gluu
公開メンバ関数 | 限定公開メンバ関数 | 非公開変数類 | 静的非公開変数類 | 全メンバ一覧
org.gluu.oxtrust.action.PasswordResetAction クラス
org.gluu.oxtrust.action.PasswordResetAction の継承関係図
Inheritance graph
org.gluu.oxtrust.action.PasswordResetAction 連携図
Collaboration graph

公開メンバ関数

String start () throws ParseException
 
String update () throws ParseException
 
String updateImpl () throws ParseException
 
String cancel ()
 
String checkAnswer ()
 
boolean isPasswordsEquals ()
 
PasswordResetRequest getRequest ()
 
String getGuid ()
 
void setGuid (String guid)
 
String getSecurityQuestion ()
 
void setSecurityQuestion (String securityQuestion)
 
String getSecurityAnswer ()
 
void setSecurityAnswer (String securityAnswer)
 
String getPassword ()
 
void setPassword (String password)
 
String getConfirm ()
 
void setConfirm (String confirm)
 

限定公開メンバ関数

void sendExpirationError ()
 

非公開変数類

Logger log
 
PersistenceEntryManager ldapEntryManager
 
FacesMessages facesMessages
 
ConversationService conversationService
 
RecaptchaService recaptchaService
 
ApplianceService applianceService
 
PersonService personService
 
PasswordResetService passwordResetService
 
Identity identity
 
OxTrustAuditService oxTrustAuditService
 
AppConfiguration appConfiguration
 
PasswordResetRequest request
 
String guid
 
String securityQuestion
 
String securityAnswer
 
String password
 
String confirm
 

静的非公開変数類

static final long serialVersionUID = 6457422770824016614L
 

詳解

User: Dejan Maric

関数詳解

◆ cancel()

String org.gluu.oxtrust.action.PasswordResetAction.cancel ( )
inline
230  {
231  return OxTrustConstants.RESULT_SUCCESS;
232  }

◆ checkAnswer()

String org.gluu.oxtrust.action.PasswordResetAction.checkAnswer ( )
inline
234  {
235  return OxTrustConstants.RESULT_SUCCESS;
236  }

◆ getConfirm()

String org.gluu.oxtrust.action.PasswordResetAction.getConfirm ( )
inline
279  {
280  return confirm;
281  }
org.gluu.oxtrust.action.PasswordResetAction.confirm
String confirm
Definition: PasswordResetAction.java:92

◆ getGuid()

String org.gluu.oxtrust.action.PasswordResetAction.getGuid ( )
inline
247  {
248  return guid;
249  }
org.gluu.oxtrust.action.PasswordResetAction.guid
String guid
Definition: PasswordResetAction.java:86

◆ getPassword()

String org.gluu.oxtrust.action.PasswordResetAction.getPassword ( )
inline
271  {
272  return password;
273  }
org.gluu.oxtrust.action.PasswordResetAction.password
String password
Definition: PasswordResetAction.java:90

◆ getRequest()

PasswordResetRequest org.gluu.oxtrust.action.PasswordResetAction.getRequest ( )
inline
243  {
244  return request;
245  }
org.gluu.oxtrust.action.PasswordResetAction.request
PasswordResetRequest request
Definition: PasswordResetAction.java:85

◆ getSecurityAnswer()

String org.gluu.oxtrust.action.PasswordResetAction.getSecurityAnswer ( )
inline
263  {
264  return securityAnswer;
265  }
org.gluu.oxtrust.action.PasswordResetAction.securityAnswer
String securityAnswer
Definition: PasswordResetAction.java:88

◆ getSecurityQuestion()

String org.gluu.oxtrust.action.PasswordResetAction.getSecurityQuestion ( )
inline
255  {
256  return securityQuestion;
257  }
org.gluu.oxtrust.action.PasswordResetAction.securityQuestion
String securityQuestion
Definition: PasswordResetAction.java:87

◆ isPasswordsEquals()

boolean org.gluu.oxtrust.action.PasswordResetAction.isPasswordsEquals ( )
inline
239  {
240  return password.equals(confirm);
241  }
org.gluu.oxtrust.action.PasswordResetAction.password
String password
Definition: PasswordResetAction.java:90
org.gluu.oxtrust.action.PasswordResetAction.confirm
String confirm
Definition: PasswordResetAction.java:92

◆ sendExpirationError()

void org.gluu.oxtrust.action.PasswordResetAction.sendExpirationError ( )
inlineprotected
159  {
160  facesMessages.add(FacesMessage.SEVERITY_ERROR, "The reset link is no longer valid.\n\n "
161  + "Re-enter your e-mail to generate a new link.");
162  conversationService.endConversation();
163  }
org.gluu.oxtrust.action.PasswordResetAction.conversationService
ConversationService conversationService
Definition: PasswordResetAction.java:62
org.gluu.oxtrust.action.PasswordResetAction.facesMessages
FacesMessages facesMessages
Definition: PasswordResetAction.java:59

◆ setConfirm()

void org.gluu.oxtrust.action.PasswordResetAction.setConfirm ( String  confirm)
inline
283  {
284  this.confirm = confirm;
285  }
org.gluu.oxtrust.action.PasswordResetAction.confirm
String confirm
Definition: PasswordResetAction.java:92

◆ setGuid()

void org.gluu.oxtrust.action.PasswordResetAction.setGuid ( String  guid)
inline
251  {
252  this.guid = guid;
253  }
org.gluu.oxtrust.action.PasswordResetAction.guid
String guid
Definition: PasswordResetAction.java:86

◆ setPassword()

void org.gluu.oxtrust.action.PasswordResetAction.setPassword ( String  password)
inline
275  {
276  this.password = password;
277  }
org.gluu.oxtrust.action.PasswordResetAction.password
String password
Definition: PasswordResetAction.java:90

◆ setSecurityAnswer()

void org.gluu.oxtrust.action.PasswordResetAction.setSecurityAnswer ( String  securityAnswer)
inline
267  {
268  this.securityAnswer = securityAnswer;
269  }
org.gluu.oxtrust.action.PasswordResetAction.securityAnswer
String securityAnswer
Definition: PasswordResetAction.java:88

◆ setSecurityQuestion()

void org.gluu.oxtrust.action.PasswordResetAction.setSecurityQuestion ( String  securityQuestion)
inline
259  {
260  this.securityQuestion = securityQuestion;
261  }
org.gluu.oxtrust.action.PasswordResetAction.securityQuestion
String securityQuestion
Definition: PasswordResetAction.java:87

◆ start()

String org.gluu.oxtrust.action.PasswordResetAction.start ( ) throws ParseException
inline
94  {
95  if (StringHelper.isEmpty(guid)) {
96  sendExpirationError();
97  return OxTrustConstants.RESULT_FAILURE;
98  }
99 
100  // Load requested entry
101  PasswordResetRequest passwordResetRequest;
102  try {
103  passwordResetRequest = passwordResetService.findPasswordResetRequest(guid);
104  } catch (EntryPersistenceException ex) {
105  log.error("Failed to find password reset request by '{}'", guid, ex);
106  sendExpirationError();
107  return OxTrustConstants.RESULT_FAILURE;
108  }
109 
110  if (passwordResetRequest == null) {
111  sendExpirationError();
112  return OxTrustConstants.RESULT_FAILURE;
113  }
114 
115  // Load latest entry by person inum
116  PasswordResetRequest personPasswordResetRequest = passwordResetService
117  .findActualPasswordResetRequest(passwordResetRequest.getPersonInum());
118  if (personPasswordResetRequest == null) {
119  sendExpirationError();
120  return OxTrustConstants.RESULT_FAILURE;
121  }
122 
123  // Check if requested entry is actual one
124  if (!StringHelper.equalsIgnoreCase(guid, personPasswordResetRequest.getOxGuid())) {
125  sendExpirationError();
126  return OxTrustConstants.RESULT_FAILURE;
127  }
128 
129  this.request = personPasswordResetRequest;
130 
131  Calendar requestCalendarExpiry = new GregorianCalendar(TimeZone.getTimeZone("UTC"));
132  Calendar currentCalendar = new GregorianCalendar(TimeZone.getTimeZone("UTC"));
133 
134  if (request != null) {
135  requestCalendarExpiry.setTime(request.getCreationDate());
136  }
137  currentCalendar.add(Calendar.SECOND, -appConfiguration.getPasswordResetRequestExpirationTime());
138  GluuCustomPerson person = personService.getPersonByInum(request.getPersonInum());
139 
140  GluuCustomAttribute question = null;
141  if (person != null) {
142  question = person.getGluuCustomAttribute("secretQuestion");
143  }
144 
145  if ((request != null) && requestCalendarExpiry.after(currentCalendar)) {
146  if (question != null) {
147  securityQuestion = question.getValue();
148  }
149  return OxTrustConstants.RESULT_SUCCESS;
150  } else {
151  facesMessages.add(FacesMessage.SEVERITY_ERROR,
152  "Your link is not valid or your user is not allowed to perform a password reset. If you want to initiate a reset password procedure please fill this form.");
153  conversationService.endConversation();
154 
155  return OxTrustConstants.RESULT_FAILURE;
156  }
157  }
org.gluu.oxtrust.model.PasswordResetRequest.getPersonInum
String getPersonInum()
Definition: PasswordResetRequest.java:40
org.gluu.oxtrust.action.PasswordResetAction.guid
String guid
Definition: PasswordResetAction.java:86
org.gluu.oxtrust.model.PasswordResetRequest.getCreationDate
Date getCreationDate()
Definition: PasswordResetRequest.java:48
org.gluu.oxtrust.service.PasswordResetService.findPasswordResetRequest
PasswordResetRequest findPasswordResetRequest(String guid)
Definition: PasswordResetService.java:77
org.gluu.oxtrust.action.PasswordResetAction.conversationService
ConversationService conversationService
Definition: PasswordResetAction.java:62
org.gluu.oxtrust.action.PasswordResetAction.passwordResetService
PasswordResetService passwordResetService
Definition: PasswordResetAction.java:74
org.gluu.oxtrust.action.PasswordResetAction.securityQuestion
String securityQuestion
Definition: PasswordResetAction.java:87
org.gluu.oxtrust.action.PasswordResetAction.sendExpirationError
void sendExpirationError()
Definition: PasswordResetAction.java:159
org.gluu.oxtrust.action.PasswordResetAction.appConfiguration
AppConfiguration appConfiguration
Definition: PasswordResetAction.java:83
org.gluu.oxtrust.service.PasswordResetService.findActualPasswordResetRequest
PasswordResetRequest findActualPasswordResetRequest(String personInum)
Definition: PasswordResetService.java:146
org.gluu.oxtrust.action.PasswordResetAction.personService
PersonService personService
Definition: PasswordResetAction.java:71
org.gluu.oxtrust.action.PasswordResetAction.request
PasswordResetRequest request
Definition: PasswordResetAction.java:85
org.gluu.oxtrust.model.GluuCustomPerson.getGluuCustomAttribute
GluuCustomAttribute getGluuCustomAttribute(String attributeName)
Definition: GluuCustomPerson.java:240
org.gluu.oxtrust.ldap.service.PersonService.getPersonByInum
GluuCustomPerson getPersonByInum(String inum)
Definition: PersonService.java:305
org.gluu.oxtrust.action.PasswordResetAction.facesMessages
FacesMessages facesMessages
Definition: PasswordResetAction.java:59
org.gluu.oxtrust.action.PasswordResetAction.log
Logger log
Definition: PasswordResetAction.java:53

◆ update()

String org.gluu.oxtrust.action.PasswordResetAction.update ( ) throws ParseException
inline
165  {
166  String outcome = updateImpl();
167 
168  if (OxTrustConstants.RESULT_SUCCESS.equals(outcome)) {
169  facesMessages.add(FacesMessage.SEVERITY_INFO, "Password reset successful.");
170  conversationService.endConversation();
171  } else if (OxTrustConstants.RESULT_FAILURE.equals(outcome)) {
172  facesMessages.add(FacesMessage.SEVERITY_ERROR,
173  "Your secret answer or Captcha code may have been wrong. Please try to correct it or contact your administrator to change your password.");
174  conversationService.endConversation();
175  }
176 
177  return outcome;
178  }
org.gluu.oxtrust.action.PasswordResetAction.updateImpl
String updateImpl()
Definition: PasswordResetAction.java:180
org.gluu.oxtrust.action.PasswordResetAction.conversationService
ConversationService conversationService
Definition: PasswordResetAction.java:62
org.gluu.oxtrust.action.PasswordResetAction.facesMessages
FacesMessages facesMessages
Definition: PasswordResetAction.java:59

◆ updateImpl()

String org.gluu.oxtrust.action.PasswordResetAction.updateImpl ( ) throws ParseException
inline
180  {
181  boolean valid = true;
182  if (recaptchaService.isEnabled()) {
183  valid = recaptchaService.verifyRecaptchaResponse();
184  }
185 
186  if (valid) {
187  GluuAppliance appliance = applianceService.getAppliance();
188  this.request = ldapEntryManager.find(PasswordResetRequest.class,
189  "oxGuid=" + this.guid + ", ou=resetPasswordRequests," + appliance.getDn());
190  Calendar requestCalendarExpiry = Calendar.getInstance();
191  Calendar currentCalendar = Calendar.getInstance();
192  if (request != null) {
193  requestCalendarExpiry.setTime((request.getCreationDate()));
194  requestCalendarExpiry.add(Calendar.HOUR, 2);
195  }
196  GluuCustomPerson person = personService.getPersonByInum(request.getPersonInum());
197  GluuCustomAttribute question = null;
198  GluuCustomAttribute answer = null;
199  if (person != null) {
200  question = person.getGluuCustomAttribute("secretQuestion");
201  answer = person.getGluuCustomAttribute("secretAnswer");
202  }
203  if (request != null
204  && requestCalendarExpiry.after(currentCalendar) /* && question != null && answer != null */) {
205  PasswordResetRequest removeRequest = new PasswordResetRequest();
206  removeRequest.setBaseDn(request.getBaseDn());
207  ldapEntryManager.remove(removeRequest);
208  oxTrustAuditService.audit("PASSWORD RESET REQUEST" + removeRequest.getBaseDn() + " REMOVED",
209  identity.getUser(),
210  (HttpServletRequest) FacesContext.getCurrentInstance().getExternalContext().getRequest());
211  if (question != null && answer != null) {
212  String correctAnswer = answer.getValue();
213  Boolean securityQuestionAnswered = (securityAnswer != null) && securityAnswer.equals(correctAnswer);
214  if (securityQuestionAnswered) {
215  person.setUserPassword(password);
216  personService.updatePerson(person);
217  return OxTrustConstants.RESULT_SUCCESS;
218  }
219  } else {
220  person.setUserPassword(password);
221  personService.updatePerson(person);
222  return OxTrustConstants.RESULT_SUCCESS;
223  }
224  }
225  }
226 
227  return OxTrustConstants.RESULT_FAILURE;
228  }
org.gluu.oxtrust.model.PasswordResetRequest.getPersonInum
String getPersonInum()
Definition: PasswordResetRequest.java:40
org.gluu.oxtrust.ldap.service.ApplianceService.getAppliance
GluuAppliance getAppliance(String[] returnAttributes)
Definition: ApplianceService.java:111
org.gluu.oxtrust.action.PasswordResetAction.password
String password
Definition: PasswordResetAction.java:90
org.gluu.oxtrust.model.PasswordResetRequest.getCreationDate
Date getCreationDate()
Definition: PasswordResetRequest.java:48
org.gluu.oxtrust.action.PasswordResetAction.ldapEntryManager
PersistenceEntryManager ldapEntryManager
Definition: PasswordResetAction.java:56
org.gluu.oxtrust.action.PasswordResetAction.securityAnswer
String securityAnswer
Definition: PasswordResetAction.java:88
org.gluu.oxtrust.action.PasswordResetAction.oxTrustAuditService
OxTrustAuditService oxTrustAuditService
Definition: PasswordResetAction.java:80
org.gluu.oxtrust.ldap.service.OxTrustAuditService.audit
void audit(String message, GluuCustomPerson user, HttpServletRequest request)
Definition: OxTrustAuditService.java:18
org.gluu.oxtrust.security.Identity.getUser
GluuCustomPerson getUser()
Definition: Identity.java:39
org.gluu.oxtrust.ldap.service.RecaptchaService.isEnabled
boolean isEnabled()
Definition: RecaptchaService.java:61
org.gluu.oxtrust.action.PasswordResetAction.recaptchaService
RecaptchaService recaptchaService
Definition: PasswordResetAction.java:65
org.gluu.oxtrust.ldap.service.RecaptchaService.verifyRecaptchaResponse
boolean verifyRecaptchaResponse()
Definition: RecaptchaService.java:39
org.gluu.oxtrust.action.PasswordResetAction.personService
PersonService personService
Definition: PasswordResetAction.java:71
org.gluu.oxtrust.action.PasswordResetAction.identity
Identity identity
Definition: PasswordResetAction.java:77
org.gluu.oxtrust.action.PasswordResetAction.applianceService
ApplianceService applianceService
Definition: PasswordResetAction.java:68
org.gluu.oxtrust.action.PasswordResetAction.request
PasswordResetRequest request
Definition: PasswordResetAction.java:85
org.gluu.oxtrust.model.GluuCustomPerson.getGluuCustomAttribute
GluuCustomAttribute getGluuCustomAttribute(String attributeName)
Definition: GluuCustomPerson.java:240
org.gluu.oxtrust.ldap.service.PersonService.getPersonByInum
GluuCustomPerson getPersonByInum(String inum)
Definition: PersonService.java:305
org.gluu.oxtrust.ldap.service.PersonService.updatePerson
void updatePerson(GluuCustomPerson person)
Definition: PersonService.java:111

メンバ詳解

◆ appConfiguration

AppConfiguration org.gluu.oxtrust.action.PasswordResetAction.appConfiguration
private

◆ applianceService

ApplianceService org.gluu.oxtrust.action.PasswordResetAction.applianceService
private

◆ confirm

String org.gluu.oxtrust.action.PasswordResetAction.confirm
private

◆ conversationService

ConversationService org.gluu.oxtrust.action.PasswordResetAction.conversationService
private

◆ facesMessages

FacesMessages org.gluu.oxtrust.action.PasswordResetAction.facesMessages
private

◆ guid

String org.gluu.oxtrust.action.PasswordResetAction.guid
private

◆ identity

Identity org.gluu.oxtrust.action.PasswordResetAction.identity
private

◆ ldapEntryManager

PersistenceEntryManager org.gluu.oxtrust.action.PasswordResetAction.ldapEntryManager
private

◆ log

Logger org.gluu.oxtrust.action.PasswordResetAction.log
private

◆ oxTrustAuditService

OxTrustAuditService org.gluu.oxtrust.action.PasswordResetAction.oxTrustAuditService
private

◆ password

String org.gluu.oxtrust.action.PasswordResetAction.password
private

◆ passwordResetService

PasswordResetService org.gluu.oxtrust.action.PasswordResetAction.passwordResetService
private

◆ personService

PersonService org.gluu.oxtrust.action.PasswordResetAction.personService
private

◆ recaptchaService

RecaptchaService org.gluu.oxtrust.action.PasswordResetAction.recaptchaService
private

◆ request

PasswordResetRequest org.gluu.oxtrust.action.PasswordResetAction.request
private

◆ securityAnswer

String org.gluu.oxtrust.action.PasswordResetAction.securityAnswer
private

◆ securityQuestion

String org.gluu.oxtrust.action.PasswordResetAction.securityQuestion
private

◆ serialVersionUID

final long org.gluu.oxtrust.action.PasswordResetAction.serialVersionUID = 6457422770824016614L
staticprivate
このクラス詳解は次のファイルから抽出されました:
2018年09月30日(日) 14時45分14秒作成 - gluu / 構成:   doxygen 1.8.13