Examples with UserInfo password.pwm.ldap.UserInfo used on opensource projects

Search in sources :

Example 21 with UserInfo

use of password.pwm.ldap.UserInfo in project pwm by pwm-project.

the class ChangePasswordServlet method processCheckPasswordAction.

@ActionHandler(action = "checkPassword")
private ProcessStatus processCheckPasswordAction(final PwmRequest pwmRequest) throws IOException, PwmUnrecoverableException, ChaiUnavailableException {
    final RestCheckPasswordServer.JsonInput jsonInput = JsonUtil.deserialize(pwmRequest.readRequestBodyAsString(), RestCheckPasswordServer.JsonInput.class);
    final UserInfo userInfo = pwmRequest.getPwmSession().getUserInfo();
    final PasswordUtility.PasswordCheckInfo passwordCheckInfo = PasswordUtility.checkEnteredPassword(pwmRequest.getPwmApplication(), pwmRequest.getLocale(), pwmRequest.getPwmSession().getSessionManager().getActor(pwmRequest.getPwmApplication()), userInfo, pwmRequest.getPwmSession().getLoginInfoBean(), PasswordData.forStringValue(jsonInput.getPassword1()), PasswordData.forStringValue(jsonInput.getPassword2()));
    final RestCheckPasswordServer.JsonOutput checkResult = RestCheckPasswordServer.JsonOutput.fromPasswordCheckInfo(passwordCheckInfo);
    final RestResultBean restResultBean = RestResultBean.withData(checkResult);
    pwmRequest.outputJsonResult(restResultBean);
    return ProcessStatus.Halt;
}
Also used : PasswordUtility(password.pwm.util.operations.PasswordUtility) UserInfo(password.pwm.ldap.UserInfo) RestCheckPasswordServer(password.pwm.ws.server.rest.RestCheckPasswordServer) RestResultBean(password.pwm.ws.server.RestResultBean)

Example 22 with UserInfo

use of password.pwm.ldap.UserInfo in project pwm by pwm-project.

the class ForgottenUsernameServlet method handleSearchRequest.

public void handleSearchRequest(final PwmRequest pwmRequest) throws PwmUnrecoverableException, IOException, ServletException {
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final PwmSession pwmSession = pwmRequest.getPwmSession();
    final LocalSessionStateBean ssBean = pwmSession.getSessionStateBean();
    if (CaptchaUtility.captchaEnabledForRequest(pwmRequest)) {
        if (!CaptchaUtility.verifyReCaptcha(pwmRequest)) {
            final ErrorInformation errorInfo = new ErrorInformation(PwmError.ERROR_BAD_CAPTCHA_RESPONSE);
            LOGGER.debug(pwmRequest, errorInfo);
            setLastError(pwmRequest, errorInfo);
            forwardToFormJsp(pwmRequest);
            return;
        }
    }
    final String contextParam = pwmRequest.readParameterAsString(PwmConstants.PARAM_CONTEXT);
    final String ldapProfile = pwmRequest.readParameterAsString(PwmConstants.PARAM_LDAP_PROFILE);
    final List<FormConfiguration> forgottenUsernameForm = pwmApplication.getConfig().readSettingAsForm(PwmSetting.FORGOTTEN_USERNAME_FORM);
    // read the values from the request
    Map<FormConfiguration, String> formValues = new HashMap<>();
    try {
        formValues = FormUtility.readFormValuesFromRequest(pwmRequest, forgottenUsernameForm, ssBean.getLocale());
        // check for intruder search
        pwmApplication.getIntruderManager().convenience().checkAttributes(formValues);
        // see if the values meet the configured form requirements.
        FormUtility.validateFormValues(pwmRequest.getConfig(), formValues, ssBean.getLocale());
        final String searchFilter;
        {
            final String configuredSearchFilter = pwmApplication.getConfig().readSettingAsString(PwmSetting.FORGOTTEN_USERNAME_SEARCH_FILTER);
            if (configuredSearchFilter == null || configuredSearchFilter.isEmpty()) {
                searchFilter = FormUtility.ldapSearchFilterForForm(pwmApplication, forgottenUsernameForm);
                LOGGER.trace(pwmSession, "auto generated ldap search filter: " + searchFilter);
            } else {
                searchFilter = configuredSearchFilter;
            }
        }
        final UserIdentity userIdentity;
        {
            final UserSearchEngine userSearchEngine = pwmApplication.getUserSearchEngine();
            final SearchConfiguration searchConfiguration = SearchConfiguration.builder().filter(searchFilter).formValues(formValues).ldapProfile(ldapProfile).contexts(Collections.singletonList(contextParam)).build();
            userIdentity = userSearchEngine.performSingleUserSearch(searchConfiguration, pwmSession.getLabel());
        }
        if (userIdentity == null) {
            pwmApplication.getIntruderManager().convenience().markAddressAndSession(pwmSession);
            pwmApplication.getStatisticsManager().incrementValue(Statistic.FORGOTTEN_USERNAME_FAILURES);
            setLastError(pwmRequest, PwmError.ERROR_CANT_MATCH_USER.toInfo());
            forwardToFormJsp(pwmRequest);
            return;
        }
        // make sure the user isn't locked.
        pwmApplication.getIntruderManager().convenience().checkUserIdentity(userIdentity);
        final UserInfo forgottenUserInfo = UserInfoFactory.newUserInfoUsingProxy(pwmApplication, pwmRequest.getSessionLabel(), userIdentity, pwmRequest.getLocale());
        // send username
        sendUsername(pwmApplication, pwmSession, forgottenUserInfo);
        pwmApplication.getIntruderManager().convenience().clearAddressAndSession(pwmSession);
        pwmApplication.getIntruderManager().convenience().clearAttributes(formValues);
        pwmApplication.getStatisticsManager().incrementValue(Statistic.FORGOTTEN_USERNAME_SUCCESSES);
        // redirect user to success page.
        forwardToCompletePage(pwmRequest, userIdentity);
        return;
    } catch (PwmOperationalException e) {
        final ErrorInformation errorInfo;
        errorInfo = e.getError() == PwmError.ERROR_UNKNOWN ? new ErrorInformation(PwmError.ERROR_CANT_MATCH_USER, e.getErrorInformation().getDetailedErrorMsg(), e.getErrorInformation().getFieldValues()) : e.getErrorInformation();
        setLastError(pwmRequest, errorInfo);
        pwmApplication.getIntruderManager().convenience().markAddressAndSession(pwmSession);
        pwmApplication.getIntruderManager().convenience().markAttributes(formValues, pwmSession);
    }
    pwmApplication.getStatisticsManager().incrementValue(Statistic.FORGOTTEN_USERNAME_FAILURES);
    forwardToFormJsp(pwmRequest);
}
Also used : PwmApplication(password.pwm.PwmApplication) HashMap(java.util.HashMap) UserIdentity(password.pwm.bean.UserIdentity) UserSearchEngine(password.pwm.ldap.search.UserSearchEngine) SearchConfiguration(password.pwm.ldap.search.SearchConfiguration) UserInfo(password.pwm.ldap.UserInfo) PwmOperationalException(password.pwm.error.PwmOperationalException) ErrorInformation(password.pwm.error.ErrorInformation) LocalSessionStateBean(password.pwm.bean.LocalSessionStateBean) FormConfiguration(password.pwm.config.value.data.FormConfiguration) PwmSession(password.pwm.http.PwmSession)

Example 23 with UserInfo

use of password.pwm.ldap.UserInfo in project pwm by pwm-project.

the class RestProfileServer method doGetProfileDataImpl.

private static RestResultBean doGetProfileDataImpl(final RestRequest restRequest, final String username) throws PwmUnrecoverableException, ChaiUnavailableException {
    final TargetUserIdentity targetUserIdentity = RestUtility.resolveRequestedUsername(restRequest, username);
    final String updateProfileID = ProfileUtility.discoverProfileIDforUser(restRequest.getPwmApplication(), restRequest.getSessionLabel(), targetUserIdentity.getUserIdentity(), ProfileType.UpdateAttributes);
    if (StringUtil.isEmpty(updateProfileID)) {
        throw new PwmUnrecoverableException(PwmError.ERROR_NO_PROFILE_ASSIGNED);
    }
    final UpdateProfileProfile updateProfileProfile = restRequest.getPwmApplication().getConfig().getUpdateAttributesProfile().get(updateProfileID);
    final Map<String, String> profileData = new HashMap<>();
    {
        final Map<FormConfiguration, String> formData = new HashMap<>();
        for (final FormConfiguration formConfiguration : updateProfileProfile.readSettingAsForm(PwmSetting.UPDATE_PROFILE_FORM)) {
            formData.put(formConfiguration, "");
        }
        final List<FormConfiguration> formFields = updateProfileProfile.readSettingAsForm(PwmSetting.UPDATE_PROFILE_FORM);
        final UserInfo userInfo = UserInfoFactory.newUserInfo(restRequest.getPwmApplication(), restRequest.getSessionLabel(), restRequest.getLocale(), targetUserIdentity.getUserIdentity(), targetUserIdentity.getChaiProvider());
        FormUtility.populateFormMapFromLdap(formFields, restRequest.getSessionLabel(), formData, userInfo);
        for (final Map.Entry<FormConfiguration, String> entry : formData.entrySet()) {
            final FormConfiguration formConfig = entry.getKey();
            profileData.put(formConfig.getName(), entry.getValue());
        }
    }
    final JsonProfileData outputData = new JsonProfileData();
    outputData.profile = profileData;
    outputData.formDefinition = updateProfileProfile.readSettingAsForm(PwmSetting.UPDATE_PROFILE_FORM);
    final RestResultBean restResultBean = RestResultBean.withData(outputData);
    StatisticsManager.incrementStat(restRequest.getPwmApplication(), Statistic.REST_PROFILE);
    return restResultBean;
}
Also used : HashMap(java.util.HashMap) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) UserInfo(password.pwm.ldap.UserInfo) UpdateProfileProfile(password.pwm.config.profile.UpdateProfileProfile) FormConfiguration(password.pwm.config.value.data.FormConfiguration) List(java.util.List) HashMap(java.util.HashMap) Map(java.util.Map) FormMap(password.pwm.util.FormMap) RestResultBean(password.pwm.ws.server.RestResultBean)

Example 24 with UserInfo

use of password.pwm.ldap.UserInfo in project pwm by pwm-project.

the class RestProfileServer method doPostProfileDataImpl.

private static RestResultBean doPostProfileDataImpl(final RestRequest restRequest, final JsonProfileData jsonInput) throws PwmUnrecoverableException, ChaiUnavailableException, PwmOperationalException {
    final TargetUserIdentity targetUserIdentity = RestUtility.resolveRequestedUsername(restRequest, jsonInput.getUsername());
    final String updateProfileID = ProfileUtility.discoverProfileIDforUser(restRequest.getPwmApplication(), restRequest.getSessionLabel(), targetUserIdentity.getUserIdentity(), ProfileType.UpdateAttributes);
    if (StringUtil.isEmpty(updateProfileID)) {
        throw new PwmUnrecoverableException(PwmError.ERROR_NO_PROFILE_ASSIGNED);
    }
    final UpdateProfileProfile updateProfileProfile = restRequest.getPwmApplication().getConfig().getUpdateAttributesProfile().get(updateProfileID);
    {
        final List<UserPermission> userPermission = updateProfileProfile.readSettingAsUserPermission(PwmSetting.UPDATE_PROFILE_QUERY_MATCH);
        final boolean result = LdapPermissionTester.testUserPermissions(restRequest.getPwmApplication(), restRequest.getSessionLabel(), targetUserIdentity.getUserIdentity(), userPermission);
        if (!result) {
            throw new PwmUnrecoverableException(PwmError.ERROR_UNAUTHORIZED);
        }
    }
    final FormMap inputFormData = new FormMap(jsonInput.profile);
    final List<FormConfiguration> profileForm = updateProfileProfile.readSettingAsForm(PwmSetting.UPDATE_PROFILE_FORM);
    final Map<FormConfiguration, String> profileFormData = new HashMap<>();
    for (final FormConfiguration formConfiguration : profileForm) {
        if (!formConfiguration.isReadonly() && inputFormData.containsKey(formConfiguration.getName())) {
            profileFormData.put(formConfiguration, inputFormData.get(formConfiguration.getName()));
        }
    }
    final UserInfo userInfo = UserInfoFactory.newUserInfo(restRequest.getPwmApplication(), restRequest.getSessionLabel(), restRequest.getLocale(), targetUserIdentity.getUserIdentity(), targetUserIdentity.getChaiProvider());
    final MacroMachine macroMachine = MacroMachine.forUser(restRequest.getPwmApplication(), restRequest.getLocale(), restRequest.getSessionLabel(), targetUserIdentity.getUserIdentity());
    UpdateProfileUtil.doProfileUpdate(restRequest.getPwmApplication(), restRequest.getSessionLabel(), restRequest.getLocale(), userInfo, macroMachine, updateProfileProfile, FormUtility.asStringMap(profileFormData), targetUserIdentity.getChaiUser());
    StatisticsManager.incrementStat(restRequest.getPwmApplication(), Statistic.REST_PROFILE);
    return RestResultBean.forSuccessMessage(restRequest, Message.Success_UpdateProfile);
}
Also used : HashMap(java.util.HashMap) MacroMachine(password.pwm.util.macro.MacroMachine) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) UpdateProfileProfile(password.pwm.config.profile.UpdateProfileProfile) List(java.util.List) FormConfiguration(password.pwm.config.value.data.FormConfiguration) UserInfo(password.pwm.ldap.UserInfo) FormMap(password.pwm.util.FormMap)

Example 25 with UserInfo

use of password.pwm.ldap.UserInfo in project pwm by pwm-project.

the class RestStatusServer method doGetStatusData.

@RestMethodHandler(method = HttpMethod.GET, produces = HttpContentType.json, consumes = HttpContentType.json)
public RestResultBean doGetStatusData(final RestRequest restRequest) throws PwmUnrecoverableException {
    final Instant startTime = Instant.now();
    final String username = restRequest.readParameterAsString("username");
    final TargetUserIdentity targetUserIdentity = RestUtility.resolveRequestedUsername(restRequest, username);
    try {
        final ChaiProvider chaiProvider = targetUserIdentity.getChaiProvider();
        final UserInfo userInfo = UserInfoFactory.newUserInfo(restRequest.getPwmApplication(), restRequest.getSessionLabel(), restRequest.getLocale(), targetUserIdentity.getUserIdentity(), chaiProvider);
        final MacroMachine macroMachine = MacroMachine.forUser(restRequest.getPwmApplication(), restRequest.getLocale(), restRequest.getSessionLabel(), targetUserIdentity.getUserIdentity());
        final PublicUserInfoBean publicUserInfoBean = PublicUserInfoBean.fromUserInfoBean(userInfo, restRequest.getPwmApplication().getConfig(), restRequest.getLocale(), macroMachine);
        StatisticsManager.incrementStat(restRequest.getPwmApplication(), Statistic.REST_STATUS);
        final RestResultBean restResultBean = RestResultBean.withData(publicUserInfoBean);
        LOGGER.debug(restRequest.getSessionLabel(), "completed REST status request in " + TimeDuration.compactFromCurrent(startTime) + ", result=" + JsonUtil.serialize(restResultBean));
        return restResultBean;
    } catch (PwmException e) {
        return RestResultBean.fromError(e.getErrorInformation());
    } catch (Exception e) {
        final String errorMsg = "unexpected error building json response: " + e.getMessage();
        final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_UNKNOWN, errorMsg);
        return RestResultBean.fromError(restRequest, errorInformation);
    }
}
Also used : PwmException(password.pwm.error.PwmException) ErrorInformation(password.pwm.error.ErrorInformation) ChaiProvider(com.novell.ldapchai.provider.ChaiProvider) Instant(java.time.Instant) MacroMachine(password.pwm.util.macro.MacroMachine) UserInfo(password.pwm.ldap.UserInfo) PublicUserInfoBean(password.pwm.bean.pub.PublicUserInfoBean) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) PwmException(password.pwm.error.PwmException) RestResultBean(password.pwm.ws.server.RestResultBean) RestMethodHandler(password.pwm.ws.server.RestMethodHandler)

Aggregations

UserInfo (password.pwm.ldap.UserInfo)60 ErrorInformation (password.pwm.error.ErrorInformation)23 PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)23 FormConfiguration (password.pwm.config.value.data.FormConfiguration)20 PwmApplication (password.pwm.PwmApplication)18 UserIdentity (password.pwm.bean.UserIdentity)15 Configuration (password.pwm.config.Configuration)15 Locale (java.util.Locale)13 MacroMachine (password.pwm.util.macro.MacroMachine)13 ChaiUser (com.novell.ldapchai.ChaiUser)12 PwmOperationalException (password.pwm.error.PwmOperationalException)12 PwmSession (password.pwm.http.PwmSession)12 PasswordData (password.pwm.util.PasswordData)10 Instant (java.time.Instant)9 ArrayList (java.util.ArrayList)8 ActionConfiguration (password.pwm.config.value.data.ActionConfiguration)8 SearchConfiguration (password.pwm.ldap.search.SearchConfiguration)8 RestResultBean (password.pwm.ws.server.RestResultBean)8 List (java.util.List)7 EmailItemBean (password.pwm.bean.EmailItemBean)7
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial