Example 61 with PwmUnrecoverableException
use of password.pwm.error.PwmUnrecoverableException in project pwm by pwm-project.
the class ForgottenPasswordUtil method figureAttributeForm.
static List<FormConfiguration> figureAttributeForm(final ForgottenPasswordProfile forgottenPasswordProfile, final ForgottenPasswordBean forgottenPasswordBean, final PwmRequest pwmRequest, final UserIdentity userIdentity) throws ChaiUnavailableException, PwmOperationalException, PwmUnrecoverableException {
final List<FormConfiguration> requiredAttributesForm = forgottenPasswordProfile.readSettingAsForm(PwmSetting.RECOVERY_ATTRIBUTE_FORM);
if (requiredAttributesForm.isEmpty()) {
return requiredAttributesForm;
}
final UserInfo userInfo = readUserInfo(pwmRequest, forgottenPasswordBean);
final List<FormConfiguration> returnList = new ArrayList<>();
for (final FormConfiguration formItem : requiredAttributesForm) {
if (formItem.isRequired()) {
returnList.add(formItem);
} else {
try {
final String currentValue = userInfo.readStringAttribute(formItem.getName());
if (currentValue != null && currentValue.length() > 0) {
returnList.add(formItem);
} else {
LOGGER.trace(pwmRequest, "excluding optional required attribute(" + formItem.getName() + "), user has no value");
}
} catch (PwmUnrecoverableException e) {
throw new PwmOperationalException(new ErrorInformation(PwmError.ERROR_NO_CHALLENGES, "unexpected error reading value for attribute " + formItem.getName()));
}
}
}
if (returnList.isEmpty()) {
throw new PwmOperationalException(new ErrorInformation(PwmError.ERROR_NO_CHALLENGES, "user has no values for any optional attribute"));
}
return returnList;
}
Also used :
ErrorInformation(password.pwm.error.ErrorInformation)
ArrayList(java.util.ArrayList)
FormConfiguration(password.pwm.config.value.data.FormConfiguration)
UserInfo(password.pwm.ldap.UserInfo)
PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException)
PwmOperationalException(password.pwm.error.PwmOperationalException)
Example 62 with PwmUnrecoverableException
use of password.pwm.error.PwmUnrecoverableException in project pwm by pwm-project.
the class HelpdeskDetailInfoBean method makeHelpdeskDetailInfo.
static HelpdeskDetailInfoBean makeHelpdeskDetailInfo(final PwmRequest pwmRequest, final HelpdeskProfile helpdeskProfile, final UserIdentity userIdentity) throws PwmUnrecoverableException, ChaiUnavailableException {
final HelpdeskDetailInfoBeanBuilder builder = HelpdeskDetailInfoBean.builder();
final Instant startTime = Instant.now();
LOGGER.trace(pwmRequest, "beginning to assemble detail data report for user " + userIdentity);
final Locale actorLocale = pwmRequest.getLocale();
final ChaiUser theUser = HelpdeskServlet.getChaiUser(pwmRequest, helpdeskProfile, userIdentity);
if (!theUser.exists()) {
return null;
}
final UserInfo userInfo = UserInfoFactory.newUserInfo(pwmRequest.getPwmApplication(), pwmRequest.getSessionLabel(), actorLocale, userIdentity, theUser.getChaiProvider());
final MacroMachine macroMachine = MacroMachine.forUser(pwmRequest.getPwmApplication(), pwmRequest.getSessionLabel(), userInfo, null);
try {
final List<AccountInformationBean.ActivityRecord> userHistory = AccountInformationBean.makeAuditInfo(pwmRequest.getPwmApplication(), pwmRequest.getSessionLabel(), userInfo, pwmRequest.getLocale());
builder.userHistory(userHistory);
} catch (Exception e) {
LOGGER.error(pwmRequest, "unexpected error reading userHistory for user '" + userIdentity + "', " + e.getMessage());
}
builder.userKey(userIdentity.toObfuscatedKey(pwmRequest.getPwmApplication()));
builder.profileData(getProfileData(helpdeskProfile, userInfo, pwmRequest.getSessionLabel(), pwmRequest.getLocale()));
builder.passwordPolicyRules(makePasswordPolicyRules(userInfo, pwmRequest.getLocale(), pwmRequest.getConfig()));
{
final List<String> requirementLines = PasswordRequirementsTag.getPasswordRequirementsStrings(userInfo.getPasswordPolicy(), pwmRequest.getConfig(), pwmRequest.getLocale(), macroMachine);
builder.passwordRequirements(Collections.unmodifiableList(requirementLines));
}
if ((userInfo.getPasswordPolicy() != null) && (userInfo.getPasswordPolicy().getChaiPasswordPolicy() != null) && (userInfo.getPasswordPolicy().getChaiPasswordPolicy().getPolicyEntry() != null) && (userInfo.getPasswordPolicy().getChaiPasswordPolicy().getPolicyEntry().getEntryDN() != null)) {
builder.passwordPolicyDN(userInfo.getPasswordPolicy().getChaiPasswordPolicy().getPolicyEntry().getEntryDN());
} else {
builder.passwordPolicyDN(LocaleHelper.getLocalizedMessage(Display.Value_NotApplicable, pwmRequest));
}
if ((userInfo.getPasswordPolicy() != null) && userInfo.getPasswordPolicy().getIdentifier() != null) {
builder.passwordPolicyID(userInfo.getPasswordPolicy().getIdentifier());
} else {
builder.passwordPolicyID(LocaleHelper.getLocalizedMessage(Display.Value_NotApplicable, pwmRequest));
}
{
final ResponseInfoBean responseInfoBean = userInfo.getResponseInfoBean();
if (responseInfoBean != null && responseInfoBean.getHelpdeskCrMap() != null) {
final List<DisplayElement> responseDisplay = new ArrayList<>();
int counter = 0;
for (final Map.Entry<Challenge, String> entry : responseInfoBean.getHelpdeskCrMap().entrySet()) {
counter++;
responseDisplay.add(new DisplayElement("item_" + counter, DisplayElement.Type.string, entry.getKey().getChallengeText(), entry.getValue()));
}
builder.helpdeskResponses = responseDisplay;
}
}
builder.userDisplayName(HelpdeskCardInfoBean.figureDisplayName(helpdeskProfile, macroMachine));
final TimeDuration timeDuration = TimeDuration.fromCurrent(startTime);
{
final Set<ViewStatusFields> viewStatusFields = helpdeskProfile.readSettingAsOptionList(PwmSetting.HELPDESK_VIEW_STATUS_VALUES, ViewStatusFields.class);
builder.statusData(ViewableUserInfoDisplayReader.makeDisplayData(viewStatusFields, pwmRequest.getConfig(), userInfo, null, pwmRequest.getLocale()));
}
{
final Set<HelpdeskDetailInfoBean.StandardButton> visibleButtons = determineVisibleButtons(helpdeskProfile);
builder.visibleButtons(visibleButtons);
builder.enabledButtons(determineEnabledButtons(visibleButtons, userInfo));
builder.customButtons(determineCustomButtons(helpdeskProfile));
}
final HelpdeskDetailInfoBean helpdeskDetailInfoBean = builder.build();
if (pwmRequest.getConfig().isDevDebugMode()) {
LOGGER.trace(pwmRequest, "completed assembly of detail data report for user " + userIdentity + " in " + timeDuration.asCompactString() + ", contents: " + JsonUtil.serialize(helpdeskDetailInfoBean));
}
return builder.build();
}
Also used :
Locale(java.util.Locale)
LinkedHashSet(java.util.LinkedHashSet)
Set(java.util.Set)
Instant(java.time.Instant)
ViewStatusFields(password.pwm.config.option.ViewStatusFields)
UserInfo(password.pwm.ldap.UserInfo)
ResponseInfoBean(password.pwm.bean.ResponseInfoBean)
DisplayElement(password.pwm.http.bean.DisplayElement)
PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException)
ChaiUnavailableException(com.novell.ldapchai.exception.ChaiUnavailableException)
ChaiUser(com.novell.ldapchai.ChaiUser)
MacroMachine(password.pwm.util.macro.MacroMachine)
ArrayList(java.util.ArrayList)
List(java.util.List)
TimeDuration(password.pwm.util.java.TimeDuration)
Example 63 with PwmUnrecoverableException
use of password.pwm.error.PwmUnrecoverableException in project pwm by pwm-project.
the class RemoteVerificationMethod method sendRemoteRequest.
private void sendRemoteRequest(final Map<String, String> userResponses) throws PwmUnrecoverableException {
lastResponse = null;
final Map<String, String> headers = new LinkedHashMap<>();
headers.put(HttpHeader.Content_Type.getHttpName(), HttpContentType.json.getHeaderValue());
headers.put(HttpHeader.Accept_Language.getHttpName(), locale.toLanguageTag());
final RemoteVerificationRequestBean remoteVerificationRequestBean = new RemoteVerificationRequestBean();
remoteVerificationRequestBean.setResponseSessionID(this.remoteSessionID);
final MacroMachine macroMachine = MacroMachine.forUser(pwmApplication, PwmConstants.DEFAULT_LOCALE, SessionLabel.SYSTEM_LABEL, userInfo.getUserIdentity());
remoteVerificationRequestBean.setUserInfo(PublicUserInfoBean.fromUserInfoBean(userInfo, pwmApplication.getConfig(), locale, macroMachine));
remoteVerificationRequestBean.setUserResponses(userResponses);
final PwmHttpClientRequest pwmHttpClientRequest = new PwmHttpClientRequest(HttpMethod.POST, url, JsonUtil.serialize(remoteVerificationRequestBean), headers);
try {
final PwmHttpClientResponse response = pwmHttpClient.makeRequest(pwmHttpClientRequest);
final String responseBodyStr = response.getBody();
this.lastResponse = JsonUtil.deserialize(responseBodyStr, RemoteVerificationResponseBean.class);
} catch (PwmException e) {
LOGGER.error(sessionLabel, e.getErrorInformation());
throw new PwmUnrecoverableException(e.getErrorInformation());
} catch (Exception e) {
final String errorMsg = "error reading remote responses web service response: " + e.getMessage();
final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_SERVICE_NOT_AVAILABLE, errorMsg);
LOGGER.error(sessionLabel, errorInformation);
throw new PwmUnrecoverableException(errorInformation);
}
}
Also used :
RemoteVerificationRequestBean(password.pwm.bean.RemoteVerificationRequestBean)
PwmException(password.pwm.error.PwmException)
RemoteVerificationResponseBean(password.pwm.bean.RemoteVerificationResponseBean)
ErrorInformation(password.pwm.error.ErrorInformation)
PwmHttpClientRequest(password.pwm.http.client.PwmHttpClientRequest)
MacroMachine(password.pwm.util.macro.MacroMachine)
PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException)
PwmHttpClientResponse(password.pwm.http.client.PwmHttpClientResponse)
PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException)
PwmException(password.pwm.error.PwmException)
LinkedHashMap(java.util.LinkedHashMap)
Example 64 with PwmUnrecoverableException
use of password.pwm.error.PwmUnrecoverableException in project pwm by pwm-project.
the class HelpdeskServlet method restClearResponsesHandler.
@ActionHandler(action = "clearResponses")
private ProcessStatus restClearResponsesHandler(final PwmRequest pwmRequest) throws IOException, PwmUnrecoverableException, ServletException, ChaiUnavailableException, PwmOperationalException {
final UserIdentity userIdentity;
try {
userIdentity = readUserKeyRequestParameter(pwmRequest);
} catch (PwmUnrecoverableException e) {
pwmRequest.outputJsonResult(RestResultBean.fromError(e.getErrorInformation()));
return ProcessStatus.Halt;
}
final HelpdeskProfile helpdeskProfile = pwmRequest.getPwmSession().getSessionManager().getHelpdeskProfile(pwmRequest.getPwmApplication());
HelpdeskServletUtil.checkIfUserIdentityViewable(pwmRequest, helpdeskProfile, userIdentity);
{
final boolean buttonEnabled = helpdeskProfile.readSettingAsBoolean(PwmSetting.HELPDESK_CLEAR_RESPONSES_BUTTON);
final HelpdeskClearResponseMode mode = helpdeskProfile.readSettingAsEnum(PwmSetting.HELPDESK_CLEAR_RESPONSES, HelpdeskClearResponseMode.class);
if (!buttonEnabled && (mode == HelpdeskClearResponseMode.no)) {
throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_SECURITY_VIOLATION, "setting " + PwmSetting.HELPDESK_CLEAR_RESPONSES_BUTTON.toMenuLocationDebug(helpdeskProfile.getIdentifier(), pwmRequest.getLocale()) + " must be enabled or setting " + PwmSetting.HELPDESK_CLEAR_RESPONSES.toMenuLocationDebug(helpdeskProfile.getIdentifier(), pwmRequest.getLocale()) + "must be set to yes or ask"));
}
}
final ChaiUser chaiUser = getChaiUser(pwmRequest, helpdeskProfile, userIdentity);
final String userGUID = LdapOperationsHelper.readLdapGuidValue(pwmRequest.getPwmApplication(), pwmRequest.getPwmSession().getLabel(), userIdentity, true);
final CrService crService = pwmRequest.getPwmApplication().getCrService();
crService.clearResponses(pwmRequest.getPwmSession().getLabel(), userIdentity, chaiUser, userGUID);
// mark the event log
{
final HelpdeskAuditRecord auditRecord = new AuditRecordFactory(pwmRequest.getPwmApplication(), pwmRequest.getPwmSession()).createHelpdeskAuditRecord(AuditEvent.HELPDESK_CLEAR_RESPONSES, pwmRequest.getPwmSession().getUserInfo().getUserIdentity(), null, userIdentity, pwmRequest.getPwmSession().getSessionStateBean().getSrcAddress(), pwmRequest.getPwmSession().getSessionStateBean().getSrcHostname());
pwmRequest.getPwmApplication().getAuditManager().submit(auditRecord);
}
final RestResultBean restResultBean = RestResultBean.forSuccessMessage(pwmRequest, Message.Success_Unknown);
pwmRequest.outputJsonResult(restResultBean);
return ProcessStatus.Halt;
}
Also used :
ErrorInformation(password.pwm.error.ErrorInformation)
AuditRecordFactory(password.pwm.svc.event.AuditRecordFactory)
ChaiUser(com.novell.ldapchai.ChaiUser)
HelpdeskClearResponseMode(password.pwm.config.option.HelpdeskClearResponseMode)
UserIdentity(password.pwm.bean.UserIdentity)
HelpdeskProfile(password.pwm.config.profile.HelpdeskProfile)
PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException)
CrService(password.pwm.util.operations.CrService)
HelpdeskAuditRecord(password.pwm.svc.event.HelpdeskAuditRecord)
RestResultBean(password.pwm.ws.server.RestResultBean)
Example 65 with PwmUnrecoverableException
use of password.pwm.error.PwmUnrecoverableException in project pwm by pwm-project.
the class HelpdeskServlet method restVerifyVerificationTokenRequest.
@ActionHandler(action = "verifyVerificationToken")
private ProcessStatus restVerifyVerificationTokenRequest(final PwmRequest pwmRequest) throws IOException, PwmUnrecoverableException, ServletException {
final Instant startTime = Instant.now();
final HelpdeskVerificationRequestBean helpdeskVerificationRequestBean = JsonUtil.deserialize(pwmRequest.readRequestBodyAsString(), HelpdeskVerificationRequestBean.class);
final String token = helpdeskVerificationRequestBean.getCode();
final SecureService secureService = pwmRequest.getPwmApplication().getSecureService();
final HelpdeskVerificationRequestBean.TokenData tokenData = secureService.decryptObject(helpdeskVerificationRequestBean.getTokenData(), HelpdeskVerificationRequestBean.TokenData.class);
final UserIdentity userIdentity = UserIdentity.fromKey(helpdeskVerificationRequestBean.getUserKey(), pwmRequest.getPwmApplication());
if (tokenData == null || tokenData.getIssueDate() == null || tokenData.getToken() == null || tokenData.getToken().isEmpty()) {
final String errorMsg = "token data is corrupted";
throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_TOKEN_INCORRECT, errorMsg));
}
final TimeDuration maxTokenAge = new TimeDuration(Long.parseLong(pwmRequest.getConfig().readAppProperty(AppProperty.HELPDESK_TOKEN_MAX_AGE)) * 1000);
final Date maxTokenAgeTimestamp = new Date(System.currentTimeMillis() - maxTokenAge.getTotalMilliseconds());
if (tokenData.getIssueDate().before(maxTokenAgeTimestamp)) {
final String errorMsg = "token is older than maximum issue time (" + maxTokenAge.asCompactString() + ")";
throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_TOKEN_EXPIRED, errorMsg));
}
final boolean passed = tokenData.getToken().equals(token);
final HelpdeskVerificationStateBean verificationStateBean = HelpdeskVerificationStateBean.fromClientString(pwmRequest, helpdeskVerificationRequestBean.getVerificationState());
if (passed) {
final PwmSession pwmSession = pwmRequest.getPwmSession();
final HelpdeskAuditRecord auditRecord = new AuditRecordFactory(pwmRequest).createHelpdeskAuditRecord(AuditEvent.HELPDESK_VERIFY_TOKEN, pwmSession.getUserInfo().getUserIdentity(), null, userIdentity, pwmSession.getSessionStateBean().getSrcAddress(), pwmSession.getSessionStateBean().getSrcHostname());
pwmRequest.getPwmApplication().getAuditManager().submit(auditRecord);
verificationStateBean.addRecord(userIdentity, IdentityVerificationMethod.TOKEN);
} else {
final PwmSession pwmSession = pwmRequest.getPwmSession();
final HelpdeskAuditRecord auditRecord = new AuditRecordFactory(pwmRequest).createHelpdeskAuditRecord(AuditEvent.HELPDESK_VERIFY_TOKEN_INCORRECT, pwmSession.getUserInfo().getUserIdentity(), null, userIdentity, pwmSession.getSessionStateBean().getSrcAddress(), pwmSession.getSessionStateBean().getSrcHostname());
pwmRequest.getPwmApplication().getAuditManager().submit(auditRecord);
}
// add a delay to prevent continuous checks
final long delayMs = Long.parseLong(pwmRequest.getConfig().readAppProperty(AppProperty.HELPDESK_VERIFICATION_INVALID_DELAY_MS));
while (TimeDuration.fromCurrent(startTime).isShorterThan(delayMs)) {
JavaHelper.pause(100);
}
final HelpdeskVerificationResponseBean responseBean = new HelpdeskVerificationResponseBean(passed, verificationStateBean.toClientString(pwmRequest.getPwmApplication()));
final RestResultBean restResultBean = RestResultBean.withData(responseBean);
pwmRequest.outputJsonResult(restResultBean);
return ProcessStatus.Halt;
}
Also used :
SecureService(password.pwm.util.secure.SecureService)
Instant(java.time.Instant)
UserIdentity(password.pwm.bean.UserIdentity)
PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException)
Date(java.util.Date)
HelpdeskAuditRecord(password.pwm.svc.event.HelpdeskAuditRecord)
ErrorInformation(password.pwm.error.ErrorInformation)
AuditRecordFactory(password.pwm.svc.event.AuditRecordFactory)
TimeDuration(password.pwm.util.java.TimeDuration)
PwmSession(password.pwm.http.PwmSession)
RestResultBean(password.pwm.ws.server.RestResultBean)
Aggregations
PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)282
ErrorInformation (password.pwm.error.ErrorInformation)201
PwmOperationalException (password.pwm.error.PwmOperationalException)85
ChaiUnavailableException (com.novell.ldapchai.exception.ChaiUnavailableException)75
IOException (java.io.IOException)72
PwmException (password.pwm.error.PwmException)69
PwmApplication (password.pwm.PwmApplication)48
UserIdentity (password.pwm.bean.UserIdentity)48
Configuration (password.pwm.config.Configuration)43
ServletException (javax.servlet.ServletException)38
LinkedHashMap (java.util.LinkedHashMap)37
Instant (java.time.Instant)35
ArrayList (java.util.ArrayList)31
PwmSession (password.pwm.http.PwmSession)30
Map (java.util.Map)28
ChaiUser (com.novell.ldapchai.ChaiUser)26
ChaiOperationException (com.novell.ldapchai.exception.ChaiOperationException)25
FormConfiguration (password.pwm.config.value.data.FormConfiguration)24
HashMap (java.util.HashMap)23
ChaiException (com.novell.ldapchai.exception.ChaiException)22
