Examples with UserInfo password.pwm.ldap.UserInfo used on opensource projects

Example 51 with UserInfo

use of password.pwm.ldap.UserInfo in project pwm by pwm-project.

the class ForgottenPasswordUtil method sendUnlockNoticeEmail.

static void sendUnlockNoticeEmail(final PwmRequest pwmRequest, final ForgottenPasswordBean forgottenPasswordBean) throws PwmUnrecoverableException, ChaiUnavailableException, IOException, ServletException {
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final Configuration config = pwmRequest.getConfig();
    final Locale locale = pwmRequest.getLocale();
    final UserIdentity userIdentity = forgottenPasswordBean.getUserIdentity();
    final EmailItemBean configuredEmailSetting = config.readSettingAsEmail(PwmSetting.EMAIL_UNLOCK, locale);
    if (configuredEmailSetting == null) {
        LOGGER.debug(pwmRequest, "skipping send unlock notice email for '" + userIdentity + "' no email configured");
        return;
    }
    final UserInfo userInfo = readUserInfo(pwmRequest, forgottenPasswordBean);
    final MacroMachine macroMachine = MacroMachine.forUser(pwmApplication, pwmRequest.getSessionLabel(), userInfo, null);
    pwmApplication.getEmailQueue().submitEmail(configuredEmailSetting, userInfo, macroMachine);
}

Example 52 with UserInfo

use of password.pwm.ldap.UserInfo in project pwm by pwm-project.

the class ForgottenPasswordUtil method initForgottenPasswordBean.

static void initForgottenPasswordBean(final PwmRequest pwmRequest, final UserIdentity userIdentity, final ForgottenPasswordBean forgottenPasswordBean) throws PwmUnrecoverableException, PwmOperationalException {
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final Locale locale = pwmRequest.getLocale();
    final SessionLabel sessionLabel = pwmRequest.getSessionLabel();
    forgottenPasswordBean.setUserIdentity(userIdentity);
    final UserInfo userInfo = readUserInfo(pwmRequest, forgottenPasswordBean);
    final ForgottenPasswordProfile forgottenPasswordProfile = forgottenPasswordProfile(pwmApplication, pwmRequest.getSessionLabel(), userIdentity);
    final String forgottenProfileID = forgottenPasswordProfile.getIdentifier();
    forgottenPasswordBean.setForgottenPasswordProfileID(forgottenProfileID);
    final ForgottenPasswordBean.RecoveryFlags recoveryFlags = calculateRecoveryFlags(pwmApplication, forgottenProfileID);
    final ChallengeSet challengeSet;
    if (recoveryFlags.getRequiredAuthMethods().contains(IdentityVerificationMethod.CHALLENGE_RESPONSES) || recoveryFlags.getOptionalAuthMethods().contains(IdentityVerificationMethod.CHALLENGE_RESPONSES)) {
        final ResponseSet responseSet;
        try {
            final ChaiUser theUser = pwmApplication.getProxiedChaiUser(userInfo.getUserIdentity());
            responseSet = pwmApplication.getCrService().readUserResponseSet(sessionLabel, userInfo.getUserIdentity(), theUser);
            challengeSet = responseSet == null ? null : responseSet.getPresentableChallengeSet();
        } catch (ChaiValidationException e) {
            final String errorMsg = "unable to determine presentable challengeSet for stored responses: " + e.getMessage();
            final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_NO_CHALLENGES, errorMsg);
            throw new PwmUnrecoverableException(errorInformation);
        } catch (ChaiUnavailableException e) {
            throw new PwmUnrecoverableException(PwmError.forChaiError(e.getErrorCode()));
        }
    } else {
        challengeSet = null;
    }
    if (!recoveryFlags.isAllowWhenLdapIntruderLocked()) {
        try {
            final ChaiUser chaiUser = pwmApplication.getProxiedChaiUser(userInfo.getUserIdentity());
            if (chaiUser.isPasswordLocked()) {
                throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_INTRUDER_LDAP));
            }
        } catch (ChaiOperationException e) {
            final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_UNKNOWN, "error checking user '" + userInfo.getUserIdentity() + "' ldap intruder lock status: " + e.getMessage());
            LOGGER.error(sessionLabel, errorInformation);
            throw new PwmUnrecoverableException(errorInformation);
        } catch (ChaiUnavailableException e) {
            throw new PwmUnrecoverableException(PwmError.forChaiError(e.getErrorCode()));
        }
    }
    final List<FormConfiguration> attributeForm;
    try {
        attributeForm = figureAttributeForm(forgottenPasswordProfile, forgottenPasswordBean, pwmRequest, userIdentity);
    } catch (ChaiUnavailableException e) {
        throw new PwmUnrecoverableException(PwmError.forChaiError(e.getErrorCode()));
    }
    forgottenPasswordBean.setUserLocale(locale);
    forgottenPasswordBean.setPresentableChallengeSet(challengeSet);
    forgottenPasswordBean.setAttributeForm(attributeForm);
    forgottenPasswordBean.setRecoveryFlags(recoveryFlags);
    forgottenPasswordBean.setProgress(new ForgottenPasswordBean.Progress());
    for (final IdentityVerificationMethod recoveryVerificationMethods : recoveryFlags.getRequiredAuthMethods()) {
        verifyRequirementsForAuthMethod(pwmRequest, forgottenPasswordBean, recoveryVerificationMethods);
    }
}

Example 53 with UserInfo

use of password.pwm.ldap.UserInfo in project pwm by pwm-project.

the class HelpdeskCardInfoBean method makeHelpdeskCardInfo.

static HelpdeskCardInfoBean makeHelpdeskCardInfo(final PwmRequest pwmRequest, final HelpdeskProfile helpdeskProfile, final UserIdentity userIdentity) throws PwmUnrecoverableException, ChaiUnavailableException {
    final HelpdeskCardInfoBean.HelpdeskCardInfoBeanBuilder builder = HelpdeskCardInfoBean.builder();
    final Instant startTime = Instant.now();
    LOGGER.trace(pwmRequest, "beginning to assemble card data report for user " + userIdentity);
    final Locale actorLocale = pwmRequest.getLocale();
    final ChaiUser theUser = HelpdeskServlet.getChaiUser(pwmRequest, helpdeskProfile, userIdentity);
    if (!theUser.exists()) {
        return null;
    }
    final UserInfo userInfo = UserInfoFactory.newUserInfo(pwmRequest.getPwmApplication(), pwmRequest.getSessionLabel(), actorLocale, userIdentity, theUser.getChaiProvider());
    final MacroMachine macroMachine = MacroMachine.forUser(pwmRequest.getPwmApplication(), pwmRequest.getSessionLabel(), userInfo, null);
    builder.userKey(userIdentity.toObfuscatedKey(pwmRequest.getPwmApplication()));
    builder.photoURL(figurePhotoURL(pwmRequest, helpdeskProfile, theUser, macroMachine, userIdentity));
    builder.displayNames(figureDisplayNames(pwmRequest.getPwmApplication(), helpdeskProfile, pwmRequest.getSessionLabel(), userInfo));
    final TimeDuration timeDuration = TimeDuration.fromCurrent(startTime);
    final HelpdeskCardInfoBean helpdeskCardInfoBean = builder.build();
    if (pwmRequest.getConfig().isDevDebugMode()) {
        LOGGER.trace(pwmRequest, "completed assembly of card data report for user " + userIdentity + " in " + timeDuration.asCompactString() + ", contents: " + JsonUtil.serialize(helpdeskCardInfoBean));
    }
    return builder.build();
}

Example 54 with UserInfo

use of password.pwm.ldap.UserInfo in project pwm by pwm-project.

the class HelpdeskServlet method restSendVerificationTokenRequest.

@ActionHandler(action = "sendVerificationToken")
private ProcessStatus restSendVerificationTokenRequest(final PwmRequest pwmRequest) throws IOException, PwmUnrecoverableException, ServletException, ChaiUnavailableException {
    final HelpdeskProfile helpdeskProfile = getHelpdeskProfile(pwmRequest);
    final Instant startTime = Instant.now();
    final Configuration config = pwmRequest.getConfig();
    final Map<String, String> bodyParams = pwmRequest.readBodyAsJsonStringMap();
    final UserIdentity userIdentity = UserIdentity.fromKey(bodyParams.get(PwmConstants.PARAM_USERKEY), pwmRequest.getPwmApplication());
    final UserInfo userInfo = UserInfoFactory.newUserInfo(pwmRequest.getPwmApplication(), pwmRequest.getSessionLabel(), pwmRequest.getLocale(), userIdentity, getChaiUser(pwmRequest, helpdeskProfile, userIdentity).getChaiProvider());
    final TokenDestinationItem tokenDestinationItem;
    {
        final MessageSendMethod effectiveSendMethod;
        {
            final MessageSendMethod configuredSendMethod = helpdeskProfile.readSettingAsEnum(PwmSetting.HELPDESK_TOKEN_SEND_METHOD, MessageSendMethod.class);
            if (configuredSendMethod == MessageSendMethod.CHOICE_SMS_EMAIL) {
                final String methodParamName = "method";
                final String methodParam = bodyParams.getOrDefault(methodParamName, "");
                switch(methodParam) {
                    case "sms":
                        effectiveSendMethod = MessageSendMethod.SMSONLY;
                        break;
                    case "email":
                        effectiveSendMethod = MessageSendMethod.EMAILONLY;
                        break;
                    default:
                        throw new UnsupportedOperationException("unknown tokenSendMethod: " + methodParam);
                }
            } else {
                effectiveSendMethod = configuredSendMethod;
            }
        }
        switch(effectiveSendMethod) {
            case SMSONLY:
                tokenDestinationItem = TokenDestinationItem.builder().id("0").display(userInfo.getUserSmsNumber()).value(userInfo.getUserSmsNumber()).type(TokenDestinationItem.Type.sms).build();
                break;
            case EMAILONLY:
                tokenDestinationItem = TokenDestinationItem.builder().id("0").display(userInfo.getUserEmailAddress()).value(userInfo.getUserEmailAddress()).type(TokenDestinationItem.Type.email).build();
                break;
            default:
                throw new UnsupportedOperationException("unknown tokenSendMethod: " + effectiveSendMethod);
        }
    }
    final HelpdeskDetailInfoBean helpdeskDetailInfoBean = HelpdeskDetailInfoBean.makeHelpdeskDetailInfo(pwmRequest, helpdeskProfile, userIdentity);
    if (helpdeskDetailInfoBean == null) {
        final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_MISSING_PARAMETER, "unable to read helpdesk detail data for specified user");
        LOGGER.error(pwmRequest, errorInformation);
        pwmRequest.outputJsonResult(RestResultBean.fromError(errorInformation, pwmRequest));
        return ProcessStatus.Halt;
    }
    final MacroMachine macroMachine = MacroMachine.forUser(pwmRequest.getPwmApplication(), pwmRequest.getSessionLabel(), userInfo, null);
    final String configuredTokenString = config.readAppProperty(AppProperty.HELPDESK_TOKEN_VALUE);
    final String tokenKey = macroMachine.expandMacros(configuredTokenString);
    final EmailItemBean emailItemBean = config.readSettingAsEmail(PwmSetting.EMAIL_HELPDESK_TOKEN, pwmRequest.getLocale());
    LOGGER.debug(pwmRequest, "generated token code for " + userIdentity.toDelimitedKey());
    final String smsMessage = config.readSettingAsLocalizedString(PwmSetting.SMS_HELPDESK_TOKEN_TEXT, pwmRequest.getLocale());
    try {
        TokenService.TokenSender.sendToken(TokenService.TokenSendInfo.builder().pwmApplication(pwmRequest.getPwmApplication()).userInfo(userInfo).macroMachine(macroMachine).configuredEmailSetting(emailItemBean).tokenDestinationItem(tokenDestinationItem).smsMessage(smsMessage).tokenKey(tokenKey).sessionLabel(pwmRequest.getSessionLabel()).build());
    } catch (PwmException e) {
        LOGGER.error(pwmRequest, e.getErrorInformation());
        pwmRequest.outputJsonResult(RestResultBean.fromError(e.getErrorInformation(), pwmRequest));
        return ProcessStatus.Halt;
    }
    StatisticsManager.incrementStat(pwmRequest, Statistic.HELPDESK_TOKENS_SENT);
    final HelpdeskVerificationRequestBean helpdeskVerificationRequestBean = new HelpdeskVerificationRequestBean();
    helpdeskVerificationRequestBean.setDestination(tokenDestinationItem.getDisplay());
    helpdeskVerificationRequestBean.setUserKey(bodyParams.get(PwmConstants.PARAM_USERKEY));
    final HelpdeskVerificationRequestBean.TokenData tokenData = new HelpdeskVerificationRequestBean.TokenData();
    tokenData.setToken(tokenKey);
    tokenData.setIssueDate(new Date());
    final SecureService secureService = pwmRequest.getPwmApplication().getSecureService();
    helpdeskVerificationRequestBean.setTokenData(secureService.encryptObjectToString(tokenData));
    final RestResultBean restResultBean = RestResultBean.withData(helpdeskVerificationRequestBean);
    pwmRequest.outputJsonResult(restResultBean);
    LOGGER.debug(pwmRequest, "helpdesk operator " + pwmRequest.getUserInfoIfLoggedIn().toDisplayString() + " issued token for verification against user " + userIdentity.toDisplayString() + " sent to destination(s) " + tokenDestinationItem.getDisplay() + " (" + TimeDuration.fromCurrent(startTime).asCompactString() + ")");
    return ProcessStatus.Halt;
}

Example 55 with UserInfo

use of password.pwm.ldap.UserInfo in project pwm by pwm-project.

the class HelpdeskServletUtil method sendUnlockNoticeEmail.

static void sendUnlockNoticeEmail(final PwmRequest pwmRequest, final HelpdeskProfile helpdeskProfile, final UserIdentity userIdentity, final ChaiUser chaiUser) throws PwmUnrecoverableException, ChaiUnavailableException {
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final Configuration config = pwmRequest.getConfig();
    final Locale locale = pwmRequest.getLocale();
    final EmailItemBean configuredEmailSetting = config.readSettingAsEmail(PwmSetting.EMAIL_HELPDESK_UNLOCK, locale);
    if (configuredEmailSetting == null) {
        LOGGER.debug(pwmRequest, "skipping send helpdesk unlock notice email for '" + userIdentity + "' no email configured");
        return;
    }
    final UserInfo userInfo = UserInfoFactory.newUserInfo(pwmRequest.getPwmApplication(), pwmRequest.getSessionLabel(), pwmRequest.getLocale(), userIdentity, chaiUser.getChaiProvider());
    final MacroMachine macroMachine = MacroMachine.forUser(pwmApplication, pwmRequest.getSessionLabel(), userInfo, null);
    pwmApplication.getEmailQueue().submitEmail(configuredEmailSetting, userInfo, macroMachine);
}