Example 1 with OtpService
use of password.pwm.util.operations.OtpService in project pwm by pwm-project.
the class HelpdeskServlet method restClearOtpSecret.
@ActionHandler(action = "clearOtpSecret")
private ProcessStatus restClearOtpSecret(final PwmRequest pwmRequest) throws ServletException, IOException, PwmUnrecoverableException, ChaiUnavailableException {
final HelpdeskProfile helpdeskProfile = getHelpdeskProfile(pwmRequest);
final Map<String, String> bodyMap = pwmRequest.readBodyAsJsonStringMap(PwmHttpRequestWrapper.Flag.BypassValidation);
final UserIdentity userIdentity = HelpdeskServletUtil.userIdentityFromMap(pwmRequest, bodyMap);
if (!helpdeskProfile.readSettingAsBoolean(PwmSetting.HELPDESK_CLEAR_OTP_BUTTON)) {
final String errorMsg = "clear otp request, but helpdesk clear otp button is not enabled";
final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_SERVICE_NOT_AVAILABLE, errorMsg);
LOGGER.error(pwmRequest, errorMsg);
pwmRequest.respondWithError(errorInformation);
return ProcessStatus.Halt;
}
// clear pwm intruder setting.
pwmRequest.getPwmApplication().getIntruderManager().convenience().clearUserIdentity(userIdentity);
try {
final OtpService service = pwmRequest.getPwmApplication().getOtpService();
service.clearOTPUserConfiguration(pwmRequest.getPwmSession(), userIdentity);
{
// mark the event log
final HelpdeskAuditRecord auditRecord = new AuditRecordFactory(pwmRequest).createHelpdeskAuditRecord(AuditEvent.HELPDESK_CLEAR_OTP_SECRET, pwmRequest.getPwmSession().getUserInfo().getUserIdentity(), null, userIdentity, pwmRequest.getSessionLabel().getSrcAddress(), pwmRequest.getSessionLabel().getSrcHostname());
pwmRequest.getPwmApplication().getAuditManager().submit(auditRecord);
}
} catch (PwmOperationalException e) {
final PwmError returnMsg = e.getError();
final ErrorInformation error = new ErrorInformation(returnMsg, e.getMessage());
pwmRequest.respondWithError(error);
LOGGER.warn(pwmRequest, "error clearing OTP secret for user '" + userIdentity + "'' " + error.toDebugStr() + ", " + e.getMessage());
return ProcessStatus.Halt;
}
final RestResultBean restResultBean = RestResultBean.forSuccessMessage(pwmRequest, Message.Success_Unknown);
pwmRequest.outputJsonResult(restResultBean);
return ProcessStatus.Halt;
}
Also used :
ErrorInformation(password.pwm.error.ErrorInformation)
AuditRecordFactory(password.pwm.svc.event.AuditRecordFactory)
OtpService(password.pwm.util.operations.OtpService)
UserIdentity(password.pwm.bean.UserIdentity)
PwmError(password.pwm.error.PwmError)
HelpdeskProfile(password.pwm.config.profile.HelpdeskProfile)
HelpdeskAuditRecord(password.pwm.svc.event.HelpdeskAuditRecord)
PwmOperationalException(password.pwm.error.PwmOperationalException)
RestResultBean(password.pwm.ws.server.RestResultBean)
Example 2 with OtpService
use of password.pwm.util.operations.OtpService in project pwm by pwm-project.
the class SetupOtpServlet method handleClearOtpSecret.
@ActionHandler(action = "clearOtp")
private ProcessStatus handleClearOtpSecret(final PwmRequest pwmRequest) throws PwmUnrecoverableException, ChaiUnavailableException {
final SetupOtpBean otpBean = getSetupOtpBean(pwmRequest);
final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
final PwmSession pwmSession = pwmRequest.getPwmSession();
final OtpService service = pwmApplication.getOtpService();
final UserIdentity theUser = pwmSession.getUserInfo().getUserIdentity();
try {
service.clearOTPUserConfiguration(pwmSession, theUser);
} catch (PwmOperationalException e) {
setLastError(pwmRequest, e.getErrorInformation());
LOGGER.error(pwmRequest, e.getErrorInformation());
return ProcessStatus.Halt;
}
otpBean.setHasPreExistingOtp(false);
initializeBean(pwmRequest, otpBean);
return ProcessStatus.Continue;
}
Also used :
PwmApplication(password.pwm.PwmApplication)
SetupOtpBean(password.pwm.http.bean.SetupOtpBean)
OtpService(password.pwm.util.operations.OtpService)
UserIdentity(password.pwm.bean.UserIdentity)
PwmSession(password.pwm.http.PwmSession)
PwmOperationalException(password.pwm.error.PwmOperationalException)
Example 3 with OtpService
use of password.pwm.util.operations.OtpService in project pwm by pwm-project.
the class RestVerifyOtpServer method doSetOtpDataJson.
@RestMethodHandler(method = HttpMethod.POST, consumes = HttpContentType.json, produces = HttpContentType.json)
public RestResultBean doSetOtpDataJson(final RestRequest restRequest) throws IOException, PwmUnrecoverableException {
final RestVerifyOtpServer.JsonPutOtpInput jsonInput;
{
final RestVerifyOtpServer.JsonPutOtpInput jsonBody = RestUtility.deserializeJsonBody(restRequest, RestVerifyOtpServer.JsonPutOtpInput.class, RestUtility.Flag.AllowNullReturn);
jsonInput = new RestVerifyOtpServer.JsonPutOtpInput(RestUtility.readValueFromJsonAndParam(jsonBody == null ? null : jsonBody.getToken(), restRequest.readParameterAsString("token"), "token"), RestUtility.readValueFromJsonAndParam(jsonBody == null ? null : jsonBody.getUsername(), restRequest.readParameterAsString("username"), "username"));
}
final TargetUserIdentity targetUserIdentity = RestUtility.resolveRequestedUsername(restRequest, jsonInput.getUsername());
try {
final OtpService otpService = restRequest.getPwmApplication().getOtpService();
final OTPUserRecord otpUserRecord = otpService.readOTPUserConfiguration(restRequest.getSessionLabel(), targetUserIdentity.getUserIdentity());
final boolean verified = otpUserRecord != null && otpService.validateToken(restRequest.getSessionLabel(), targetUserIdentity.getUserIdentity(), otpUserRecord, jsonInput.getToken(), false);
StatisticsManager.incrementStat(restRequest.getPwmApplication(), Statistic.REST_VERIFYOTP);
return RestResultBean.forSuccessMessage(verified, restRequest, Message.Success_Unknown);
} catch (ChaiUnavailableException e) {
throw PwmUnrecoverableException.fromChaiException(e);
} catch (PwmOperationalException e) {
final String errorMsg = "unexpected error reading json input: " + e.getMessage();
final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_UNKNOWN, errorMsg);
return RestResultBean.fromError(restRequest, errorInformation);
}
}
Also used :
ErrorInformation(password.pwm.error.ErrorInformation)
ChaiUnavailableException(com.novell.ldapchai.exception.ChaiUnavailableException)
OtpService(password.pwm.util.operations.OtpService)
OTPUserRecord(password.pwm.util.operations.otp.OTPUserRecord)
PwmOperationalException(password.pwm.error.PwmOperationalException)
RestMethodHandler(password.pwm.ws.server.RestMethodHandler)
Example 4 with OtpService
use of password.pwm.util.operations.OtpService in project pwm by pwm-project.
the class SetupOtpServlet method handleRestValidateCode.
@ActionHandler(action = "restValidateCode")
private ProcessStatus handleRestValidateCode(final PwmRequest pwmRequest) throws PwmUnrecoverableException, IOException, ServletException, ChaiUnavailableException {
final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
final PwmSession pwmSession = pwmRequest.getPwmSession();
final OTPUserRecord otpUserRecord = pwmSession.getUserInfo().getOtpUserRecord();
final OtpService otpService = pwmApplication.getOtpService();
final String bodyString = pwmRequest.readRequestBodyAsString();
final Map<String, String> clientValues = JsonUtil.deserializeStringMap(bodyString);
final String code = Validator.sanitizeInputValue(pwmApplication.getConfig(), clientValues.get("code"), 1024);
try {
final boolean passed = otpService.validateToken(pwmRequest.getSessionLabel(), pwmSession.getUserInfo().getUserIdentity(), otpUserRecord, code, false);
final RestResultBean restResultBean = RestResultBean.withData(passed);
LOGGER.trace(pwmSession, "returning result for restValidateCode: " + JsonUtil.serialize(restResultBean));
pwmRequest.outputJsonResult(restResultBean);
} catch (PwmOperationalException e) {
final String errorMsg = "error during otp code validation: " + e.getMessage();
LOGGER.error(pwmSession, errorMsg);
pwmRequest.outputJsonResult(RestResultBean.fromError(new ErrorInformation(PwmError.ERROR_UNKNOWN, errorMsg), pwmRequest));
}
return ProcessStatus.Continue;
}
Also used :
ErrorInformation(password.pwm.error.ErrorInformation)
PwmApplication(password.pwm.PwmApplication)
OtpService(password.pwm.util.operations.OtpService)
PwmSession(password.pwm.http.PwmSession)
OTPUserRecord(password.pwm.util.operations.otp.OTPUserRecord)
RestResultBean(password.pwm.ws.server.RestResultBean)
PwmOperationalException(password.pwm.error.PwmOperationalException)
Example 5 with OtpService
use of password.pwm.util.operations.OtpService in project pwm by pwm-project.
the class SetupOtpServlet method handleTestOtpSecret.
@ActionHandler(action = "testOtpSecret")
private ProcessStatus handleTestOtpSecret(final PwmRequest pwmRequest) throws PwmUnrecoverableException, ChaiUnavailableException, IOException, ServletException {
final SetupOtpBean otpBean = getSetupOtpBean(pwmRequest);
final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
final PwmSession pwmSession = pwmRequest.getPwmSession();
final String otpToken = pwmRequest.readParameterAsString(PwmConstants.PARAM_OTP_TOKEN);
final OtpService otpService = pwmApplication.getOtpService();
if (otpToken != null && otpToken.length() > 0) {
try {
if (pwmRequest.getConfig().isDevDebugMode()) {
LOGGER.trace(pwmRequest, "testing against otp record: " + JsonUtil.serialize(otpBean.getOtpUserRecord()));
}
if (otpService.validateToken(pwmRequest.getSessionLabel(), pwmSession.getUserInfo().getUserIdentity(), otpBean.getOtpUserRecord(), otpToken, false)) {
LOGGER.debug(pwmRequest, "test OTP token returned true, valid OTP secret provided");
otpBean.setConfirmed(true);
otpBean.setChallenge(null);
} else {
LOGGER.debug(pwmRequest, "test OTP token returned false, incorrect OTP secret provided");
setLastError(pwmRequest, new ErrorInformation(PwmError.ERROR_TOKEN_INCORRECT));
}
} catch (PwmOperationalException e) {
LOGGER.error(pwmRequest, "error validating otp token: " + e.getMessage());
setLastError(pwmRequest, e.getErrorInformation());
}
}
return ProcessStatus.Continue;
}
Also used :
ErrorInformation(password.pwm.error.ErrorInformation)
PwmApplication(password.pwm.PwmApplication)
SetupOtpBean(password.pwm.http.bean.SetupOtpBean)
OtpService(password.pwm.util.operations.OtpService)
PwmSession(password.pwm.http.PwmSession)
PwmOperationalException(password.pwm.error.PwmOperationalException)
Aggregations
PwmOperationalException (password.pwm.error.PwmOperationalException)7
OtpService (password.pwm.util.operations.OtpService)7
ErrorInformation (password.pwm.error.ErrorInformation)6
PwmApplication (password.pwm.PwmApplication)5
PwmSession (password.pwm.http.PwmSession)5
UserIdentity (password.pwm.bean.UserIdentity)4
ChaiUnavailableException (com.novell.ldapchai.exception.ChaiUnavailableException)3
SetupOtpBean (password.pwm.http.bean.SetupOtpBean)3
OTPUserRecord (password.pwm.util.operations.otp.OTPUserRecord)3
IOException (java.io.IOException)2
ServletException (javax.servlet.ServletException)2
PwmException (password.pwm.error.PwmException)2
PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)2
AuditRecordFactory (password.pwm.svc.event.AuditRecordFactory)2
RestResultBean (password.pwm.ws.server.RestResultBean)2
Configuration (password.pwm.config.Configuration)1
HelpdeskProfile (password.pwm.config.profile.HelpdeskProfile)1
SetupOtpProfile (password.pwm.config.profile.SetupOtpProfile)1
PwmError (password.pwm.error.PwmError)1
HelpdeskAuditRecord (password.pwm.svc.event.HelpdeskAuditRecord)1
