Examples with RestMethodHandler - password.pwm.ws.server.RestMethodHandler

Example 11 with RestMethodHandler

use of password.pwm.ws.server.RestMethodHandler in project pwm by pwm-project.

the class RestVerifyOtpServer method doSetOtpDataJson.

@RestMethodHandler(method = HttpMethod.POST, consumes = HttpContentType.json, produces = HttpContentType.json)
public RestResultBean doSetOtpDataJson(final RestRequest restRequest) throws IOException, PwmUnrecoverableException {
    final RestVerifyOtpServer.JsonPutOtpInput jsonInput;
    {
        final RestVerifyOtpServer.JsonPutOtpInput jsonBody = RestUtility.deserializeJsonBody(restRequest, RestVerifyOtpServer.JsonPutOtpInput.class, RestUtility.Flag.AllowNullReturn);
        jsonInput = new RestVerifyOtpServer.JsonPutOtpInput(RestUtility.readValueFromJsonAndParam(jsonBody == null ? null : jsonBody.getToken(), restRequest.readParameterAsString("token"), "token"), RestUtility.readValueFromJsonAndParam(jsonBody == null ? null : jsonBody.getUsername(), restRequest.readParameterAsString("username"), "username"));
    }
    final TargetUserIdentity targetUserIdentity = RestUtility.resolveRequestedUsername(restRequest, jsonInput.getUsername());
    try {
        final OtpService otpService = restRequest.getPwmApplication().getOtpService();
        final OTPUserRecord otpUserRecord = otpService.readOTPUserConfiguration(restRequest.getSessionLabel(), targetUserIdentity.getUserIdentity());
        final boolean verified = otpUserRecord != null && otpService.validateToken(restRequest.getSessionLabel(), targetUserIdentity.getUserIdentity(), otpUserRecord, jsonInput.getToken(), false);
        StatisticsManager.incrementStat(restRequest.getPwmApplication(), Statistic.REST_VERIFYOTP);
        return RestResultBean.forSuccessMessage(verified, restRequest, Message.Success_Unknown);
    } catch (ChaiUnavailableException e) {
        throw PwmUnrecoverableException.fromChaiException(e);
    } catch (PwmOperationalException e) {
        final String errorMsg = "unexpected error reading json input: " + e.getMessage();
        final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_UNKNOWN, errorMsg);
        return RestResultBean.fromError(restRequest, errorInformation);
    }
}

Also used : ErrorInformation(password.pwm.error.ErrorInformation) ChaiUnavailableException(com.novell.ldapchai.exception.ChaiUnavailableException) OtpService(password.pwm.util.operations.OtpService) OTPUserRecord(password.pwm.util.operations.otp.OTPUserRecord) PwmOperationalException(password.pwm.error.PwmOperationalException) RestMethodHandler(password.pwm.ws.server.RestMethodHandler)

Example 12 with RestMethodHandler

use of password.pwm.ws.server.RestMethodHandler in project pwm by pwm-project.

the class RestVerifyResponsesServer method doSetChallengeDataJson.

@RestMethodHandler(method = HttpMethod.POST, consumes = HttpContentType.json, produces = HttpContentType.json)
public RestResultBean doSetChallengeDataJson(final RestRequest restRequest) throws IOException, PwmUnrecoverableException {
    final Instant startTime = Instant.now();
    final JsonPutChallengesInput jsonInput = RestUtility.deserializeJsonBody(restRequest, JsonPutChallengesInput.class);
    final String username = RestUtility.readValueFromJsonAndParam(jsonInput.getUsername(), restRequest.readParameterAsString("username", PwmHttpRequestWrapper.Flag.BypassValidation), "username");
    final TargetUserIdentity targetUserIdentity = RestUtility.resolveRequestedUsername(restRequest, username);
    LOGGER.debug(restRequest.getSessionLabel(), "beginning /verifyresponses REST service against " + (targetUserIdentity.isSelf() ? "self" : targetUserIdentity.getUserIdentity().toDisplayString()));
    try {
        final ResponseSet responseSet = restRequest.getPwmApplication().getCrService().readUserResponseSet(restRequest.getSessionLabel(), targetUserIdentity.getUserIdentity(), targetUserIdentity.getChaiUser());
        final boolean verified = responseSet.test(jsonInput.toCrMap());
        final RestResultBean restResultBean = RestResultBean.forSuccessMessage(verified, restRequest, Message.Success_Unknown);
        LOGGER.debug(restRequest.getSessionLabel(), "completed /verifyresponses REST service in " + TimeDuration.fromCurrent(startTime).asCompactString() + ", response: " + JsonUtil.serialize(restResultBean));
        return restResultBean;
    } catch (ChaiUnavailableException e) {
        throw PwmUnrecoverableException.fromChaiException(e);
    }
}

Also used : ChaiUnavailableException(com.novell.ldapchai.exception.ChaiUnavailableException) Instant(java.time.Instant) ResponseSet(com.novell.ldapchai.cr.ResponseSet) RestResultBean(password.pwm.ws.server.RestResultBean) RestMethodHandler(password.pwm.ws.server.RestMethodHandler)

Aggregations

RestMethodHandler (password.pwm.ws.server.RestMethodHandler)12 ErrorInformation (password.pwm.error.ErrorInformation)9 PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)8 IOException (java.io.IOException)5 RestResultBean (password.pwm.ws.server.RestResultBean)4 PwmException (password.pwm.error.PwmException)3 ChaiUser (com.novell.ldapchai.ChaiUser)2 ResponseSet (com.novell.ldapchai.cr.ResponseSet)2 ChaiException (com.novell.ldapchai.exception.ChaiException)2 ChaiUnavailableException (com.novell.ldapchai.exception.ChaiUnavailableException)2 Instant (java.time.Instant)2 ChallengeProfile (password.pwm.config.profile.ChallengeProfile)2 PwmOperationalException (password.pwm.error.PwmOperationalException)2 CrService (password.pwm.util.operations.CrService)2 ChallengeSet (com.novell.ldapchai.cr.ChallengeSet)1 ChaiProvider (com.novell.ldapchai.provider.ChaiProvider)1 Method (java.lang.reflect.Method)1 HashSet (java.util.HashSet)1 Locale (java.util.Locale)1 Test (org.junit.Test)1