Example 11 with TokenDestinationItem
use of password.pwm.bean.TokenDestinationItem in project pwm by pwm-project.
the class ForgottenPasswordServlet method forwardToEnterTokenJsp.
private static void forwardToEnterTokenJsp(final PwmRequest pwmRequest) throws ServletException, PwmUnrecoverableException, IOException {
final ForgottenPasswordBean forgottenPasswordBean = forgottenPasswordBean(pwmRequest);
final ForgottenPasswordProfile forgottenPasswordProfile = ForgottenPasswordUtil.forgottenPasswordProfile(pwmRequest.getPwmApplication(), forgottenPasswordBean);
final List<TokenDestinationItem> destItems = ForgottenPasswordUtil.figureAvailableTokenDestinations(pwmRequest, forgottenPasswordBean);
ResetAction goBackAction = null;
final boolean autoSelect = Boolean.parseBoolean(pwmRequest.getConfig().readAppProperty(AppProperty.FORGOTTEN_PASSWORD_TOKEN_AUTO_SELECT_DEST));
if (destItems.size() > 1 || !autoSelect) {
goBackAction = ResetAction.clearTokenDestination;
} else if (ForgottenPasswordUtil.hasOtherMethodChoices(forgottenPasswordBean, IdentityVerificationMethod.TOKEN)) {
goBackAction = ResetAction.clearActionChoice;
}
if (goBackAction != null) {
pwmRequest.setAttribute(PwmRequestAttribute.GoBackAction, goBackAction);
}
{
final boolean resendEnabled = forgottenPasswordProfile.readSettingAsBoolean(PwmSetting.TOKEN_RESEND_ENABLE);
pwmRequest.setAttribute(PwmRequestAttribute.ForgottenPasswordResendTokenEnabled, resendEnabled);
}
pwmRequest.forwardToJsp(JspUrl.RECOVER_PASSWORD_ENTER_TOKEN);
}
Also used :
ForgottenPasswordProfile(password.pwm.config.profile.ForgottenPasswordProfile)
ForgottenPasswordBean(password.pwm.http.bean.ForgottenPasswordBean)
TokenDestinationItem(password.pwm.bean.TokenDestinationItem)
Example 12 with TokenDestinationItem
use of password.pwm.bean.TokenDestinationItem in project pwm by pwm-project.
the class ForgottenPasswordServlet method forwardToTokenChoiceJsp.
private static void forwardToTokenChoiceJsp(final PwmRequest pwmRequest) throws ServletException, PwmUnrecoverableException, IOException {
final ForgottenPasswordBean forgottenPasswordBean = forgottenPasswordBean(pwmRequest);
final List<TokenDestinationItem> destItems = ForgottenPasswordUtil.figureAvailableTokenDestinations(pwmRequest, forgottenPasswordBean);
pwmRequest.setAttribute(PwmRequestAttribute.TokenDestItems, new ArrayList<>(destItems));
if (ForgottenPasswordUtil.hasOtherMethodChoices(forgottenPasswordBean, IdentityVerificationMethod.TOKEN)) {
pwmRequest.setAttribute(PwmRequestAttribute.GoBackAction, ResetAction.clearActionChoice.name());
}
pwmRequest.forwardToJsp(JspUrl.RECOVER_PASSWORD_TOKEN_CHOICE);
}
Also used :
ForgottenPasswordBean(password.pwm.http.bean.ForgottenPasswordBean)
TokenDestinationItem(password.pwm.bean.TokenDestinationItem)
Example 13 with TokenDestinationItem
use of password.pwm.bean.TokenDestinationItem in project pwm by pwm-project.
the class ForgottenPasswordServlet method processResendToken.
@ActionHandler(action = "resendToken")
private ProcessStatus processResendToken(final PwmRequest pwmRequest) throws PwmUnrecoverableException, IOException {
final ForgottenPasswordBean forgottenPasswordBean = forgottenPasswordBean(pwmRequest);
{
final ForgottenPasswordProfile forgottenPasswordProfile = ForgottenPasswordUtil.forgottenPasswordProfile(pwmRequest.getPwmApplication(), forgottenPasswordBean);
final boolean resendEnabled = forgottenPasswordProfile.readSettingAsBoolean(PwmSetting.TOKEN_RESEND_ENABLE);
if (!resendEnabled) {
final String errorMsg = "token resend is not enabled";
final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_SERVICE_NOT_AVAILABLE, errorMsg);
throw new PwmUnrecoverableException(errorInformation);
}
}
if (!forgottenPasswordBean.getProgress().isTokenSent()) {
final String errorMsg = "attempt to resend token, but initial token has not yet been sent";
final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_SERVICE_NOT_AVAILABLE, errorMsg);
throw new PwmUnrecoverableException(errorInformation);
}
{
LOGGER.trace(pwmRequest, "preparing to send a new token to user");
final long delayTime = Long.parseLong(pwmRequest.getConfig().readAppProperty(AppProperty.TOKEN_RESEND_DELAY_MS));
JavaHelper.pause(delayTime);
}
{
final UserInfo userInfo = ForgottenPasswordUtil.readUserInfo(pwmRequest, forgottenPasswordBean);
final TokenDestinationItem tokenDestinationItem = forgottenPasswordBean.getProgress().getTokenDestination();
ForgottenPasswordUtil.initializeAndSendToken(pwmRequest, userInfo, tokenDestinationItem);
}
final RestResultBean restResultBean = RestResultBean.forSuccessMessage(pwmRequest, Message.Success_TokenResend);
pwmRequest.outputJsonResult(restResultBean);
return ProcessStatus.Halt;
}
Also used :
ForgottenPasswordProfile(password.pwm.config.profile.ForgottenPasswordProfile)
ErrorInformation(password.pwm.error.ErrorInformation)
PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException)
UserInfo(password.pwm.ldap.UserInfo)
ForgottenPasswordBean(password.pwm.http.bean.ForgottenPasswordBean)
TokenDestinationItem(password.pwm.bean.TokenDestinationItem)
RestResultBean(password.pwm.ws.server.RestResultBean)
Example 14 with TokenDestinationItem
use of password.pwm.bean.TokenDestinationItem in project pwm by pwm-project.
the class ForgottenPasswordServlet method forwardUserBasedOnRecoveryMethod.
private void forwardUserBasedOnRecoveryMethod(final PwmRequest pwmRequest, final IdentityVerificationMethod method) throws ServletException, PwmUnrecoverableException, IOException {
LOGGER.debug(pwmRequest, "attempting to forward request to handle verification method " + method.toString());
final ForgottenPasswordBean forgottenPasswordBean = forgottenPasswordBean(pwmRequest);
ForgottenPasswordUtil.verifyRequirementsForAuthMethod(pwmRequest, forgottenPasswordBean, method);
switch(method) {
case PREVIOUS_AUTH:
{
throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_UNKNOWN, "previous authentication is required, but user has not previously authenticated"));
}
case ATTRIBUTES:
{
pwmRequest.addFormInfoToRequestAttr(forgottenPasswordBean.getAttributeForm(), Collections.emptyMap(), false, false);
pwmRequest.forwardToJsp(JspUrl.RECOVER_PASSWORD_ATTRIBUTES);
}
break;
case CHALLENGE_RESPONSES:
{
pwmRequest.setAttribute(PwmRequestAttribute.ForgottenPasswordChallengeSet, forgottenPasswordBean.getPresentableChallengeSet());
pwmRequest.forwardToJsp(JspUrl.RECOVER_PASSWORD_RESPONSES);
}
break;
case OTP:
{
pwmRequest.setAttribute(PwmRequestAttribute.ForgottenPasswordOtpRecord, ForgottenPasswordUtil.readUserInfo(pwmRequest, forgottenPasswordBean).getOtpUserRecord());
pwmRequest.forwardToJsp(JspUrl.RECOVER_PASSWORD_ENTER_OTP);
}
break;
case TOKEN:
{
final ForgottenPasswordBean.Progress progress = forgottenPasswordBean.getProgress();
final List<TokenDestinationItem> tokenDestinations = ForgottenPasswordUtil.figureAvailableTokenDestinations(pwmRequest, forgottenPasswordBean);
if (progress.getTokenDestination() == null) {
final boolean autoSelect = Boolean.parseBoolean(pwmRequest.getConfig().readAppProperty(AppProperty.FORGOTTEN_PASSWORD_TOKEN_AUTO_SELECT_DEST));
if (autoSelect && tokenDestinations.size() == 1) {
final TokenDestinationItem singleItem = tokenDestinations.iterator().next();
progress.setTokenDestination(singleItem);
}
}
if (progress.getTokenDestination() == null) {
forwardToTokenChoiceJsp(pwmRequest);
return;
}
if (!progress.isTokenSent()) {
final UserInfo userInfo = ForgottenPasswordUtil.readUserInfo(pwmRequest, forgottenPasswordBean);
ForgottenPasswordUtil.initializeAndSendToken(pwmRequest, userInfo, progress.getTokenDestination());
progress.setTokenSent(true);
}
if (!progress.getSatisfiedMethods().contains(IdentityVerificationMethod.TOKEN)) {
forwardToEnterTokenJsp(pwmRequest);
return;
}
}
break;
case REMOTE_RESPONSES:
{
final UserInfo userInfo = ForgottenPasswordUtil.readUserInfo(pwmRequest, forgottenPasswordBean);
final VerificationMethodSystem remoteMethod;
if (forgottenPasswordBean.getProgress().getRemoteRecoveryMethod() == null) {
remoteMethod = new RemoteVerificationMethod();
remoteMethod.init(pwmRequest.getPwmApplication(), userInfo, pwmRequest.getSessionLabel(), pwmRequest.getLocale());
forgottenPasswordBean.getProgress().setRemoteRecoveryMethod(remoteMethod);
} else {
remoteMethod = forgottenPasswordBean.getProgress().getRemoteRecoveryMethod();
}
final List<VerificationMethodSystem.UserPrompt> prompts = remoteMethod.getCurrentPrompts();
final String displayInstructions = remoteMethod.getCurrentDisplayInstructions();
pwmRequest.setAttribute(PwmRequestAttribute.ForgottenPasswordPrompts, new ArrayList<>(prompts));
pwmRequest.setAttribute(PwmRequestAttribute.ForgottenPasswordInstructions, displayInstructions);
pwmRequest.forwardToJsp(JspUrl.RECOVER_PASSWORD_REMOTE);
}
break;
case OAUTH:
forgottenPasswordBean.getProgress().setInProgressVerificationMethod(IdentityVerificationMethod.OAUTH);
final ForgottenPasswordProfile forgottenPasswordProfile = ForgottenPasswordUtil.forgottenPasswordProfile(pwmRequest.getPwmApplication(), forgottenPasswordBean);
final OAuthSettings oAuthSettings = OAuthSettings.forForgottenPassword(forgottenPasswordProfile);
final OAuthMachine oAuthMachine = new OAuthMachine(oAuthSettings);
pwmRequest.getPwmApplication().getSessionStateService().saveSessionBeans(pwmRequest);
final UserIdentity userIdentity = forgottenPasswordBean.getUserIdentity();
oAuthMachine.redirectUserToOAuthServer(pwmRequest, null, userIdentity, forgottenPasswordProfile.getIdentifier());
break;
default:
throw new UnsupportedOperationException("unexpected method during forward: " + method.toString());
}
}
Also used :
ForgottenPasswordProfile(password.pwm.config.profile.ForgottenPasswordProfile)
UserIdentity(password.pwm.bean.UserIdentity)
ArrayList(java.util.ArrayList)
PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException)
UserInfo(password.pwm.ldap.UserInfo)
OAuthMachine(password.pwm.http.servlet.oauth.OAuthMachine)
TokenDestinationItem(password.pwm.bean.TokenDestinationItem)
VerificationMethodSystem(password.pwm.VerificationMethodSystem)
ErrorInformation(password.pwm.error.ErrorInformation)
List(java.util.List)
ArrayList(java.util.ArrayList)
OAuthSettings(password.pwm.http.servlet.oauth.OAuthSettings)
ForgottenPasswordBean(password.pwm.http.bean.ForgottenPasswordBean)
Example 15 with TokenDestinationItem
use of password.pwm.bean.TokenDestinationItem in project pwm by pwm-project.
the class NewUserUtils method tokenDestinationItemForCurrentValidation.
static TokenDestinationItem tokenDestinationItemForCurrentValidation(final PwmRequest pwmRequest, final NewUserBean newUserBean, final NewUserProfile newUserProfile) throws PwmUnrecoverableException {
if (!newUserBean.isFormPassed()) {
return null;
}
final List<FormConfiguration> formFields = newUserProfile.readSettingAsForm(PwmSetting.NEWUSER_FORM);
final LdapProfile defaultLDAPProfile = pwmRequest.getConfig().getDefaultLdapProfile();
final Map<String, TokenDestinationItem.Type> tokenTypeMap = FormUtility.identifyFormItemsNeedingPotentialTokenValidation(defaultLDAPProfile, formFields);
final String value = newUserBean.getNewUserForm().getFormData().get(newUserBean.getCurrentTokenField());
final TokenDestinationItem.Type type = tokenTypeMap.get(newUserBean.getCurrentTokenField());
return TokenDestinationItem.builder().display(value).id("1").value(value).type(type).build();
}
Also used :
TokenType(password.pwm.svc.token.TokenType)
FormConfiguration(password.pwm.config.value.data.FormConfiguration)
LdapProfile(password.pwm.config.profile.LdapProfile)
TokenDestinationItem(password.pwm.bean.TokenDestinationItem)
Aggregations
TokenDestinationItem (password.pwm.bean.TokenDestinationItem)19
ErrorInformation (password.pwm.error.ErrorInformation)6
UserInfo (password.pwm.ldap.UserInfo)6
PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)5
ForgottenPasswordBean (password.pwm.http.bean.ForgottenPasswordBean)5
MessageSendMethod (password.pwm.config.option.MessageSendMethod)4
ForgottenPasswordProfile (password.pwm.config.profile.ForgottenPasswordProfile)4
FormConfiguration (password.pwm.config.value.data.FormConfiguration)4
TokenType (password.pwm.svc.token.TokenType)4
ArrayList (java.util.ArrayList)3
PwmOperationalException (password.pwm.error.PwmOperationalException)3
HashSet (java.util.HashSet)2
List (java.util.List)2
UserIdentity (password.pwm.bean.UserIdentity)2
Configuration (password.pwm.config.Configuration)2
LdapProfile (password.pwm.config.profile.LdapProfile)2
PwmSession (password.pwm.http.PwmSession)2
ActivateUserBean (password.pwm.http.bean.ActivateUserBean)2
SearchConfiguration (password.pwm.ldap.search.SearchConfiguration)2
TimeDuration (password.pwm.util.java.TimeDuration)2
