Examples with PwmDataValidationException password.pwm.error.PwmDataValidationException used on opensource projects

Example 6 with PwmDataValidationException

use of password.pwm.error.PwmDataValidationException in project pwm by pwm-project.

the class SetupResponsesServlet method restValidateResponses.

@ActionHandler(action = "validateResponses")
private ProcessStatus restValidateResponses(final PwmRequest pwmRequest) throws IOException, ServletException, PwmUnrecoverableException, ChaiUnavailableException {
    final SetupResponsesBean setupResponsesBean = getSetupResponseBean(pwmRequest);
    final Instant startTime = Instant.now();
    final PwmSession pwmSession = pwmRequest.getPwmSession();
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final String responseModeParam = pwmRequest.readParameterAsString("responseMode");
    final SetupResponsesBean.SetupData setupData = "helpdesk".equalsIgnoreCase(responseModeParam) ? setupResponsesBean.getHelpdeskResponseData() : setupResponsesBean.getResponseData();
    boolean success = true;
    String userMessage = Message.getLocalizedMessage(pwmSession.getSessionStateBean().getLocale(), Message.Success_ResponsesMeetRules, pwmApplication.getConfig());
    try {
        // read in the responses from the request
        final Map<Challenge, String> responseMap = readResponsesFromJsonRequest(pwmRequest, setupData);
        final int minRandomRequiredSetup = setupData.getMinRandomSetup();
        pwmApplication.getCrService().validateResponses(setupData.getChallengeSet(), responseMap, minRandomRequiredSetup);
        generateResponseInfoBean(pwmRequest, setupData.getChallengeSet(), responseMap, Collections.emptyMap());
    } catch (PwmDataValidationException e) {
        success = false;
        userMessage = e.getErrorInformation().toUserStr(pwmSession, pwmApplication);
    }
    final ValidationResponseBean validationResponseBean = new ValidationResponseBean(userMessage, success);
    final RestResultBean restResultBean = RestResultBean.withData(validationResponseBean);
    LOGGER.trace(pwmRequest, "completed rest validate response in " + TimeDuration.fromCurrent(startTime).asCompactString() + ", result=" + JsonUtil.serialize(restResultBean));
    pwmRequest.outputJsonResult(restResultBean);
    return ProcessStatus.Halt;
}

Example 7 with PwmDataValidationException

use of password.pwm.error.PwmDataValidationException in project pwm by pwm-project.

the class SetupResponsesServlet method setupResponses.

private void setupResponses(final PwmRequest pwmRequest, final boolean helpdeskMode) throws PwmUnrecoverableException, IOException, ServletException, ChaiUnavailableException {
    final SetupResponsesBean setupResponsesBean = getSetupResponseBean(pwmRequest);
    final SetupResponsesBean.SetupData setupData = helpdeskMode ? setupResponsesBean.getHelpdeskResponseData() : setupResponsesBean.getResponseData();
    final ChallengeSet challengeSet = setupData.getChallengeSet();
    final Map<Challenge, String> responseMap;
    try {
        // build a response set based on the user's challenge set and the html form response.
        responseMap = readResponsesFromHttpRequest(pwmRequest, setupData);
        // test the responses.
        final int minRandomRequiredSetup = setupData.getMinRandomSetup();
        pwmRequest.getPwmApplication().getCrService().validateResponses(challengeSet, responseMap, minRandomRequiredSetup);
    } catch (PwmDataValidationException e) {
        LOGGER.debug(pwmRequest, "error with new " + (helpdeskMode ? "helpdesk" : "user") + " responses: " + e.getErrorInformation().toDebugStr());
        setLastError(pwmRequest, e.getErrorInformation());
        return;
    }
    LOGGER.trace(pwmRequest, (helpdeskMode ? "helpdesk" : "user") + " responses are acceptable");
    if (helpdeskMode) {
        setupResponsesBean.getHelpdeskResponseData().setResponseMap(responseMap);
        setupResponsesBean.setHelpdeskResponsesSatisfied(true);
    } else {
        setupResponsesBean.getResponseData().setResponseMap(responseMap);
        setupResponsesBean.setResponsesSatisfied(true);
    }
}

Example 8 with PwmDataValidationException

use of password.pwm.error.PwmDataValidationException in project pwm by pwm-project.

the class ActivateUserUtils method validateParamsAgainstLDAP.

static void validateParamsAgainstLDAP(final PwmRequest pwmRequest, final Map<FormConfiguration, String> formValues, final UserIdentity userIdentity) throws ChaiUnavailableException, PwmDataValidationException, PwmUnrecoverableException {
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final PwmSession pwmSession = pwmRequest.getPwmSession();
    final String searchFilter = figureLdapSearchFilter(pwmRequest);
    final ChaiProvider chaiProvider = pwmApplication.getProxyChaiProvider(userIdentity.getLdapProfileID());
    final ChaiUser chaiUser = chaiProvider.getEntryFactory().newChaiUser(userIdentity.getUserDN());
    for (final Map.Entry<FormConfiguration, String> entry : formValues.entrySet()) {
        final FormConfiguration formItem = entry.getKey();
        final String attrName = formItem.getName();
        final String tokenizedAttrName = "%" + attrName + "%";
        if (searchFilter.contains(tokenizedAttrName)) {
            LOGGER.trace(pwmSession, "skipping validation of ldap value for '" + attrName + "' because it is in search filter");
        } else {
            final String value = entry.getValue();
            try {
                if (!chaiUser.compareStringAttribute(attrName, value)) {
                    final String errorMsg = "incorrect value for '" + attrName + "'";
                    final ErrorInformation errorInfo = new ErrorInformation(PwmError.ERROR_ACTIVATION_VALIDATIONFAIL, errorMsg, new String[] { attrName });
                    LOGGER.debug(pwmSession.getLabel(), errorInfo.toDebugStr());
                    throw new PwmDataValidationException(errorInfo);
                }
                LOGGER.trace(pwmSession.getLabel(), "successful validation of ldap value for '" + attrName + "'");
            } catch (ChaiOperationException e) {
                LOGGER.error(pwmSession.getLabel(), "error during param validation of '" + attrName + "', error: " + e.getMessage());
                throw new PwmDataValidationException(new ErrorInformation(PwmError.ERROR_ACTIVATION_VALIDATIONFAIL, "ldap error testing value for '" + attrName + "'", new String[] { attrName }));
            }
        }
    }
}

Example 9 with PwmDataValidationException

use of password.pwm.error.PwmDataValidationException in project pwm by pwm-project.

the class FormConfiguration method checkValue.

public void checkValue(final Configuration config, final String value, final Locale locale) throws PwmDataValidationException, PwmUnrecoverableException {
    // ignore read only fields
    if (readonly) {
        return;
    }
    // check if value is missing and required.
    if (required && (value == null || value.length() < 1)) {
        final ErrorInformation error = new ErrorInformation(PwmError.ERROR_FIELD_REQUIRED, null, new String[] { getLabel(locale) });
        throw new PwmDataValidationException(error);
    }
    switch(type) {
        case number:
            if (value != null && value.length() > 0) {
                try {
                    new BigInteger(value);
                } catch (NumberFormatException e) {
                    final ErrorInformation error = new ErrorInformation(PwmError.ERROR_FIELD_NOT_A_NUMBER, null, new String[] { getLabel(locale) });
                    throw new PwmDataValidationException(error);
                }
            }
            break;
        case email:
            if (value != null && value.length() > 0) {
                if (!testEmailAddress(config, value)) {
                    final ErrorInformation error = new ErrorInformation(PwmError.ERROR_FIELD_INVALID_EMAIL, null, new String[] { getLabel(locale) });
                    throw new PwmDataValidationException(error);
                }
            }
            break;
        default:
            // continue for other types
            break;
    }
    if (value != null && (this.getMinimumLength() > 0) && (value.length() > 0) && (value.length() < this.getMinimumLength())) {
        final ErrorInformation error = new ErrorInformation(PwmError.ERROR_FIELD_TOO_SHORT, null, new String[] { getLabel(locale) });
        throw new PwmDataValidationException(error);
    }
    if (value != null && value.length() > this.getMaximumLength()) {
        final ErrorInformation error = new ErrorInformation(PwmError.ERROR_FIELD_TOO_LONG, null, new String[] { getLabel(locale) });
        throw new PwmDataValidationException(error);
    }
    if (value != null && value.length() > 0 && this.getRegex() != null && this.getRegex().length() > 0) {
        if (!value.matches(this.getRegex())) {
            final String configuredErrorMessage = this.getRegexError(locale);
            final ErrorInformation error = new ErrorInformation(PwmError.ERROR_FIELD_REGEX_NOMATCH, null, configuredErrorMessage, new String[] { getLabel(locale) });
            throw new PwmDataValidationException(error);
        }
    }
}

Example 10 with PwmDataValidationException

use of password.pwm.error.PwmDataValidationException in project pwm by pwm-project.

the class NewUserServlet method nextStep.

@Override
protected void nextStep(final PwmRequest pwmRequest) throws IOException, ServletException, PwmUnrecoverableException, ChaiUnavailableException {
    final NewUserBean newUserBean = getNewUserBean(pwmRequest);
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final PwmSession pwmSession = pwmRequest.getPwmSession();
    if (newUserBean.getProfileID() == null) {
        final Set<String> newUserProfileIDs = pwmApplication.getConfig().getNewUserProfiles().keySet();
        if (newUserProfileIDs.isEmpty()) {
            pwmRequest.respondWithError(new ErrorInformation(PwmError.ERROR_INVALID_CONFIG, "no new user profiles are defined"));
            return;
        }
        final LinkedHashMap<String, String> visibleProfiles = new LinkedHashMap<>(NewUserUtils.figureDisplayableProfiles(pwmRequest));
        if (visibleProfiles.size() == 1) {
            final String singleID = newUserProfileIDs.iterator().next();
            LOGGER.trace(pwmRequest, "only one new user profile is defined, auto-selecting profile " + singleID);
            newUserBean.setProfileID(singleID);
        } else {
            LOGGER.trace(pwmRequest, "new user profile not yet selected, redirecting to choice page");
            pwmRequest.setAttribute(PwmRequestAttribute.NewUser_VisibleProfiles, visibleProfiles);
            pwmRequest.forwardToJsp(JspUrl.NEW_USER_PROFILE_CHOICE);
            return;
        }
    }
    final NewUserProfile newUserProfile = getNewUserProfile(pwmRequest);
    if (newUserBean.getCreateStartTime() != null) {
        forwardToWait(pwmRequest, newUserProfile);
        return;
    }
    // try to read the new user policy to make sure it's readable, that way an exception is thrown here instead of by the jsp
    newUserProfile.getNewUserPasswordPolicy(pwmApplication, pwmSession.getSessionStateBean().getLocale());
    if (!newUserBean.isFormPassed()) {
        if (showFormPage(newUserProfile)) {
            forwardToFormPage(pwmRequest, newUserBean);
            return;
        } else {
            NewUserFormUtils.injectRemoteValuesIntoForm(newUserBean, newUserProfile);
            try {
                verifyForm(pwmRequest, newUserBean.getNewUserForm(), false);
            } catch (PwmDataValidationException e) {
                throw new PwmUnrecoverableException(e.getErrorInformation());
            }
            newUserBean.setFormPassed(true);
        }
    }
    if (NewUserUtils.checkForTokenVerificationProgress(pwmRequest, newUserBean, newUserProfile) == ProcessStatus.Halt) {
        return;
    }
    final String newUserAgreementText = newUserProfile.readSettingAsLocalizedString(PwmSetting.NEWUSER_AGREEMENT_MESSAGE, pwmSession.getSessionStateBean().getLocale());
    if (!StringUtil.isEmpty(newUserAgreementText)) {
        if (!newUserBean.isAgreementPassed()) {
            final MacroMachine macroMachine = NewUserUtils.createMacroMachineForNewUser(pwmApplication, pwmRequest.getSessionLabel(), newUserBean.getNewUserForm(), null);
            final String expandedText = macroMachine.expandMacros(newUserAgreementText);
            pwmRequest.setAttribute(PwmRequestAttribute.AgreementText, expandedText);
            pwmRequest.forwardToJsp(JspUrl.NEW_USER_AGREEMENT);
            return;
        }
    }
    // success so create the new user.
    final String newUserDN = NewUserUtils.determineUserDN(pwmRequest, newUserBean.getNewUserForm());
    try {
        NewUserUtils.createUser(newUserBean.getNewUserForm(), pwmRequest, newUserDN);
        newUserBean.setCreateStartTime(Instant.now());
        forwardToWait(pwmRequest, newUserProfile);
    } catch (PwmOperationalException e) {
        LOGGER.error(pwmRequest, "error during user creation: " + e.getMessage());
        if (newUserProfile.readSettingAsBoolean(PwmSetting.NEWUSER_DELETE_ON_FAIL)) {
            NewUserUtils.deleteUserAccount(newUserDN, pwmRequest);
        }
        LOGGER.error(pwmSession, e.getErrorInformation().toDebugStr());
        pwmRequest.respondWithError(e.getErrorInformation());
    }
}