Beispiel #1
0
  protected void processAction(final PwmRequest pwmRequest)
      throws ServletException, IOException, ChaiUnavailableException, PwmUnrecoverableException {
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final UpdateAttributesProfile updateAttributesProfile =
        pwmRequest.getPwmSession().getSessionManager().getUpdateAttributeProfile(pwmApplication);
    final UpdateProfileBean updateProfileBean =
        pwmApplication.getSessionStateService().getBean(pwmRequest, UpdateProfileBean.class);

    if (!pwmApplication.getConfig().readSettingAsBoolean(PwmSetting.UPDATE_PROFILE_ENABLE)) {
      pwmRequest.respondWithError(
          new ErrorInformation(
              PwmError.ERROR_SERVICE_NOT_AVAILABLE,
              "Setting "
                  + PwmSetting.UPDATE_PROFILE_ENABLE.toMenuLocationDebug(null, null)
                  + " is not enabled."));
      return;
    }

    if (updateAttributesProfile == null) {
      pwmRequest.respondWithError(new ErrorInformation(PwmError.ERROR_NO_PROFILE_ASSIGNED));
      return;
    }

    final UpdateProfileAction action = readProcessAction(pwmRequest);
    if (action != null) {
      pwmRequest.validatePwmFormID();
      switch (action) {
        case updateProfile:
          handleUpdateRequest(pwmRequest, updateAttributesProfile, updateProfileBean);
          break;

        case agree:
          handleAgreeRequest(pwmRequest, updateProfileBean);
          break;

        case confirm:
          updateProfileBean.setConfirmationPassed(true);
          break;

        case unConfirm:
          handleUnconfirm(updateProfileBean);
          break;

        case validate:
          restValidateForm(pwmRequest, updateAttributesProfile, updateProfileBean);
          return;

        case enterCode:
          handleEnterCodeRequest(pwmRequest, updateProfileBean);
          break;
      }
    }

    advanceToNextStep(pwmRequest, updateAttributesProfile, updateProfileBean);
  }
  protected static void restValidateForm(
      final PwmRequest pwmRequest, final UpdateProfileBean updateProfileBean)
      throws IOException, ServletException, PwmUnrecoverableException, ChaiUnavailableException {
    boolean success = true;
    String userMessage =
        Message.getLocalizedMessage(
            pwmRequest.getLocale(), Message.Success_UpdateForm, pwmRequest.getConfig());
    final Map<FormConfiguration, String> formValues = updateProfileBean.getFormData();

    try {
      // read in the responses from the request
      readFromJsonRequest(pwmRequest, updateProfileBean);

      // verify form meets the form requirements
      verifyFormAttributes(pwmRequest, formValues, true);
    } catch (PwmOperationalException e) {
      success = false;
      userMessage =
          e.getErrorInformation()
              .toUserStr(pwmRequest.getPwmSession(), pwmRequest.getPwmApplication());
    }

    final LinkedHashMap<String, String> outputMap = new LinkedHashMap<>();
    outputMap.put("version", "1");
    outputMap.put("message", userMessage);
    outputMap.put("success", String.valueOf(success));

    pwmRequest.outputJsonResult(new RestResultBean(outputMap));
  }
  protected void processAction(final PwmRequest pwmRequest)
      throws ServletException, IOException, ChaiUnavailableException, PwmUnrecoverableException {
    final PwmSession pwmSession = pwmRequest.getPwmSession();
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final UpdateProfileBean updateProfileBean = pwmSession.getUpdateProfileBean();

    if (!pwmApplication.getConfig().readSettingAsBoolean(PwmSetting.UPDATE_PROFILE_ENABLE)) {
      pwmRequest.respondWithError(new ErrorInformation(PwmError.ERROR_SERVICE_NOT_AVAILABLE));
      return;
    }

    if (!pwmSession
        .getSessionManager()
        .checkPermission(pwmApplication, Permission.PROFILE_UPDATE)) {
      pwmRequest.respondWithError(new ErrorInformation(PwmError.ERROR_UNAUTHORIZED));
      return;
    }

    final UpdateProfileAction action = readProcessAction(pwmRequest);
    if (action != null) {
      pwmRequest.validatePwmFormID();
      switch (action) {
        case updateProfile:
          handleUpdateRequest(pwmRequest, updateProfileBean);
          break;

        case agree:
          handleAgreeRequest(pwmRequest, updateProfileBean);
          break;

        case confirm:
          updateProfileBean.setConfirmationPassed(true);
          break;

        case unConfirm:
          handleUnconfirm(updateProfileBean);
          break;

        case validate:
          restValidateForm(pwmRequest, updateProfileBean);
          return;
      }
    }

    advanceToNextStep(pwmRequest, updateProfileBean);
  }
Beispiel #4
0
  static Map<FormConfiguration, String> formMapFromBean(
      final UpdateAttributesProfile updateAttributesProfile,
      final UpdateProfileBean updateProfileBean)
      throws PwmUnrecoverableException {

    final List<FormConfiguration> form =
        updateAttributesProfile.readSettingAsForm(PwmSetting.UPDATE_PROFILE_FORM);
    final Map<FormConfiguration, String> formValueMap = new HashMap<>();
    for (final FormConfiguration formConfiguration : form) {
      formValueMap.put(
          formConfiguration,
          updateProfileBean.getFormData().keySet().contains(formConfiguration.getName())
              ? updateProfileBean.getFormData().get(formConfiguration.getName())
              : "");
    }
    return formValueMap;
  }
  private void handleAgreeRequest(
      final PwmRequest pwmRequest, final UpdateProfileBean updateProfileBean)
      throws ServletException, IOException, PwmUnrecoverableException, ChaiUnavailableException {
    LOGGER.debug(pwmRequest, "user accepted agreement");

    if (!updateProfileBean.isAgreementPassed()) {
      updateProfileBean.setAgreementPassed(true);
      AuditRecord auditRecord =
          pwmRequest
              .getPwmApplication()
              .getAuditManager()
              .createUserAuditRecord(
                  AuditEvent.AGREEMENT_PASSED,
                  pwmRequest.getUserInfoIfLoggedIn(),
                  pwmRequest.getSessionLabel(),
                  "UpdateProfile");
      pwmRequest.getPwmApplication().getAuditManager().submit(auditRecord);
    }
  }
Beispiel #6
0
  static Set<TokenVerificationProgress.TokenChannel> determineTokenPhaseRequired(
      final PwmRequest pwmRequest,
      final UpdateProfileBean updateProfileBean,
      final UpdateAttributesProfile updateAttributesProfile)
      throws PwmUnrecoverableException {
    final Set<TokenVerificationProgress.TokenChannel> returnObj = new HashSet<>();

    final Map<String, String> userFormData = updateProfileBean.getFormData();
    Map<String, String> ldapData = null;

    if (updateAttributesProfile.readSettingAsBoolean(
        PwmSetting.UPDATE_PROFILE_EMAIL_VERIFICATION)) {
      final String emailAddressAttribute =
          pwmRequest.getConfig().readSettingAsString(PwmSetting.EMAIL_USER_MAIL_ATTRIBUTE);
      if (userFormData.containsKey(emailAddressAttribute)) {
        ldapData = formDataFromLdap(pwmRequest, updateAttributesProfile);
        if (userFormData.get(emailAddressAttribute) != null
            && !userFormData
                .get(emailAddressAttribute)
                .equalsIgnoreCase(ldapData.get(emailAddressAttribute))) {
          returnObj.add(TokenVerificationProgress.TokenChannel.EMAIL);
        }
      } else {
        LOGGER.warn(
            pwmRequest,
            "email verification enabled, but email attribute '"
                + emailAddressAttribute
                + "' is not in update form");
      }
    }

    if (updateAttributesProfile.readSettingAsBoolean(PwmSetting.UPDATE_PROFILE_SMS_VERIFICATION)) {
      final String phoneNumberAttribute =
          pwmRequest.getConfig().readSettingAsString(PwmSetting.SMS_USER_PHONE_ATTRIBUTE);
      if (userFormData.containsKey(phoneNumberAttribute)) {
        if (ldapData == null) {
          ldapData = formDataFromLdap(pwmRequest, updateAttributesProfile);
        }
        if (userFormData.get(phoneNumberAttribute) != null
            && !userFormData
                .get(phoneNumberAttribute)
                .equalsIgnoreCase(ldapData.get(phoneNumberAttribute))) {
          returnObj.add(TokenVerificationProgress.TokenChannel.SMS);
        }
      } else {
        LOGGER.warn(
            pwmRequest,
            "sms verification enabled, but phone attribute '"
                + phoneNumberAttribute
                + "' is not in update form");
      }
    }

    return returnObj;
  }
  private void readFormParametersFromRequest(
      final PwmRequest pwmRequest, final UpdateProfileBean updateProfileBean)
      throws PwmUnrecoverableException, PwmDataValidationException, ChaiUnavailableException {
    final List<FormConfiguration> formFields =
        pwmRequest.getConfig().readSettingAsForm(PwmSetting.UPDATE_PROFILE_FORM);

    final Map<FormConfiguration, String> existingForm = updateProfileBean.getFormData();

    // read the values from the request
    existingForm.putAll(
        FormUtility.readFormValuesFromRequest(pwmRequest, formFields, pwmRequest.getLocale()));
  }
  private void handleUpdateRequest(
      final PwmRequest pwmRequest, final UpdateProfileBean updateProfileBean)
      throws PwmUnrecoverableException, ChaiUnavailableException, IOException, ServletException {

    try {
      readFormParametersFromRequest(pwmRequest, updateProfileBean);
    } catch (PwmOperationalException e) {
      LOGGER.error(pwmRequest, e.getMessage());
      pwmRequest.setResponseError(e.getErrorInformation());
    }

    updateProfileBean.setFormSubmitted(true);
  }
Beispiel #9
0
  private void handleEnterCodeRequest(
      final PwmRequest pwmRequest, final UpdateProfileBean updateProfileBean)
      throws PwmUnrecoverableException, IOException, ServletException, ChaiUnavailableException {
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final PwmSession pwmSession = pwmRequest.getPwmSession();
    final String userEnteredCode = pwmRequest.readParameterAsString(PwmConstants.PARAM_TOKEN);

    boolean tokenPassed = false;
    ErrorInformation errorInformation = null;
    try {
      final TokenPayload tokenPayload =
          pwmApplication
              .getTokenService()
              .processUserEnteredCode(
                  pwmSession, pwmRequest.getUserInfoIfLoggedIn(), null, userEnteredCode);
      if (tokenPayload != null) {
        if (TokenType.UPDATE_EMAIL.matchesName(tokenPayload.getName())) {
          LOGGER.debug(pwmRequest, "email token passed");

          updateProfileBean
              .getTokenVerificationProgress()
              .getPassedTokens()
              .add(TokenVerificationProgress.TokenChannel.EMAIL);
          updateProfileBean
              .getTokenVerificationProgress()
              .getIssuedTokens()
              .add(TokenVerificationProgress.TokenChannel.EMAIL);
          updateProfileBean.getTokenVerificationProgress().setPhase(null);
          tokenPassed = true;
        } else if (TokenType.UPDATE_SMS.matchesName(tokenPayload.getName())) {
          LOGGER.debug(pwmRequest, "SMS token passed");
          updateProfileBean
              .getTokenVerificationProgress()
              .getPassedTokens()
              .add(TokenVerificationProgress.TokenChannel.SMS);
          updateProfileBean
              .getTokenVerificationProgress()
              .getIssuedTokens()
              .add(TokenVerificationProgress.TokenChannel.SMS);
          updateProfileBean.getTokenVerificationProgress().setPhase(null);
          tokenPassed = true;
        } else {
          final String errorMsg = "token name/type is not recognized: " + tokenPayload.getName();
          errorInformation = new ErrorInformation(PwmError.ERROR_TOKEN_INCORRECT, errorMsg);
        }
      }
    } catch (PwmOperationalException e) {
      final String errorMsg = "token incorrect: " + e.getMessage();
      errorInformation = new ErrorInformation(PwmError.ERROR_TOKEN_INCORRECT, errorMsg);
    }

    if (!tokenPassed) {
      if (errorInformation == null) {
        errorInformation = new ErrorInformation(PwmError.ERROR_TOKEN_INCORRECT);
      }
      LOGGER.debug(pwmSession, errorInformation.toDebugStr());
      pwmRequest.setResponseError(errorInformation);
    }
  }
Beispiel #10
0
  private static void readFromJsonRequest(
      final PwmRequest pwmRequest, final UpdateProfileBean updateProfileBean)
      throws PwmDataValidationException, PwmUnrecoverableException, IOException {
    final List<FormConfiguration> formFields =
        pwmRequest.getConfig().readSettingAsForm(PwmSetting.UPDATE_PROFILE_FORM);
    final Map<FormConfiguration, String> existingForm = updateProfileBean.getFormData();

    final Map<String, String> clientValues = pwmRequest.readBodyAsJsonStringMap();

    if (clientValues != null) {
      existingForm.putAll(
          FormUtility.readFormValuesFromMap(clientValues, formFields, pwmRequest.getLocale()));
    }
  }
Beispiel #11
0
  static Map<FormConfiguration, String> readFromJsonRequest(
      final PwmRequest pwmRequest,
      final UpdateAttributesProfile updateAttributesProfile,
      final UpdateProfileBean updateProfileBean)
      throws PwmDataValidationException, PwmUnrecoverableException, IOException {
    final List<FormConfiguration> formFields =
        updateAttributesProfile.readSettingAsForm(PwmSetting.UPDATE_PROFILE_FORM);

    final Map<FormConfiguration, String> formValueMap =
        FormUtility.readFormValuesFromMap(
            pwmRequest.readBodyAsJsonStringMap(), formFields, pwmRequest.getLocale());

    updateProfileBean.getFormData().clear();
    updateProfileBean.getFormData().putAll(FormUtility.asStringMap(formValueMap));

    return formValueMap;
  }
Beispiel #12
0
  final Map<FormConfiguration, String> readFormParametersFromRequest(
      final PwmRequest pwmRequest,
      final UpdateAttributesProfile updateAttributesProfile,
      final UpdateProfileBean updateProfileBean)
      throws PwmUnrecoverableException, PwmDataValidationException, ChaiUnavailableException {
    final List<FormConfiguration> formFields =
        updateAttributesProfile.readSettingAsForm(PwmSetting.UPDATE_PROFILE_FORM);

    // read the values from the request
    final Map<FormConfiguration, String> formValueMap =
        FormUtility.readFormValuesFromRequest(pwmRequest, formFields, pwmRequest.getLocale());

    updateProfileBean.getFormData().clear();
    updateProfileBean.getFormData().putAll(FormUtility.asStringMap(formValueMap));

    return formValueMap;
  }
Beispiel #13
0
  private void advanceToNextStep(
      final PwmRequest pwmRequest, final UpdateProfileBean updateProfileBean)
      throws IOException, ServletException, PwmUnrecoverableException, ChaiUnavailableException {
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final PwmSession pwmSession = pwmRequest.getPwmSession();

    final String updateProfileAgreementText =
        pwmApplication
            .getConfig()
            .readSettingAsLocalizedString(
                PwmSetting.UPDATE_PROFILE_AGREEMENT_MESSAGE,
                pwmSession.getSessionStateBean().getLocale());

    if (updateProfileAgreementText != null && updateProfileAgreementText.length() > 0) {
      if (!updateProfileBean.isAgreementPassed()) {
        final MacroMachine macroMachine =
            pwmRequest
                .getPwmSession()
                .getSessionManager()
                .getMacroMachine(pwmRequest.getPwmApplication());
        final String expandedText = macroMachine.expandMacros(updateProfileAgreementText);
        pwmRequest.setAttribute(PwmConstants.REQUEST_ATTR.AgreementText, expandedText);
        pwmRequest.forwardToJsp(PwmConstants.JSP_URL.UPDATE_ATTRIBUTES_AGREEMENT);
        return;
      }
    }

    final Map<FormConfiguration, String> formValues = updateProfileBean.getFormData();
    if (!updateProfileBean.isFormSubmitted()) {
      final Map<FormConfiguration, String> formMap = updateProfileBean.getFormData();
      final List<FormConfiguration> formFields =
          pwmApplication.getConfig().readSettingAsForm(PwmSetting.UPDATE_PROFILE_FORM);
      FormUtility.populateFormMapFromLdap(
          formFields,
          pwmRequest.getSessionLabel(),
          formMap,
          pwmSession.getSessionManager().getUserDataReader(pwmApplication));
      forwardToForm(pwmRequest);
      return;
    }

    // make sure there is form data in the bean.
    if (updateProfileBean.getFormData() == null) {
      forwardToForm(pwmRequest);
      return;
    }

    // validate the form data.
    try {
      // verify form meets the form requirements
      verifyFormAttributes(pwmRequest, formValues, true);
    } catch (PwmOperationalException e) {
      LOGGER.error(pwmSession, e.getMessage());
      pwmRequest.setResponseError(e.getErrorInformation());
      forwardToForm(pwmRequest);
      return;
    }

    final boolean requireConfirmation =
        pwmApplication
            .getConfig()
            .readSettingAsBoolean(PwmSetting.UPDATE_PROFILE_SHOW_CONFIRMATION);
    if (requireConfirmation && !updateProfileBean.isConfirmationPassed()) {
      forwardToConfirmForm(pwmRequest);
      return;
    }

    try {
      // write the form values
      final ChaiUser theUser = pwmSession.getSessionManager().getActor(pwmApplication);
      doProfileUpdate(pwmRequest, formValues, theUser);
      pwmRequest.forwardToSuccessPage(Message.Success_UpdateProfile);
      return;
    } catch (PwmException e) {
      LOGGER.error(pwmSession, e.getMessage());
      pwmRequest.setResponseError(e.getErrorInformation());
    } catch (ChaiException e) {
      final ErrorInformation errorInformation =
          new ErrorInformation(PwmError.ERROR_UPDATE_ATTRS_FAILURE, e.toString());
      LOGGER.error(pwmSession, errorInformation.toDebugStr());
      pwmRequest.setResponseError(errorInformation);
    }

    forwardToForm(pwmRequest);
  }
Beispiel #14
0
 private void handleUnconfirm(final UpdateProfileBean updateProfileBean) {
   updateProfileBean.setFormSubmitted(false);
   updateProfileBean.setConfirmationPassed(false);
 }
Beispiel #15
0
  public void initializeToken(
      final PwmRequest pwmRequest,
      final UpdateProfileBean updateProfileBean,
      final TokenVerificationProgress.TokenChannel tokenType)
      throws PwmUnrecoverableException {
    final PwmSession pwmSession = pwmRequest.getPwmSession();
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();

    if (pwmApplication.getConfig().getTokenStorageMethod() == TokenStorageMethod.STORE_LDAP) {
      throw new PwmUnrecoverableException(
          new ErrorInformation(
              PwmError.CONFIG_FORMAT_ERROR,
              null,
              new String[] {
                "cannot generate new user tokens when storage type is configured as STORE_LDAP."
              }));
    }

    final MacroMachine macroMachine =
        pwmRequest.getPwmSession().getSessionManager().getMacroMachine(pwmApplication);
    final Configuration config = pwmApplication.getConfig();

    switch (tokenType) {
      case SMS:
        {
          final String telephoneNumberAttribute =
              pwmRequest.getConfig().readSettingAsString(PwmSetting.SMS_USER_PHONE_ATTRIBUTE);
          final String toNum = updateProfileBean.getFormData().get(telephoneNumberAttribute);
          final String tokenKey;
          try {
            final TokenPayload tokenPayload =
                pwmApplication
                    .getTokenService()
                    .createTokenPayload(
                        TokenType.UPDATE_SMS,
                        Collections.<String, String>emptyMap(),
                        pwmRequest.getUserInfoIfLoggedIn(),
                        Collections.singleton(toNum));
            tokenKey =
                pwmApplication
                    .getTokenService()
                    .generateNewToken(tokenPayload, pwmRequest.getSessionLabel());
          } catch (PwmOperationalException e) {
            throw new PwmUnrecoverableException(e.getErrorInformation());
          }

          final String message =
              config.readSettingAsLocalizedString(
                  PwmSetting.SMS_UPDATE_PROFILE_TOKEN_TEXT,
                  pwmSession.getSessionStateBean().getLocale());

          try {
            TokenService.TokenSender.sendSmsToken(
                pwmApplication, null, macroMachine, toNum, message, tokenKey);
          } catch (Exception e) {
            throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_UNKNOWN));
          }

          updateProfileBean
              .getTokenVerificationProgress()
              .getIssuedTokens()
              .add(TokenVerificationProgress.TokenChannel.SMS);
          updateProfileBean.getTokenVerificationProgress().setTokenDisplayText(toNum);
          updateProfileBean
              .getTokenVerificationProgress()
              .setPhase(TokenVerificationProgress.TokenChannel.SMS);
        }
        break;

      case EMAIL:
        {
          final EmailItemBean configuredEmailSetting =
              config.readSettingAsEmail(
                  PwmSetting.EMAIL_UPDATEPROFILE_VERIFICATION, pwmRequest.getLocale());
          final String emailAddressAttribute =
              pwmRequest.getConfig().readSettingAsString(PwmSetting.EMAIL_USER_MAIL_ATTRIBUTE);
          final String toAddress = updateProfileBean.getFormData().get(emailAddressAttribute);

          final String tokenKey;
          try {
            final TokenPayload tokenPayload =
                pwmApplication
                    .getTokenService()
                    .createTokenPayload(
                        TokenType.UPDATE_EMAIL,
                        Collections.<String, String>emptyMap(),
                        pwmRequest.getUserInfoIfLoggedIn(),
                        Collections.singleton(toAddress));
            tokenKey =
                pwmApplication
                    .getTokenService()
                    .generateNewToken(tokenPayload, pwmRequest.getSessionLabel());
          } catch (PwmOperationalException e) {
            throw new PwmUnrecoverableException(e.getErrorInformation());
          }

          updateProfileBean
              .getTokenVerificationProgress()
              .getIssuedTokens()
              .add(TokenVerificationProgress.TokenChannel.EMAIL);
          updateProfileBean
              .getTokenVerificationProgress()
              .setPhase(TokenVerificationProgress.TokenChannel.EMAIL);
          updateProfileBean.getTokenVerificationProgress().setTokenDisplayText(toAddress);

          final EmailItemBean emailItemBean =
              new EmailItemBean(
                  toAddress,
                  configuredEmailSetting.getFrom(),
                  configuredEmailSetting.getSubject(),
                  configuredEmailSetting.getBodyPlain().replace("%TOKEN%", tokenKey),
                  configuredEmailSetting.getBodyHtml().replace("%TOKEN%", tokenKey));

          try {
            TokenService.TokenSender.sendEmailToken(
                pwmApplication, null, macroMachine, emailItemBean, toAddress, tokenKey);
          } catch (Exception e) {
            throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_UNKNOWN));
          }
        }
        break;

      default:
        LOGGER.error("Unimplemented token purpose: " + tokenType);
        updateProfileBean.getTokenVerificationProgress().setPhase(null);
    }
  }
Beispiel #16
0
  private void advanceToNextStep(
      final PwmRequest pwmRequest,
      final UpdateAttributesProfile updateAttributesProfile,
      final UpdateProfileBean updateProfileBean)
      throws IOException, ServletException, PwmUnrecoverableException, ChaiUnavailableException {
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final PwmSession pwmSession = pwmRequest.getPwmSession();

    final String updateProfileAgreementText =
        updateAttributesProfile.readSettingAsLocalizedString(
            PwmSetting.UPDATE_PROFILE_AGREEMENT_MESSAGE,
            pwmSession.getSessionStateBean().getLocale());

    if (updateProfileAgreementText != null && updateProfileAgreementText.length() > 0) {
      if (!updateProfileBean.isAgreementPassed()) {
        final MacroMachine macroMachine =
            pwmRequest
                .getPwmSession()
                .getSessionManager()
                .getMacroMachine(pwmRequest.getPwmApplication());
        final String expandedText = macroMachine.expandMacros(updateProfileAgreementText);
        pwmRequest.setAttribute(PwmRequest.Attribute.AgreementText, expandedText);
        pwmRequest.forwardToJsp(PwmConstants.JSP_URL.UPDATE_ATTRIBUTES_AGREEMENT);
        return;
      }
    }

    // make sure there is form data in the bean.
    if (updateProfileBean.getFormData() == null) {
      updateProfileBean.setFormData(formDataFromLdap(pwmRequest, updateAttributesProfile));
      forwardToForm(pwmRequest, updateAttributesProfile, updateProfileBean);
      return;
    }

    if (!updateProfileBean.isFormSubmitted()) {
      forwardToForm(pwmRequest, updateAttributesProfile, updateProfileBean);
      return;
    }

    // validate the form data.
    try {
      // verify form meets the form requirements
      final List<FormConfiguration> formFields =
          updateAttributesProfile.readSettingAsForm(PwmSetting.UPDATE_PROFILE_FORM);
      final Map<FormConfiguration, String> formValues =
          FormUtility.readFormValuesFromMap(
              updateProfileBean.getFormData(), formFields, pwmRequest.getLocale());
      verifyFormAttributes(pwmRequest, formValues, true);
    } catch (PwmException e) {
      LOGGER.error(pwmSession, e.getMessage());
      pwmRequest.setResponseError(e.getErrorInformation());
      forwardToForm(pwmRequest, updateAttributesProfile, updateProfileBean);
      return;
    }

    final boolean requireConfirmation =
        updateAttributesProfile.readSettingAsBoolean(PwmSetting.UPDATE_PROFILE_SHOW_CONFIRMATION);
    if (requireConfirmation && !updateProfileBean.isConfirmationPassed()) {
      forwardToConfirmForm(pwmRequest, updateAttributesProfile, updateProfileBean);
      return;
    }

    final Set<TokenVerificationProgress.TokenChannel> requiredVerifications =
        determineTokenPhaseRequired(pwmRequest, updateProfileBean, updateAttributesProfile);
    if (requiredVerifications != null) {
      for (final TokenVerificationProgress.TokenChannel tokenChannel : requiredVerifications) {
        if (requiredVerifications.contains(tokenChannel)) {
          if (!updateProfileBean
              .getTokenVerificationProgress()
              .getIssuedTokens()
              .contains(tokenChannel)) {
            initializeToken(pwmRequest, updateProfileBean, tokenChannel);
          }

          if (!updateProfileBean
              .getTokenVerificationProgress()
              .getPassedTokens()
              .contains(tokenChannel)) {
            updateProfileBean.getTokenVerificationProgress().setPhase(tokenChannel);
            pwmRequest.forwardToJsp(PwmConstants.JSP_URL.UPDATE_ATTRIBUTES_ENTER_CODE);
            return;
          }
        }
      }
    }

    try {
      // write the form values
      final ChaiUser theUser = pwmSession.getSessionManager().getActor(pwmApplication);
      doProfileUpdate(pwmRequest, updateProfileBean.getFormData(), theUser);
      pwmRequest.getPwmResponse().forwardToSuccessPage(Message.Success_UpdateProfile);
      return;
    } catch (PwmException e) {
      LOGGER.error(pwmSession, e.getMessage());
      pwmRequest.setResponseError(e.getErrorInformation());
    } catch (ChaiException e) {
      final ErrorInformation errorInformation =
          new ErrorInformation(PwmError.ERROR_UPDATE_ATTRS_FAILURE, e.toString());
      LOGGER.error(pwmSession, errorInformation.toDebugStr());
      pwmRequest.setResponseError(errorInformation);
    }

    forwardToForm(pwmRequest, updateAttributesProfile, updateProfileBean);
  }