Search in sources :

Example 1 with OtpOperator

use of password.pwm.util.operations.otp.OtpOperator in project pwm by pwm-project.

the class OtpService method readOTPUserConfiguration.

public OTPUserRecord readOTPUserConfiguration(final SessionLabel sessionLabel, final UserIdentity userIdentity) throws PwmUnrecoverableException, ChaiUnavailableException {
    OTPUserRecord otpConfig = null;
    final Configuration config = pwmApplication.getConfig();
    final Date methodStartTime = new Date();
    final List<DataStorageMethod> otpSecretStorageLocations = config.getOtpSecretStorageLocations(PwmSetting.OTP_SECRET_READ_PREFERENCE);
    if (otpSecretStorageLocations != null) {
        final String userGUID = readGuidIfNeeded(pwmApplication, sessionLabel, otpSecretStorageLocations, userIdentity);
        final Iterator<DataStorageMethod> locationIterator = otpSecretStorageLocations.iterator();
        while (otpConfig == null && locationIterator.hasNext()) {
            final DataStorageMethod location = locationIterator.next();
            final OtpOperator operator = operatorMap.get(location);
            if (operator != null) {
                try {
                    otpConfig = operator.readOtpUserConfiguration(userIdentity, userGUID);
                } catch (Exception e) {
                    LOGGER.error(sessionLabel, "unexpected error reading stored otp configuration from " + location + " for user " + userIdentity + ", error: " + e.getMessage());
                }
            } else {
                LOGGER.warn(sessionLabel, String.format("storage location %s not implemented", location.toString()));
            }
        }
    }
    LOGGER.trace(sessionLabel, "readOTPUserConfiguration completed in " + TimeDuration.fromCurrent(methodStartTime).asCompactString() + (otpConfig == null ? ", no otp record found" : ", recordType=" + otpConfig.getType() + ", identifier=" + otpConfig.getIdentifier() + ", timestamp=" + JavaHelper.toIsoDate(otpConfig.getTimestamp())));
    return otpConfig;
}
Also used : OtpOperator(password.pwm.util.operations.otp.OtpOperator) LocalDbOtpOperator(password.pwm.util.operations.otp.LocalDbOtpOperator) LdapOtpOperator(password.pwm.util.operations.otp.LdapOtpOperator) DbOtpOperator(password.pwm.util.operations.otp.DbOtpOperator) Configuration(password.pwm.config.Configuration) DataStorageMethod(password.pwm.config.option.DataStorageMethod) OTPUserRecord(password.pwm.util.operations.otp.OTPUserRecord) Date(java.util.Date) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) PwmException(password.pwm.error.PwmException) PwmOperationalException(password.pwm.error.PwmOperationalException) IOException(java.io.IOException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) ChaiUnavailableException(com.novell.ldapchai.exception.ChaiUnavailableException)

Example 2 with OtpOperator

use of password.pwm.util.operations.otp.OtpOperator in project pwm by pwm-project.

the class OtpService method writeOTPUserConfiguration.

public void writeOTPUserConfiguration(final PwmSession pwmSession, final UserIdentity userIdentity, final OTPUserRecord otp) throws PwmOperationalException, ChaiUnavailableException, PwmUnrecoverableException {
    int attempts = 0;
    int successes = 0;
    final Configuration config = pwmApplication.getConfig();
    final List<DataStorageMethod> otpSecretStorageLocations = config.getOtpSecretStorageLocations(PwmSetting.OTP_SECRET_READ_PREFERENCE);
    final String userGUID = readGuidIfNeeded(pwmApplication, pwmSession == null ? null : pwmSession.getLabel(), otpSecretStorageLocations, userIdentity);
    final StringBuilder errorMsgs = new StringBuilder();
    if (otpSecretStorageLocations != null) {
        for (final DataStorageMethod otpSecretStorageLocation : otpSecretStorageLocations) {
            attempts++;
            final OtpOperator operator = operatorMap.get(otpSecretStorageLocation);
            if (operator != null) {
                try {
                    operator.writeOtpUserConfiguration(pwmSession, userIdentity, userGUID, otp);
                    successes++;
                } catch (PwmUnrecoverableException e) {
                    LOGGER.error(pwmSession, "error writing to " + otpSecretStorageLocation + ", error: " + e.getMessage());
                    errorMsgs.append(otpSecretStorageLocation).append(" error: ").append(e.getMessage());
                }
            } else {
                LOGGER.warn(pwmSession, String.format("storage location %s not implemented", otpSecretStorageLocation.toString()));
            }
        }
    }
    if (attempts == 0) {
        final String errorMsg = "no OTP secret save methods are available or configured";
        final ErrorInformation errorInfo = new ErrorInformation(PwmError.ERROR_WRITING_OTP_SECRET, errorMsg);
        throw new PwmOperationalException(errorInfo);
    }
    if (attempts != successes) {
        // should be impossible to read here, but just in case.
        final String errorMsg = "OTP secret write only partially successful; attempts=" + attempts + ", successes=" + successes + ", errors: " + errorMsgs.toString();
        final ErrorInformation errorInfo = new ErrorInformation(PwmError.ERROR_WRITING_OTP_SECRET, errorMsg);
        throw new PwmOperationalException(errorInfo);
    }
}
Also used : OtpOperator(password.pwm.util.operations.otp.OtpOperator) LocalDbOtpOperator(password.pwm.util.operations.otp.LocalDbOtpOperator) LdapOtpOperator(password.pwm.util.operations.otp.LdapOtpOperator) DbOtpOperator(password.pwm.util.operations.otp.DbOtpOperator) ErrorInformation(password.pwm.error.ErrorInformation) Configuration(password.pwm.config.Configuration) DataStorageMethod(password.pwm.config.option.DataStorageMethod) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) PwmOperationalException(password.pwm.error.PwmOperationalException)

Example 3 with OtpOperator

use of password.pwm.util.operations.otp.OtpOperator in project pwm by pwm-project.

the class OtpService method clearOTPUserConfiguration.

public void clearOTPUserConfiguration(final PwmSession pwmSession, final UserIdentity userIdentity) throws PwmOperationalException, ChaiUnavailableException, PwmUnrecoverableException {
    LOGGER.trace(pwmSession, "beginning clear otp user configuration");
    int attempts = 0;
    int successes = 0;
    final Configuration config = pwmApplication.getConfig();
    final List<DataStorageMethod> otpSecretStorageLocations = config.getOtpSecretStorageLocations(PwmSetting.OTP_SECRET_READ_PREFERENCE);
    final String userGUID = readGuidIfNeeded(pwmApplication, pwmSession.getLabel(), otpSecretStorageLocations, userIdentity);
    final StringBuilder errorMsgs = new StringBuilder();
    if (otpSecretStorageLocations != null) {
        for (final DataStorageMethod otpSecretStorageLocation : otpSecretStorageLocations) {
            attempts++;
            final OtpOperator operator = operatorMap.get(otpSecretStorageLocation);
            if (operator != null) {
                try {
                    operator.clearOtpUserConfiguration(pwmSession, userIdentity, userGUID);
                    successes++;
                } catch (PwmUnrecoverableException e) {
                    LOGGER.error(pwmSession, "error clearing " + otpSecretStorageLocation + ", error: " + e.getMessage());
                    errorMsgs.append(otpSecretStorageLocation).append(" error: ").append(e.getMessage());
                }
            } else {
                LOGGER.warn(pwmSession, String.format("Storage location %s not implemented", otpSecretStorageLocation.toString()));
            }
        }
    }
    if (attempts == 0) {
        final String errorMsg = "no OTP secret clear methods are available or configured";
        // @todo: replace error message
        final ErrorInformation errorInfo = new ErrorInformation(PwmError.ERROR_WRITING_OTP_SECRET, errorMsg);
        throw new PwmOperationalException(errorInfo);
    }
    if (attempts != successes) {
        // should be impossible to read here, but just in case.
        final String errorMsg = "OTP secret clearing only partially successful; attempts=" + attempts + ", successes=" + successes + ", error: " + errorMsgs.toString();
        // @todo: replace error message
        final ErrorInformation errorInfo = new ErrorInformation(PwmError.ERROR_WRITING_OTP_SECRET, errorMsg);
        throw new PwmOperationalException(errorInfo);
    }
}
Also used : OtpOperator(password.pwm.util.operations.otp.OtpOperator) LocalDbOtpOperator(password.pwm.util.operations.otp.LocalDbOtpOperator) LdapOtpOperator(password.pwm.util.operations.otp.LdapOtpOperator) DbOtpOperator(password.pwm.util.operations.otp.DbOtpOperator) ErrorInformation(password.pwm.error.ErrorInformation) Configuration(password.pwm.config.Configuration) DataStorageMethod(password.pwm.config.option.DataStorageMethod) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) PwmOperationalException(password.pwm.error.PwmOperationalException)

Aggregations

Configuration (password.pwm.config.Configuration)3 DataStorageMethod (password.pwm.config.option.DataStorageMethod)3 PwmOperationalException (password.pwm.error.PwmOperationalException)3 PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)3 DbOtpOperator (password.pwm.util.operations.otp.DbOtpOperator)3 LdapOtpOperator (password.pwm.util.operations.otp.LdapOtpOperator)3 LocalDbOtpOperator (password.pwm.util.operations.otp.LocalDbOtpOperator)3 OtpOperator (password.pwm.util.operations.otp.OtpOperator)3 ErrorInformation (password.pwm.error.ErrorInformation)2 ChaiUnavailableException (com.novell.ldapchai.exception.ChaiUnavailableException)1 IOException (java.io.IOException)1 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1 Date (java.util.Date)1 PwmException (password.pwm.error.PwmException)1 OTPUserRecord (password.pwm.util.operations.otp.OTPUserRecord)1