/**
* This method checks the current state and decides the validation to be performed corresponding
* to the state.
*/
public int process(Callback[] callbacks, int state) throws AuthLoginException {
try {
if (state == 1)
sharedState.put("javax.security.auth.login.name", ((NameCallback) callbacks[0]).getName());
userName = (String) sharedState.get("javax.security.auth.login.name");
HttpServletRequest request = getHttpServletRequest();
if (StringUtils.isNotBlank(userName)) {
user = CommonUtilities.getUser(userName, request);
} else {
replaceHeader(MODULE_ENTRY_POINT, getLocalizedString("missingUserAttr.message"));
return MODULE_ENTRY_POINT;
}
String submitedState = getSubmitedState(callbacks);
if (state == MODULE_SUCCESS_MSG
|| (submitedState != null && !String.valueOf(state).equals(submitedState))) {
return state;
}
int returnState = 0;
switch (state) {
case MODULE_ENTRY_POINT:
returnState = setResetQuestions();
break;
case MODULE_VALIDATE_ANSWERS:
returnState = validateAnswers(callbacks);
break;
default:
throw new AuthLoginException("Invalid state: " + state);
}
if (state != returnState && returnState == MODULE_VALIDATE_ANSWERS)
replaceHeader(returnState, " ");
return returnState;
} catch (Exception e) {
debug.error("Error occured while processing password reset module:", e);
throw new AuthLoginException(e);
}
}
/**
* This method is used to validate the security answers and on on successful validation, it resets
* the password and sends a mail to the user with the generated password.
*
* @param callbacks
* @return
* @throws Exception
*/
private int validateAnswers(Callback[] callbacks) throws Exception {
for (Callback callback_ : callbacks) {
if (callback_ instanceof NameCallback) {
NameCallback callback = (NameCallback) callback_;
if (StringUtils.isEmpty(callback.getName())) {
replaceHeader(MODULE_VALIDATE_ANSWERS, getLocalizedString("missingAnswer.message"));
return MODULE_VALIDATE_ANSWERS;
}
}
}
Map<String, String> qaMap = (Map<String, String>) sharedState.get("QAMap");
for (Callback callback_ : callbacks) {
if (callback_ instanceof NameCallback) {
NameCallback callback = (NameCallback) callback_;
if (!qaMap.get(callback.getPrompt()).equals(callback.getName().trim())) {
resetLockout.invalidAnswer(user);
debug.error("Invalid password reset answers provided for " + user.getUniversalId());
int warningCount = resetLockout.getWarnUserCount(user.getUniversalId());
if (warningCount < 0) {
replaceHeader(
MODULE_SUCCESS_MSG,
"<font color=\"red\">" + getLocalizedString("lockoutMsg.message") + "</font>");
return MODULE_SUCCESS_MSG;
} else if (warningCount > 0) {
replaceHeader(
MODULE_VALIDATE_ANSWERS,
MessageFormat.format(
getLocalizedString("lockoutWarning.message"), new Object[] {warningCount}));
return MODULE_VALIDATE_ANSWERS;
} else {
replaceHeader(MODULE_VALIDATE_ANSWERS, getLocalizedString("wrongAnswer.message"));
return MODULE_VALIDATE_ANSWERS;
}
}
}
}
resetLockout.removeUserLockoutEntry(user.getUniversalId());
String resetPassword = new RandomPasswordGenerator().generatePassword(user);
// ensure the random generated password meets the password criteria
while (!isValidPWD(resetPassword))
resetPassword = new RandomPasswordGenerator().generatePassword(user);
Map<String, Set> attrMap = new HashMap<String, Set>();
Set<String> attribVals = new HashSet<String>();
attribVals.add(resetPassword);
attrMap.put(
CommonUtilities.getProperty(PassphraseConstants.USER_PASSWORD_ATTRIBUTE), attribVals);
// Enable the force password reset flag
Set<String> passwordResetFlag = new HashSet<String>();
passwordResetFlag.add("true");
attrMap.put(
CommonUtilities.getProperty(PassphraseConstants.USER_PASSWORD_RESET_FLAG_ATTRIBUTE),
passwordResetFlag);
user.setAttributes(attrMap);
user.store();
debug.message("Password has been reset for the user: "******"emailNotify.message"));
} catch (Exception e) {
debug.error("Error sending password reset mail:", e);
replaceHeader(MODULE_SUCCESS_MSG, getLocalizedString("sendEmailFailed.message"));
}
return MODULE_SUCCESS_MSG;
}