Search in sources :

Example 11 with RestResultBean

use of password.pwm.ws.server.RestResultBean in project pwm by pwm-project.

the class HelpdeskServlet method restClearOtpSecret.

@ActionHandler(action = "clearOtpSecret")
private ProcessStatus restClearOtpSecret(final PwmRequest pwmRequest) throws ServletException, IOException, PwmUnrecoverableException, ChaiUnavailableException {
    final HelpdeskProfile helpdeskProfile = getHelpdeskProfile(pwmRequest);
    final Map<String, String> bodyMap = pwmRequest.readBodyAsJsonStringMap(PwmHttpRequestWrapper.Flag.BypassValidation);
    final UserIdentity userIdentity = HelpdeskServletUtil.userIdentityFromMap(pwmRequest, bodyMap);
    if (!helpdeskProfile.readSettingAsBoolean(PwmSetting.HELPDESK_CLEAR_OTP_BUTTON)) {
        final String errorMsg = "clear otp request, but helpdesk clear otp button is not enabled";
        final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_SERVICE_NOT_AVAILABLE, errorMsg);
        LOGGER.error(pwmRequest, errorMsg);
        pwmRequest.respondWithError(errorInformation);
        return ProcessStatus.Halt;
    }
    // clear pwm intruder setting.
    pwmRequest.getPwmApplication().getIntruderManager().convenience().clearUserIdentity(userIdentity);
    try {
        final OtpService service = pwmRequest.getPwmApplication().getOtpService();
        service.clearOTPUserConfiguration(pwmRequest.getPwmSession(), userIdentity);
        {
            // mark the event log
            final HelpdeskAuditRecord auditRecord = new AuditRecordFactory(pwmRequest).createHelpdeskAuditRecord(AuditEvent.HELPDESK_CLEAR_OTP_SECRET, pwmRequest.getPwmSession().getUserInfo().getUserIdentity(), null, userIdentity, pwmRequest.getSessionLabel().getSrcAddress(), pwmRequest.getSessionLabel().getSrcHostname());
            pwmRequest.getPwmApplication().getAuditManager().submit(auditRecord);
        }
    } catch (PwmOperationalException e) {
        final PwmError returnMsg = e.getError();
        final ErrorInformation error = new ErrorInformation(returnMsg, e.getMessage());
        pwmRequest.respondWithError(error);
        LOGGER.warn(pwmRequest, "error clearing OTP secret for user '" + userIdentity + "'' " + error.toDebugStr() + ", " + e.getMessage());
        return ProcessStatus.Halt;
    }
    final RestResultBean restResultBean = RestResultBean.forSuccessMessage(pwmRequest, Message.Success_Unknown);
    pwmRequest.outputJsonResult(restResultBean);
    return ProcessStatus.Halt;
}
Also used : ErrorInformation(password.pwm.error.ErrorInformation) AuditRecordFactory(password.pwm.svc.event.AuditRecordFactory) OtpService(password.pwm.util.operations.OtpService) UserIdentity(password.pwm.bean.UserIdentity) PwmError(password.pwm.error.PwmError) HelpdeskProfile(password.pwm.config.profile.HelpdeskProfile) HelpdeskAuditRecord(password.pwm.svc.event.HelpdeskAuditRecord) PwmOperationalException(password.pwm.error.PwmOperationalException) RestResultBean(password.pwm.ws.server.RestResultBean)

Example 12 with RestResultBean

use of password.pwm.ws.server.RestResultBean in project pwm by pwm-project.

the class ConfigGuideServlet method restUploadJDBCDriver.

@ActionHandler(action = "uploadJDBCDriver")
private ProcessStatus restUploadJDBCDriver(final PwmRequest pwmRequest) throws PwmUnrecoverableException, IOException, ServletException {
    try {
        final ConfigGuideBean configGuideBean = getBean(pwmRequest);
        final int maxFileSize = Integer.parseInt(pwmRequest.getConfig().readAppProperty(AppProperty.CONFIG_MAX_JDBC_JAR_SIZE));
        final FileValue fileValue = ConfigEditorServletUtils.readFileUploadToSettingValue(pwmRequest, maxFileSize);
        configGuideBean.setDatabaseDriver(fileValue);
        final RestResultBean restResultBean = RestResultBean.forSuccessMessage(pwmRequest, Message.Success_Unknown);
        pwmRequest.getPwmResponse().outputJsonResult(restResultBean);
    } catch (PwmException e) {
        final RestResultBean restResultBean = RestResultBean.fromError(e.getErrorInformation(), pwmRequest);
        pwmRequest.getPwmResponse().outputJsonResult(restResultBean);
        LOGGER.error(pwmRequest, e.getErrorInformation().toDebugStr());
    }
    return ProcessStatus.Halt;
}
Also used : FileValue(password.pwm.config.value.FileValue) PwmException(password.pwm.error.PwmException) ConfigGuideBean(password.pwm.http.bean.ConfigGuideBean) RestResultBean(password.pwm.ws.server.RestResultBean)

Example 13 with RestResultBean

use of password.pwm.ws.server.RestResultBean in project pwm by pwm-project.

the class ConfigManagerServlet method restLockConfiguration.

private void restLockConfiguration(final PwmRequest pwmRequest) throws IOException, ServletException, PwmUnrecoverableException, ChaiUnavailableException {
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final PwmSession pwmSession = pwmRequest.getPwmSession();
    if (PwmConstants.TRIAL_MODE) {
        final String msg = LocaleHelper.getLocalizedMessage(Admin.Notice_TrialRestrictConfig, pwmRequest);
        final ErrorInformation errorInfo = new ErrorInformation(PwmError.ERROR_TRIAL_VIOLATION, msg);
        final RestResultBean restResultBean = RestResultBean.fromError(errorInfo, pwmRequest);
        LOGGER.debug(pwmSession, errorInfo);
        pwmRequest.outputJsonResult(restResultBean);
        return;
    }
    if (!pwmSession.isAuthenticated()) {
        final ErrorInformation errorInfo = new ErrorInformation(PwmError.ERROR_AUTHENTICATION_REQUIRED, "You must be authenticated before restricting the configuration");
        final RestResultBean restResultBean = RestResultBean.fromError(errorInfo, pwmRequest);
        LOGGER.debug(pwmSession, errorInfo);
        pwmRequest.outputJsonResult(restResultBean);
        return;
    }
    if (!pwmSession.getSessionManager().checkPermission(pwmApplication, Permission.PWMADMIN)) {
        final ErrorInformation errorInfo = new ErrorInformation(PwmError.ERROR_UNAUTHORIZED, "You must be authenticated with admin privileges before restricting the configuration");
        final RestResultBean restResultBean = RestResultBean.fromError(errorInfo, pwmRequest);
        LOGGER.debug(pwmSession, errorInfo);
        pwmRequest.outputJsonResult(restResultBean);
        return;
    }
    try {
        final StoredConfigurationImpl storedConfiguration = readCurrentConfiguration(pwmRequest);
        if (!storedConfiguration.hasPassword()) {
            final ErrorInformation errorInfo = new ErrorInformation(PwmError.CONFIG_FORMAT_ERROR, null, new String[] { "Please set a configuration password before restricting the configuration" });
            final RestResultBean restResultBean = RestResultBean.fromError(errorInfo, pwmRequest);
            LOGGER.debug(pwmSession, errorInfo);
            pwmRequest.outputJsonResult(restResultBean);
            return;
        }
        storedConfiguration.writeConfigProperty(ConfigurationProperty.CONFIG_IS_EDITABLE, "false");
        saveConfiguration(pwmRequest, storedConfiguration);
        final ConfigManagerBean configManagerBean = pwmRequest.getPwmApplication().getSessionStateService().getBean(pwmRequest, ConfigManagerBean.class);
        configManagerBean.setConfiguration(null);
    } catch (PwmException e) {
        final ErrorInformation errorInfo = e.getErrorInformation();
        final RestResultBean restResultBean = RestResultBean.fromError(errorInfo, pwmRequest);
        LOGGER.debug(pwmSession, errorInfo.toDebugStr());
        pwmRequest.outputJsonResult(restResultBean);
        return;
    } catch (Exception e) {
        final ErrorInformation errorInfo = new ErrorInformation(PwmError.ERROR_UNKNOWN, e.getMessage());
        final RestResultBean restResultBean = RestResultBean.fromError(errorInfo, pwmRequest);
        LOGGER.debug(pwmSession, errorInfo.toDebugStr());
        pwmRequest.outputJsonResult(restResultBean);
        return;
    }
    final HashMap<String, String> resultData = new HashMap<>();
    LOGGER.info(pwmSession, "Configuration Locked");
    pwmRequest.outputJsonResult(RestResultBean.withData(resultData));
}
Also used : PwmException(password.pwm.error.PwmException) ErrorInformation(password.pwm.error.ErrorInformation) ConfigManagerBean(password.pwm.http.bean.ConfigManagerBean) PwmApplication(password.pwm.PwmApplication) StoredConfigurationImpl(password.pwm.config.stored.StoredConfigurationImpl) HashMap(java.util.HashMap) LinkedHashMap(java.util.LinkedHashMap) PwmSession(password.pwm.http.PwmSession) ServletException(javax.servlet.ServletException) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) ChaiUnavailableException(com.novell.ldapchai.exception.ChaiUnavailableException) PwmException(password.pwm.error.PwmException) IOException(java.io.IOException) RestResultBean(password.pwm.ws.server.RestResultBean)

Example 14 with RestResultBean

use of password.pwm.ws.server.RestResultBean in project pwm by pwm-project.

the class SetupResponsesServlet method restValidateResponses.

@ActionHandler(action = "validateResponses")
private ProcessStatus restValidateResponses(final PwmRequest pwmRequest) throws IOException, ServletException, PwmUnrecoverableException, ChaiUnavailableException {
    final SetupResponsesBean setupResponsesBean = getSetupResponseBean(pwmRequest);
    final Instant startTime = Instant.now();
    final PwmSession pwmSession = pwmRequest.getPwmSession();
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final String responseModeParam = pwmRequest.readParameterAsString("responseMode");
    final SetupResponsesBean.SetupData setupData = "helpdesk".equalsIgnoreCase(responseModeParam) ? setupResponsesBean.getHelpdeskResponseData() : setupResponsesBean.getResponseData();
    boolean success = true;
    String userMessage = Message.getLocalizedMessage(pwmSession.getSessionStateBean().getLocale(), Message.Success_ResponsesMeetRules, pwmApplication.getConfig());
    try {
        // read in the responses from the request
        final Map<Challenge, String> responseMap = readResponsesFromJsonRequest(pwmRequest, setupData);
        final int minRandomRequiredSetup = setupData.getMinRandomSetup();
        pwmApplication.getCrService().validateResponses(setupData.getChallengeSet(), responseMap, minRandomRequiredSetup);
        generateResponseInfoBean(pwmRequest, setupData.getChallengeSet(), responseMap, Collections.emptyMap());
    } catch (PwmDataValidationException e) {
        success = false;
        userMessage = e.getErrorInformation().toUserStr(pwmSession, pwmApplication);
    }
    final ValidationResponseBean validationResponseBean = new ValidationResponseBean(userMessage, success);
    final RestResultBean restResultBean = RestResultBean.withData(validationResponseBean);
    LOGGER.trace(pwmRequest, "completed rest validate response in " + TimeDuration.fromCurrent(startTime).asCompactString() + ", result=" + JsonUtil.serialize(restResultBean));
    pwmRequest.outputJsonResult(restResultBean);
    return ProcessStatus.Halt;
}
Also used : PwmApplication(password.pwm.PwmApplication) Instant(java.time.Instant) SetupResponsesBean(password.pwm.http.bean.SetupResponsesBean) Challenge(com.novell.ldapchai.cr.Challenge) PwmDataValidationException(password.pwm.error.PwmDataValidationException) PwmSession(password.pwm.http.PwmSession) RestResultBean(password.pwm.ws.server.RestResultBean)

Example 15 with RestResultBean

use of password.pwm.ws.server.RestResultBean in project pwm by pwm-project.

the class ConfigEditorServlet method restSetConfigurationPassword.

@ActionHandler(action = "setConfigurationPassword")
private ProcessStatus restSetConfigurationPassword(final PwmRequest pwmRequest) throws IOException, ServletException, PwmUnrecoverableException {
    final ConfigManagerBean configManagerBean = getBean(pwmRequest);
    try {
        final Map<String, String> postData = pwmRequest.readBodyAsJsonStringMap();
        final String password = postData.get("password");
        configManagerBean.getStoredConfiguration().setPassword(password);
        configManagerBean.setPasswordVerified(true);
        LOGGER.debug(pwmRequest, "config password updated");
        final RestResultBean restResultBean = RestResultBean.forConfirmMessage(pwmRequest, Config.Confirm_ConfigPasswordStored);
        pwmRequest.outputJsonResult(restResultBean);
    } catch (PwmOperationalException e) {
        final RestResultBean restResultBean = RestResultBean.fromError(e.getErrorInformation(), pwmRequest);
        pwmRequest.outputJsonResult(restResultBean);
    }
    return ProcessStatus.Halt;
}
Also used : ConfigManagerBean(password.pwm.http.bean.ConfigManagerBean) RestResultBean(password.pwm.ws.server.RestResultBean) PwmOperationalException(password.pwm.error.PwmOperationalException)

Aggregations

RestResultBean (password.pwm.ws.server.RestResultBean)63 ErrorInformation (password.pwm.error.ErrorInformation)27 PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)21 UserIdentity (password.pwm.bean.UserIdentity)16 PwmException (password.pwm.error.PwmException)16 HelpdeskProfile (password.pwm.config.profile.HelpdeskProfile)15 Instant (java.time.Instant)14 PwmOperationalException (password.pwm.error.PwmOperationalException)14 HashMap (java.util.HashMap)11 LinkedHashMap (java.util.LinkedHashMap)11 ChaiUnavailableException (com.novell.ldapchai.exception.ChaiUnavailableException)10 IOException (java.io.IOException)10 PwmApplication (password.pwm.PwmApplication)10 PwmSession (password.pwm.http.PwmSession)10 ConfigManagerBean (password.pwm.http.bean.ConfigManagerBean)9 ArrayList (java.util.ArrayList)8 ServletException (javax.servlet.ServletException)8 UserInfo (password.pwm.ldap.UserInfo)8 AuditRecordFactory (password.pwm.svc.event.AuditRecordFactory)8 HelpdeskAuditRecord (password.pwm.svc.event.HelpdeskAuditRecord)8