use of password.pwm.util.operations.otp.OtpOperator in project pwm by pwm-project.
the class OtpService method readOTPUserConfiguration.
public OTPUserRecord readOTPUserConfiguration(final SessionLabel sessionLabel, final UserIdentity userIdentity) throws PwmUnrecoverableException, ChaiUnavailableException {
OTPUserRecord otpConfig = null;
final Configuration config = pwmApplication.getConfig();
final Date methodStartTime = new Date();
final List<DataStorageMethod> otpSecretStorageLocations = config.getOtpSecretStorageLocations(PwmSetting.OTP_SECRET_READ_PREFERENCE);
if (otpSecretStorageLocations != null) {
final String userGUID = readGuidIfNeeded(pwmApplication, sessionLabel, otpSecretStorageLocations, userIdentity);
final Iterator<DataStorageMethod> locationIterator = otpSecretStorageLocations.iterator();
while (otpConfig == null && locationIterator.hasNext()) {
final DataStorageMethod location = locationIterator.next();
final OtpOperator operator = operatorMap.get(location);
if (operator != null) {
try {
otpConfig = operator.readOtpUserConfiguration(userIdentity, userGUID);
} catch (Exception e) {
LOGGER.error(sessionLabel, "unexpected error reading stored otp configuration from " + location + " for user " + userIdentity + ", error: " + e.getMessage());
}
} else {
LOGGER.warn(sessionLabel, String.format("storage location %s not implemented", location.toString()));
}
}
}
LOGGER.trace(sessionLabel, "readOTPUserConfiguration completed in " + TimeDuration.fromCurrent(methodStartTime).asCompactString() + (otpConfig == null ? ", no otp record found" : ", recordType=" + otpConfig.getType() + ", identifier=" + otpConfig.getIdentifier() + ", timestamp=" + JavaHelper.toIsoDate(otpConfig.getTimestamp())));
return otpConfig;
}
use of password.pwm.util.operations.otp.OtpOperator in project pwm by pwm-project.
the class OtpService method writeOTPUserConfiguration.
public void writeOTPUserConfiguration(final PwmSession pwmSession, final UserIdentity userIdentity, final OTPUserRecord otp) throws PwmOperationalException, ChaiUnavailableException, PwmUnrecoverableException {
int attempts = 0;
int successes = 0;
final Configuration config = pwmApplication.getConfig();
final List<DataStorageMethod> otpSecretStorageLocations = config.getOtpSecretStorageLocations(PwmSetting.OTP_SECRET_READ_PREFERENCE);
final String userGUID = readGuidIfNeeded(pwmApplication, pwmSession == null ? null : pwmSession.getLabel(), otpSecretStorageLocations, userIdentity);
final StringBuilder errorMsgs = new StringBuilder();
if (otpSecretStorageLocations != null) {
for (final DataStorageMethod otpSecretStorageLocation : otpSecretStorageLocations) {
attempts++;
final OtpOperator operator = operatorMap.get(otpSecretStorageLocation);
if (operator != null) {
try {
operator.writeOtpUserConfiguration(pwmSession, userIdentity, userGUID, otp);
successes++;
} catch (PwmUnrecoverableException e) {
LOGGER.error(pwmSession, "error writing to " + otpSecretStorageLocation + ", error: " + e.getMessage());
errorMsgs.append(otpSecretStorageLocation).append(" error: ").append(e.getMessage());
}
} else {
LOGGER.warn(pwmSession, String.format("storage location %s not implemented", otpSecretStorageLocation.toString()));
}
}
}
if (attempts == 0) {
final String errorMsg = "no OTP secret save methods are available or configured";
final ErrorInformation errorInfo = new ErrorInformation(PwmError.ERROR_WRITING_OTP_SECRET, errorMsg);
throw new PwmOperationalException(errorInfo);
}
if (attempts != successes) {
// should be impossible to read here, but just in case.
final String errorMsg = "OTP secret write only partially successful; attempts=" + attempts + ", successes=" + successes + ", errors: " + errorMsgs.toString();
final ErrorInformation errorInfo = new ErrorInformation(PwmError.ERROR_WRITING_OTP_SECRET, errorMsg);
throw new PwmOperationalException(errorInfo);
}
}
use of password.pwm.util.operations.otp.OtpOperator in project pwm by pwm-project.
the class OtpService method clearOTPUserConfiguration.
public void clearOTPUserConfiguration(final PwmSession pwmSession, final UserIdentity userIdentity) throws PwmOperationalException, ChaiUnavailableException, PwmUnrecoverableException {
LOGGER.trace(pwmSession, "beginning clear otp user configuration");
int attempts = 0;
int successes = 0;
final Configuration config = pwmApplication.getConfig();
final List<DataStorageMethod> otpSecretStorageLocations = config.getOtpSecretStorageLocations(PwmSetting.OTP_SECRET_READ_PREFERENCE);
final String userGUID = readGuidIfNeeded(pwmApplication, pwmSession.getLabel(), otpSecretStorageLocations, userIdentity);
final StringBuilder errorMsgs = new StringBuilder();
if (otpSecretStorageLocations != null) {
for (final DataStorageMethod otpSecretStorageLocation : otpSecretStorageLocations) {
attempts++;
final OtpOperator operator = operatorMap.get(otpSecretStorageLocation);
if (operator != null) {
try {
operator.clearOtpUserConfiguration(pwmSession, userIdentity, userGUID);
successes++;
} catch (PwmUnrecoverableException e) {
LOGGER.error(pwmSession, "error clearing " + otpSecretStorageLocation + ", error: " + e.getMessage());
errorMsgs.append(otpSecretStorageLocation).append(" error: ").append(e.getMessage());
}
} else {
LOGGER.warn(pwmSession, String.format("Storage location %s not implemented", otpSecretStorageLocation.toString()));
}
}
}
if (attempts == 0) {
final String errorMsg = "no OTP secret clear methods are available or configured";
// @todo: replace error message
final ErrorInformation errorInfo = new ErrorInformation(PwmError.ERROR_WRITING_OTP_SECRET, errorMsg);
throw new PwmOperationalException(errorInfo);
}
if (attempts != successes) {
// should be impossible to read here, but just in case.
final String errorMsg = "OTP secret clearing only partially successful; attempts=" + attempts + ", successes=" + successes + ", error: " + errorMsgs.toString();
// @todo: replace error message
final ErrorInformation errorInfo = new ErrorInformation(PwmError.ERROR_WRITING_OTP_SECRET, errorMsg);
throw new PwmOperationalException(errorInfo);
}
}
Aggregations