Search in sources :

Example 1 with TokenPayload

use of password.pwm.svc.token.TokenPayload in project pwm by pwm-project.

the class TokenInfoCommand method doCommand.

public void doCommand() throws Exception {
    final String tokenKey = (String) cliEnvironment.getOptions().get(TOKEN_KEY_OPTIONNAME);
    final PwmApplication pwmApplication = cliEnvironment.getPwmApplication();
    final TokenService tokenService = pwmApplication.getTokenService();
    TokenPayload tokenPayload = null;
    Exception lookupError = null;
    try {
        tokenPayload = tokenService.retrieveTokenData(SessionLabel.TOKEN_SESSION_LABEL, tokenKey);
    } catch (Exception e) {
        lookupError = e;
    }
    out(" token: " + tokenKey);
    if (lookupError != null) {
        out("result: error during token lookup: " + lookupError.toString());
    } else if (tokenPayload == null) {
        out("result: token not found");
    } else {
        out("  name: " + tokenPayload.getName());
        out("  user: " + tokenPayload.getUserIdentity());
        out("issued: " + JavaHelper.toIsoDate(tokenPayload.getIssueTime()));
        out("expire: " + JavaHelper.toIsoDate(tokenPayload.getExpiration()));
        for (final String key : tokenPayload.getData().keySet()) {
            final String value = tokenPayload.getData().get(key);
            out("  payload key: " + key);
            out("        value: " + value);
        }
    }
    pwmApplication.shutdown();
    JavaHelper.pause(1000);
}
Also used : PwmApplication(password.pwm.PwmApplication) TokenPayload(password.pwm.svc.token.TokenPayload) TokenService(password.pwm.svc.token.TokenService)

Example 2 with TokenPayload

use of password.pwm.svc.token.TokenPayload in project pwm by pwm-project.

the class ForgottenPasswordServlet method processEnterCode.

@ActionHandler(action = "enterCode")
private ProcessStatus processEnterCode(final PwmRequest pwmRequest) throws ChaiUnavailableException, PwmUnrecoverableException, IOException, ServletException {
    final ForgottenPasswordBean forgottenPasswordBean = forgottenPasswordBean(pwmRequest);
    final String userEnteredCode = pwmRequest.readParameterAsString(PwmConstants.PARAM_TOKEN);
    ErrorInformation errorInformation = null;
    try {
        final TokenPayload tokenPayload = TokenUtil.checkEnteredCode(pwmRequest, userEnteredCode, forgottenPasswordBean.getProgress().getTokenDestination(), null, TokenType.FORGOTTEN_PW, TokenService.TokenEntryType.unauthenticated);
        // token correct
        if (forgottenPasswordBean.getUserIdentity() == null) {
            // clean session, user supplied token (clicked email, etc) and this is first request
            ForgottenPasswordUtil.initForgottenPasswordBean(pwmRequest, tokenPayload.getUserIdentity(), forgottenPasswordBean);
        }
        forgottenPasswordBean.getProgress().getSatisfiedMethods().add(IdentityVerificationMethod.TOKEN);
        StatisticsManager.incrementStat(pwmRequest.getPwmApplication(), Statistic.RECOVERY_TOKENS_PASSED);
        if (pwmRequest.getConfig().readSettingAsBoolean(PwmSetting.DISPLAY_TOKEN_SUCCESS_BUTTON)) {
            pwmRequest.setAttribute(PwmRequestAttribute.TokenDestItems, tokenPayload.getDestination());
            pwmRequest.forwardToJsp(JspUrl.RECOVER_PASSWORD_TOKEN_SUCCESS);
            return ProcessStatus.Halt;
        }
    } catch (PwmUnrecoverableException e) {
        LOGGER.debug(pwmRequest, "error while checking entered token: ");
        errorInformation = e.getErrorInformation();
    } catch (PwmOperationalException e) {
        final String errorMsg = "token incorrect: " + e.getMessage();
        errorInformation = new ErrorInformation(PwmError.ERROR_TOKEN_INCORRECT, errorMsg);
    }
    if (!forgottenPasswordBean.getProgress().getSatisfiedMethods().contains(IdentityVerificationMethod.TOKEN)) {
        if (errorInformation == null) {
            errorInformation = new ErrorInformation(PwmError.ERROR_TOKEN_INCORRECT);
        }
        handleUserVerificationBadAttempt(pwmRequest, forgottenPasswordBean, errorInformation);
    }
    return ProcessStatus.Continue;
}
Also used : ErrorInformation(password.pwm.error.ErrorInformation) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) ForgottenPasswordBean(password.pwm.http.bean.ForgottenPasswordBean) TokenPayload(password.pwm.svc.token.TokenPayload) PwmOperationalException(password.pwm.error.PwmOperationalException)

Example 3 with TokenPayload

use of password.pwm.svc.token.TokenPayload in project pwm by pwm-project.

the class NewUserServlet method handleEnterCodeRequest.

@ActionHandler(action = "enterCode")
private ProcessStatus handleEnterCodeRequest(final PwmRequest pwmRequest) throws PwmUnrecoverableException, IOException, ServletException, ChaiUnavailableException {
    final PwmSession pwmSession = pwmRequest.getPwmSession();
    final NewUserBean newUserBean = getNewUserBean(pwmRequest);
    final NewUserProfile newUserProfile = getNewUserProfile(pwmRequest);
    final String userEnteredCode = pwmRequest.readParameterAsString(PwmConstants.PARAM_TOKEN);
    final TokenDestinationItem tokenDestinationItem = NewUserUtils.tokenDestinationItemForCurrentValidation(pwmRequest, newUserBean, newUserProfile);
    ErrorInformation errorInformation = null;
    TokenPayload tokenPayload = null;
    try {
        tokenPayload = TokenUtil.checkEnteredCode(pwmRequest, userEnteredCode, tokenDestinationItem, null, TokenType.NEWUSER, TokenService.TokenEntryType.unauthenticated);
    } catch (PwmUnrecoverableException e) {
        LOGGER.debug(pwmRequest, "error while checking entered token: ");
        errorInformation = e.getErrorInformation();
    }
    if (tokenPayload != null) {
        try {
            final NewUserTokenData newUserTokenData = NewUserFormUtils.fromTokenPayload(pwmRequest, tokenPayload);
            newUserBean.setProfileID(newUserTokenData.getProfileID());
            final NewUserForm newUserFormFromToken = newUserTokenData.getFormData();
            final TokenDestinationItem.Type tokenType = tokenPayload.getDestination().getType();
            if (tokenType == TokenDestinationItem.Type.email) {
                try {
                    verifyForm(pwmRequest, newUserFormFromToken, false);
                    newUserBean.setRemoteInputData(newUserTokenData.getInjectionData());
                    newUserBean.setNewUserForm(newUserFormFromToken);
                    newUserBean.setProfileID(newUserTokenData.getProfileID());
                    newUserBean.setFormPassed(true);
                    newUserBean.getCompletedTokenFields().addAll(newUserTokenData.getCompletedTokenFields());
                    newUserBean.setCurrentTokenField(newUserTokenData.getCurrentTokenField());
                } catch (PwmUnrecoverableException | PwmOperationalException e) {
                    LOGGER.error(pwmRequest, "while reading stored form data in token payload, form validation error occurred: " + e.getMessage());
                    errorInformation = e.getErrorInformation();
                }
            } else if (tokenType == TokenDestinationItem.Type.sms) {
                if (newUserBean.getNewUserForm() == null || !newUserBean.getNewUserForm().isConsistentWith(newUserFormFromToken)) {
                    LOGGER.debug(pwmRequest, "token value is valid, but form data does not match current session form data");
                    final String errorMsg = "sms token does not match current session";
                    errorInformation = new ErrorInformation(PwmError.ERROR_TOKEN_INCORRECT, errorMsg);
                }
            }
        } catch (PwmOperationalException e) {
            errorInformation = e.getErrorInformation();
        }
    }
    if (errorInformation != null) {
        LOGGER.debug(pwmSession, errorInformation.toDebugStr());
        setLastError(pwmRequest, errorInformation);
        return ProcessStatus.Continue;
    }
    LOGGER.debug(pwmRequest, "marking token as passed " + JsonUtil.serialize(tokenDestinationItem));
    newUserBean.getCompletedTokenFields().add(newUserBean.getCurrentTokenField());
    newUserBean.setTokenSent(false);
    newUserBean.setCurrentTokenField(null);
    if (pwmRequest.getConfig().readSettingAsBoolean(PwmSetting.DISPLAY_TOKEN_SUCCESS_BUTTON)) {
        pwmRequest.setAttribute(PwmRequestAttribute.TokenDestItems, tokenPayload.getDestination());
        pwmRequest.forwardToJsp(JspUrl.NEW_USER_TOKEN_SUCCESS);
        return ProcessStatus.Halt;
    }
    return ProcessStatus.Continue;
}
Also used : PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) NewUserProfile(password.pwm.config.profile.NewUserProfile) TokenDestinationItem(password.pwm.bean.TokenDestinationItem) TokenPayload(password.pwm.svc.token.TokenPayload) PwmOperationalException(password.pwm.error.PwmOperationalException) ErrorInformation(password.pwm.error.ErrorInformation) PwmSession(password.pwm.http.PwmSession) NewUserBean(password.pwm.http.bean.NewUserBean)

Example 4 with TokenPayload

use of password.pwm.svc.token.TokenPayload in project pwm by pwm-project.

the class ActivateUserServlet method handleEnterCode.

@ActionHandler(action = "enterCode")
public ProcessStatus handleEnterCode(final PwmRequest pwmRequest) throws ChaiUnavailableException, PwmUnrecoverableException, IOException, ServletException {
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final PwmSession pwmSession = pwmRequest.getPwmSession();
    final ActivateUserBean activateUserBean = pwmApplication.getSessionStateService().getBean(pwmRequest, ActivateUserBean.class);
    final String userEnteredCode = pwmRequest.readParameterAsString(PwmConstants.PARAM_TOKEN);
    ErrorInformation errorInformation = null;
    try {
        final TokenPayload tokenPayload = TokenUtil.checkEnteredCode(pwmRequest, userEnteredCode, activateUserBean.getTokenDestination(), null, TokenType.ACTIVATION, TokenService.TokenEntryType.unauthenticated);
        activateUserBean.setUserIdentity(tokenPayload.getUserIdentity());
        activateUserBean.setTokenPassed(true);
        activateUserBean.setFormValidated(true);
        activateUserBean.setTokenDestination(tokenPayload.getDestination());
        if (pwmRequest.getConfig().readSettingAsBoolean(PwmSetting.DISPLAY_TOKEN_SUCCESS_BUTTON)) {
            pwmRequest.setAttribute(PwmRequestAttribute.TokenDestItems, tokenPayload.getDestination());
            pwmRequest.forwardToJsp(JspUrl.ACTIVATE_USER_TOKEN_SUCCESS);
            return ProcessStatus.Halt;
        }
    } catch (PwmUnrecoverableException e) {
        LOGGER.debug(pwmRequest, "error while checking entered token: ");
        errorInformation = e.getErrorInformation();
    }
    if (!activateUserBean.isTokenPassed()) {
        if (errorInformation == null) {
            errorInformation = new ErrorInformation(PwmError.ERROR_TOKEN_INCORRECT);
        }
        LOGGER.debug(pwmSession.getLabel(), errorInformation.toDebugStr());
        setLastError(pwmRequest, errorInformation);
    }
    return ProcessStatus.Continue;
}
Also used : ErrorInformation(password.pwm.error.ErrorInformation) PwmApplication(password.pwm.PwmApplication) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) PwmSession(password.pwm.http.PwmSession) TokenPayload(password.pwm.svc.token.TokenPayload) ActivateUserBean(password.pwm.http.bean.ActivateUserBean)

Aggregations

TokenPayload (password.pwm.svc.token.TokenPayload)4 ErrorInformation (password.pwm.error.ErrorInformation)3 PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)3 PwmApplication (password.pwm.PwmApplication)2 PwmOperationalException (password.pwm.error.PwmOperationalException)2 PwmSession (password.pwm.http.PwmSession)2 TokenDestinationItem (password.pwm.bean.TokenDestinationItem)1 NewUserProfile (password.pwm.config.profile.NewUserProfile)1 ActivateUserBean (password.pwm.http.bean.ActivateUserBean)1 ForgottenPasswordBean (password.pwm.http.bean.ForgottenPasswordBean)1 NewUserBean (password.pwm.http.bean.NewUserBean)1 TokenService (password.pwm.svc.token.TokenService)1