Examples with SetupOtpBean password.pwm.http.bean.SetupOtpBean used on opensource projects

Example 1 with SetupOtpBean

use of password.pwm.http.bean.SetupOtpBean in project pwm by pwm-project.

the class SetupOtpServlet method processToggleSeen.

@ActionHandler(action = "toggleSeen")
private ProcessStatus processToggleSeen(final PwmRequest pwmRequest) throws PwmUnrecoverableException {
    final SetupOtpBean otpBean = getSetupOtpBean(pwmRequest);
    otpBean.setCodeSeen(!otpBean.isCodeSeen());
    return ProcessStatus.Continue;
}

Example 2 with SetupOtpBean

use of password.pwm.http.bean.SetupOtpBean in project pwm by pwm-project.

the class SetupOtpServlet method handleClearOtpSecret.

@ActionHandler(action = "clearOtp")
private ProcessStatus handleClearOtpSecret(final PwmRequest pwmRequest) throws PwmUnrecoverableException, ChaiUnavailableException {
    final SetupOtpBean otpBean = getSetupOtpBean(pwmRequest);
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final PwmSession pwmSession = pwmRequest.getPwmSession();
    final OtpService service = pwmApplication.getOtpService();
    final UserIdentity theUser = pwmSession.getUserInfo().getUserIdentity();
    try {
        service.clearOTPUserConfiguration(pwmSession, theUser);
    } catch (PwmOperationalException e) {
        setLastError(pwmRequest, e.getErrorInformation());
        LOGGER.error(pwmRequest, e.getErrorInformation());
        return ProcessStatus.Halt;
    }
    otpBean.setHasPreExistingOtp(false);
    initializeBean(pwmRequest, otpBean);
    return ProcessStatus.Continue;
}

Example 3 with SetupOtpBean

use of password.pwm.http.bean.SetupOtpBean in project pwm by pwm-project.

the class SetupOtpServlet method preProcessCheck.

@Override
public ProcessStatus preProcessCheck(final PwmRequest pwmRequest) throws PwmUnrecoverableException, IOException, ServletException {
    // fetch the required beans / managers
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final PwmSession pwmSession = pwmRequest.getPwmSession();
    final Configuration config = pwmApplication.getConfig();
    final SetupOtpProfile setupOtpProfile = getSetupOtpProfile(pwmRequest);
    if (setupOtpProfile == null || !setupOtpProfile.readSettingAsBoolean(PwmSetting.OTP_ALLOW_SETUP)) {
        final String errorMsg = "setup OTP is not enabled";
        final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_SERVICE_NOT_AVAILABLE, errorMsg);
        LOGGER.error(pwmRequest, errorInformation);
        pwmRequest.respondWithError(errorInformation);
        return ProcessStatus.Halt;
    }
    // check whether the setup can be stored
    if (!canSetupOtpSecret(config)) {
        LOGGER.error(pwmSession, "OTP Secret cannot be setup");
        pwmRequest.respondWithError(PwmError.ERROR_INVALID_CONFIG.toInfo());
        return ProcessStatus.Halt;
    }
    if (pwmSession.getLoginInfoBean().getType() == AuthenticationType.AUTH_WITHOUT_PASSWORD) {
        LOGGER.error(pwmSession, "OTP Secret requires a password login");
        throw new PwmUnrecoverableException(PwmError.ERROR_PASSWORD_REQUIRED);
    }
    final SetupOtpBean otpBean = getSetupOtpBean(pwmRequest);
    initializeBean(pwmRequest, otpBean);
    return ProcessStatus.Continue;
}

Example 4 with SetupOtpBean

use of password.pwm.http.bean.SetupOtpBean in project pwm by pwm-project.

the class SetupOtpServlet method handleTestOtpSecret.

@ActionHandler(action = "testOtpSecret")
private ProcessStatus handleTestOtpSecret(final PwmRequest pwmRequest) throws PwmUnrecoverableException, ChaiUnavailableException, IOException, ServletException {
    final SetupOtpBean otpBean = getSetupOtpBean(pwmRequest);
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final PwmSession pwmSession = pwmRequest.getPwmSession();
    final String otpToken = pwmRequest.readParameterAsString(PwmConstants.PARAM_OTP_TOKEN);
    final OtpService otpService = pwmApplication.getOtpService();
    if (otpToken != null && otpToken.length() > 0) {
        try {
            if (pwmRequest.getConfig().isDevDebugMode()) {
                LOGGER.trace(pwmRequest, "testing against otp record: " + JsonUtil.serialize(otpBean.getOtpUserRecord()));
            }
            if (otpService.validateToken(pwmRequest.getSessionLabel(), pwmSession.getUserInfo().getUserIdentity(), otpBean.getOtpUserRecord(), otpToken, false)) {
                LOGGER.debug(pwmRequest, "test OTP token returned true, valid OTP secret provided");
                otpBean.setConfirmed(true);
                otpBean.setChallenge(null);
            } else {
                LOGGER.debug(pwmRequest, "test OTP token returned false, incorrect OTP secret provided");
                setLastError(pwmRequest, new ErrorInformation(PwmError.ERROR_TOKEN_INCORRECT));
            }
        } catch (PwmOperationalException e) {
            LOGGER.error(pwmRequest, "error validating otp token: " + e.getMessage());
            setLastError(pwmRequest, e.getErrorInformation());
        }
    }
    return ProcessStatus.Continue;
}

Example 5 with SetupOtpBean

use of password.pwm.http.bean.SetupOtpBean in project pwm by pwm-project.

the class SetupOtpServlet method nextStep.

@Override
protected void nextStep(final PwmRequest pwmRequest) throws PwmUnrecoverableException, IOException, ServletException {
    final SetupOtpBean otpBean = getSetupOtpBean(pwmRequest);
    if (otpBean.isHasPreExistingOtp()) {
        pwmRequest.forwardToJsp(JspUrl.SETUP_OTP_SECRET_EXISTING);
        return;
    }
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final PwmSession pwmSession = pwmRequest.getPwmSession();
    if (otpBean.isConfirmed()) {
        final OtpService otpService = pwmApplication.getOtpService();
        final UserIdentity theUser = pwmSession.getUserInfo().getUserIdentity();
        try {
            otpService.writeOTPUserConfiguration(pwmSession, theUser, otpBean.getOtpUserRecord());
            otpBean.setWritten(true);
            // Update the current user info bean, so the user can check the code right away
            pwmSession.reloadUserInfoBean(pwmApplication);
            // mark the event log
            final UserAuditRecord auditRecord = new AuditRecordFactory(pwmRequest).createUserAuditRecord(AuditEvent.SET_OTP_SECRET, pwmSession.getUserInfo(), pwmSession);
            pwmApplication.getAuditManager().submit(auditRecord);
            if (pwmApplication.getStatisticsManager() != null && pwmApplication.getStatisticsManager().status() == PwmService.STATUS.OPEN) {
                pwmApplication.getStatisticsManager().incrementValue(Statistic.SETUP_OTP_SECRET);
            }
        } catch (Exception e) {
            final ErrorInformation errorInformation;
            if (e instanceof PwmException) {
                errorInformation = ((PwmException) e).getErrorInformation();
            } else {
                errorInformation = new ErrorInformation(PwmError.ERROR_WRITING_OTP_SECRET, "unexpected error saving otp secret: " + e.getMessage());
            }
            LOGGER.error(pwmSession, errorInformation.toDebugStr());
            setLastError(pwmRequest, errorInformation);
        }
    }
    if (otpBean.isCodeSeen()) {
        if (otpBean.isWritten()) {
            pwmRequest.forwardToJsp(JspUrl.SETUP_OTP_SECRET_SUCCESS);
        } else {
            pwmRequest.forwardToJsp(JspUrl.SETUP_OTP_SECRET_TEST);
        }
    } else {
        final String qrCodeValue = makeQrCodeDataImageUrl(pwmRequest, otpBean.getOtpUserRecord());
        pwmRequest.setAttribute(PwmRequestAttribute.SetupOtp_QrCodeValue, qrCodeValue);
        pwmRequest.forwardToJsp(JspUrl.SETUP_OTP_SECRET);
    }
}