public Map<String, String> getStoredPasswordsProviders() {
   Map<String, String> results = new HashMap<String, String>();
   results.put(null, user.getUsername());
   for (JCRStoreProvider provider : sessionFactory.getProviders().values()) {
     if ("storedPasswords".equals(provider.getAuthenticationType())) {
       results.put(provider.getKey(), user.getProperty("storedUsername_" + provider.getKey()));
     }
   }
   return results;
 }
 public void storePasswordForProvider(String providerKey, String username, String password) {
   if (username == null) {
     user.removeProperty("storedUsername_" + providerKey);
   } else {
     user.setProperty("storedUsername_" + providerKey, username);
   }
   if (password == null) {
     user.removeProperty("storedPassword_" + providerKey);
   } else {
     user.setProperty("storedPassword_" + providerKey, password);
   }
 }
Beispiel #3
0
  /**
   * Transform a REST hook subscription JCR node to its memory representation
   *
   * @param hookSubscriptionNode the JCR node
   * @return the memory representation of a JCR subscription node
   * @throws JahiaRestHooksException
   * @throws RepositoryException
   */
  public static JahiaHooksSubscription jcrRestHooksSubcriptionToJahiaHooksSubscription(
      JCRNodeWrapper hookSubscriptionNode) throws RepositoryException {
    if (hookSubscriptionNode == null) {
      return null;
    }

    if (!hookSubscriptionNode.getPrimaryNodeTypeName().equals(HOOKS_SUBS_JCR_NODE_TYPE_NAME)) {
      throw new RepositoryException("Given node type is not a Jahia hook subscription.", null);
    }

    JahiaHooksSubscription hookSubs = new JahiaHooksSubscriptionImpl();
    hookSubs.setId(hookSubscriptionNode.getIdentifier());
    hookSubs.setCallbackURL(
        hookSubscriptionNode.getPropertyAsString(HOOKS_SUBS_CALLBACK_URL_PROP_NAME));

    String[] topics =
        getMultivaluedStringProp(hookSubscriptionNode.getProperty(HOOKS_SUBS_EVENT_PROP_NAME));
    hookSubs.setEvents(topics);
    JCRUserNode user =
        (JCRUserNode)
            hookSubscriptionNode
                .getSession()
                .getNodeByUUID(hookSubscriptionNode.getPropertyAsString(HOOKS_SUBS_USER_PROP_NAME));
    JahiaUser jusr = user.getJahiaUser();
    User owner =
        new User(
            jusr.getUsername(),
            UserPreferencesHelper.getEmailAddress(user),
            UserPreferencesHelper.getFirstName(user),
            UserPreferencesHelper.getLastName(user));
    hookSubs.setUser(owner);
    hookSubs.setMaxRetry(
        Integer.parseInt(hookSubscriptionNode.getPropertyAsString(HOOKS_SUBS_RETRY_PROP_NAME)));
    // by default
    SubscriptionStatus status = SubscriptionStatus.INACTIVE;
    try {
      status =
          SubscriptionStatus.valueOf(
              hookSubscriptionNode.getPropertyAsString(HOOKS_SUBS_STATUS_PROP_NAME));
    } catch (IllegalArgumentException iaex) {
      // TODO: log a warn
    }
    hookSubs.setStatus(status);
    return hookSubs;
  }
  @Override
  public ActionResult doExecute(
      HttpServletRequest req,
      RenderContext renderContext,
      Resource resource,
      JCRSessionWrapper session,
      Map<String, List<String>> parameters,
      URLResolver urlResolver)
      throws Exception {
    String authKey = getParameter(parameters, "authKey");
    RecoverPassword.PasswordToken passwordRecoveryToken =
        (RecoverPassword.PasswordToken) req.getSession().getAttribute("passwordRecoveryToken");
    if (StringUtils.isEmpty(authKey)
        || passwordRecoveryToken == null
        || !passwordRecoveryToken.getAuthkey().equals(authKey)
        || !passwordRecoveryToken.getUserpath().equals(resource.getNode().getPath())) {
      return ActionResult.BAD_REQUEST;
    }
    HttpSession httpSession = req.getSession();
    httpSession.removeAttribute("passwordRecoveryToken");
    httpSession.removeAttribute("passwordRecoveryAsked");

    String passwd = req.getParameter("password").trim();
    JSONObject json = new JSONObject();

    if (!resource.getNode().hasPermission("jcr:write_default")
        || !resource.getNode().isNodeType("jnt:user")) {
      return new ActionResult(HttpServletResponse.SC_FORBIDDEN, null, null);
    }

    if ("".equals(passwd)) {
      String userMessage =
          JahiaResourceBundle.getJahiaInternalResource(
              "org.jahia.admin.userMessage.specifyPassword.label", renderContext.getUILocale());
      json.put("errorMessage", userMessage);
    } else {
      String passwdConfirm = req.getParameter("passwordconfirm").trim();
      if (!passwdConfirm.equals(passwd)) {
        String userMessage =
            JahiaResourceBundle.getJahiaInternalResource(
                "org.jahia.admin.userMessage.passwdNotMatch.label", renderContext.getUILocale());
        json.put("errorMessage", userMessage);
      } else {
        JahiaPasswordPolicyService pwdPolicyService =
            ServicesRegistry.getInstance().getJahiaPasswordPolicyService();
        JahiaUser user =
            ServicesRegistry.getInstance()
                .getJahiaUserManagerService()
                .lookupUser(resource.getNode().getName());

        PolicyEnforcementResult evalResult =
            pwdPolicyService.enforcePolicyOnPasswordChange(user, passwd, true);
        if (!evalResult.isSuccess()) {
          EngineMessages policyMsgs = evalResult.getEngineMessages();
          String res = "";
          for (EngineMessage message : policyMsgs.getMessages()) {
            res +=
                (message.isResource()
                        ? MessageFormat.format(
                            JahiaResourceBundle.getJahiaInternalResource(
                                message.getKey(), renderContext.getUILocale()),
                            message.getValues())
                        : message.getKey())
                    + "\n";
          }
          json.put("errorMessage", res);
        } else {
          // change password
          user.setPassword(passwd);
          json.put(
              "errorMessage",
              JahiaResourceBundle.getJahiaInternalResource(
                  "org.jahia.admin.userMessage.passwordChanged.label",
                  renderContext.getUILocale()));

          httpSession.setAttribute(ProcessingContext.SESSION_USER, user);

          json.put("result", "success");
        }
      }
    }

    return new ActionResult(HttpServletResponse.SC_OK, null, json);
  }