Example 6 with IdentityVerificationMethod
use of password.pwm.config.option.IdentityVerificationMethod in project pwm by pwm-project.
the class ForgottenPasswordUtil method figureRemainingAvailableOptionalAuthMethods.
static Set<IdentityVerificationMethod> figureRemainingAvailableOptionalAuthMethods(final PwmRequest pwmRequest, final ForgottenPasswordBean forgottenPasswordBean) {
final ForgottenPasswordBean.RecoveryFlags recoveryFlags = forgottenPasswordBean.getRecoveryFlags();
final ForgottenPasswordBean.Progress progress = forgottenPasswordBean.getProgress();
final Set<IdentityVerificationMethod> result = new LinkedHashSet<>();
result.addAll(recoveryFlags.getOptionalAuthMethods());
result.removeAll(progress.getSatisfiedMethods());
for (final IdentityVerificationMethod recoveryVerificationMethods : new LinkedHashSet<>(result)) {
try {
verifyRequirementsForAuthMethod(pwmRequest, forgottenPasswordBean, recoveryVerificationMethods);
} catch (PwmUnrecoverableException e) {
result.remove(recoveryVerificationMethods);
}
}
return Collections.unmodifiableSet(result);
}
Also used :
IdentityVerificationMethod(password.pwm.config.option.IdentityVerificationMethod)
LinkedHashSet(java.util.LinkedHashSet)
PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException)
ForgottenPasswordBean(password.pwm.http.bean.ForgottenPasswordBean)
Example 7 with IdentityVerificationMethod
use of password.pwm.config.option.IdentityVerificationMethod in project pwm by pwm-project.
the class ForgottenPasswordUtil method initForgottenPasswordBean.
static void initForgottenPasswordBean(final PwmRequest pwmRequest, final UserIdentity userIdentity, final ForgottenPasswordBean forgottenPasswordBean) throws PwmUnrecoverableException, PwmOperationalException {
final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
final Locale locale = pwmRequest.getLocale();
final SessionLabel sessionLabel = pwmRequest.getSessionLabel();
forgottenPasswordBean.setUserIdentity(userIdentity);
final UserInfo userInfo = readUserInfo(pwmRequest, forgottenPasswordBean);
final ForgottenPasswordProfile forgottenPasswordProfile = forgottenPasswordProfile(pwmApplication, pwmRequest.getSessionLabel(), userIdentity);
final String forgottenProfileID = forgottenPasswordProfile.getIdentifier();
forgottenPasswordBean.setForgottenPasswordProfileID(forgottenProfileID);
final ForgottenPasswordBean.RecoveryFlags recoveryFlags = calculateRecoveryFlags(pwmApplication, forgottenProfileID);
final ChallengeSet challengeSet;
if (recoveryFlags.getRequiredAuthMethods().contains(IdentityVerificationMethod.CHALLENGE_RESPONSES) || recoveryFlags.getOptionalAuthMethods().contains(IdentityVerificationMethod.CHALLENGE_RESPONSES)) {
final ResponseSet responseSet;
try {
final ChaiUser theUser = pwmApplication.getProxiedChaiUser(userInfo.getUserIdentity());
responseSet = pwmApplication.getCrService().readUserResponseSet(sessionLabel, userInfo.getUserIdentity(), theUser);
challengeSet = responseSet == null ? null : responseSet.getPresentableChallengeSet();
} catch (ChaiValidationException e) {
final String errorMsg = "unable to determine presentable challengeSet for stored responses: " + e.getMessage();
final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_NO_CHALLENGES, errorMsg);
throw new PwmUnrecoverableException(errorInformation);
} catch (ChaiUnavailableException e) {
throw new PwmUnrecoverableException(PwmError.forChaiError(e.getErrorCode()));
}
} else {
challengeSet = null;
}
if (!recoveryFlags.isAllowWhenLdapIntruderLocked()) {
try {
final ChaiUser chaiUser = pwmApplication.getProxiedChaiUser(userInfo.getUserIdentity());
if (chaiUser.isPasswordLocked()) {
throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_INTRUDER_LDAP));
}
} catch (ChaiOperationException e) {
final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_UNKNOWN, "error checking user '" + userInfo.getUserIdentity() + "' ldap intruder lock status: " + e.getMessage());
LOGGER.error(sessionLabel, errorInformation);
throw new PwmUnrecoverableException(errorInformation);
} catch (ChaiUnavailableException e) {
throw new PwmUnrecoverableException(PwmError.forChaiError(e.getErrorCode()));
}
}
final List<FormConfiguration> attributeForm;
try {
attributeForm = figureAttributeForm(forgottenPasswordProfile, forgottenPasswordBean, pwmRequest, userIdentity);
} catch (ChaiUnavailableException e) {
throw new PwmUnrecoverableException(PwmError.forChaiError(e.getErrorCode()));
}
forgottenPasswordBean.setUserLocale(locale);
forgottenPasswordBean.setPresentableChallengeSet(challengeSet);
forgottenPasswordBean.setAttributeForm(attributeForm);
forgottenPasswordBean.setRecoveryFlags(recoveryFlags);
forgottenPasswordBean.setProgress(new ForgottenPasswordBean.Progress());
for (final IdentityVerificationMethod recoveryVerificationMethods : recoveryFlags.getRequiredAuthMethods()) {
verifyRequirementsForAuthMethod(pwmRequest, forgottenPasswordBean, recoveryVerificationMethods);
}
}
Also used :
Locale(java.util.Locale)
ForgottenPasswordProfile(password.pwm.config.profile.ForgottenPasswordProfile)
IdentityVerificationMethod(password.pwm.config.option.IdentityVerificationMethod)
PwmApplication(password.pwm.PwmApplication)
ChallengeSet(com.novell.ldapchai.cr.ChallengeSet)
ChaiUnavailableException(com.novell.ldapchai.exception.ChaiUnavailableException)
ResponseSet(com.novell.ldapchai.cr.ResponseSet)
UserInfo(password.pwm.ldap.UserInfo)
PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException)
SessionLabel(password.pwm.bean.SessionLabel)
ErrorInformation(password.pwm.error.ErrorInformation)
ChaiValidationException(com.novell.ldapchai.exception.ChaiValidationException)
ChaiUser(com.novell.ldapchai.ChaiUser)
FormConfiguration(password.pwm.config.value.data.FormConfiguration)
ChaiOperationException(com.novell.ldapchai.exception.ChaiOperationException)
ForgottenPasswordBean(password.pwm.http.bean.ForgottenPasswordBean)
Aggregations
IdentityVerificationMethod (password.pwm.config.option.IdentityVerificationMethod)7
ForgottenPasswordBean (password.pwm.http.bean.ForgottenPasswordBean)4
LinkedHashSet (java.util.LinkedHashSet)3
ForgottenPasswordProfile (password.pwm.config.profile.ForgottenPasswordProfile)3
FormConfiguration (password.pwm.config.value.data.FormConfiguration)3
ErrorInformation (password.pwm.error.ErrorInformation)3
PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)3
PwmApplication (password.pwm.PwmApplication)2
Configuration (password.pwm.config.Configuration)2
UserInfo (password.pwm.ldap.UserInfo)2
ChaiUser (com.novell.ldapchai.ChaiUser)1
ChallengeSet (com.novell.ldapchai.cr.ChallengeSet)1
ResponseSet (com.novell.ldapchai.cr.ResponseSet)1
ChaiOperationException (com.novell.ldapchai.exception.ChaiOperationException)1
ChaiUnavailableException (com.novell.ldapchai.exception.ChaiUnavailableException)1
ChaiValidationException (com.novell.ldapchai.exception.ChaiValidationException)1
ArrayList (java.util.ArrayList)1
LinkedHashMap (java.util.LinkedHashMap)1
Locale (java.util.Locale)1
Map (java.util.Map)1
