Search in sources :

Example 1 with WordlistManager

use of password.pwm.svc.wordlist.WordlistManager in project pwm by pwm-project.

the class CrService method validateResponses.

public void validateResponses(final ChallengeSet challengeSet, final Map<Challenge, String> responseMap, final int minRandomRequiredSetup) throws PwmDataValidationException, PwmUnrecoverableException {
    // strip null keys from responseMap;
    responseMap.keySet().removeIf(Objects::isNull);
    {
        // check for missing question texts
        for (final Challenge challenge : responseMap.keySet()) {
            if (!challenge.isAdminDefined()) {
                final String text = challenge.getChallengeText();
                if (text == null || text.length() < 1) {
                    final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_MISSING_CHALLENGE_TEXT);
                    throw new PwmDataValidationException(errorInformation);
                }
            }
        }
    }
    {
        // check responses against wordlist
        final WordlistManager wordlistManager = pwmApplication.getWordlistManager();
        if (wordlistManager.status() == PwmService.STATUS.OPEN) {
            for (final Map.Entry<Challenge, String> entry : responseMap.entrySet()) {
                final Challenge loopChallenge = entry.getKey();
                if (loopChallenge.isEnforceWordlist()) {
                    final String answer = entry.getValue();
                    if (wordlistManager.containsWord(answer)) {
                        final ErrorInformation errorInfo = new ErrorInformation(PwmError.ERROR_RESPONSE_WORDLIST, null, new String[] { loopChallenge.getChallengeText() });
                        throw new PwmDataValidationException(errorInfo);
                    }
                }
            }
        }
    }
    {
        // check for duplicate questions.  need to check the actual req params because the following dupes wont populate duplicates
        final Set<String> userQuestionTexts = new HashSet<>();
        for (final Challenge challenge : responseMap.keySet()) {
            final String text = challenge.getChallengeText();
            if (text != null) {
                if (userQuestionTexts.contains(text.toLowerCase())) {
                    final String errorMsg = "duplicate challenge text: " + text;
                    final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_CHALLENGE_DUPLICATE, errorMsg, new String[] { text });
                    throw new PwmDataValidationException(errorInformation);
                } else {
                    userQuestionTexts.add(text.toLowerCase());
                }
            }
        }
    }
    int randomCount = 0;
    for (final Challenge loopChallenge : responseMap.keySet()) {
        if (!loopChallenge.isRequired()) {
            randomCount++;
        }
    }
    if (minRandomRequiredSetup == 0) {
        // if using recover style, then all readResponseSet must be supplied at this point.
        if (randomCount < challengeSet.getRandomChallenges().size()) {
            final String errorMsg = "all randoms required, but not all randoms are completed";
            final ErrorInformation errorInfo = new ErrorInformation(PwmError.ERROR_MISSING_RANDOM_RESPONSE, errorMsg);
            throw new PwmDataValidationException(errorInfo);
        }
    }
    if (randomCount < minRandomRequiredSetup) {
        final String errorMsg = minRandomRequiredSetup + " randoms required, but not only " + randomCount + " randoms are completed";
        final ErrorInformation errorInfo = new ErrorInformation(PwmError.ERROR_MISSING_RANDOM_RESPONSE, errorMsg);
        throw new PwmDataValidationException(errorInfo);
    }
    if (JavaHelper.isEmpty(responseMap)) {
        final String errorMsg = "empty response set";
        final ErrorInformation errorInfo = new ErrorInformation(PwmError.ERROR_MISSING_PARAMETER, errorMsg);
        throw new PwmDataValidationException(errorInfo);
    }
}
Also used : ErrorInformation(password.pwm.error.ErrorInformation) PwmDataValidationException(password.pwm.error.PwmDataValidationException) ChaiChallengeSet(com.novell.ldapchai.cr.ChaiChallengeSet) Set(java.util.Set) ResponseSet(com.novell.ldapchai.cr.ResponseSet) ChallengeSet(com.novell.ldapchai.cr.ChallengeSet) HashSet(java.util.HashSet) LinkedHashSet(java.util.LinkedHashSet) Objects(java.util.Objects) WordlistManager(password.pwm.svc.wordlist.WordlistManager) Challenge(com.novell.ldapchai.cr.Challenge) ChaiChallenge(com.novell.ldapchai.cr.ChaiChallenge)

Aggregations

ChaiChallenge (com.novell.ldapchai.cr.ChaiChallenge)1 ChaiChallengeSet (com.novell.ldapchai.cr.ChaiChallengeSet)1 Challenge (com.novell.ldapchai.cr.Challenge)1 ChallengeSet (com.novell.ldapchai.cr.ChallengeSet)1 ResponseSet (com.novell.ldapchai.cr.ResponseSet)1 HashSet (java.util.HashSet)1 LinkedHashSet (java.util.LinkedHashSet)1 Objects (java.util.Objects)1 Set (java.util.Set)1 ErrorInformation (password.pwm.error.ErrorInformation)1 PwmDataValidationException (password.pwm.error.PwmDataValidationException)1 WordlistManager (password.pwm.svc.wordlist.WordlistManager)1