Examples with ForgottenPasswordBean password.pwm.http.bean.ForgottenPasswordBean used on opensource projects

Search in sources :

Example 1 with ForgottenPasswordBean

use of password.pwm.http.bean.ForgottenPasswordBean in project pwm by pwm-project.

the class ForgottenPasswordUtil method doActionSendNewPassword.

static void doActionSendNewPassword(final PwmRequest pwmRequest) throws ChaiUnavailableException, IOException, ServletException, PwmUnrecoverableException {
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final ForgottenPasswordBean forgottenPasswordBean = ForgottenPasswordServlet.forgottenPasswordBean(pwmRequest);
    final ForgottenPasswordProfile forgottenPasswordProfile = forgottenPasswordProfile(pwmRequest.getPwmApplication(), forgottenPasswordBean);
    final RecoveryAction recoveryAction = ForgottenPasswordUtil.getRecoveryAction(pwmApplication.getConfig(), forgottenPasswordBean);
    LOGGER.trace(pwmRequest, "beginning process to send new password to user");
    if (!forgottenPasswordBean.getProgress().isAllPassed()) {
        return;
    }
    final UserIdentity userIdentity = forgottenPasswordBean.getUserIdentity();
    final ChaiUser theUser = pwmRequest.getPwmApplication().getProxiedChaiUser(userIdentity);
    try {
        // try unlocking user
        theUser.unlockPassword();
        LOGGER.trace(pwmRequest, "unlock account succeeded");
    } catch (ChaiOperationException e) {
        final String errorMsg = "unable to unlock user " + theUser.getEntryDN() + " error: " + e.getMessage();
        final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_UNLOCK_FAILURE, errorMsg);
        LOGGER.error(pwmRequest.getPwmSession(), errorInformation.toDebugStr());
        pwmRequest.respondWithError(errorInformation);
        return;
    }
    try {
        final UserInfo userInfo = UserInfoFactory.newUserInfoUsingProxy(pwmApplication, pwmRequest.getSessionLabel(), userIdentity, pwmRequest.getLocale());
        LOGGER.info(pwmRequest, "user successfully supplied password recovery responses, emailing new password to: " + theUser.getEntryDN());
        // add post change actions
        ForgottenPasswordServlet.addPostChangeAction(pwmRequest, userIdentity);
        // create new password
        final PasswordData newPassword = RandomPasswordGenerator.createRandomPassword(pwmRequest.getSessionLabel(), userInfo.getPasswordPolicy(), pwmApplication);
        LOGGER.trace(pwmRequest, "generated random password value based on password policy for " + userIdentity.toDisplayString());
        // set the password
        try {
            theUser.setPassword(newPassword.getStringValue());
            LOGGER.trace(pwmRequest, "set user " + userIdentity.toDisplayString() + " password to system generated random value");
        } catch (ChaiException e) {
            throw PwmUnrecoverableException.fromChaiException(e);
        }
        if (recoveryAction == RecoveryAction.SENDNEWPW_AND_EXPIRE) {
            LOGGER.debug(pwmRequest, "marking user " + userIdentity.toDisplayString() + " password as expired");
            theUser.expirePassword();
        }
        // mark the event log
        {
            final AuditRecord auditRecord = new AuditRecordFactory(pwmApplication).createUserAuditRecord(AuditEvent.RECOVER_PASSWORD, userIdentity, pwmRequest.getSessionLabel());
            pwmApplication.getAuditManager().submit(auditRecord);
        }
        final MessageSendMethod messageSendMethod = forgottenPasswordProfile.readSettingAsEnum(PwmSetting.RECOVERY_SENDNEWPW_METHOD, MessageSendMethod.class);
        // send email or SMS
        final String toAddress = PasswordUtility.sendNewPassword(userInfo, pwmApplication, newPassword, pwmRequest.getLocale(), messageSendMethod);
        pwmRequest.getPwmResponse().forwardToSuccessPage(Message.Success_PasswordSend, toAddress);
    } catch (PwmException e) {
        LOGGER.warn(pwmRequest, "unexpected error setting new password during recovery process for user: " + e.getMessage());
        pwmRequest.respondWithError(e.getErrorInformation());
    } catch (ChaiOperationException e) {
        final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_UNKNOWN, "unexpected ldap error while processing recovery action " + recoveryAction + ", error: " + e.getMessage());
        LOGGER.warn(pwmRequest, errorInformation.toDebugStr());
        pwmRequest.respondWithError(errorInformation);
    } finally {
        ForgottenPasswordServlet.clearForgottenPasswordBean(pwmRequest);
        // the user should not be authenticated, this is a safety method
        pwmRequest.getPwmSession().unauthenticateUser(pwmRequest);
        // the password set flag should not have been set, this is a safety method
        pwmRequest.getPwmSession().getSessionStateBean().setPasswordModified(false);
    }
}
Also used : ForgottenPasswordProfile(password.pwm.config.profile.ForgottenPasswordProfile) PwmApplication(password.pwm.PwmApplication) UserIdentity(password.pwm.bean.UserIdentity) UserInfo(password.pwm.ldap.UserInfo) MessageSendMethod(password.pwm.config.option.MessageSendMethod) PwmException(password.pwm.error.PwmException) ErrorInformation(password.pwm.error.ErrorInformation) AuditRecordFactory(password.pwm.svc.event.AuditRecordFactory) ChaiUser(com.novell.ldapchai.ChaiUser) RecoveryAction(password.pwm.config.option.RecoveryAction) PasswordData(password.pwm.util.PasswordData) ChaiOperationException(com.novell.ldapchai.exception.ChaiOperationException) AuditRecord(password.pwm.svc.event.AuditRecord) ForgottenPasswordBean(password.pwm.http.bean.ForgottenPasswordBean) ChaiException(com.novell.ldapchai.exception.ChaiException)

Example 2 with ForgottenPasswordBean

use of password.pwm.http.bean.ForgottenPasswordBean in project pwm by pwm-project.

the class ForgottenPasswordUtil method initBogusForgottenPasswordBean.

static void initBogusForgottenPasswordBean(final PwmRequest pwmRequest) throws PwmUnrecoverableException {
    final ForgottenPasswordBean forgottenPasswordBean = ForgottenPasswordServlet.forgottenPasswordBean(pwmRequest);
    forgottenPasswordBean.setUserIdentity(null);
    forgottenPasswordBean.setPresentableChallengeSet(null);
    final List<Challenge> challengeList = new ArrayList<>();
    {
        final String firstProfile = pwmRequest.getConfig().getChallengeProfileIDs().iterator().next();
        final ChallengeSet challengeSet = pwmRequest.getConfig().getChallengeProfile(firstProfile, PwmConstants.DEFAULT_LOCALE).getChallengeSet();
        challengeList.addAll(challengeSet.getRequiredChallenges());
        for (int i = 0; i < challengeSet.getMinRandomRequired(); i++) {
            challengeList.add(challengeSet.getRandomChallenges().get(i));
        }
    }
    final List<FormConfiguration> formData = new ArrayList<>();
    {
        int counter = 0;
        for (Challenge challenge : challengeList) {
            final FormConfiguration formConfiguration = FormConfiguration.builder().name("challenge" + counter++).type(FormConfiguration.Type.text).labels(Collections.singletonMap("", challenge.getChallengeText())).minimumLength(challenge.getMinLength()).maximumLength(challenge.getMaxLength()).source(FormConfiguration.Source.bogus).build();
            formData.add(formConfiguration);
        }
    }
    forgottenPasswordBean.setAttributeForm(formData);
    forgottenPasswordBean.setBogusUser(true);
    {
        final String profileID = pwmRequest.getConfig().getForgottenPasswordProfiles().keySet().iterator().next();
        forgottenPasswordBean.setForgottenPasswordProfileID(profileID);
    }
    final ForgottenPasswordBean.RecoveryFlags recoveryFlags = new ForgottenPasswordBean.RecoveryFlags(false, Collections.singleton(IdentityVerificationMethod.ATTRIBUTES), Collections.emptySet(), 0);
    forgottenPasswordBean.setRecoveryFlags(recoveryFlags);
}
Also used : ChallengeSet(com.novell.ldapchai.cr.ChallengeSet) ArrayList(java.util.ArrayList) FormConfiguration(password.pwm.config.value.data.FormConfiguration) ForgottenPasswordBean(password.pwm.http.bean.ForgottenPasswordBean) Challenge(com.novell.ldapchai.cr.Challenge)

Example 3 with ForgottenPasswordBean

use of password.pwm.http.bean.ForgottenPasswordBean in project pwm by pwm-project.

the class ForgottenPasswordServlet method processEnterRemoteResponse.

@ActionHandler(action = "enterRemoteResponse")
private ProcessStatus processEnterRemoteResponse(final PwmRequest pwmRequest) throws PwmUnrecoverableException, IOException, ServletException {
    final String prefix = "remote-";
    final ForgottenPasswordBean forgottenPasswordBean = forgottenPasswordBean(pwmRequest);
    final VerificationMethodSystem remoteRecoveryMethod = forgottenPasswordBean.getProgress().getRemoteRecoveryMethod();
    final Map<String, String> remoteResponses = new LinkedHashMap<>();
    {
        final Map<String, String> inputMap = pwmRequest.readParametersAsMap();
        for (final Map.Entry<String, String> entry : inputMap.entrySet()) {
            final String name = entry.getKey();
            if (name != null && name.startsWith(prefix)) {
                final String strippedName = name.substring(prefix.length(), name.length());
                final String value = entry.getValue();
                remoteResponses.put(strippedName, value);
            }
        }
    }
    final ErrorInformation errorInformation = remoteRecoveryMethod.respondToPrompts(remoteResponses);
    if (remoteRecoveryMethod.getVerificationState() == VerificationMethodSystem.VerificationState.COMPLETE) {
        forgottenPasswordBean.getProgress().getSatisfiedMethods().add(IdentityVerificationMethod.REMOTE_RESPONSES);
    }
    if (remoteRecoveryMethod.getVerificationState() == VerificationMethodSystem.VerificationState.FAILED) {
        forgottenPasswordBean.getProgress().setRemoteRecoveryMethod(null);
        pwmRequest.respondWithError(errorInformation, true);
        handleUserVerificationBadAttempt(pwmRequest, forgottenPasswordBean, errorInformation);
        LOGGER.debug(pwmRequest, "unsuccessful remote response verification input: " + errorInformation.toDebugStr());
        return ProcessStatus.Continue;
    }
    if (errorInformation != null) {
        setLastError(pwmRequest, errorInformation);
        handleUserVerificationBadAttempt(pwmRequest, forgottenPasswordBean, errorInformation);
    }
    return ProcessStatus.Continue;
}
Also used : ErrorInformation(password.pwm.error.ErrorInformation) ForgottenPasswordBean(password.pwm.http.bean.ForgottenPasswordBean) Map(java.util.Map) LinkedHashMap(java.util.LinkedHashMap) VerificationMethodSystem(password.pwm.VerificationMethodSystem) LinkedHashMap(java.util.LinkedHashMap)

Example 4 with ForgottenPasswordBean

use of password.pwm.http.bean.ForgottenPasswordBean in project pwm by pwm-project.

the class ForgottenPasswordServlet method processTokenChoice.

@ActionHandler(action = "tokenChoice")
private ProcessStatus processTokenChoice(final PwmRequest pwmRequest) throws PwmUnrecoverableException {
    final ForgottenPasswordBean forgottenPasswordBean = forgottenPasswordBean(pwmRequest);
    final List<TokenDestinationItem> items = ForgottenPasswordUtil.figureAvailableTokenDestinations(pwmRequest, forgottenPasswordBean);
    final String requestedID = pwmRequest.readParameterAsString("choice", PwmHttpRequestWrapper.Flag.BypassValidation);
    if (!StringUtil.isEmpty(requestedID)) {
        for (final TokenDestinationItem item : items) {
            if (requestedID.equals(item.getId())) {
                forgottenPasswordBean.getProgress().setTokenDestination(item);
            }
        }
    }
    return ProcessStatus.Continue;
}
Also used : ForgottenPasswordBean(password.pwm.http.bean.ForgottenPasswordBean) TokenDestinationItem(password.pwm.bean.TokenDestinationItem)

Example 5 with ForgottenPasswordBean

use of password.pwm.http.bean.ForgottenPasswordBean in project pwm by pwm-project.

the class ForgottenPasswordServlet method processEnterCode.

@ActionHandler(action = "enterCode")
private ProcessStatus processEnterCode(final PwmRequest pwmRequest) throws ChaiUnavailableException, PwmUnrecoverableException, IOException, ServletException {
    final ForgottenPasswordBean forgottenPasswordBean = forgottenPasswordBean(pwmRequest);
    final String userEnteredCode = pwmRequest.readParameterAsString(PwmConstants.PARAM_TOKEN);
    ErrorInformation errorInformation = null;
    try {
        final TokenPayload tokenPayload = TokenUtil.checkEnteredCode(pwmRequest, userEnteredCode, forgottenPasswordBean.getProgress().getTokenDestination(), null, TokenType.FORGOTTEN_PW, TokenService.TokenEntryType.unauthenticated);
        // token correct
        if (forgottenPasswordBean.getUserIdentity() == null) {
            // clean session, user supplied token (clicked email, etc) and this is first request
            ForgottenPasswordUtil.initForgottenPasswordBean(pwmRequest, tokenPayload.getUserIdentity(), forgottenPasswordBean);
        }
        forgottenPasswordBean.getProgress().getSatisfiedMethods().add(IdentityVerificationMethod.TOKEN);
        StatisticsManager.incrementStat(pwmRequest.getPwmApplication(), Statistic.RECOVERY_TOKENS_PASSED);
        if (pwmRequest.getConfig().readSettingAsBoolean(PwmSetting.DISPLAY_TOKEN_SUCCESS_BUTTON)) {
            pwmRequest.setAttribute(PwmRequestAttribute.TokenDestItems, tokenPayload.getDestination());
            pwmRequest.forwardToJsp(JspUrl.RECOVER_PASSWORD_TOKEN_SUCCESS);
            return ProcessStatus.Halt;
        }
    } catch (PwmUnrecoverableException e) {
        LOGGER.debug(pwmRequest, "error while checking entered token: ");
        errorInformation = e.getErrorInformation();
    } catch (PwmOperationalException e) {
        final String errorMsg = "token incorrect: " + e.getMessage();
        errorInformation = new ErrorInformation(PwmError.ERROR_TOKEN_INCORRECT, errorMsg);
    }
    if (!forgottenPasswordBean.getProgress().getSatisfiedMethods().contains(IdentityVerificationMethod.TOKEN)) {
        if (errorInformation == null) {
            errorInformation = new ErrorInformation(PwmError.ERROR_TOKEN_INCORRECT);
        }
        handleUserVerificationBadAttempt(pwmRequest, forgottenPasswordBean, errorInformation);
    }
    return ProcessStatus.Continue;
}
Also used : ErrorInformation(password.pwm.error.ErrorInformation) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) ForgottenPasswordBean(password.pwm.http.bean.ForgottenPasswordBean) TokenPayload(password.pwm.svc.token.TokenPayload) PwmOperationalException(password.pwm.error.PwmOperationalException)

Aggregations

ForgottenPasswordBean (password.pwm.http.bean.ForgottenPasswordBean)22 ErrorInformation (password.pwm.error.ErrorInformation)15 UserIdentity (password.pwm.bean.UserIdentity)9 PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)9 UserInfo (password.pwm.ldap.UserInfo)8 PwmApplication (password.pwm.PwmApplication)7 ForgottenPasswordProfile (password.pwm.config.profile.ForgottenPasswordProfile)7 FormConfiguration (password.pwm.config.value.data.FormConfiguration)6 ChaiUser (com.novell.ldapchai.ChaiUser)5 ChaiOperationException (com.novell.ldapchai.exception.ChaiOperationException)5 TokenDestinationItem (password.pwm.bean.TokenDestinationItem)5 LinkedHashMap (java.util.LinkedHashMap)4 IdentityVerificationMethod (password.pwm.config.option.IdentityVerificationMethod)4 PwmOperationalException (password.pwm.error.PwmOperationalException)4 PwmSession (password.pwm.http.PwmSession)4 Locale (java.util.Locale)3 Map (java.util.Map)3 SearchConfiguration (password.pwm.ldap.search.SearchConfiguration)3 Challenge (com.novell.ldapchai.cr.Challenge)2 ChallengeSet (com.novell.ldapchai.cr.ChallengeSet)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial