@PUT
@Path("password")
public JSONWithPadding setUserPasswordPut(
@Context UriInfo ui,
Map<String, Object> json,
@QueryParam("callback") @DefaultValue("callback") String callback)
throws Exception {
if (json == null) {
return null;
}
String oldPassword = string(json.get("oldpassword"));
String newPassword = string(json.get("newpassword"));
if (isServiceAdmin()) {
management.setAdminUserPassword(user.getUuid(), newPassword);
} else {
management.setAdminUserPassword(user.getUuid(), oldPassword, newPassword);
}
ApiResponse response = createApiResponse();
response.setAction("set user password");
return new JSONWithPadding(response, callback);
}
@Override
public ServiceResults invokeItemWithName(ServiceContext context, String name) throws Exception {
if ("me".equals(name)) {
UserInfo user = SubjectUtils.getUser();
if ((user != null) && (user.getUuid() != null)) {
return super.invokeItemWithId(context, user.getUuid());
}
}
return super.invokeItemWithName(context, name);
}
@POST
@Path("resetpw")
@Consumes("application/x-www-form-urlencoded")
@Produces(MediaType.TEXT_HTML)
public Viewable handlePasswordResetForm(
@Context UriInfo ui,
@FormParam("token") String token,
@FormParam("password1") String password1,
@FormParam("password2") String password2,
@FormParam("recaptcha_challenge_field") String challenge,
@FormParam("recaptcha_response_field") String uresponse) {
try {
this.token = token;
if ((password1 != null) || (password2 != null)) {
if (management.checkPasswordResetTokenForAdminUser(user.getUuid(), token)) {
if ((password1 != null) && password1.equals(password2)) {
management.setAdminUserPassword(user.getUuid(), password1);
return handleViewable("resetpw_set_success", this);
} else {
errorMsg = "Passwords didn't match, let's try again...";
return handleViewable("resetpw_set_form", this);
}
} else {
errorMsg = "Something odd happened, let's try again...";
return handleViewable("resetpw_email_form", this);
}
}
if (!useReCaptcha()) {
management.startAdminUserPasswordResetFlow(user);
return handleViewable("resetpw_email_success", this);
}
ReCaptchaImpl reCaptcha = new ReCaptchaImpl();
reCaptcha.setPrivateKey(properties.getRecaptchaPrivate());
ReCaptchaResponse reCaptchaResponse =
reCaptcha.checkAnswer(httpServletRequest.getRemoteAddr(), challenge, uresponse);
if (reCaptchaResponse.isValid()) {
management.startAdminUserPasswordResetFlow(user);
return handleViewable("resetpw_email_success", this);
} else {
errorMsg = "Incorrect Captcha";
return handleViewable("resetpw_email_form", this);
}
} catch (RedirectionException e) {
throw e;
} catch (Exception e) {
return handleViewable("error", e);
}
}
@GET
@Path("reactivate")
public JSONWithPadding reactivate(
@Context UriInfo ui, @QueryParam("callback") @DefaultValue("callback") String callback)
throws Exception {
logger.info("Send activation email for user: "******"reactivate user");
return new JSONWithPadding(response, callback);
}
@GET
@Path("activate")
@Produces(MediaType.TEXT_HTML)
public Viewable activate(@Context UriInfo ui, @QueryParam("token") String token) {
try {
management.handleActivationTokenForAdminUser(user.getUuid(), token);
return handleViewable("activate", this);
} catch (TokenException e) {
return handleViewable("bad_activation_token", this);
} catch (RedirectionException e) {
throw e;
} catch (Exception e) {
return handleViewable("error", e);
}
}
@POST
@Path("revoketokens")
public JSONWithPadding revokeTokensPost(
@Context UriInfo ui, @QueryParam("callback") @DefaultValue("callback") String callback)
throws Exception {
UUID adminId = user.getUuid();
logger.info("Revoking user tokens for {}", adminId);
ApiResponse response = createApiResponse();
management.revokeAccessTokensForAdminUser(adminId);
response.setAction("revoked user tokens");
return new JSONWithPadding(response, callback);
}
@GET
@Path("confirm")
@Produces(MediaType.TEXT_HTML)
public Viewable confirm(@Context UriInfo ui, @QueryParam("token") String token) {
try {
ActivationState state = management.handleConfirmationTokenForAdminUser(user.getUuid(), token);
if (state == ActivationState.CONFIRMED_AWAITING_ACTIVATION) {
return handleViewable("confirm", this);
}
return handleViewable("activate", this);
} catch (TokenException e) {
return handleViewable("bad_confirmation_token", this);
} catch (RedirectionException e) {
throw e;
} catch (Exception e) {
return new Viewable("error", e);
}
}
@GET
@Path("resetpw")
@Produces(MediaType.TEXT_HTML)
public Viewable showPasswordResetForm(@Context UriInfo ui, @QueryParam("token") String token) {
try {
this.token = token;
if (management.checkPasswordResetTokenForAdminUser(user.getUuid(), token)) {
return handleViewable("resetpw_set_form", this);
} else {
return handleViewable("resetpw_email_form", this);
}
} catch (RedirectionException e) {
throw e;
} catch (Exception e) {
return handleViewable("error", e);
}
}
@RequireAdminUserAccess
@GET
public JSONWithPadding getUserData(
@Context UriInfo ui,
@QueryParam("ttl") long ttl,
@QueryParam("callback") @DefaultValue("callback") String callback)
throws Exception {
ApiResponse response = createApiResponse();
response.setAction("get admin user");
String token = management.getAccessTokenForAdminUser(SubjectUtils.getUser().getUuid(), ttl);
Map<String, Object> userOrganizationData =
management.getAdminUserOrganizationData(user.getUuid());
userOrganizationData.put("token", token);
response.setData(userOrganizationData);
response.setSuccess();
return new JSONWithPadding(response, callback);
}
