use of password.pwm.bean.TokenDestinationItem in project pwm by pwm-project.
the class NewUserUtils method checkForTokenVerificationProgress.
static ProcessStatus checkForTokenVerificationProgress(final PwmRequest pwmRequest, final NewUserBean newUserBean, final NewUserProfile newUserProfile) throws PwmUnrecoverableException, ServletException, IOException {
final Map<String, TokenDestinationItem.Type> requiredTokenValidations = determineTokenValidationsRequired(pwmRequest, newUserBean, newUserProfile);
if (!requiredTokenValidations.isEmpty()) {
final Set<String> remainingValidations = new HashSet<>(requiredTokenValidations.keySet());
remainingValidations.removeAll(newUserBean.getCompletedTokenFields());
if (!remainingValidations.isEmpty()) {
if (StringUtil.isEmpty(newUserBean.getCurrentTokenField())) {
newUserBean.setCurrentTokenField(remainingValidations.iterator().next());
newUserBean.setTokenSent(false);
}
if (!newUserBean.isTokenSent()) {
final TokenDestinationItem tokenDestinationItem = tokenDestinationItemForCurrentValidation(pwmRequest, newUserBean, newUserProfile);
if (pwmRequest.getConfig().getTokenStorageMethod() == TokenStorageMethod.STORE_LDAP) {
throw new PwmUnrecoverableException(new ErrorInformation(PwmError.CONFIG_FORMAT_ERROR, null, new String[] { "cannot generate new user tokens when storage type is configured as STORE_LDAP." }));
}
final Map<String, String> tokenPayloadMap = NewUserFormUtils.toTokenPayload(pwmRequest, newUserBean);
final MacroMachine macroMachine = createMacroMachineForNewUser(pwmRequest.getPwmApplication(), pwmRequest.getSessionLabel(), newUserBean.getNewUserForm(), tokenDestinationItem);
final TimeDuration tokenLifetime = figureTokenLifetime(pwmRequest.getConfig(), newUserProfile, tokenDestinationItem);
TokenUtil.initializeAndSendToken(pwmRequest, TokenUtil.TokenInitAndSendRequest.builder().userInfo(null).tokenDestinationItem(tokenDestinationItem).emailToSend(PwmSetting.EMAIL_NEWUSER_VERIFICATION).tokenType(TokenType.NEWUSER).smsToSend(PwmSetting.SMS_NEWUSER_TOKEN_TEXT).inputTokenData(tokenPayloadMap).macroMachine(macroMachine).tokenLifetime(tokenLifetime).build());
newUserBean.setTokenSent(true);
}
NewUserServlet.forwardToEnterCode(pwmRequest, newUserProfile, newUserBean);
return ProcessStatus.Halt;
}
}
return ProcessStatus.Continue;
}
use of password.pwm.bean.TokenDestinationItem in project pwm by pwm-project.
the class ForgottenPasswordUtil method figureAvailableTokenDestinations.
static List<TokenDestinationItem> figureAvailableTokenDestinations(final PwmRequest pwmRequest, final ForgottenPasswordBean forgottenPasswordBean) throws PwmUnrecoverableException {
{
@SuppressWarnings("unchecked") final List<TokenDestinationItem> cachedItems = (List<TokenDestinationItem>) pwmRequest.getHttpServletRequest().getAttribute(PwmConstants.REQUEST_ATTR_FORGOTTEN_PW_AVAIL_TOKEN_DEST_CACHE);
if (cachedItems != null) {
return cachedItems;
}
}
final String profileID = forgottenPasswordBean.getForgottenPasswordProfileID();
final ForgottenPasswordProfile forgottenPasswordProfile = pwmRequest.getConfig().getForgottenPasswordProfiles().get(profileID);
final MessageSendMethod tokenSendMethod = forgottenPasswordProfile.readSettingAsEnum(PwmSetting.RECOVERY_TOKEN_SEND_METHOD, MessageSendMethod.class);
final UserInfo userInfo = ForgottenPasswordUtil.readUserInfo(pwmRequest, forgottenPasswordBean);
final List<TokenDestinationItem> items = TokenUtil.figureAvailableTokenDestinations(pwmRequest.getPwmApplication(), pwmRequest.getSessionLabel(), pwmRequest.getLocale(), userInfo, tokenSendMethod);
final List<TokenDestinationItem> finalList = Collections.unmodifiableList(items);
pwmRequest.getHttpServletRequest().setAttribute(PwmConstants.REQUEST_ATTR_FORGOTTEN_PW_AVAIL_TOKEN_DEST_CACHE, finalList);
return finalList;
}
use of password.pwm.bean.TokenDestinationItem in project pwm by pwm-project.
the class HelpdeskServlet method restSendVerificationTokenRequest.
@ActionHandler(action = "sendVerificationToken")
private ProcessStatus restSendVerificationTokenRequest(final PwmRequest pwmRequest) throws IOException, PwmUnrecoverableException, ServletException, ChaiUnavailableException {
final HelpdeskProfile helpdeskProfile = getHelpdeskProfile(pwmRequest);
final Instant startTime = Instant.now();
final Configuration config = pwmRequest.getConfig();
final Map<String, String> bodyParams = pwmRequest.readBodyAsJsonStringMap();
final UserIdentity userIdentity = UserIdentity.fromKey(bodyParams.get(PwmConstants.PARAM_USERKEY), pwmRequest.getPwmApplication());
final UserInfo userInfo = UserInfoFactory.newUserInfo(pwmRequest.getPwmApplication(), pwmRequest.getSessionLabel(), pwmRequest.getLocale(), userIdentity, getChaiUser(pwmRequest, helpdeskProfile, userIdentity).getChaiProvider());
final TokenDestinationItem tokenDestinationItem;
{
final MessageSendMethod effectiveSendMethod;
{
final MessageSendMethod configuredSendMethod = helpdeskProfile.readSettingAsEnum(PwmSetting.HELPDESK_TOKEN_SEND_METHOD, MessageSendMethod.class);
if (configuredSendMethod == MessageSendMethod.CHOICE_SMS_EMAIL) {
final String methodParamName = "method";
final String methodParam = bodyParams.getOrDefault(methodParamName, "");
switch(methodParam) {
case "sms":
effectiveSendMethod = MessageSendMethod.SMSONLY;
break;
case "email":
effectiveSendMethod = MessageSendMethod.EMAILONLY;
break;
default:
throw new UnsupportedOperationException("unknown tokenSendMethod: " + methodParam);
}
} else {
effectiveSendMethod = configuredSendMethod;
}
}
switch(effectiveSendMethod) {
case SMSONLY:
tokenDestinationItem = TokenDestinationItem.builder().id("0").display(userInfo.getUserSmsNumber()).value(userInfo.getUserSmsNumber()).type(TokenDestinationItem.Type.sms).build();
break;
case EMAILONLY:
tokenDestinationItem = TokenDestinationItem.builder().id("0").display(userInfo.getUserEmailAddress()).value(userInfo.getUserEmailAddress()).type(TokenDestinationItem.Type.email).build();
break;
default:
throw new UnsupportedOperationException("unknown tokenSendMethod: " + effectiveSendMethod);
}
}
final HelpdeskDetailInfoBean helpdeskDetailInfoBean = HelpdeskDetailInfoBean.makeHelpdeskDetailInfo(pwmRequest, helpdeskProfile, userIdentity);
if (helpdeskDetailInfoBean == null) {
final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_MISSING_PARAMETER, "unable to read helpdesk detail data for specified user");
LOGGER.error(pwmRequest, errorInformation);
pwmRequest.outputJsonResult(RestResultBean.fromError(errorInformation, pwmRequest));
return ProcessStatus.Halt;
}
final MacroMachine macroMachine = MacroMachine.forUser(pwmRequest.getPwmApplication(), pwmRequest.getSessionLabel(), userInfo, null);
final String configuredTokenString = config.readAppProperty(AppProperty.HELPDESK_TOKEN_VALUE);
final String tokenKey = macroMachine.expandMacros(configuredTokenString);
final EmailItemBean emailItemBean = config.readSettingAsEmail(PwmSetting.EMAIL_HELPDESK_TOKEN, pwmRequest.getLocale());
LOGGER.debug(pwmRequest, "generated token code for " + userIdentity.toDelimitedKey());
final String smsMessage = config.readSettingAsLocalizedString(PwmSetting.SMS_HELPDESK_TOKEN_TEXT, pwmRequest.getLocale());
try {
TokenService.TokenSender.sendToken(TokenService.TokenSendInfo.builder().pwmApplication(pwmRequest.getPwmApplication()).userInfo(userInfo).macroMachine(macroMachine).configuredEmailSetting(emailItemBean).tokenDestinationItem(tokenDestinationItem).smsMessage(smsMessage).tokenKey(tokenKey).sessionLabel(pwmRequest.getSessionLabel()).build());
} catch (PwmException e) {
LOGGER.error(pwmRequest, e.getErrorInformation());
pwmRequest.outputJsonResult(RestResultBean.fromError(e.getErrorInformation(), pwmRequest));
return ProcessStatus.Halt;
}
StatisticsManager.incrementStat(pwmRequest, Statistic.HELPDESK_TOKENS_SENT);
final HelpdeskVerificationRequestBean helpdeskVerificationRequestBean = new HelpdeskVerificationRequestBean();
helpdeskVerificationRequestBean.setDestination(tokenDestinationItem.getDisplay());
helpdeskVerificationRequestBean.setUserKey(bodyParams.get(PwmConstants.PARAM_USERKEY));
final HelpdeskVerificationRequestBean.TokenData tokenData = new HelpdeskVerificationRequestBean.TokenData();
tokenData.setToken(tokenKey);
tokenData.setIssueDate(new Date());
final SecureService secureService = pwmRequest.getPwmApplication().getSecureService();
helpdeskVerificationRequestBean.setTokenData(secureService.encryptObjectToString(tokenData));
final RestResultBean restResultBean = RestResultBean.withData(helpdeskVerificationRequestBean);
pwmRequest.outputJsonResult(restResultBean);
LOGGER.debug(pwmRequest, "helpdesk operator " + pwmRequest.getUserInfoIfLoggedIn().toDisplayString() + " issued token for verification against user " + userIdentity.toDisplayString() + " sent to destination(s) " + tokenDestinationItem.getDisplay() + " (" + TimeDuration.fromCurrent(startTime).asCompactString() + ")");
return ProcessStatus.Halt;
}
use of password.pwm.bean.TokenDestinationItem in project pwm by pwm-project.
the class ActivateUserServlet method nextStep.
@Override
protected void nextStep(final PwmRequest pwmRequest) throws PwmUnrecoverableException, IOException, ChaiUnavailableException, ServletException {
final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
final PwmSession pwmSession = pwmRequest.getPwmSession();
final Configuration config = pwmApplication.getConfig();
final ActivateUserBean activateUserBean = activateUserBean(pwmRequest);
if (!activateUserBean.isFormValidated() || activateUserBean.getUserIdentity() == null) {
ActivateUserUtils.forwardToActivateUserForm(pwmRequest);
return;
}
final UserInfo userInfo = userInfo(pwmRequest);
final MessageSendMethod tokenSendMethod = config.readSettingAsEnum(PwmSetting.ACTIVATE_TOKEN_SEND_METHOD, MessageSendMethod.class);
if (MessageSendMethod.NONE != tokenSendMethod) {
final List<TokenDestinationItem> tokenDestinationItems = TokenUtil.figureAvailableTokenDestinations(pwmApplication, pwmRequest.getSessionLabel(), pwmRequest.getLocale(), userInfo, tokenSendMethod);
if (activateUserBean.getTokenDestination() == null) {
final boolean autoSelect = Boolean.parseBoolean(pwmRequest.getConfig().readAppProperty(AppProperty.ACTIVATE_USER_TOKEN_AUTO_SELECT_DEST));
if (tokenDestinationItems.size() == 1 && autoSelect) {
activateUserBean.setTokenDestination(tokenDestinationItems.iterator().next());
} else {
forwardToTokenChoiceJsp(pwmRequest, tokenDestinationItems);
return;
}
}
if (!activateUserBean.isTokenSent() && activateUserBean.getTokenDestination() != null) {
TokenUtil.initializeAndSendToken(pwmRequest, TokenUtil.TokenInitAndSendRequest.builder().userInfo(userInfo).tokenDestinationItem(activateUserBean.getTokenDestination()).emailToSend(PwmSetting.EMAIL_ACTIVATION_VERIFICATION).tokenType(TokenType.ACTIVATION).smsToSend(PwmSetting.SMS_ACTIVATION_VERIFICATION_TEXT).build());
}
if (!activateUserBean.isTokenPassed()) {
forwardToEnterCodeJsp(pwmRequest, tokenDestinationItems);
return;
}
}
final String agreementText = config.readSettingAsLocalizedString(PwmSetting.ACTIVATE_AGREEMENT_MESSAGE, pwmSession.getSessionStateBean().getLocale());
if (!StringUtil.isEmpty(agreementText) && !activateUserBean.isAgreementPassed()) {
ActivateUserUtils.forwardToAgreementPage(pwmRequest);
return;
}
try {
ActivateUserUtils.activateUser(pwmRequest, activateUserBean.getUserIdentity());
pwmRequest.getPwmResponse().forwardToSuccessPage(Message.Success_ActivateUser);
} catch (PwmOperationalException e) {
LOGGER.debug(pwmRequest, e.getErrorInformation());
pwmApplication.getIntruderManager().convenience().markUserIdentity(activateUserBean.getUserIdentity(), pwmSession);
pwmApplication.getIntruderManager().convenience().markAddressAndSession(pwmSession);
pwmRequest.respondWithError(e.getErrorInformation());
}
}
Aggregations