protected static void restValidateForm(
final PwmRequest pwmRequest, final UpdateProfileBean updateProfileBean)
throws IOException, ServletException, PwmUnrecoverableException, ChaiUnavailableException {
boolean success = true;
String userMessage =
Message.getLocalizedMessage(
pwmRequest.getLocale(), Message.Success_UpdateForm, pwmRequest.getConfig());
final Map<FormConfiguration, String> formValues = updateProfileBean.getFormData();
try {
// read in the responses from the request
readFromJsonRequest(pwmRequest, updateProfileBean);
// verify form meets the form requirements
verifyFormAttributes(pwmRequest, formValues, true);
} catch (PwmOperationalException e) {
success = false;
userMessage =
e.getErrorInformation()
.toUserStr(pwmRequest.getPwmSession(), pwmRequest.getPwmApplication());
}
final LinkedHashMap<String, String> outputMap = new LinkedHashMap<>();
outputMap.put("version", "1");
outputMap.put("message", userMessage);
outputMap.put("success", String.valueOf(success));
pwmRequest.outputJsonResult(new RestResultBean(outputMap));
}
private void handleEnterCodeRequest(
final PwmRequest pwmRequest, final UpdateProfileBean updateProfileBean)
throws PwmUnrecoverableException, IOException, ServletException, ChaiUnavailableException {
final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
final PwmSession pwmSession = pwmRequest.getPwmSession();
final String userEnteredCode = pwmRequest.readParameterAsString(PwmConstants.PARAM_TOKEN);
boolean tokenPassed = false;
ErrorInformation errorInformation = null;
try {
final TokenPayload tokenPayload =
pwmApplication
.getTokenService()
.processUserEnteredCode(
pwmSession, pwmRequest.getUserInfoIfLoggedIn(), null, userEnteredCode);
if (tokenPayload != null) {
if (TokenType.UPDATE_EMAIL.matchesName(tokenPayload.getName())) {
LOGGER.debug(pwmRequest, "email token passed");
updateProfileBean
.getTokenVerificationProgress()
.getPassedTokens()
.add(TokenVerificationProgress.TokenChannel.EMAIL);
updateProfileBean
.getTokenVerificationProgress()
.getIssuedTokens()
.add(TokenVerificationProgress.TokenChannel.EMAIL);
updateProfileBean.getTokenVerificationProgress().setPhase(null);
tokenPassed = true;
} else if (TokenType.UPDATE_SMS.matchesName(tokenPayload.getName())) {
LOGGER.debug(pwmRequest, "SMS token passed");
updateProfileBean
.getTokenVerificationProgress()
.getPassedTokens()
.add(TokenVerificationProgress.TokenChannel.SMS);
updateProfileBean
.getTokenVerificationProgress()
.getIssuedTokens()
.add(TokenVerificationProgress.TokenChannel.SMS);
updateProfileBean.getTokenVerificationProgress().setPhase(null);
tokenPassed = true;
} else {
final String errorMsg = "token name/type is not recognized: " + tokenPayload.getName();
errorInformation = new ErrorInformation(PwmError.ERROR_TOKEN_INCORRECT, errorMsg);
}
}
} catch (PwmOperationalException e) {
final String errorMsg = "token incorrect: " + e.getMessage();
errorInformation = new ErrorInformation(PwmError.ERROR_TOKEN_INCORRECT, errorMsg);
}
if (!tokenPassed) {
if (errorInformation == null) {
errorInformation = new ErrorInformation(PwmError.ERROR_TOKEN_INCORRECT);
}
LOGGER.debug(pwmSession, errorInformation.toDebugStr());
pwmRequest.setResponseError(errorInformation);
}
}
private void handleUpdateRequest(
final PwmRequest pwmRequest, final UpdateProfileBean updateProfileBean)
throws PwmUnrecoverableException, ChaiUnavailableException, IOException, ServletException {
try {
readFormParametersFromRequest(pwmRequest, updateProfileBean);
} catch (PwmOperationalException e) {
LOGGER.error(pwmRequest, e.getMessage());
pwmRequest.setResponseError(e.getErrorInformation());
}
updateProfileBean.setFormSubmitted(true);
}
private void advanceToNextStep(
final PwmRequest pwmRequest, final UpdateProfileBean updateProfileBean)
throws IOException, ServletException, PwmUnrecoverableException, ChaiUnavailableException {
final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
final PwmSession pwmSession = pwmRequest.getPwmSession();
final String updateProfileAgreementText =
pwmApplication
.getConfig()
.readSettingAsLocalizedString(
PwmSetting.UPDATE_PROFILE_AGREEMENT_MESSAGE,
pwmSession.getSessionStateBean().getLocale());
if (updateProfileAgreementText != null && updateProfileAgreementText.length() > 0) {
if (!updateProfileBean.isAgreementPassed()) {
final MacroMachine macroMachine =
pwmRequest
.getPwmSession()
.getSessionManager()
.getMacroMachine(pwmRequest.getPwmApplication());
final String expandedText = macroMachine.expandMacros(updateProfileAgreementText);
pwmRequest.setAttribute(PwmConstants.REQUEST_ATTR.AgreementText, expandedText);
pwmRequest.forwardToJsp(PwmConstants.JSP_URL.UPDATE_ATTRIBUTES_AGREEMENT);
return;
}
}
final Map<FormConfiguration, String> formValues = updateProfileBean.getFormData();
if (!updateProfileBean.isFormSubmitted()) {
final Map<FormConfiguration, String> formMap = updateProfileBean.getFormData();
final List<FormConfiguration> formFields =
pwmApplication.getConfig().readSettingAsForm(PwmSetting.UPDATE_PROFILE_FORM);
FormUtility.populateFormMapFromLdap(
formFields,
pwmRequest.getSessionLabel(),
formMap,
pwmSession.getSessionManager().getUserDataReader(pwmApplication));
forwardToForm(pwmRequest);
return;
}
// make sure there is form data in the bean.
if (updateProfileBean.getFormData() == null) {
forwardToForm(pwmRequest);
return;
}
// validate the form data.
try {
// verify form meets the form requirements
verifyFormAttributes(pwmRequest, formValues, true);
} catch (PwmOperationalException e) {
LOGGER.error(pwmSession, e.getMessage());
pwmRequest.setResponseError(e.getErrorInformation());
forwardToForm(pwmRequest);
return;
}
final boolean requireConfirmation =
pwmApplication
.getConfig()
.readSettingAsBoolean(PwmSetting.UPDATE_PROFILE_SHOW_CONFIRMATION);
if (requireConfirmation && !updateProfileBean.isConfirmationPassed()) {
forwardToConfirmForm(pwmRequest);
return;
}
try {
// write the form values
final ChaiUser theUser = pwmSession.getSessionManager().getActor(pwmApplication);
doProfileUpdate(pwmRequest, formValues, theUser);
pwmRequest.forwardToSuccessPage(Message.Success_UpdateProfile);
return;
} catch (PwmException e) {
LOGGER.error(pwmSession, e.getMessage());
pwmRequest.setResponseError(e.getErrorInformation());
} catch (ChaiException e) {
final ErrorInformation errorInformation =
new ErrorInformation(PwmError.ERROR_UPDATE_ATTRS_FAILURE, e.toString());
LOGGER.error(pwmSession, errorInformation.toDebugStr());
pwmRequest.setResponseError(errorInformation);
}
forwardToForm(pwmRequest);
}
public void initializeToken(
final PwmRequest pwmRequest,
final UpdateProfileBean updateProfileBean,
final TokenVerificationProgress.TokenChannel tokenType)
throws PwmUnrecoverableException {
final PwmSession pwmSession = pwmRequest.getPwmSession();
final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
if (pwmApplication.getConfig().getTokenStorageMethod() == TokenStorageMethod.STORE_LDAP) {
throw new PwmUnrecoverableException(
new ErrorInformation(
PwmError.CONFIG_FORMAT_ERROR,
null,
new String[] {
"cannot generate new user tokens when storage type is configured as STORE_LDAP."
}));
}
final MacroMachine macroMachine =
pwmRequest.getPwmSession().getSessionManager().getMacroMachine(pwmApplication);
final Configuration config = pwmApplication.getConfig();
switch (tokenType) {
case SMS:
{
final String telephoneNumberAttribute =
pwmRequest.getConfig().readSettingAsString(PwmSetting.SMS_USER_PHONE_ATTRIBUTE);
final String toNum = updateProfileBean.getFormData().get(telephoneNumberAttribute);
final String tokenKey;
try {
final TokenPayload tokenPayload =
pwmApplication
.getTokenService()
.createTokenPayload(
TokenType.UPDATE_SMS,
Collections.<String, String>emptyMap(),
pwmRequest.getUserInfoIfLoggedIn(),
Collections.singleton(toNum));
tokenKey =
pwmApplication
.getTokenService()
.generateNewToken(tokenPayload, pwmRequest.getSessionLabel());
} catch (PwmOperationalException e) {
throw new PwmUnrecoverableException(e.getErrorInformation());
}
final String message =
config.readSettingAsLocalizedString(
PwmSetting.SMS_UPDATE_PROFILE_TOKEN_TEXT,
pwmSession.getSessionStateBean().getLocale());
try {
TokenService.TokenSender.sendSmsToken(
pwmApplication, null, macroMachine, toNum, message, tokenKey);
} catch (Exception e) {
throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_UNKNOWN));
}
updateProfileBean
.getTokenVerificationProgress()
.getIssuedTokens()
.add(TokenVerificationProgress.TokenChannel.SMS);
updateProfileBean.getTokenVerificationProgress().setTokenDisplayText(toNum);
updateProfileBean
.getTokenVerificationProgress()
.setPhase(TokenVerificationProgress.TokenChannel.SMS);
}
break;
case EMAIL:
{
final EmailItemBean configuredEmailSetting =
config.readSettingAsEmail(
PwmSetting.EMAIL_UPDATEPROFILE_VERIFICATION, pwmRequest.getLocale());
final String emailAddressAttribute =
pwmRequest.getConfig().readSettingAsString(PwmSetting.EMAIL_USER_MAIL_ATTRIBUTE);
final String toAddress = updateProfileBean.getFormData().get(emailAddressAttribute);
final String tokenKey;
try {
final TokenPayload tokenPayload =
pwmApplication
.getTokenService()
.createTokenPayload(
TokenType.UPDATE_EMAIL,
Collections.<String, String>emptyMap(),
pwmRequest.getUserInfoIfLoggedIn(),
Collections.singleton(toAddress));
tokenKey =
pwmApplication
.getTokenService()
.generateNewToken(tokenPayload, pwmRequest.getSessionLabel());
} catch (PwmOperationalException e) {
throw new PwmUnrecoverableException(e.getErrorInformation());
}
updateProfileBean
.getTokenVerificationProgress()
.getIssuedTokens()
.add(TokenVerificationProgress.TokenChannel.EMAIL);
updateProfileBean
.getTokenVerificationProgress()
.setPhase(TokenVerificationProgress.TokenChannel.EMAIL);
updateProfileBean.getTokenVerificationProgress().setTokenDisplayText(toAddress);
final EmailItemBean emailItemBean =
new EmailItemBean(
toAddress,
configuredEmailSetting.getFrom(),
configuredEmailSetting.getSubject(),
configuredEmailSetting.getBodyPlain().replace("%TOKEN%", tokenKey),
configuredEmailSetting.getBodyHtml().replace("%TOKEN%", tokenKey));
try {
TokenService.TokenSender.sendEmailToken(
pwmApplication, null, macroMachine, emailItemBean, toAddress, tokenKey);
} catch (Exception e) {
throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_UNKNOWN));
}
}
break;
default:
LOGGER.error("Unimplemented token purpose: " + tokenType);
updateProfileBean.getTokenVerificationProgress().setPhase(null);
}
}
