Examples with UserIdentity password.pwm.bean.UserIdentity used on opensource projects

Search in sources :

Example 96 with UserIdentity

use of password.pwm.bean.UserIdentity in project pwm by pwm-project.

the class HelpdeskServlet method restSendVerificationTokenRequest.

@ActionHandler(action = "sendVerificationToken")
private ProcessStatus restSendVerificationTokenRequest(final PwmRequest pwmRequest) throws IOException, PwmUnrecoverableException, ServletException, ChaiUnavailableException {
    final HelpdeskProfile helpdeskProfile = getHelpdeskProfile(pwmRequest);
    final Instant startTime = Instant.now();
    final Configuration config = pwmRequest.getConfig();
    final Map<String, String> bodyParams = pwmRequest.readBodyAsJsonStringMap();
    final UserIdentity userIdentity = UserIdentity.fromKey(bodyParams.get(PwmConstants.PARAM_USERKEY), pwmRequest.getPwmApplication());
    final UserInfo userInfo = UserInfoFactory.newUserInfo(pwmRequest.getPwmApplication(), pwmRequest.getSessionLabel(), pwmRequest.getLocale(), userIdentity, getChaiUser(pwmRequest, helpdeskProfile, userIdentity).getChaiProvider());
    final TokenDestinationItem tokenDestinationItem;
    {
        final MessageSendMethod effectiveSendMethod;
        {
            final MessageSendMethod configuredSendMethod = helpdeskProfile.readSettingAsEnum(PwmSetting.HELPDESK_TOKEN_SEND_METHOD, MessageSendMethod.class);
            if (configuredSendMethod == MessageSendMethod.CHOICE_SMS_EMAIL) {
                final String methodParamName = "method";
                final String methodParam = bodyParams.getOrDefault(methodParamName, "");
                switch(methodParam) {
                    case "sms":
                        effectiveSendMethod = MessageSendMethod.SMSONLY;
                        break;
                    case "email":
                        effectiveSendMethod = MessageSendMethod.EMAILONLY;
                        break;
                    default:
                        throw new UnsupportedOperationException("unknown tokenSendMethod: " + methodParam);
                }
            } else {
                effectiveSendMethod = configuredSendMethod;
            }
        }
        switch(effectiveSendMethod) {
            case SMSONLY:
                tokenDestinationItem = TokenDestinationItem.builder().id("0").display(userInfo.getUserSmsNumber()).value(userInfo.getUserSmsNumber()).type(TokenDestinationItem.Type.sms).build();
                break;
            case EMAILONLY:
                tokenDestinationItem = TokenDestinationItem.builder().id("0").display(userInfo.getUserEmailAddress()).value(userInfo.getUserEmailAddress()).type(TokenDestinationItem.Type.email).build();
                break;
            default:
                throw new UnsupportedOperationException("unknown tokenSendMethod: " + effectiveSendMethod);
        }
    }
    final HelpdeskDetailInfoBean helpdeskDetailInfoBean = HelpdeskDetailInfoBean.makeHelpdeskDetailInfo(pwmRequest, helpdeskProfile, userIdentity);
    if (helpdeskDetailInfoBean == null) {
        final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_MISSING_PARAMETER, "unable to read helpdesk detail data for specified user");
        LOGGER.error(pwmRequest, errorInformation);
        pwmRequest.outputJsonResult(RestResultBean.fromError(errorInformation, pwmRequest));
        return ProcessStatus.Halt;
    }
    final MacroMachine macroMachine = MacroMachine.forUser(pwmRequest.getPwmApplication(), pwmRequest.getSessionLabel(), userInfo, null);
    final String configuredTokenString = config.readAppProperty(AppProperty.HELPDESK_TOKEN_VALUE);
    final String tokenKey = macroMachine.expandMacros(configuredTokenString);
    final EmailItemBean emailItemBean = config.readSettingAsEmail(PwmSetting.EMAIL_HELPDESK_TOKEN, pwmRequest.getLocale());
    LOGGER.debug(pwmRequest, "generated token code for " + userIdentity.toDelimitedKey());
    final String smsMessage = config.readSettingAsLocalizedString(PwmSetting.SMS_HELPDESK_TOKEN_TEXT, pwmRequest.getLocale());
    try {
        TokenService.TokenSender.sendToken(TokenService.TokenSendInfo.builder().pwmApplication(pwmRequest.getPwmApplication()).userInfo(userInfo).macroMachine(macroMachine).configuredEmailSetting(emailItemBean).tokenDestinationItem(tokenDestinationItem).smsMessage(smsMessage).tokenKey(tokenKey).sessionLabel(pwmRequest.getSessionLabel()).build());
    } catch (PwmException e) {
        LOGGER.error(pwmRequest, e.getErrorInformation());
        pwmRequest.outputJsonResult(RestResultBean.fromError(e.getErrorInformation(), pwmRequest));
        return ProcessStatus.Halt;
    }
    StatisticsManager.incrementStat(pwmRequest, Statistic.HELPDESK_TOKENS_SENT);
    final HelpdeskVerificationRequestBean helpdeskVerificationRequestBean = new HelpdeskVerificationRequestBean();
    helpdeskVerificationRequestBean.setDestination(tokenDestinationItem.getDisplay());
    helpdeskVerificationRequestBean.setUserKey(bodyParams.get(PwmConstants.PARAM_USERKEY));
    final HelpdeskVerificationRequestBean.TokenData tokenData = new HelpdeskVerificationRequestBean.TokenData();
    tokenData.setToken(tokenKey);
    tokenData.setIssueDate(new Date());
    final SecureService secureService = pwmRequest.getPwmApplication().getSecureService();
    helpdeskVerificationRequestBean.setTokenData(secureService.encryptObjectToString(tokenData));
    final RestResultBean restResultBean = RestResultBean.withData(helpdeskVerificationRequestBean);
    pwmRequest.outputJsonResult(restResultBean);
    LOGGER.debug(pwmRequest, "helpdesk operator " + pwmRequest.getUserInfoIfLoggedIn().toDisplayString() + " issued token for verification against user " + userIdentity.toDisplayString() + " sent to destination(s) " + tokenDestinationItem.getDisplay() + " (" + TimeDuration.fromCurrent(startTime).asCompactString() + ")");
    return ProcessStatus.Halt;
}
Also used : SecureService(password.pwm.util.secure.SecureService) FormConfiguration(password.pwm.config.value.data.FormConfiguration) SearchConfiguration(password.pwm.ldap.search.SearchConfiguration) ActionConfiguration(password.pwm.config.value.data.ActionConfiguration) Configuration(password.pwm.config.Configuration) EmailItemBean(password.pwm.bean.EmailItemBean) Instant(java.time.Instant) UserIdentity(password.pwm.bean.UserIdentity) HelpdeskProfile(password.pwm.config.profile.HelpdeskProfile) UserInfo(password.pwm.ldap.UserInfo) MessageSendMethod(password.pwm.config.option.MessageSendMethod) TokenDestinationItem(password.pwm.bean.TokenDestinationItem) Date(java.util.Date) PwmException(password.pwm.error.PwmException) ErrorInformation(password.pwm.error.ErrorInformation) MacroMachine(password.pwm.util.macro.MacroMachine) RestResultBean(password.pwm.ws.server.RestResultBean)

Example 97 with UserIdentity

use of password.pwm.bean.UserIdentity in project pwm by pwm-project.

the class HelpdeskServletUtil method processDetailRequestImpl.

static HelpdeskDetailInfoBean processDetailRequestImpl(final PwmRequest pwmRequest, final HelpdeskProfile helpdeskProfile, final UserIdentity userIdentity) throws ChaiUnavailableException, PwmUnrecoverableException {
    final UserIdentity actorUserIdentity = pwmRequest.getUserInfoIfLoggedIn().canonicalized(pwmRequest.getPwmApplication());
    if (actorUserIdentity.canonicalEquals(userIdentity, pwmRequest.getPwmApplication())) {
        final String errorMsg = "cannot select self";
        final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_UNAUTHORIZED, errorMsg);
        throw new PwmUnrecoverableException(errorInformation);
    }
    LOGGER.trace(pwmRequest, "helpdesk detail view request for user details of " + userIdentity.toString() + " by actor " + actorUserIdentity.toString());
    final HelpdeskVerificationStateBean verificationStateBean = HelpdeskVerificationStateBean.fromClientString(pwmRequest, pwmRequest.readParameterAsString(HelpdeskVerificationStateBean.PARAMETER_VERIFICATION_STATE_KEY, PwmHttpRequestWrapper.Flag.BypassValidation));
    if (!HelpdeskServletUtil.checkIfRequiredVerificationPassed(userIdentity, verificationStateBean, helpdeskProfile)) {
        final String errorMsg = "selected user has not been verified";
        final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_UNAUTHORIZED, errorMsg);
        throw new PwmUnrecoverableException(errorInformation);
    }
    final HelpdeskDetailInfoBean helpdeskDetailInfoBean = HelpdeskDetailInfoBean.makeHelpdeskDetailInfo(pwmRequest, helpdeskProfile, userIdentity);
    final HelpdeskAuditRecord auditRecord = new AuditRecordFactory(pwmRequest).createHelpdeskAuditRecord(AuditEvent.HELPDESK_VIEW_DETAIL, pwmRequest.getPwmSession().getUserInfo().getUserIdentity(), null, userIdentity, pwmRequest.getSessionLabel().getSrcAddress(), pwmRequest.getSessionLabel().getSrcHostname());
    pwmRequest.getPwmApplication().getAuditManager().submit(auditRecord);
    StatisticsManager.incrementStat(pwmRequest, Statistic.HELPDESK_USER_LOOKUP);
    return helpdeskDetailInfoBean;
}
Also used : ErrorInformation(password.pwm.error.ErrorInformation) AuditRecordFactory(password.pwm.svc.event.AuditRecordFactory) UserIdentity(password.pwm.bean.UserIdentity) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) HelpdeskAuditRecord(password.pwm.svc.event.HelpdeskAuditRecord)

Example 98 with UserIdentity

use of password.pwm.bean.UserIdentity in project pwm by pwm-project.

the class ConfigEditorServlet method restWriteSetting.

@ActionHandler(action = "writeSetting")
private ProcessStatus restWriteSetting(final PwmRequest pwmRequest) throws IOException, PwmUnrecoverableException {
    final ConfigManagerBean configManagerBean = getBean(pwmRequest);
    final StoredConfigurationImpl storedConfig = configManagerBean.getStoredConfiguration();
    final String key = pwmRequest.readParameterAsString("key");
    final String bodyString = pwmRequest.readRequestBodyAsString();
    final PwmSetting setting = PwmSetting.forKey(key);
    final LinkedHashMap<String, Object> returnMap = new LinkedHashMap<>();
    final UserIdentity loggedInUser = pwmRequest.getPwmSession().isAuthenticated() ? pwmRequest.getPwmSession().getUserInfo().getUserIdentity() : null;
    if (key.startsWith("localeBundle")) {
        final StringTokenizer st = new StringTokenizer(key, "-");
        st.nextToken();
        final PwmLocaleBundle bundleName = PwmLocaleBundle.valueOf(st.nextToken());
        final String keyName = st.nextToken();
        final Map<String, String> valueMap = JsonUtil.deserializeStringMap(bodyString);
        final Map<String, String> outputMap = new LinkedHashMap<>(valueMap);
        storedConfig.writeLocaleBundleMap(bundleName.getTheClass().getName(), keyName, outputMap);
        returnMap.put("isDefault", outputMap.isEmpty());
        returnMap.put("key", key);
    } else {
        final String profileID = setting.getCategory().hasProfiles() ? pwmRequest.readParameterAsString("profile") : null;
        try {
            final StoredValue storedValue = ValueFactory.fromJson(setting, bodyString);
            final List<String> errorMsgs = storedValue.validateValue(setting);
            if (errorMsgs != null && !errorMsgs.isEmpty()) {
                returnMap.put("errorMessage", setting.getLabel(pwmRequest.getLocale()) + ": " + errorMsgs.get(0));
            }
            storedConfig.writeSetting(setting, profileID, storedValue, loggedInUser);
        } catch (Exception e) {
            final String errorMsg = "error writing default value for setting " + setting.toString() + ", error: " + e.getMessage();
            LOGGER.error(errorMsg, e);
            throw new IllegalStateException(errorMsg, e);
        }
        returnMap.put("key", key);
        returnMap.put("category", setting.getCategory().toString());
        returnMap.put("syntax", setting.getSyntax().toString());
        returnMap.put("isDefault", storedConfig.isDefaultValue(setting, profileID));
    }
    pwmRequest.outputJsonResult(RestResultBean.withData(returnMap));
    return ProcessStatus.Halt;
}
Also used : StoredConfigurationImpl(password.pwm.config.stored.StoredConfigurationImpl) PwmLocaleBundle(password.pwm.i18n.PwmLocaleBundle) UserIdentity(password.pwm.bean.UserIdentity) StoredValue(password.pwm.config.StoredValue) ServletException(javax.servlet.ServletException) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) PwmOperationalException(password.pwm.error.PwmOperationalException) ChaiUnavailableException(com.novell.ldapchai.exception.ChaiUnavailableException) PwmException(password.pwm.error.PwmException) IOException(java.io.IOException) LinkedHashMap(java.util.LinkedHashMap) PwmSetting(password.pwm.config.PwmSetting) ConfigManagerBean(password.pwm.http.bean.ConfigManagerBean) StringTokenizer(java.util.StringTokenizer)

Example 99 with UserIdentity

use of password.pwm.bean.UserIdentity in project pwm by pwm-project.

the class AdminServlet method processDebugUserSearch.

private void processDebugUserSearch(final PwmRequest pwmRequest) throws PwmUnrecoverableException {
    final String username = pwmRequest.readParameterAsString("username", PwmHttpRequestWrapper.Flag.BypassValidation);
    if (StringUtil.isEmpty(username)) {
        return;
    }
    final UserSearchEngine userSearchEngine = pwmRequest.getPwmApplication().getUserSearchEngine();
    final UserIdentity userIdentity;
    try {
        userIdentity = userSearchEngine.resolveUsername(username, null, null, pwmRequest.getSessionLabel());
        final AdminBean adminBean = pwmRequest.getPwmApplication().getSessionStateService().getBean(pwmRequest, AdminBean.class);
        adminBean.setLastUserDebug(userIdentity);
    } catch (PwmUnrecoverableException e) {
        setLastError(pwmRequest, e.getErrorInformation());
        return;
    } catch (PwmOperationalException e) {
        setLastError(pwmRequest, e.getErrorInformation());
        return;
    }
    final UserDebugDataBean userDebugData = UserDebugDataReader.readUserDebugData(pwmRequest.getPwmApplication(), pwmRequest.getLocale(), pwmRequest.getSessionLabel(), userIdentity);
    pwmRequest.setAttribute(PwmRequestAttribute.UserDebugData, userDebugData);
}
Also used : UserSearchEngine(password.pwm.ldap.search.UserSearchEngine) UserIdentity(password.pwm.bean.UserIdentity) AdminBean(password.pwm.http.bean.AdminBean) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) PwmOperationalException(password.pwm.error.PwmOperationalException)

Example 100 with UserIdentity

use of password.pwm.bean.UserIdentity in project pwm by pwm-project.

the class AdminServlet method processDownloadUserDebug.

@ActionHandler(action = "downloadUserDebug")
private ProcessStatus processDownloadUserDebug(final PwmRequest pwmRequest) throws ChaiUnavailableException, PwmUnrecoverableException, IOException, ServletException {
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final AdminBean adminBean = pwmRequest.getPwmApplication().getSessionStateService().getBean(pwmRequest, AdminBean.class);
    final UserIdentity userIdentity = adminBean.getLastUserDebug();
    if (userIdentity != null) {
        pwmRequest.getPwmResponse().markAsDownload(HttpContentType.json, pwmApplication.getConfig().readAppProperty(AppProperty.DOWNLOAD_FILENAME_USER_DEBUG_JSON));
        final UserDebugDataBean userDebugData = UserDebugDataReader.readUserDebugData(pwmRequest.getPwmApplication(), pwmRequest.getLocale(), pwmRequest.getSessionLabel(), userIdentity);
        final String output = JsonUtil.serialize(userDebugData, JsonUtil.Flag.PrettyPrint);
        pwmRequest.getPwmResponse().getOutputStream().write(output.getBytes(PwmConstants.DEFAULT_CHARSET));
    } else {
        pwmRequest.respondWithError(new ErrorInformation(PwmError.ERROR_UNKNOWN, "no previously searched user available for download"));
    }
    return ProcessStatus.Halt;
}
Also used : ErrorInformation(password.pwm.error.ErrorInformation) PwmApplication(password.pwm.PwmApplication) UserIdentity(password.pwm.bean.UserIdentity) AdminBean(password.pwm.http.bean.AdminBean)

Aggregations

UserIdentity (password.pwm.bean.UserIdentity)101 ErrorInformation (password.pwm.error.ErrorInformation)62 PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)48 PwmOperationalException (password.pwm.error.PwmOperationalException)45 ChaiUser (com.novell.ldapchai.ChaiUser)30 PwmApplication (password.pwm.PwmApplication)27 Map (java.util.Map)21 PwmSession (password.pwm.http.PwmSession)20 UserSearchEngine (password.pwm.ldap.search.UserSearchEngine)19 PwmException (password.pwm.error.PwmException)18 ChaiUnavailableException (com.novell.ldapchai.exception.ChaiUnavailableException)17 LinkedHashMap (java.util.LinkedHashMap)17 HelpdeskProfile (password.pwm.config.profile.HelpdeskProfile)17 ChaiOperationException (com.novell.ldapchai.exception.ChaiOperationException)16 Instant (java.time.Instant)16 FormConfiguration (password.pwm.config.value.data.FormConfiguration)16 SearchConfiguration (password.pwm.ldap.search.SearchConfiguration)16 ArrayList (java.util.ArrayList)15 UserInfo (password.pwm.ldap.UserInfo)15 RestResultBean (password.pwm.ws.server.RestResultBean)15
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial