokenDestinationItem

use of password.pwm.bean.TokenDestinationItem in project pwm by pwm-project.

the class TokenUtil method figureAvailableTokenDestinations.

public static List<TokenDestinationItem> figureAvailableTokenDestinations(final PwmApplication pwmApplication, final SessionLabel sessionLabel, final Locale locale, final UserInfo userInfo, final MessageSendMethod tokenSendMethod) throws PwmUnrecoverableException {
    if (tokenSendMethod == null || tokenSendMethod.equals(MessageSendMethod.NONE)) {
        throw PwmUnrecoverableException.newException(PwmError.ERROR_TOKEN_MISSING_CONTACT, "no token send methods configured in profile");
    }
    List<TokenDestinationItem> tokenDestinations = new ArrayList<>(TokenDestinationItem.allFromConfig(pwmApplication, userInfo));
    if (tokenSendMethod != MessageSendMethod.CHOICE_SMS_EMAIL) {
        tokenDestinations = tokenDestinations.stream().filter(tokenDestinationItem -> tokenSendMethod == tokenDestinationItem.getType().getMessageSendMethod()).collect(Collectors.toList());
    }
    final List<TokenDestinationItem> effectiveItems = new ArrayList<>();
    for (final TokenDestinationItem item : tokenDestinations) {
        final TokenDestinationItem effectiveItem = invokeExternalTokenDestRestClient(pwmApplication, sessionLabel, locale, userInfo.getUserIdentity(), item);
        effectiveItems.add(effectiveItem);
    }
    LOGGER.trace(sessionLabel, "calculated available token send destinations: " + JsonUtil.serializeCollection(effectiveItems));
    if (tokenDestinations.isEmpty()) {
        final String msg = "no available contact methods of type " + tokenSendMethod.name() + " available";
        throw PwmUnrecoverableException.newException(PwmError.ERROR_TOKEN_MISSING_CONTACT, msg);
    }
    return Collections.unmodifiableList(effectiveItems);
}
Also used : ArrayList(java.util.ArrayList) TokenDestinationItem(password.pwm.bean.TokenDestinationItem)

Example 8 with TokenDestinationItem

use of password.pwm.bean.TokenDestinationItem in project pwm by pwm-project.

the class UpdateProfileUtil method forwardToEnterCode.

static void forwardToEnterCode(final PwmRequest pwmRequest, final UpdateProfileProfile updateProfileProfile, final UpdateProfileBean updateProfileBean) throws ServletException, PwmUnrecoverableException, IOException {
    final TokenDestinationItem tokenDestinationItem = tokenDestinationItemForCurrentValidation(pwmRequest, updateProfileBean, updateProfileProfile);
    pwmRequest.setAttribute(PwmRequestAttribute.TokenDestItems, tokenDestinationItem);
    pwmRequest.forwardToJsp(JspUrl.UPDATE_ATTRIBUTES_ENTER_CODE);
}
Also used : TokenDestinationItem(password.pwm.bean.TokenDestinationItem)

Example 9 with TokenDestinationItem

use of password.pwm.bean.TokenDestinationItem in project pwm by pwm-project.

the class UpdateProfileServlet method handleEnterCodeRequest.

@ActionHandler(action = "enterCode")
ProcessStatus handleEnterCodeRequest(final PwmRequest pwmRequest) throws PwmUnrecoverableException, ServletException, IOException {
    setLastError(pwmRequest, null);
    final UpdateProfileBean updateProfileBean = getBean(pwmRequest);
    final UpdateProfileProfile updateProfileProfile = getProfile(pwmRequest);
    final String userEnteredCode = pwmRequest.readParameterAsString(PwmConstants.PARAM_TOKEN);
    final TokenDestinationItem tokenDestinationItem = UpdateProfileUtil.tokenDestinationItemForCurrentValidation(pwmRequest, updateProfileBean, updateProfileProfile);
    ErrorInformation errorInformation = null;
    try {
        TokenUtil.checkEnteredCode(pwmRequest, userEnteredCode, tokenDestinationItem, pwmRequest.getUserInfoIfLoggedIn(), TokenType.UPDATE, TokenService.TokenEntryType.authenticated);
    } catch (PwmUnrecoverableException e) {
        LOGGER.debug(pwmRequest, "error while checking entered token: ");
        errorInformation = e.getErrorInformation();
    }
    if (errorInformation != null) {
        setLastError(pwmRequest, errorInformation);
        UpdateProfileUtil.forwardToEnterCode(pwmRequest, updateProfileProfile, updateProfileBean);
        return ProcessStatus.Halt;
    }
    LOGGER.debug(pwmRequest, "marking token as passed " + JsonUtil.serialize(tokenDestinationItem));
    updateProfileBean.getCompletedTokenFields().add(updateProfileBean.getCurrentTokenField());
    updateProfileBean.setTokenSent(false);
    updateProfileBean.setCurrentTokenField(null);
    if (pwmRequest.getConfig().readSettingAsBoolean(PwmSetting.DISPLAY_TOKEN_SUCCESS_BUTTON)) {
        pwmRequest.setAttribute(PwmRequestAttribute.TokenDestItems, tokenDestinationItem);
        pwmRequest.forwardToJsp(JspUrl.UPDATE_ATTRIBUTES_TOKEN_SUCCESS);
        return ProcessStatus.Halt;
    }
    return ProcessStatus.Continue;
}
Also used : ErrorInformation(password.pwm.error.ErrorInformation) UpdateProfileBean(password.pwm.http.bean.UpdateProfileBean) UpdateProfileProfile(password.pwm.config.profile.UpdateProfileProfile) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) TokenDestinationItem(password.pwm.bean.TokenDestinationItem)

Example 10 with TokenDestinationItem

use of password.pwm.bean.TokenDestinationItem in project pwm by pwm-project.

the class TokenUtil method checkEnteredCode.

public static TokenPayload checkEnteredCode(final PwmRequest pwmRequest, final String userEnteredCode, final TokenDestinationItem tokenDestinationItem, final UserIdentity userIdentity, final TokenType tokenType, final TokenService.TokenEntryType tokenEntryType) throws PwmUnrecoverableException {
    try {
        final TokenPayload tokenPayload = pwmRequest.getPwmApplication().getTokenService().processUserEnteredCode(pwmRequest.getPwmSession(), pwmRequest.getUserInfoIfLoggedIn(), tokenType, userEnteredCode, tokenEntryType);
        if (tokenPayload != null) {
            if (!tokenType.matchesName(tokenPayload.getName())) {
                final String errorMsg = "expecting email token type but received : " + tokenPayload.getName();
                throw PwmUnrecoverableException.newException(PwmError.ERROR_TOKEN_INCORRECT, errorMsg);
            }
            if (tokenEntryType == TokenService.TokenEntryType.authenticated) {
                if (tokenPayload.getUserIdentity() == null) {
                    final String errorMsg = "missing userID for received token";
                    throw PwmUnrecoverableException.newException(PwmError.ERROR_TOKEN_INCORRECT, errorMsg);
                }
                if (!userIdentity.canonicalEquals(pwmRequest.getUserInfoIfLoggedIn(), pwmRequest.getPwmApplication())) {
                    final String errorMsg = "received token is not for currently authenticated user, received token is for: " + tokenPayload.getUserIdentity().toDisplayString();
                    throw PwmUnrecoverableException.newException(PwmError.ERROR_TOKEN_INCORRECT, errorMsg);
                }
            }
            if (tokenDestinationItem != null) {
                final String currentTokenDest = tokenDestinationItem.getValue();
                final TokenDestinationItem payloadTokenDest = tokenPayload.getDestination();
                if (payloadTokenDest != null && !StringUtil.nullSafeEquals(currentTokenDest, payloadTokenDest.getValue())) {
                    final String errorMsg = "token is for destination '" + currentTokenDest + "', but the current expected destination is '" + payloadTokenDest + "'";
                    throw PwmUnrecoverableException.newException(PwmError.ERROR_TOKEN_INCORRECT, errorMsg);
                }
            }
        }
        return tokenPayload;
    } catch (PwmOperationalException e) {
        final String errorMsg = "token incorrect: " + e.getMessage();
        throw PwmUnrecoverableException.newException(PwmError.ERROR_TOKEN_INCORRECT, errorMsg);
    }
}
Also used : TokenDestinationItem(password.pwm.bean.TokenDestinationItem) PwmOperationalException(password.pwm.error.PwmOperationalException)

Aggregations

TokenDestinationItem (password.pwm.bean.TokenDestinationItem)19 ErrorInformation (password.pwm.error.ErrorInformation)6 UserInfo (password.pwm.ldap.UserInfo)6 PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)5 ForgottenPasswordBean (password.pwm.http.bean.ForgottenPasswordBean)5 MessageSendMethod (password.pwm.config.option.MessageSendMethod)4 ForgottenPasswordProfile (password.pwm.config.profile.ForgottenPasswordProfile)4 FormConfiguration (password.pwm.config.value.data.FormConfiguration)4 TokenType (password.pwm.svc.token.TokenType)4 ArrayList (java.util.ArrayList)3 PwmOperationalException (password.pwm.error.PwmOperationalException)3 HashSet (java.util.HashSet)2 List (java.util.List)2 UserIdentity (password.pwm.bean.UserIdentity)2 Configuration (password.pwm.config.Configuration)2 LdapProfile (password.pwm.config.profile.LdapProfile)2 PwmSession (password.pwm.http.PwmSession)2 ActivateUserBean (password.pwm.http.bean.ActivateUserBean)2 SearchConfiguration (password.pwm.ldap.search.SearchConfiguration)2 TimeDuration (password.pwm.util.java.TimeDuration)2