static Set<TokenVerificationProgress.TokenChannel> determineTokenPhaseRequired(
final PwmRequest pwmRequest,
final UpdateProfileBean updateProfileBean,
final UpdateAttributesProfile updateAttributesProfile)
throws PwmUnrecoverableException {
final Set<TokenVerificationProgress.TokenChannel> returnObj = new HashSet<>();
final Map<String, String> userFormData = updateProfileBean.getFormData();
Map<String, String> ldapData = null;
if (updateAttributesProfile.readSettingAsBoolean(
PwmSetting.UPDATE_PROFILE_EMAIL_VERIFICATION)) {
final String emailAddressAttribute =
pwmRequest.getConfig().readSettingAsString(PwmSetting.EMAIL_USER_MAIL_ATTRIBUTE);
if (userFormData.containsKey(emailAddressAttribute)) {
ldapData = formDataFromLdap(pwmRequest, updateAttributesProfile);
if (userFormData.get(emailAddressAttribute) != null
&& !userFormData
.get(emailAddressAttribute)
.equalsIgnoreCase(ldapData.get(emailAddressAttribute))) {
returnObj.add(TokenVerificationProgress.TokenChannel.EMAIL);
}
} else {
LOGGER.warn(
pwmRequest,
"email verification enabled, but email attribute '"
+ emailAddressAttribute
+ "' is not in update form");
}
}
if (updateAttributesProfile.readSettingAsBoolean(PwmSetting.UPDATE_PROFILE_SMS_VERIFICATION)) {
final String phoneNumberAttribute =
pwmRequest.getConfig().readSettingAsString(PwmSetting.SMS_USER_PHONE_ATTRIBUTE);
if (userFormData.containsKey(phoneNumberAttribute)) {
if (ldapData == null) {
ldapData = formDataFromLdap(pwmRequest, updateAttributesProfile);
}
if (userFormData.get(phoneNumberAttribute) != null
&& !userFormData
.get(phoneNumberAttribute)
.equalsIgnoreCase(ldapData.get(phoneNumberAttribute))) {
returnObj.add(TokenVerificationProgress.TokenChannel.SMS);
}
} else {
LOGGER.warn(
pwmRequest,
"sms verification enabled, but phone attribute '"
+ phoneNumberAttribute
+ "' is not in update form");
}
}
return returnObj;
}
public static void convertFormToConfiguration(
final StoredConfigurationImpl storedConfiguration,
final Map<String, String> ldapForm,
final Map<String, String> incomingLdapForm)
throws PwmUnrecoverableException {
{
final String newLdapURI = getLdapUrlFromFormConfig(ldapForm);
final StringArrayValue newValue = new StringArrayValue(Collections.singletonList(newLdapURI));
storedConfiguration.writeSetting(
PwmSetting.LDAP_SERVER_URLS, LDAP_PROFILE_KEY, newValue, null);
}
{ // proxy/admin account
final String ldapAdminDN = ldapForm.get(PARAM_LDAP_PROXY_DN);
final String ldapAdminPW = ldapForm.get(PARAM_LDAP_PROXY_PW);
storedConfiguration.writeSetting(
PwmSetting.LDAP_PROXY_USER_DN, LDAP_PROFILE_KEY, new StringValue(ldapAdminDN), null);
final PasswordValue passwordValue =
new PasswordValue(PasswordData.forStringValue(ldapAdminPW));
storedConfiguration.writeSetting(
PwmSetting.LDAP_PROXY_USER_PASSWORD, LDAP_PROFILE_KEY, passwordValue, null);
}
storedConfiguration.writeSetting(
PwmSetting.LDAP_CONTEXTLESS_ROOT,
LDAP_PROFILE_KEY,
new StringArrayValue(Collections.singletonList(ldapForm.get(PARAM_LDAP_CONTEXT))),
null);
{
final String ldapContext = ldapForm.get(PARAM_LDAP_CONTEXT);
storedConfiguration.writeSetting(
PwmSetting.LDAP_CONTEXTLESS_ROOT,
LDAP_PROFILE_KEY,
new StringArrayValue(Collections.singletonList(ldapContext)),
null);
}
{
final String ldapTestUserDN = ldapForm.get(PARAM_LDAP_TEST_USER);
storedConfiguration.writeSetting(
PwmSetting.LDAP_TEST_USER_DN, LDAP_PROFILE_KEY, new StringValue(ldapTestUserDN), null);
}
{ // set admin query
final String groupDN = ldapForm.get(PARAM_LDAP_ADMIN_GROUP);
final List<UserPermission> userPermissions =
Collections.singletonList(
new UserPermission(UserPermission.Type.ldapGroup, null, null, groupDN));
storedConfiguration.writeSetting(
PwmSetting.QUERY_MATCH_PWM_ADMIN, new UserPermissionValue(userPermissions), null);
}
// set context based on ldap dn
if (incomingLdapForm.containsKey(PARAM_APP_SITEURL)) {
ldapForm.put(PARAM_APP_SITEURL, incomingLdapForm.get(PARAM_APP_SITEURL));
}
storedConfiguration.writeSetting(
PwmSetting.PWM_SITE_URL, new StringValue(ldapForm.get(PARAM_APP_SITEURL)), null);
}
private void restBrowseLdap(final PwmRequest pwmRequest, final ConfigGuideBean configGuideBean)
throws IOException, ServletException, PwmUnrecoverableException {
final StoredConfigurationImpl storedConfiguration =
StoredConfigurationImpl.copy(configGuideBean.getStoredConfiguration());
if (configGuideBean.getStep() == STEP.LDAP_ADMIN) {
storedConfiguration.resetSetting(PwmSetting.LDAP_PROXY_USER_DN, LDAP_PROFILE_KEY, null);
storedConfiguration.resetSetting(PwmSetting.LDAP_PROXY_USER_PASSWORD, LDAP_PROFILE_KEY, null);
}
final Date startTime = new Date();
final Map<String, String> inputMap =
pwmRequest.readBodyAsJsonStringMap(PwmHttpRequestWrapper.Flag.BypassValidation);
final String profile = inputMap.get("profile");
final String dn = inputMap.containsKey("dn") ? inputMap.get("dn") : "";
final LdapBrowser ldapBrowser = new LdapBrowser(storedConfiguration);
final LdapBrowser.LdapBrowseResult result = ldapBrowser.doBrowse(profile, dn);
ldapBrowser.close();
LOGGER.trace(
pwmRequest,
"performed ldapBrowse operation in "
+ TimeDuration.fromCurrent(startTime).asCompactString()
+ ", result="
+ JsonUtil.serialize(result));
pwmRequest.outputJsonResult(new RestResultBean(result));
}
