Examples with PwmSession password.pwm.http.PwmSession used on opensource projects

Search in sources :

Example 46 with PwmSession

use of password.pwm.http.PwmSession in project pwm by pwm-project.

the class SetupOtpServlet method preProcessCheck.

@Override
public ProcessStatus preProcessCheck(final PwmRequest pwmRequest) throws PwmUnrecoverableException, IOException, ServletException {
    // fetch the required beans / managers
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final PwmSession pwmSession = pwmRequest.getPwmSession();
    final Configuration config = pwmApplication.getConfig();
    final SetupOtpProfile setupOtpProfile = getSetupOtpProfile(pwmRequest);
    if (setupOtpProfile == null || !setupOtpProfile.readSettingAsBoolean(PwmSetting.OTP_ALLOW_SETUP)) {
        final String errorMsg = "setup OTP is not enabled";
        final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_SERVICE_NOT_AVAILABLE, errorMsg);
        LOGGER.error(pwmRequest, errorInformation);
        pwmRequest.respondWithError(errorInformation);
        return ProcessStatus.Halt;
    }
    // check whether the setup can be stored
    if (!canSetupOtpSecret(config)) {
        LOGGER.error(pwmSession, "OTP Secret cannot be setup");
        pwmRequest.respondWithError(PwmError.ERROR_INVALID_CONFIG.toInfo());
        return ProcessStatus.Halt;
    }
    if (pwmSession.getLoginInfoBean().getType() == AuthenticationType.AUTH_WITHOUT_PASSWORD) {
        LOGGER.error(pwmSession, "OTP Secret requires a password login");
        throw new PwmUnrecoverableException(PwmError.ERROR_PASSWORD_REQUIRED);
    }
    final SetupOtpBean otpBean = getSetupOtpBean(pwmRequest);
    initializeBean(pwmRequest, otpBean);
    return ProcessStatus.Continue;
}
Also used : ErrorInformation(password.pwm.error.ErrorInformation) PwmApplication(password.pwm.PwmApplication) SetupOtpProfile(password.pwm.config.profile.SetupOtpProfile) SetupOtpBean(password.pwm.http.bean.SetupOtpBean) Configuration(password.pwm.config.Configuration) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) PwmSession(password.pwm.http.PwmSession)

Example 47 with PwmSession

use of password.pwm.http.PwmSession in project pwm by pwm-project.

the class SetupOtpServlet method handleRestValidateCode.

@ActionHandler(action = "restValidateCode")
private ProcessStatus handleRestValidateCode(final PwmRequest pwmRequest) throws PwmUnrecoverableException, IOException, ServletException, ChaiUnavailableException {
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final PwmSession pwmSession = pwmRequest.getPwmSession();
    final OTPUserRecord otpUserRecord = pwmSession.getUserInfo().getOtpUserRecord();
    final OtpService otpService = pwmApplication.getOtpService();
    final String bodyString = pwmRequest.readRequestBodyAsString();
    final Map<String, String> clientValues = JsonUtil.deserializeStringMap(bodyString);
    final String code = Validator.sanitizeInputValue(pwmApplication.getConfig(), clientValues.get("code"), 1024);
    try {
        final boolean passed = otpService.validateToken(pwmRequest.getSessionLabel(), pwmSession.getUserInfo().getUserIdentity(), otpUserRecord, code, false);
        final RestResultBean restResultBean = RestResultBean.withData(passed);
        LOGGER.trace(pwmSession, "returning result for restValidateCode: " + JsonUtil.serialize(restResultBean));
        pwmRequest.outputJsonResult(restResultBean);
    } catch (PwmOperationalException e) {
        final String errorMsg = "error during otp code validation: " + e.getMessage();
        LOGGER.error(pwmSession, errorMsg);
        pwmRequest.outputJsonResult(RestResultBean.fromError(new ErrorInformation(PwmError.ERROR_UNKNOWN, errorMsg), pwmRequest));
    }
    return ProcessStatus.Continue;
}
Also used : ErrorInformation(password.pwm.error.ErrorInformation) PwmApplication(password.pwm.PwmApplication) OtpService(password.pwm.util.operations.OtpService) PwmSession(password.pwm.http.PwmSession) OTPUserRecord(password.pwm.util.operations.otp.OTPUserRecord) RestResultBean(password.pwm.ws.server.RestResultBean) PwmOperationalException(password.pwm.error.PwmOperationalException)

Example 48 with PwmSession

use of password.pwm.http.PwmSession in project pwm by pwm-project.

the class SetupOtpServlet method handleComplete.

@ActionHandler(action = "complete")
private ProcessStatus handleComplete(final PwmRequest pwmRequest) throws PwmUnrecoverableException, IOException, ServletException, ChaiUnavailableException {
    final PwmSession pwmSession = pwmRequest.getPwmSession();
    pwmSession.getLoginInfoBean().setFlag(LoginInfoBean.LoginFlag.skipOtp);
    pwmRequest.getPwmApplication().getSessionStateService().clearBean(pwmRequest, SetupOtpBean.class);
    pwmRequest.sendRedirectToContinue();
    return ProcessStatus.Halt;
}
Also used : PwmSession(password.pwm.http.PwmSession)

Example 49 with PwmSession

use of password.pwm.http.PwmSession in project pwm by pwm-project.

the class SetupOtpServlet method handleTestOtpSecret.

@ActionHandler(action = "testOtpSecret")
private ProcessStatus handleTestOtpSecret(final PwmRequest pwmRequest) throws PwmUnrecoverableException, ChaiUnavailableException, IOException, ServletException {
    final SetupOtpBean otpBean = getSetupOtpBean(pwmRequest);
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final PwmSession pwmSession = pwmRequest.getPwmSession();
    final String otpToken = pwmRequest.readParameterAsString(PwmConstants.PARAM_OTP_TOKEN);
    final OtpService otpService = pwmApplication.getOtpService();
    if (otpToken != null && otpToken.length() > 0) {
        try {
            if (pwmRequest.getConfig().isDevDebugMode()) {
                LOGGER.trace(pwmRequest, "testing against otp record: " + JsonUtil.serialize(otpBean.getOtpUserRecord()));
            }
            if (otpService.validateToken(pwmRequest.getSessionLabel(), pwmSession.getUserInfo().getUserIdentity(), otpBean.getOtpUserRecord(), otpToken, false)) {
                LOGGER.debug(pwmRequest, "test OTP token returned true, valid OTP secret provided");
                otpBean.setConfirmed(true);
                otpBean.setChallenge(null);
            } else {
                LOGGER.debug(pwmRequest, "test OTP token returned false, incorrect OTP secret provided");
                setLastError(pwmRequest, new ErrorInformation(PwmError.ERROR_TOKEN_INCORRECT));
            }
        } catch (PwmOperationalException e) {
            LOGGER.error(pwmRequest, "error validating otp token: " + e.getMessage());
            setLastError(pwmRequest, e.getErrorInformation());
        }
    }
    return ProcessStatus.Continue;
}
Also used : ErrorInformation(password.pwm.error.ErrorInformation) PwmApplication(password.pwm.PwmApplication) SetupOtpBean(password.pwm.http.bean.SetupOtpBean) OtpService(password.pwm.util.operations.OtpService) PwmSession(password.pwm.http.PwmSession) PwmOperationalException(password.pwm.error.PwmOperationalException)

Example 50 with PwmSession

use of password.pwm.http.PwmSession in project pwm by pwm-project.

the class SetupOtpServlet method initializeBean.

private void initializeBean(final PwmRequest pwmRequest, final SetupOtpBean otpBean) throws PwmUnrecoverableException {
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final PwmSession pwmSession = pwmRequest.getPwmSession();
    // has pre-existing, nothing to do.
    if (otpBean.isHasPreExistingOtp()) {
        return;
    }
    final OtpService service = pwmApplication.getOtpService();
    final UserIdentity theUser = pwmSession.getUserInfo().getUserIdentity();
    // first time here
    if (otpBean.getOtpUserRecord() == null) {
        final OTPUserRecord existingUserRecord;
        try {
            existingUserRecord = service.readOTPUserConfiguration(pwmRequest.getSessionLabel(), theUser);
        } catch (ChaiUnavailableException e) {
            throw PwmUnrecoverableException.fromChaiException(e);
        }
        if (existingUserRecord != null) {
            otpBean.setHasPreExistingOtp(true);
            LOGGER.trace(pwmSession, "user has existing otp record");
            return;
        }
    }
    // make a new user record.
    if (otpBean.getOtpUserRecord() == null) {
        try {
            final Configuration config = pwmApplication.getConfig();
            final SetupOtpProfile setupOtpProfile = getSetupOtpProfile(pwmRequest);
            final String identifierConfigValue = setupOtpProfile.readSettingAsString(PwmSetting.OTP_SECRET_IDENTIFIER);
            final String identifier = pwmSession.getSessionManager().getMacroMachine(pwmApplication).expandMacros(identifierConfigValue);
            final OTPUserRecord otpUserRecord = new OTPUserRecord();
            final List<String> rawRecoveryCodes = pwmApplication.getOtpService().initializeUserRecord(setupOtpProfile, otpUserRecord, pwmRequest.getSessionLabel(), identifier);
            otpBean.setOtpUserRecord(otpUserRecord);
            otpBean.setRecoveryCodes(rawRecoveryCodes);
            LOGGER.trace(pwmSession, "generated new otp record");
            if (config.isDevDebugMode()) {
                LOGGER.trace(pwmRequest, "newly generated otp record: " + JsonUtil.serialize(otpUserRecord));
            }
        } catch (Exception e) {
            final String errorMsg = "error setting up new OTP secret: " + e.getMessage();
            LOGGER.error(pwmSession, errorMsg);
            throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_UNKNOWN, errorMsg));
        }
    }
}
Also used : PwmApplication(password.pwm.PwmApplication) ChaiUnavailableException(com.novell.ldapchai.exception.ChaiUnavailableException) SetupOtpProfile(password.pwm.config.profile.SetupOtpProfile) Configuration(password.pwm.config.Configuration) OtpService(password.pwm.util.operations.OtpService) UserIdentity(password.pwm.bean.UserIdentity) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) ServletException(javax.servlet.ServletException) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) PwmException(password.pwm.error.PwmException) PwmOperationalException(password.pwm.error.PwmOperationalException) IOException(java.io.IOException) ChaiUnavailableException(com.novell.ldapchai.exception.ChaiUnavailableException) ErrorInformation(password.pwm.error.ErrorInformation) PwmSession(password.pwm.http.PwmSession) OTPUserRecord(password.pwm.util.operations.otp.OTPUserRecord)

Aggregations

PwmSession (password.pwm.http.PwmSession)74 PwmApplication (password.pwm.PwmApplication)55 ErrorInformation (password.pwm.error.ErrorInformation)38 PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)30 PwmOperationalException (password.pwm.error.PwmOperationalException)29 Configuration (password.pwm.config.Configuration)21 UserIdentity (password.pwm.bean.UserIdentity)20 FormConfiguration (password.pwm.config.value.data.FormConfiguration)19 PwmException (password.pwm.error.PwmException)14 ChaiUser (com.novell.ldapchai.ChaiUser)12 ActionConfiguration (password.pwm.config.value.data.ActionConfiguration)12 UserInfo (password.pwm.ldap.UserInfo)12 SearchConfiguration (password.pwm.ldap.search.SearchConfiguration)11 ChaiOperationException (com.novell.ldapchai.exception.ChaiOperationException)9 ChaiUnavailableException (com.novell.ldapchai.exception.ChaiUnavailableException)9 IOException (java.io.IOException)9 Instant (java.time.Instant)9 RestResultBean (password.pwm.ws.server.RestResultBean)9 ServletException (javax.servlet.ServletException)8 MacroMachine (password.pwm.util.macro.MacroMachine)8
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial