From d053f3d4773a5df96f97e97edf349b58d53e31a9 Mon Sep 17 00:00:00 2001 From: Dharmakeerthi Lasantha Date: Mon, 3 Apr 2023 11:25:59 +0530 Subject: [PATCH] Add otp renew feature --- .../mgt/common/spi/OTPManagementService.java | 2 + .../core/otp/mgt/dao/OTPManagementDAO.java | 6 ++ .../dao/impl/GenericOTPManagementDAOImpl.java | 93 +++++++++++++++++++ .../mgt/service/OTPManagementServiceImpl.java | 35 ++++++- 4 files changed, 135 insertions(+), 1 deletion(-) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java index 38f055c2fc..bf1d112875 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java @@ -61,4 +61,6 @@ public interface OTPManagementService { OneTimePinDTO generateOneTimePin(String email, String emailType, String userName, Object metaDataObj, int tenantId, boolean persistPin) throws OTPManagementException; + OneTimePinDTO getRenewedOtpByEmailAndMailType(String email, String emailType) throws OTPManagementException; + } \ No newline at end of file diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/OTPManagementDAO.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/OTPManagementDAO.java index 44bb2a3064..58a4e54f3e 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/OTPManagementDAO.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/OTPManagementDAO.java @@ -54,6 +54,9 @@ public interface OTPManagementDAO { */ void renewOneTimeToken(int id, String oneTimeToken) throws OTPManagementDAOException; + void restoreOneTimeToken(int id, String oneTimeToken) throws OTPManagementDAOException; + + /** * To veify whether email and email type exists or not * @param email email @@ -62,4 +65,7 @@ public interface OTPManagementDAO { * @throws OTPManagementDAOException if error occurred while verify existance of the email and email type */ boolean isEmailExist (String email, String emailType) throws OTPManagementDAOException; + + OneTimePinDTO getOtpDataByEmailAndMailType(String email, String emailType) throws OTPManagementDAOException; + } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/GenericOTPManagementDAOImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/GenericOTPManagementDAOImpl.java index 58b55197a0..371e752884 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/GenericOTPManagementDAOImpl.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/GenericOTPManagementDAOImpl.java @@ -204,6 +204,41 @@ public class GenericOTPManagementDAOImpl extends AbstractDAOImpl implements OTPM } } + public void restoreOneTimeToken(int id, String oneTimeToken) throws OTPManagementDAOException { + if (log.isDebugEnabled()) { + log.debug("Request received in DAO Layer to update an OTP data entry for OTP"); + log.debug("OTP Details : OTP key : " + oneTimeToken ); + } + + String sql = "UPDATE DM_OTP_DATA " + + "SET " + + "OTP_TOKEN = ?, " + + "CREATED_AT = ?, " + + "IS_EXPIRED = false" + + "WHERE ID = ?"; + + try { + Connection conn = this.getDBConnection(); + Calendar calendar = Calendar.getInstance(); + Timestamp timestamp = new Timestamp(calendar.getTime().getTime()); + try (PreparedStatement stmt = conn.prepareStatement(sql)) { + stmt.setString(1, oneTimeToken); + stmt.setTimestamp(2, timestamp); + stmt.setInt(3, id); + stmt.executeUpdate(); + } + } catch (DBConnectionException e) { + String msg = "Error occurred while obtaining the DB connection to update the OTP token."; + log.error(msg, e); + throw new OTPManagementDAOException(msg, e); + } catch (SQLException e) { + String msg = "Error occurred when executing sql query to update the OTP token."; + log.error(msg, e); + throw new OTPManagementDAOException(msg, e); + } + } + + @Override public boolean isEmailExist (String email, String emailType) throws OTPManagementDAOException { @@ -239,4 +274,62 @@ public class GenericOTPManagementDAOImpl extends AbstractDAOImpl implements OTPM throw new OTPManagementDAOException(msg, e); } } + + @Override + public OneTimePinDTO getOtpDataByEmailAndMailType(String email, String emailType) throws OTPManagementDAOException { + + if (log.isDebugEnabled()) { + log.debug("Request received in DAO Layer to verify whether email was registed with emai type in OTP"); + log.debug("OTP Details : email : " + email + " email type: " + emailType ); + } + + String sql = "SELECT " + + "ID, " + + "OTP_TOKEN, " + + "EMAIL, " + + "EMAIL_TYPE, " + + "META_INFO, " + + "CREATED_AT, " + + "EXPIRY_TIME, " + + "IS_EXPIRED, " + + "TENANT_ID, " + + "USERNAME " + + "FROM DM_OTP_DATA " + + "WHERE EMAIL = ? AND " + + "EMAIL_TYPE = ?"; + + try { + Connection conn = this.getDBConnection(); + try (PreparedStatement stmt = conn.prepareStatement(sql)) { + stmt.setString(1, email); + stmt.setString(2, emailType); + try (ResultSet rs = stmt.executeQuery()) { + if (rs.next()) { + OneTimePinDTO oneTimePinDTO = new OneTimePinDTO(); + oneTimePinDTO.setId(rs.getInt("ID")); + oneTimePinDTO.setOtpToken(rs.getString("OTP_TOKEN")); + oneTimePinDTO.setEmail(rs.getString("EMAIL")); + oneTimePinDTO.setEmailType(rs.getString("EMAIL_TYPE")); + oneTimePinDTO.setMetaInfo(rs.getString("META_INFO")); + oneTimePinDTO.setCreatedAt(rs.getTimestamp("CREATED_AT")); + oneTimePinDTO.setExpiryTime(rs.getInt("EXPIRY_TIME")); + oneTimePinDTO.setExpired(rs.getBoolean("IS_EXPIRED")); + oneTimePinDTO.setTenantId(rs.getInt("TENANT_ID")); + oneTimePinDTO.setUsername(rs.getString("USERNAME")); + return oneTimePinDTO; + } + return null; } + } + } catch (DBConnectionException e) { + String msg = "Error occurred while obtaining the DB connection to verify email and email type exist in OTP." + + " Email: " + email + "Email Type: " + emailType; + log.error(msg, e); + throw new OTPManagementDAOException(msg, e); + } catch (SQLException e) { + String msg = "Error occurred while executing SQL to verify email and email type exist in OTP. Email: " + + email + "Email Type: " + emailType; + log.error(msg, e); + throw new OTPManagementDAOException(msg, e); + } + } } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java index 59edc4a5d5..d9a0fdbf55 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java @@ -89,6 +89,39 @@ public class OTPManagementServiceImpl implements OTPManagementService { return false; } + public OneTimePinDTO getRenewedOtpByEmailAndMailType(String email, String emailType) throws OTPManagementException{ + OneTimePinDTO oneTimePinDTO; + try { + ConnectionManagerUtil.beginDBTransaction(); + oneTimePinDTO = otpManagementDAO.getOtpDataByEmailAndMailType(email, emailType); + if (oneTimePinDTO == null) { + ConnectionManagerUtil.rollbackDBTransaction(); + String msg = "Can't find OTP data for email: " + email + " and email type: " + emailType; + log.error(msg); + throw new OTPManagementException(msg); + } + otpManagementDAO.restoreOneTimeToken(oneTimePinDTO.getId(), UUID.randomUUID().toString()); + ConnectionManagerUtil.commitDBTransaction(); + return oneTimePinDTO; + } catch (DBConnectionException e) { + ConnectionManagerUtil.rollbackDBTransaction(); + String msg = "Error occurred while getting database connection to validate the given email and email type."; + log.error(msg, e); + throw new OTPManagementException(msg, e); + } catch (OTPManagementDAOException e) { + ConnectionManagerUtil.rollbackDBTransaction(); + String msg = "Error occurred while executing SQL query to validate the given email and email type."; + log.error(msg, e); + throw new OTPManagementException(msg); + } catch (TransactionManagementException e) { + String msg = "Error occurred while starting the DB transaction"; + log.error(msg, e); + throw new OTPManagementException(msg, e); + } finally { + ConnectionManagerUtil.closeDBConnection(); + } + } + @Override public OneTimePinDTO isValidOTP(String oneTimeToken) throws OTPManagementException, BadRequestException { if (StringUtils.isBlank(oneTimeToken)){ @@ -297,7 +330,7 @@ public class OTPManagementServiceImpl implements OTPManagementService { * @return {@link OneTimePinDTO} * @throws OTPManagementException if error occurred while getting OTP data for given OTP in DB */ - private OneTimePinDTO getOTPDataByToken ( String oneTimeToken) throws OTPManagementException { + private OneTimePinDTO getOTPDataByToken (String oneTimeToken) throws OTPManagementException { try { ConnectionManagerUtil.openDBConnection(); return otpManagementDAO.getOTPDataByToken(oneTimeToken);