org.gluu.credmanager.ui.vm.user.SecurityKeyViewModel クラス

org.gluu.credmanager.ui.vm.user.SecurityKeyViewModel の継承関係図

org.gluu.credmanager.ui.vm.user.SecurityKeyViewModel 連携図

公開メンバ関数
boolean	isUiAwaiting ()
boolean	isUiEnrolled ()
String	getEditingId ()
boolean	isUiPanelOpened ()
String	getU2fSupportMessage ()
boolean	isU2fMayBeSupported ()
SecurityKey	getNewDevice ()
List< SecurityKey >	getDevices ()
void	setEditingId (String editingId)
void	setNewDevice (SecurityKey newDevice)
void	childInit () throws Exception
void	afterCompose (@ContextParam(ContextType.VIEW) Component view)
void	triggerU2fRegisterRequest ()
void	notified (Event event) throws Exception
void	add ()
void	cancel ()
void	prepareForUpdate (@BindingParam("device") SecurityKey dev)
void	cancelUpdate ()
void	update ()
void	delete (@BindingParam("device") SecurityKey device)
void	init ()
void	logoutFromAuthzServer ()

関数
int	getScreenWidth ()
BrowserInfo	getBrowserInfo ()
Pair< String, String >	getDeleteMessages (String nick, String extraMessage)
String	resetPreferenceMessage (String credentialType, int nCredsOfType)

変数
UserService	userService
User	user

非公開メンバ関数
void	checkU2fSupport ()
void	resetAddSettings ()

非公開変数類
Logger	logger = LogManager.getLogger(getClass())
U2fService	u2fService
ObjectMapper	mapper
SecurityKey	newDevice
List< SecurityKey >	devices
boolean	uiAwaiting
boolean	uiEnrolled
boolean	uiPanelOpened
String	editingId
String	u2fSupportMessage
boolean	u2fMayBeSupported

静的非公開変数類
static final int	REGISTRATION_TIMEOUT = 8000
static final int	WAIT_ENROLL_TIME = 1000

詳解

Created by jgomer on 2017-07-23. This is the ViewModel of page u2f-detail.zul. It controls the CRUD of security keys

関数詳解

add()

void org.gluu.credmanager.ui.vm.user.SecurityKeyViewModel.add ( )

inline

                      {

        if (Utils.isNotEmpty(newDevice.getNickName())) {
            try {
                u2fService.updateDevice(newDevice);
                devices.add(newDevice);
                UIUtils.showMessageUI(true, Labels.getLabel("usr.enroll.success"));
            } catch (Exception e) {
                UIUtils.showMessageUI(false, Labels.getLabel("usr.error_updating"));
                logger.error(e.getMessage(), e);
            }
            uiPanelOpened = false;
            resetAddSettings();
        }

    }

afterCompose()

void org.gluu.credmanager.ui.vm.user.SecurityKeyViewModel.afterCompose ( @ContextParam(ContextType.VIEW) Component  view )

inline

                                                                             {
        Selectors.wireEventListeners(view, this);
    }

cancel()

void org.gluu.credmanager.ui.vm.user.SecurityKeyViewModel.cancel ( )

inline

                         {

        boolean success;
        try {
            /*
             Remove the recently enrolled key. This is so because once the user touches his key button, oxAuth creates the
             corresponding entry in LDAP, and if the user regrets adding the current key by not supplying a nickname
             (and thus pressing cancel), we need to be obliterate the entry
             */
            success = u2fService.removeDevice(newDevice);
        } catch (Exception e) {
            success = false;
            logger.error(e.getMessage(), e);
        }
        if (!success) {
            UIUtils.showMessageUI(false);
        }
        resetAddSettings();

    }

cancelUpdate()

void org.gluu.credmanager.ui.vm.user.SecurityKeyViewModel.cancelUpdate ( )

inline

                               {
        newDevice.setNickName(null);
        editingId = null;
    }

checkU2fSupport()

void org.gluu.credmanager.ui.vm.user.SecurityKeyViewModel.checkU2fSupport ( )

inlineprivate

                                   {
        //Assume u2f is not supported
        u2fMayBeSupported = false;
        try {
            BrowserInfo binfo = getBrowserInfo();
            String name = binfo.getName().toLowerCase();
            int browserVer = binfo.getMainVersion();

            u2fMayBeSupported =  (name.contains("chrome") && browserVer >= 41) || (name.contains("opera") && browserVer >= 41)
                    || (name.contains("safari") && browserVer > 10) || name.contains("firefox");

            if (u2fMayBeSupported) {
                if (name.contains("firefox")) {
                    u2fSupportMessage = Labels.getLabel(browserVer >= 57 ? "usr.u2f_enabled_u2f_ff" : "usr.u2f_unsupported_ff");
                } else if (name.contains("safari")){
                    u2fSupportMessage = Labels.getLabel("usr.u2f_unsupported_safari");
                }
            }
        } catch (Exception e) {
            logger.error(e.getMessage(), e);
        }
    }

childInit()

void org.gluu.credmanager.ui.vm.user.SecurityKeyViewModel.childInit ( ) throws Exception

inline

                                             {
        mapper = new ObjectMapper();
        newDevice = new SecurityKey();
        uiPanelOpened = true;
        devices = u2fService.getDevices(user.getId(), true);
        checkU2fSupport();
    }

delete()

void org.gluu.credmanager.ui.vm.user.SecurityKeyViewModel.delete ( @BindingParam("device") SecurityKey  device )

inline

                                                                   {

        String resetMessages = resetPreferenceMessage(SecurityKeyExtension.ACR, devices.size());
        boolean reset = resetMessages != null;
        Pair<String, String> delMessages = getDeleteMessages(device.getNickName(), resetMessages);

        Messagebox.show(delMessages.getY(), delMessages.getX(), Messagebox.YES | Messagebox.NO, reset ? Messagebox.EXCLAMATION : Messagebox.QUESTION,
                event -> {
                    if (Messagebox.ON_YES.equals(event.getName())) {
                        try {
                            if (devices.remove(device)) {
                                if (reset) {
                                    userService.setPreferredMethod(user, null);
                                }

                                u2fService.removeDevice(device);
                                //trigger refresh (this method is asynchronous...)
                                BindUtils.postNotifyChange(null, null, SecurityKeyViewModel.this, "devices");

                                UIUtils.showMessageUI(true);
                            }
                        } catch (Exception e) {
                            UIUtils.showMessageUI(false);
                            logger.error(e.getMessage(), e);
                        }
                    }
                });
    }

getBrowserInfo()

BrowserInfo org.gluu.credmanager.ui.vm.user.UserViewModel.getBrowserInfo ( )

inlinepackageinherited

                                 {
        return sessionContext.getBrowser();
    }

getDeleteMessages()

Pair<String, String> org.gluu.credmanager.ui.vm.user.UserViewModel.getDeleteMessages ( String  nick, String  extraMessage  )

inlinepackageinherited

                                                                            {

        StringBuilder text=new StringBuilder();
        if (extraMessage != null) {
            text.append(extraMessage).append("\n\n");
        }
        text.append(Labels.getLabel("usr.del_confirm", new String[]{ nick==null ? Labels.getLabel("general.no_named") : nick }));
        if (extraMessage != null) {
            text.append("\n");
        }

        return new Pair<>(Labels.getLabel("usr.del_title"), text.toString());

    }

getDevices()

List<SecurityKey> org.gluu.credmanager.ui.vm.user.SecurityKeyViewModel.getDevices ( )

inline

                                          {
        return devices;
    }

getEditingId()

String org.gluu.credmanager.ui.vm.user.SecurityKeyViewModel.getEditingId ( )

inline

                                 {
        return editingId;
    }

getNewDevice()

SecurityKey org.gluu.credmanager.ui.vm.user.SecurityKeyViewModel.getNewDevice ( )

inline

                                      {
        return newDevice;
    }

getScreenWidth()

int org.gluu.credmanager.ui.vm.user.UserViewModel.getScreenWidth ( )

inlinepackageinherited

                         {
        return sessionContext.getScreenWidth();
    }

getU2fSupportMessage()

String org.gluu.credmanager.ui.vm.user.SecurityKeyViewModel.getU2fSupportMessage ( )

inline

                                         {
        return u2fSupportMessage;
    }

init()

void org.gluu.credmanager.ui.vm.user.UserViewModel.init ( )

inlineinherited

                       {
        user = sessionContext.getUser();
        minCredsFor2FA = confHandler.getSettings().getMinCredsFor2FA();
    }

isU2fMayBeSupported()

boolean org.gluu.credmanager.ui.vm.user.SecurityKeyViewModel.isU2fMayBeSupported ( )

inline

                                         {
        return u2fMayBeSupported;
    }

isUiAwaiting()

boolean org.gluu.credmanager.ui.vm.user.SecurityKeyViewModel.isUiAwaiting ( )

inline

                                  {
        return uiAwaiting;
    }

isUiEnrolled()

boolean org.gluu.credmanager.ui.vm.user.SecurityKeyViewModel.isUiEnrolled ( )

inline

                                  {
        return uiEnrolled;
    }

isUiPanelOpened()

boolean org.gluu.credmanager.ui.vm.user.SecurityKeyViewModel.isUiPanelOpened ( )

inline

                                     {
        return uiPanelOpened;
    }

logoutFromAuthzServer()

void org.gluu.credmanager.ui.vm.user.UserViewModel.logoutFromAuthzServer ( )

inlineinherited

                                        {

        try {
            logger.trace("Log off attempt");
            purgeSession();
            //After End-User has logged out, the Client might request to log him out of the OP too
            //TODO: what happens after session expiration?
            String idToken = authFlowContext.getIdToken();
            Executions.sendRedirect(oxdService.getLogoutUrl(idToken));
        } catch (Exception e) {
            logger.error(e.getMessage(), e);
        }

    }

notified()

void org.gluu.credmanager.ui.vm.user.SecurityKeyViewModel.notified ( Event  event ) throws Exception

inline

                                                       {

        String jsonStr = mapper.writeValueAsString(event.getData());
        String error = u2fService.getRegistrationResult(jsonStr);

        if (error == null) {
            u2fService.finishRegistration(user.getUserName(), jsonStr);
            //To know exactly which entry is, we pass the current timestamp so we can pick the most suitable
            //entry by inspecting the creationDate attribute among all existing entries
            newDevice = u2fService.getLatestSecurityKey(user.getId(), new Date().getTime());

            if (newDevice != null) {
                uiEnrolled = true;
                BindUtils.postNotifyChange(null, null, this, "uiEnrolled");
            } else {
                UIUtils.showMessageUI(false);
                logger.error(Labels.getLabel("app.finish_registration_error"));
            }
        } else {
            UIUtils.showMessageUI(false, Labels.getLabel("general.error.detailed", new String[] { error }));
        }

        uiAwaiting = false;
        BindUtils.postNotifyChange(null, null, this, "uiAwaiting");
        userService.cleanRandEnrollmentCode(user.getId());

    }

prepareForUpdate()

void org.gluu.credmanager.ui.vm.user.SecurityKeyViewModel.prepareForUpdate ( @BindingParam("device") SecurityKey  dev )

inline

                                                                          {
        //This will make the modal window to become visible
        editingId = dev.getId();
        newDevice = new SecurityKey();
        newDevice.setNickName(dev.getNickName());
    }

resetAddSettings()

void org.gluu.credmanager.ui.vm.user.SecurityKeyViewModel.resetAddSettings ( )

inlineprivate

                                    {
        uiEnrolled = false;
        newDevice = new SecurityKey();
    }

resetPreferenceMessage()

String org.gluu.credmanager.ui.vm.user.UserViewModel.resetPreferenceMessage ( String  credentialType, int  nCredsOfType  )

inlinepackageinherited

                                                                           {

        //Assume removal has no problem
        String message = null;
        Set<String> enabledMethods = confHandler.getEnabledAcrs();
        List<Pair<AuthnMethod, Integer>> userMethodsCount = userService.getUserMethodsCount(user.getId(), enabledMethods);
        int totalCreds = userMethodsCount.stream().mapToInt(Pair::getY).sum();

        if (totalCreds == minCredsFor2FA) {
            message = CredRemovalConflict.CREDS2FA_NUMBER_UNDERFLOW.getMessage(minCredsFor2FA);
        } else if (nCredsOfType == 1 && credentialType.equals(user.getPreferredMethod())){
            message = CredRemovalConflict.PREFERRED_CREDENTIAL_REMOVED.getMessage();
        } else {
            List<AuthnMethod> methods = userService.get2FARequisiteMethods();
            boolean typeOfCredIs2FARequisite = methods.stream().map(AuthnMethod::getAcr).anyMatch(acr -> acr.equals(credentialType));

            if (typeOfCredIs2FARequisite) {
                int nCredsBelongingTo2FARequisite = userMethodsCount.stream()
                        .filter(pair -> pair.getX().mayBe2faActivationRequisite()).mapToInt(Pair::getY).sum();
                if (nCredsBelongingTo2FARequisite == 1) {
                    //Compute the names of those authentication methods which are requisite for 2FA activation
                    String commaSepNames = methods.stream().map(aMethod -> Labels.getLabel(aMethod.getUINameKey()))
                            .collect(Collectors.toList()).toString();
                    commaSepNames = commaSepNames.substring(1, commaSepNames.length() - 1);
                    message = CredRemovalConflict.REQUISITE_NOT_FULFILED.getMessage(commaSepNames);
                }
            }
        }
        return message;

    }

setEditingId()

void org.gluu.credmanager.ui.vm.user.SecurityKeyViewModel.setEditingId ( String  editingId )

inline

                                               {
        this.editingId = editingId;
    }

setNewDevice()

void org.gluu.credmanager.ui.vm.user.SecurityKeyViewModel.setNewDevice ( SecurityKey  newDevice )

inline

                                                    {
        this.newDevice = newDevice;
    }

triggerU2fRegisterRequest()

void org.gluu.credmanager.ui.vm.user.SecurityKeyViewModel.triggerU2fRegisterRequest ( )

inline

                                            {
        try {
            uiAwaiting = true;
            BindUtils.postNotifyChange(null, null, this, "uiAwaiting");

            String jsonRequest = u2fService.generateJsonRegisterMessage(user.getUserName(), userService.generateRandEnrollmentCode(user.getId()));

            //Notify browser to exec proper function
            Clients.showNotification(Labels.getLabel("usr.u2f_touch"), Clients.NOTIFICATION_TYPE_INFO, null, "middle_center", WAIT_ENROLL_TIME);
            Clients.response(new AuInvoke("triggerU2fRegistration", new JavaScriptValue(jsonRequest), REGISTRATION_TIMEOUT));
        } catch (Exception e) {
            UIUtils.showMessageUI(false);
            logger.error(e.getMessage(), e);
        }

    }

update()

void org.gluu.credmanager.ui.vm.user.SecurityKeyViewModel.update ( )

inline

                         {

        String nick = newDevice.getNickName();
        if (Utils.isNotEmpty(nick)) {
            int i = Utils.firstTrue(devices, dev -> dev.getId().equals(editingId));
            SecurityKey dev = devices.get(i);
            dev.setNickName(nick);
            cancelUpdate();

            try {
                u2fService.updateDevice(dev);
                UIUtils.showMessageUI(true);
            } catch (Exception e) {
                UIUtils.showMessageUI(false);
                logger.error(e.getMessage(), e);
            }
        }

    }

メンバ詳解

devices

List<SecurityKey> org.gluu.credmanager.ui.vm.user.SecurityKeyViewModel.devices

private

editingId

String org.gluu.credmanager.ui.vm.user.SecurityKeyViewModel.editingId

private

logger

Logger org.gluu.credmanager.ui.vm.user.SecurityKeyViewModel.logger = LogManager.getLogger(getClass())

private

mapper

ObjectMapper org.gluu.credmanager.ui.vm.user.SecurityKeyViewModel.mapper

private

newDevice

SecurityKey org.gluu.credmanager.ui.vm.user.SecurityKeyViewModel.newDevice

private

REGISTRATION_TIMEOUT

final int org.gluu.credmanager.ui.vm.user.SecurityKeyViewModel.REGISTRATION_TIMEOUT = 8000

staticprivate

u2fMayBeSupported

boolean org.gluu.credmanager.ui.vm.user.SecurityKeyViewModel.u2fMayBeSupported

private

u2fService

U2fService org.gluu.credmanager.ui.vm.user.SecurityKeyViewModel.u2fService

private

u2fSupportMessage

String org.gluu.credmanager.ui.vm.user.SecurityKeyViewModel.u2fSupportMessage

private

uiAwaiting

boolean org.gluu.credmanager.ui.vm.user.SecurityKeyViewModel.uiAwaiting

private

uiEnrolled

boolean org.gluu.credmanager.ui.vm.user.SecurityKeyViewModel.uiEnrolled

private

uiPanelOpened

boolean org.gluu.credmanager.ui.vm.user.SecurityKeyViewModel.uiPanelOpened

private

user

User org.gluu.credmanager.ui.vm.user.UserViewModel.user

packageinherited

userService

UserService org.gluu.credmanager.ui.vm.user.UserViewModel.userService

packageinherited

WAIT_ENROLL_TIME

final int org.gluu.credmanager.ui.vm.user.SecurityKeyViewModel.WAIT_ENROLL_TIME = 1000

staticprivate

---

このクラス詳解は次のファイルから抽出されました:

• D:/AppData/OpenId/gluu/src/cred-manager/app/src/main/java/org/gluu/credmanager/ui/vm/user/SecurityKeyViewModel.java