Example 6 with SecureService
use of password.pwm.util.secure.SecureService in project pwm by pwm-project.
the class CryptoRequestBeanImpl method getSessionStateInfo.
@Override
public String getSessionStateInfo(final PwmRequest pwmRequest) throws PwmUnrecoverableException {
final SecureService secureService = pwmRequest.getPwmApplication().getSecureService();
final Map<Class, PwmSessionBean> cachedMap = (Map<Class, PwmSessionBean>) pwmRequest.getHttpServletRequest().getAttribute(attrName);
if (cachedMap == null || cachedMap.isEmpty()) {
return "";
}
if (cachedMap.size() > 1) {
throw new IllegalStateException("unable to handle multiple session state beans");
}
final PwmSessionBean bean = cachedMap.values().iterator().next();
return secureService.encryptObjectToString(bean);
}
Also used :
SecureService(password.pwm.util.secure.SecureService)
PwmSessionBean(password.pwm.http.bean.PwmSessionBean)
Map(java.util.Map)
HashMap(java.util.HashMap)
Example 7 with SecureService
use of password.pwm.util.secure.SecureService in project pwm by pwm-project.
the class StoredTokenKey method fromKeyValue.
static StoredTokenKey fromKeyValue(final PwmApplication pwmApplication, final String input) throws PwmUnrecoverableException {
if (input == null) {
throw new NullPointerException();
}
if (input.endsWith(SUFFIX)) {
throw new IllegalArgumentException("new key value has stored suffix");
}
final int maxHashLength = Integer.parseInt(pwmApplication.getConfig().readAppProperty(AppProperty.TOKEN_STORAGE_MAX_KEY_LENGTH));
final SecureService secureService = pwmApplication.getSecureService();
final String generatedHash = secureService.hash(input);
final String storedHash = StringUtil.truncate(generatedHash, maxHashLength) + SUFFIX;
return new StoredTokenKey(storedHash);
}
Also used :
SecureService(password.pwm.util.secure.SecureService)
Example 8 with SecureService
use of password.pwm.util.secure.SecureService in project pwm by pwm-project.
the class NewUserFormUtils method toTokenPayload.
static Map<String, String> toTokenPayload(final PwmRequest pwmRequest, final NewUserBean newUserBean) throws PwmUnrecoverableException {
final NewUserTokenData newUserTokenData = new NewUserTokenData();
newUserTokenData.setProfileID(newUserBean.getProfileID());
newUserTokenData.setFormData(newUserBean.getNewUserForm());
newUserTokenData.setInjectionData(newUserBean.getRemoteInputData());
newUserTokenData.setCurrentTokenField(newUserBean.getCurrentTokenField());
newUserTokenData.setCompletedTokenFields(newUserBean.getCompletedTokenFields());
final SecureService secureService = pwmRequest.getPwmApplication().getSecureService();
final String encodedTokenData = secureService.encryptObjectToString(newUserTokenData);
final Map<String, String> payloadMap = new HashMap<>();
payloadMap.put(NewUserServlet.TOKEN_PAYLOAD_ATTR, encodedTokenData);
return payloadMap;
}
Also used :
SecureService(password.pwm.util.secure.SecureService)
HashMap(java.util.HashMap)
LinkedHashMap(java.util.LinkedHashMap)
Example 9 with SecureService
use of password.pwm.util.secure.SecureService in project pwm by pwm-project.
the class HelpdeskServlet method restSendVerificationTokenRequest.
@ActionHandler(action = "sendVerificationToken")
private ProcessStatus restSendVerificationTokenRequest(final PwmRequest pwmRequest) throws IOException, PwmUnrecoverableException, ServletException, ChaiUnavailableException {
final HelpdeskProfile helpdeskProfile = getHelpdeskProfile(pwmRequest);
final Instant startTime = Instant.now();
final Configuration config = pwmRequest.getConfig();
final Map<String, String> bodyParams = pwmRequest.readBodyAsJsonStringMap();
final UserIdentity userIdentity = UserIdentity.fromKey(bodyParams.get(PwmConstants.PARAM_USERKEY), pwmRequest.getPwmApplication());
final UserInfo userInfo = UserInfoFactory.newUserInfo(pwmRequest.getPwmApplication(), pwmRequest.getSessionLabel(), pwmRequest.getLocale(), userIdentity, getChaiUser(pwmRequest, helpdeskProfile, userIdentity).getChaiProvider());
final TokenDestinationItem tokenDestinationItem;
{
final MessageSendMethod effectiveSendMethod;
{
final MessageSendMethod configuredSendMethod = helpdeskProfile.readSettingAsEnum(PwmSetting.HELPDESK_TOKEN_SEND_METHOD, MessageSendMethod.class);
if (configuredSendMethod == MessageSendMethod.CHOICE_SMS_EMAIL) {
final String methodParamName = "method";
final String methodParam = bodyParams.getOrDefault(methodParamName, "");
switch(methodParam) {
case "sms":
effectiveSendMethod = MessageSendMethod.SMSONLY;
break;
case "email":
effectiveSendMethod = MessageSendMethod.EMAILONLY;
break;
default:
throw new UnsupportedOperationException("unknown tokenSendMethod: " + methodParam);
}
} else {
effectiveSendMethod = configuredSendMethod;
}
}
switch(effectiveSendMethod) {
case SMSONLY:
tokenDestinationItem = TokenDestinationItem.builder().id("0").display(userInfo.getUserSmsNumber()).value(userInfo.getUserSmsNumber()).type(TokenDestinationItem.Type.sms).build();
break;
case EMAILONLY:
tokenDestinationItem = TokenDestinationItem.builder().id("0").display(userInfo.getUserEmailAddress()).value(userInfo.getUserEmailAddress()).type(TokenDestinationItem.Type.email).build();
break;
default:
throw new UnsupportedOperationException("unknown tokenSendMethod: " + effectiveSendMethod);
}
}
final HelpdeskDetailInfoBean helpdeskDetailInfoBean = HelpdeskDetailInfoBean.makeHelpdeskDetailInfo(pwmRequest, helpdeskProfile, userIdentity);
if (helpdeskDetailInfoBean == null) {
final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_MISSING_PARAMETER, "unable to read helpdesk detail data for specified user");
LOGGER.error(pwmRequest, errorInformation);
pwmRequest.outputJsonResult(RestResultBean.fromError(errorInformation, pwmRequest));
return ProcessStatus.Halt;
}
final MacroMachine macroMachine = MacroMachine.forUser(pwmRequest.getPwmApplication(), pwmRequest.getSessionLabel(), userInfo, null);
final String configuredTokenString = config.readAppProperty(AppProperty.HELPDESK_TOKEN_VALUE);
final String tokenKey = macroMachine.expandMacros(configuredTokenString);
final EmailItemBean emailItemBean = config.readSettingAsEmail(PwmSetting.EMAIL_HELPDESK_TOKEN, pwmRequest.getLocale());
LOGGER.debug(pwmRequest, "generated token code for " + userIdentity.toDelimitedKey());
final String smsMessage = config.readSettingAsLocalizedString(PwmSetting.SMS_HELPDESK_TOKEN_TEXT, pwmRequest.getLocale());
try {
TokenService.TokenSender.sendToken(TokenService.TokenSendInfo.builder().pwmApplication(pwmRequest.getPwmApplication()).userInfo(userInfo).macroMachine(macroMachine).configuredEmailSetting(emailItemBean).tokenDestinationItem(tokenDestinationItem).smsMessage(smsMessage).tokenKey(tokenKey).sessionLabel(pwmRequest.getSessionLabel()).build());
} catch (PwmException e) {
LOGGER.error(pwmRequest, e.getErrorInformation());
pwmRequest.outputJsonResult(RestResultBean.fromError(e.getErrorInformation(), pwmRequest));
return ProcessStatus.Halt;
}
StatisticsManager.incrementStat(pwmRequest, Statistic.HELPDESK_TOKENS_SENT);
final HelpdeskVerificationRequestBean helpdeskVerificationRequestBean = new HelpdeskVerificationRequestBean();
helpdeskVerificationRequestBean.setDestination(tokenDestinationItem.getDisplay());
helpdeskVerificationRequestBean.setUserKey(bodyParams.get(PwmConstants.PARAM_USERKEY));
final HelpdeskVerificationRequestBean.TokenData tokenData = new HelpdeskVerificationRequestBean.TokenData();
tokenData.setToken(tokenKey);
tokenData.setIssueDate(new Date());
final SecureService secureService = pwmRequest.getPwmApplication().getSecureService();
helpdeskVerificationRequestBean.setTokenData(secureService.encryptObjectToString(tokenData));
final RestResultBean restResultBean = RestResultBean.withData(helpdeskVerificationRequestBean);
pwmRequest.outputJsonResult(restResultBean);
LOGGER.debug(pwmRequest, "helpdesk operator " + pwmRequest.getUserInfoIfLoggedIn().toDisplayString() + " issued token for verification against user " + userIdentity.toDisplayString() + " sent to destination(s) " + tokenDestinationItem.getDisplay() + " (" + TimeDuration.fromCurrent(startTime).asCompactString() + ")");
return ProcessStatus.Halt;
}
Also used :
SecureService(password.pwm.util.secure.SecureService)
FormConfiguration(password.pwm.config.value.data.FormConfiguration)
SearchConfiguration(password.pwm.ldap.search.SearchConfiguration)
ActionConfiguration(password.pwm.config.value.data.ActionConfiguration)
Configuration(password.pwm.config.Configuration)
EmailItemBean(password.pwm.bean.EmailItemBean)
Instant(java.time.Instant)
UserIdentity(password.pwm.bean.UserIdentity)
HelpdeskProfile(password.pwm.config.profile.HelpdeskProfile)
UserInfo(password.pwm.ldap.UserInfo)
MessageSendMethod(password.pwm.config.option.MessageSendMethod)
TokenDestinationItem(password.pwm.bean.TokenDestinationItem)
Date(java.util.Date)
PwmException(password.pwm.error.PwmException)
ErrorInformation(password.pwm.error.ErrorInformation)
MacroMachine(password.pwm.util.macro.MacroMachine)
RestResultBean(password.pwm.ws.server.RestResultBean)
Aggregations
SecureService (password.pwm.util.secure.SecureService)9
ErrorInformation (password.pwm.error.ErrorInformation)4
Instant (java.time.Instant)2
Date (java.util.Date)2
HashMap (java.util.HashMap)2
LinkedHashMap (java.util.LinkedHashMap)2
UserIdentity (password.pwm.bean.UserIdentity)2
Configuration (password.pwm.config.Configuration)2
PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)2
RestResultBean (password.pwm.ws.server.RestResultBean)2
IOException (java.io.IOException)1
Map (java.util.Map)1
EmailItemBean (password.pwm.bean.EmailItemBean)1
FormNonce (password.pwm.bean.FormNonce)1
TokenDestinationItem (password.pwm.bean.TokenDestinationItem)1
MessageSendMethod (password.pwm.config.option.MessageSendMethod)1
HelpdeskProfile (password.pwm.config.profile.HelpdeskProfile)1
ActionConfiguration (password.pwm.config.value.data.ActionConfiguration)1
FormConfiguration (password.pwm.config.value.data.FormConfiguration)1
PwmException (password.pwm.error.PwmException)1
