Examples with ActivateUserBean password.pwm.http.bean.ActivateUserBean used on opensource projects

Search in sources :

Example 1 with ActivateUserBean

use of password.pwm.http.bean.ActivateUserBean in project pwm by pwm-project.

the class ActivateUserServlet method handleActivateRequest.

@ActionHandler(action = "activate")
public ProcessStatus handleActivateRequest(final PwmRequest pwmRequest) throws PwmUnrecoverableException, ChaiUnavailableException, IOException, ServletException {
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final PwmSession pwmSession = pwmRequest.getPwmSession();
    final Configuration config = pwmApplication.getConfig();
    final LocalSessionStateBean ssBean = pwmSession.getSessionStateBean();
    if (CaptchaUtility.captchaEnabledForRequest(pwmRequest)) {
        if (!CaptchaUtility.verifyReCaptcha(pwmRequest)) {
            final ErrorInformation errorInfo = new ErrorInformation(PwmError.ERROR_BAD_CAPTCHA_RESPONSE);
            throw new PwmUnrecoverableException(errorInfo);
        }
    }
    pwmApplication.getSessionStateService().clearBean(pwmRequest, ActivateUserBean.class);
    final List<FormConfiguration> configuredActivationForm = config.readSettingAsForm(PwmSetting.ACTIVATE_USER_FORM);
    Map<FormConfiguration, String> formValues = new HashMap<>();
    try {
        // read the values from the request
        formValues = FormUtility.readFormValuesFromRequest(pwmRequest, configuredActivationForm, ssBean.getLocale());
        // check for intruders
        pwmApplication.getIntruderManager().convenience().checkAttributes(formValues);
        // read the context attr
        final String contextParam = pwmRequest.readParameterAsString(PwmConstants.PARAM_CONTEXT);
        // read the profile attr
        final String ldapProfile = pwmRequest.readParameterAsString(PwmConstants.PARAM_LDAP_PROFILE);
        // see if the values meet the configured form requirements.
        FormUtility.validateFormValues(config, formValues, ssBean.getLocale());
        final String searchFilter = ActivateUserUtils.figureLdapSearchFilter(pwmRequest);
        // read an ldap user object based on the params
        final UserIdentity userIdentity;
        {
            final UserSearchEngine userSearchEngine = pwmApplication.getUserSearchEngine();
            final SearchConfiguration searchConfiguration = SearchConfiguration.builder().contexts(Collections.singletonList(contextParam)).filter(searchFilter).formValues(formValues).ldapProfile(ldapProfile).build();
            userIdentity = userSearchEngine.performSingleUserSearch(searchConfiguration, pwmRequest.getSessionLabel());
        }
        ActivateUserUtils.validateParamsAgainstLDAP(pwmRequest, formValues, userIdentity);
        final List<UserPermission> userPermissions = config.readSettingAsUserPermission(PwmSetting.ACTIVATE_USER_QUERY_MATCH);
        if (!LdapPermissionTester.testUserPermissions(pwmApplication, pwmSession.getLabel(), userIdentity, userPermissions)) {
            final String errorMsg = "user " + userIdentity + " attempted activation, but does not match query string";
            final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_ACTIVATE_NO_PERMISSION, errorMsg);
            pwmApplication.getIntruderManager().convenience().markUserIdentity(userIdentity, pwmSession);
            pwmApplication.getIntruderManager().convenience().markAddressAndSession(pwmSession);
            throw new PwmUnrecoverableException(errorInformation);
        }
        final ActivateUserBean activateUserBean = pwmApplication.getSessionStateService().getBean(pwmRequest, ActivateUserBean.class);
        activateUserBean.setUserIdentity(userIdentity);
        activateUserBean.setFormValidated(true);
        pwmApplication.getIntruderManager().convenience().clearAttributes(formValues);
        pwmApplication.getIntruderManager().convenience().clearAddressAndSession(pwmSession);
    } catch (PwmOperationalException e) {
        pwmApplication.getIntruderManager().convenience().markAttributes(formValues, pwmSession);
        pwmApplication.getIntruderManager().convenience().markAddressAndSession(pwmSession);
        setLastError(pwmRequest, e.getErrorInformation());
        LOGGER.debug(pwmSession.getLabel(), e.getErrorInformation().toDebugStr());
    }
    return ProcessStatus.Continue;
}
Also used : PwmApplication(password.pwm.PwmApplication) FormConfiguration(password.pwm.config.value.data.FormConfiguration) SearchConfiguration(password.pwm.ldap.search.SearchConfiguration) Configuration(password.pwm.config.Configuration) HashMap(java.util.HashMap) UserIdentity(password.pwm.bean.UserIdentity) UserSearchEngine(password.pwm.ldap.search.UserSearchEngine) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) SearchConfiguration(password.pwm.ldap.search.SearchConfiguration) ActivateUserBean(password.pwm.http.bean.ActivateUserBean) PwmOperationalException(password.pwm.error.PwmOperationalException) ErrorInformation(password.pwm.error.ErrorInformation) LocalSessionStateBean(password.pwm.bean.LocalSessionStateBean) FormConfiguration(password.pwm.config.value.data.FormConfiguration) PwmSession(password.pwm.http.PwmSession) UserPermission(password.pwm.config.value.data.UserPermission)

Example 2 with ActivateUserBean

use of password.pwm.http.bean.ActivateUserBean in project pwm by pwm-project.

the class ActivateUserServlet method processTokenChoice.

@ActionHandler(action = "tokenChoice")
private ProcessStatus processTokenChoice(final PwmRequest pwmRequest) throws PwmUnrecoverableException {
    final ActivateUserBean activateUserBean = activateUserBean(pwmRequest);
    final UserInfo userInfo = userInfo(pwmRequest);
    final MessageSendMethod tokenSendMethod = pwmRequest.getConfig().readSettingAsEnum(PwmSetting.ACTIVATE_TOKEN_SEND_METHOD, MessageSendMethod.class);
    final List<TokenDestinationItem> tokenDestinationItems = TokenUtil.figureAvailableTokenDestinations(pwmRequest.getPwmApplication(), pwmRequest.getSessionLabel(), pwmRequest.getLocale(), userInfo, tokenSendMethod);
    final String requestedID = pwmRequest.readParameterAsString("choice", PwmHttpRequestWrapper.Flag.BypassValidation);
    if (!StringUtil.isEmpty(requestedID)) {
        for (final TokenDestinationItem item : tokenDestinationItems) {
            if (requestedID.equals(item.getId())) {
                activateUserBean.setTokenDestination(item);
            }
        }
    }
    return ProcessStatus.Continue;
}
Also used : UserInfo(password.pwm.ldap.UserInfo) MessageSendMethod(password.pwm.config.option.MessageSendMethod) TokenDestinationItem(password.pwm.bean.TokenDestinationItem) ActivateUserBean(password.pwm.http.bean.ActivateUserBean)

Example 3 with ActivateUserBean

use of password.pwm.http.bean.ActivateUserBean in project pwm by pwm-project.

the class ActivateUserServlet method handleAgreeRequest.

@ActionHandler(action = "agree")
public ProcessStatus handleAgreeRequest(final PwmRequest pwmRequest) throws ServletException, IOException, PwmUnrecoverableException, ChaiUnavailableException {
    LOGGER.debug(pwmRequest, "user accepted agreement");
    final ActivateUserBean activateUserBean = activateUserBean(pwmRequest);
    if (!activateUserBean.isAgreementPassed()) {
        activateUserBean.setAgreementPassed(true);
        final AuditRecord auditRecord = new AuditRecordFactory(pwmRequest).createUserAuditRecord(AuditEvent.AGREEMENT_PASSED, pwmRequest.getUserInfoIfLoggedIn(), pwmRequest.getSessionLabel(), "ActivateUser");
        pwmRequest.getPwmApplication().getAuditManager().submit(auditRecord);
    }
    return ProcessStatus.Continue;
}
Also used : AuditRecordFactory(password.pwm.svc.event.AuditRecordFactory) AuditRecord(password.pwm.svc.event.AuditRecord) ActivateUserBean(password.pwm.http.bean.ActivateUserBean)

Example 4 with ActivateUserBean

use of password.pwm.http.bean.ActivateUserBean in project pwm by pwm-project.

the class ActivateUserServlet method nextStep.

@Override
protected void nextStep(final PwmRequest pwmRequest) throws PwmUnrecoverableException, IOException, ChaiUnavailableException, ServletException {
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final PwmSession pwmSession = pwmRequest.getPwmSession();
    final Configuration config = pwmApplication.getConfig();
    final ActivateUserBean activateUserBean = activateUserBean(pwmRequest);
    if (!activateUserBean.isFormValidated() || activateUserBean.getUserIdentity() == null) {
        ActivateUserUtils.forwardToActivateUserForm(pwmRequest);
        return;
    }
    final UserInfo userInfo = userInfo(pwmRequest);
    final MessageSendMethod tokenSendMethod = config.readSettingAsEnum(PwmSetting.ACTIVATE_TOKEN_SEND_METHOD, MessageSendMethod.class);
    if (MessageSendMethod.NONE != tokenSendMethod) {
        final List<TokenDestinationItem> tokenDestinationItems = TokenUtil.figureAvailableTokenDestinations(pwmApplication, pwmRequest.getSessionLabel(), pwmRequest.getLocale(), userInfo, tokenSendMethod);
        if (activateUserBean.getTokenDestination() == null) {
            final boolean autoSelect = Boolean.parseBoolean(pwmRequest.getConfig().readAppProperty(AppProperty.ACTIVATE_USER_TOKEN_AUTO_SELECT_DEST));
            if (tokenDestinationItems.size() == 1 && autoSelect) {
                activateUserBean.setTokenDestination(tokenDestinationItems.iterator().next());
            } else {
                forwardToTokenChoiceJsp(pwmRequest, tokenDestinationItems);
                return;
            }
        }
        if (!activateUserBean.isTokenSent() && activateUserBean.getTokenDestination() != null) {
            TokenUtil.initializeAndSendToken(pwmRequest, TokenUtil.TokenInitAndSendRequest.builder().userInfo(userInfo).tokenDestinationItem(activateUserBean.getTokenDestination()).emailToSend(PwmSetting.EMAIL_ACTIVATION_VERIFICATION).tokenType(TokenType.ACTIVATION).smsToSend(PwmSetting.SMS_ACTIVATION_VERIFICATION_TEXT).build());
        }
        if (!activateUserBean.isTokenPassed()) {
            forwardToEnterCodeJsp(pwmRequest, tokenDestinationItems);
            return;
        }
    }
    final String agreementText = config.readSettingAsLocalizedString(PwmSetting.ACTIVATE_AGREEMENT_MESSAGE, pwmSession.getSessionStateBean().getLocale());
    if (!StringUtil.isEmpty(agreementText) && !activateUserBean.isAgreementPassed()) {
        ActivateUserUtils.forwardToAgreementPage(pwmRequest);
        return;
    }
    try {
        ActivateUserUtils.activateUser(pwmRequest, activateUserBean.getUserIdentity());
        pwmRequest.getPwmResponse().forwardToSuccessPage(Message.Success_ActivateUser);
    } catch (PwmOperationalException e) {
        LOGGER.debug(pwmRequest, e.getErrorInformation());
        pwmApplication.getIntruderManager().convenience().markUserIdentity(activateUserBean.getUserIdentity(), pwmSession);
        pwmApplication.getIntruderManager().convenience().markAddressAndSession(pwmSession);
        pwmRequest.respondWithError(e.getErrorInformation());
    }
}
Also used : PwmApplication(password.pwm.PwmApplication) FormConfiguration(password.pwm.config.value.data.FormConfiguration) SearchConfiguration(password.pwm.ldap.search.SearchConfiguration) Configuration(password.pwm.config.Configuration) UserInfo(password.pwm.ldap.UserInfo) MessageSendMethod(password.pwm.config.option.MessageSendMethod) PwmSession(password.pwm.http.PwmSession) TokenDestinationItem(password.pwm.bean.TokenDestinationItem) ActivateUserBean(password.pwm.http.bean.ActivateUserBean) PwmOperationalException(password.pwm.error.PwmOperationalException)

Example 5 with ActivateUserBean

use of password.pwm.http.bean.ActivateUserBean in project pwm by pwm-project.

the class ActivateUserServlet method handleEnterCode.

@ActionHandler(action = "enterCode")
public ProcessStatus handleEnterCode(final PwmRequest pwmRequest) throws ChaiUnavailableException, PwmUnrecoverableException, IOException, ServletException {
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final PwmSession pwmSession = pwmRequest.getPwmSession();
    final ActivateUserBean activateUserBean = pwmApplication.getSessionStateService().getBean(pwmRequest, ActivateUserBean.class);
    final String userEnteredCode = pwmRequest.readParameterAsString(PwmConstants.PARAM_TOKEN);
    ErrorInformation errorInformation = null;
    try {
        final TokenPayload tokenPayload = TokenUtil.checkEnteredCode(pwmRequest, userEnteredCode, activateUserBean.getTokenDestination(), null, TokenType.ACTIVATION, TokenService.TokenEntryType.unauthenticated);
        activateUserBean.setUserIdentity(tokenPayload.getUserIdentity());
        activateUserBean.setTokenPassed(true);
        activateUserBean.setFormValidated(true);
        activateUserBean.setTokenDestination(tokenPayload.getDestination());
        if (pwmRequest.getConfig().readSettingAsBoolean(PwmSetting.DISPLAY_TOKEN_SUCCESS_BUTTON)) {
            pwmRequest.setAttribute(PwmRequestAttribute.TokenDestItems, tokenPayload.getDestination());
            pwmRequest.forwardToJsp(JspUrl.ACTIVATE_USER_TOKEN_SUCCESS);
            return ProcessStatus.Halt;
        }
    } catch (PwmUnrecoverableException e) {
        LOGGER.debug(pwmRequest, "error while checking entered token: ");
        errorInformation = e.getErrorInformation();
    }
    if (!activateUserBean.isTokenPassed()) {
        if (errorInformation == null) {
            errorInformation = new ErrorInformation(PwmError.ERROR_TOKEN_INCORRECT);
        }
        LOGGER.debug(pwmSession.getLabel(), errorInformation.toDebugStr());
        setLastError(pwmRequest, errorInformation);
    }
    return ProcessStatus.Continue;
}
Also used : ErrorInformation(password.pwm.error.ErrorInformation) PwmApplication(password.pwm.PwmApplication) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) PwmSession(password.pwm.http.PwmSession) TokenPayload(password.pwm.svc.token.TokenPayload) ActivateUserBean(password.pwm.http.bean.ActivateUserBean)

Aggregations

ActivateUserBean (password.pwm.http.bean.ActivateUserBean)5 PwmApplication (password.pwm.PwmApplication)3 PwmSession (password.pwm.http.PwmSession)3 TokenDestinationItem (password.pwm.bean.TokenDestinationItem)2 Configuration (password.pwm.config.Configuration)2 MessageSendMethod (password.pwm.config.option.MessageSendMethod)2 FormConfiguration (password.pwm.config.value.data.FormConfiguration)2 ErrorInformation (password.pwm.error.ErrorInformation)2 PwmOperationalException (password.pwm.error.PwmOperationalException)2 PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)2 UserInfo (password.pwm.ldap.UserInfo)2 SearchConfiguration (password.pwm.ldap.search.SearchConfiguration)2 HashMap (java.util.HashMap)1 LocalSessionStateBean (password.pwm.bean.LocalSessionStateBean)1 UserIdentity (password.pwm.bean.UserIdentity)1 UserPermission (password.pwm.config.value.data.UserPermission)1 UserSearchEngine (password.pwm.ldap.search.UserSearchEngine)1 AuditRecord (password.pwm.svc.event.AuditRecord)1 AuditRecordFactory (password.pwm.svc.event.AuditRecordFactory)1 TokenPayload (password.pwm.svc.token.TokenPayload)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial