use of password.pwm.http.bean.SetupResponsesBean in project pwm by pwm-project.
the class SetupResponsesServlet method nextStep.
@Override
protected void nextStep(final PwmRequest pwmRequest) throws PwmUnrecoverableException, IOException, ChaiUnavailableException, ServletException {
final SetupResponsesBean setupResponsesBean = getSetupResponseBean(pwmRequest);
initializeBean(pwmRequest, setupResponsesBean);
pwmRequest.setAttribute(PwmRequestAttribute.ModuleBean, setupResponsesBean);
pwmRequest.setAttribute(PwmRequestAttribute.ModuleBean_String, pwmRequest.getPwmApplication().getSecureService().encryptObjectToString(setupResponsesBean));
pwmRequest.setAttribute(PwmRequestAttribute.SetupResponses_ResponseInfo, pwmRequest.getPwmSession().getUserInfo().getResponseInfoBean());
if (setupResponsesBean.isHasExistingResponses() && !pwmRequest.getPwmSession().getUserInfo().isRequiresResponseConfig()) {
pwmRequest.forwardToJsp(JspUrl.SETUP_RESPONSES_EXISTING);
return;
}
if (!setupResponsesBean.isResponsesSatisfied()) {
pwmRequest.forwardToJsp(JspUrl.SETUP_RESPONSES);
return;
}
if (!setupResponsesBean.isHelpdeskResponsesSatisfied()) {
if (setupResponsesBean.getHelpdeskResponseData().getChallengeSet() == null || setupResponsesBean.getHelpdeskResponseData().getChallengeSet().getChallenges().isEmpty()) {
setupResponsesBean.setHelpdeskResponsesSatisfied(true);
} else {
pwmRequest.forwardToJsp(JspUrl.SETUP_RESPONSES_HELPDESK);
return;
}
}
if (pwmRequest.getConfig().readSettingAsBoolean(PwmSetting.CHALLENGE_SHOW_CONFIRMATION)) {
if (!setupResponsesBean.isConfirmed()) {
pwmRequest.forwardToJsp(JspUrl.SETUP_RESPONSES_CONFIRM);
return;
}
}
try {
// everything good, so lets save responses.
final ResponseInfoBean responses = generateResponseInfoBean(pwmRequest, setupResponsesBean.getResponseData().getChallengeSet(), setupResponsesBean.getResponseData().getResponseMap(), setupResponsesBean.getHelpdeskResponseData().getResponseMap());
saveResponses(pwmRequest, responses);
pwmRequest.getPwmApplication().getSessionStateService().clearBean(pwmRequest, SetupResponsesBean.class);
pwmRequest.getPwmResponse().forwardToSuccessPage(Message.Success_SetupResponse);
} catch (PwmOperationalException e) {
LOGGER.error(pwmRequest.getSessionLabel(), e.getErrorInformation());
pwmRequest.respondWithError(e.getErrorInformation());
} catch (ChaiValidationException e) {
final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_MISSING_RANDOM_RESPONSE, e.getMessage());
LOGGER.error(pwmRequest.getSessionLabel(), errorInformation);
pwmRequest.respondWithError(errorInformation);
}
}
use of password.pwm.http.bean.SetupResponsesBean in project pwm by pwm-project.
the class SetupResponsesServlet method processConfirmResponses.
@ActionHandler(action = "confirmResponses")
private ProcessStatus processConfirmResponses(final PwmRequest pwmRequest) throws PwmUnrecoverableException {
final SetupResponsesBean setupResponsesBean = getSetupResponseBean(pwmRequest);
setupResponsesBean.setConfirmed(true);
return ProcessStatus.Continue;
}
use of password.pwm.http.bean.SetupResponsesBean in project pwm by pwm-project.
the class SetupResponsesServlet method restValidateResponses.
@ActionHandler(action = "validateResponses")
private ProcessStatus restValidateResponses(final PwmRequest pwmRequest) throws IOException, ServletException, PwmUnrecoverableException, ChaiUnavailableException {
final SetupResponsesBean setupResponsesBean = getSetupResponseBean(pwmRequest);
final Instant startTime = Instant.now();
final PwmSession pwmSession = pwmRequest.getPwmSession();
final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
final String responseModeParam = pwmRequest.readParameterAsString("responseMode");
final SetupResponsesBean.SetupData setupData = "helpdesk".equalsIgnoreCase(responseModeParam) ? setupResponsesBean.getHelpdeskResponseData() : setupResponsesBean.getResponseData();
boolean success = true;
String userMessage = Message.getLocalizedMessage(pwmSession.getSessionStateBean().getLocale(), Message.Success_ResponsesMeetRules, pwmApplication.getConfig());
try {
// read in the responses from the request
final Map<Challenge, String> responseMap = readResponsesFromJsonRequest(pwmRequest, setupData);
final int minRandomRequiredSetup = setupData.getMinRandomSetup();
pwmApplication.getCrService().validateResponses(setupData.getChallengeSet(), responseMap, minRandomRequiredSetup);
generateResponseInfoBean(pwmRequest, setupData.getChallengeSet(), responseMap, Collections.emptyMap());
} catch (PwmDataValidationException e) {
success = false;
userMessage = e.getErrorInformation().toUserStr(pwmSession, pwmApplication);
}
final ValidationResponseBean validationResponseBean = new ValidationResponseBean(userMessage, success);
final RestResultBean restResultBean = RestResultBean.withData(validationResponseBean);
LOGGER.trace(pwmRequest, "completed rest validate response in " + TimeDuration.fromCurrent(startTime).asCompactString() + ", result=" + JsonUtil.serialize(restResultBean));
pwmRequest.outputJsonResult(restResultBean);
return ProcessStatus.Halt;
}
use of password.pwm.http.bean.SetupResponsesBean in project pwm by pwm-project.
the class SetupResponsesServlet method setupResponses.
private void setupResponses(final PwmRequest pwmRequest, final boolean helpdeskMode) throws PwmUnrecoverableException, IOException, ServletException, ChaiUnavailableException {
final SetupResponsesBean setupResponsesBean = getSetupResponseBean(pwmRequest);
final SetupResponsesBean.SetupData setupData = helpdeskMode ? setupResponsesBean.getHelpdeskResponseData() : setupResponsesBean.getResponseData();
final ChallengeSet challengeSet = setupData.getChallengeSet();
final Map<Challenge, String> responseMap;
try {
// build a response set based on the user's challenge set and the html form response.
responseMap = readResponsesFromHttpRequest(pwmRequest, setupData);
// test the responses.
final int minRandomRequiredSetup = setupData.getMinRandomSetup();
pwmRequest.getPwmApplication().getCrService().validateResponses(challengeSet, responseMap, minRandomRequiredSetup);
} catch (PwmDataValidationException e) {
LOGGER.debug(pwmRequest, "error with new " + (helpdeskMode ? "helpdesk" : "user") + " responses: " + e.getErrorInformation().toDebugStr());
setLastError(pwmRequest, e.getErrorInformation());
return;
}
LOGGER.trace(pwmRequest, (helpdeskMode ? "helpdesk" : "user") + " responses are acceptable");
if (helpdeskMode) {
setupResponsesBean.getHelpdeskResponseData().setResponseMap(responseMap);
setupResponsesBean.setHelpdeskResponsesSatisfied(true);
} else {
setupResponsesBean.getResponseData().setResponseMap(responseMap);
setupResponsesBean.setResponsesSatisfied(true);
}
}
use of password.pwm.http.bean.SetupResponsesBean in project pwm by pwm-project.
the class SetupResponsesServlet method preProcessCheck.
@Override
public ProcessStatus preProcessCheck(final PwmRequest pwmRequest) throws PwmUnrecoverableException, IOException, ServletException {
final PwmSession pwmSession = pwmRequest.getPwmSession();
final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
final SetupResponsesBean setupResponsesBean = getSetupResponseBean(pwmRequest);
if (!pwmSession.isAuthenticated()) {
pwmRequest.respondWithError(PwmError.ERROR_AUTHENTICATION_REQUIRED.toInfo());
return ProcessStatus.Halt;
}
if (pwmSession.getLoginInfoBean().getType() == AuthenticationType.AUTH_WITHOUT_PASSWORD) {
throw new PwmUnrecoverableException(PwmError.ERROR_PASSWORD_REQUIRED);
}
if (!pwmApplication.getConfig().readSettingAsBoolean(PwmSetting.CHALLENGE_ENABLE)) {
throw new PwmUnrecoverableException(PwmError.ERROR_SERVICE_NOT_AVAILABLE);
}
// check to see if the user is permitted to setup responses
if (!pwmSession.getSessionManager().checkPermission(pwmApplication, Permission.SETUP_RESPONSE)) {
throw new PwmUnrecoverableException(PwmError.ERROR_UNAUTHORIZED);
}
// check if the locale has changed since first seen.
if (pwmSession.getSessionStateBean().getLocale() != pwmApplication.getSessionStateService().getBean(pwmRequest, SetupResponsesBean.class).getUserLocale()) {
pwmRequest.getPwmApplication().getSessionStateService().clearBean(pwmRequest, SetupResponsesBean.class);
pwmApplication.getSessionStateService().getBean(pwmRequest, SetupResponsesBean.class).setUserLocale(pwmSession.getSessionStateBean().getLocale());
}
initializeBean(pwmRequest, setupResponsesBean);
// check to see if the user has any challenges assigned
final UserInfo uiBean = pwmSession.getUserInfo();
if (setupResponsesBean.getResponseData().getChallengeSet() == null || setupResponsesBean.getResponseData().getChallengeSet().getChallenges().isEmpty()) {
final String errorMsg = "no challenge sets configured for user " + uiBean.getUserIdentity();
final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_NO_CHALLENGES, errorMsg);
LOGGER.debug(pwmSession, errorInformation);
throw new PwmUnrecoverableException(errorInformation);
}
return ProcessStatus.Continue;
}
Aggregations