From 648cffaa172633ea6604f8ec0fa28a21c0979d19 Mon Sep 17 00:00:00 2001 From: "tcdlpds@gmail.com" Date: Mon, 10 Aug 2020 13:23:28 +0530 Subject: [PATCH] Generalize OTP creation --- .../{OTPMailDTO.java => OneTimePinDTO.java} | 2 +- .../mgt/common/spi/OTPManagementService.java | 4 +- .../core/otp/mgt/dao/OTPManagementDAO.java | 10 +- .../dao/impl/GenericOTPManagementDAOImpl.java | 48 ++--- .../mgt/service/OTPManagementServiceImpl.java | 180 ++++++++++-------- .../OneTimeTokenAuthenticator.java | 4 +- 6 files changed, 138 insertions(+), 110 deletions(-) rename components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/dto/{OTPMailDTO.java => OneTimePinDTO.java} (98%) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/dto/OTPMailDTO.java b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/dto/OneTimePinDTO.java similarity index 98% rename from components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/dto/OTPMailDTO.java rename to components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/dto/OneTimePinDTO.java index bd8698206c..11923947c1 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/dto/OTPMailDTO.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/otp/mgt/dto/OneTimePinDTO.java @@ -19,7 +19,7 @@ package org.wso2.carbon.device.mgt.common.otp.mgt.dto; import java.sql.Timestamp; -public class OTPMailDTO { +public class OneTimePinDTO { int id; String otpToken; diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java index 00e6ce3d93..2844be1f07 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.common/src/main/java/org/wso2/carbon/device/mgt/common/spi/OTPManagementService.java @@ -20,7 +20,7 @@ package org.wso2.carbon.device.mgt.common.spi; import org.wso2.carbon.device.mgt.common.exceptions.BadRequestException; import org.wso2.carbon.device.mgt.common.exceptions.DeviceManagementException; import org.wso2.carbon.device.mgt.common.exceptions.OTPManagementException; -import org.wso2.carbon.device.mgt.common.otp.mgt.dto.OTPMailDTO; +import org.wso2.carbon.device.mgt.common.otp.mgt.dto.OneTimePinDTO; import org.wso2.carbon.device.mgt.common.otp.mgt.wrapper.OTPWrapper; public interface OTPManagementService { @@ -40,5 +40,5 @@ public interface OTPManagementService { * @throws OTPManagementException if error occurred whle verifying validity of the OPT * @throws BadRequestException if found an null value for OTP */ - OTPMailDTO isValidOTP(String oneTimeToken) throws OTPManagementException, BadRequestException; + OneTimePinDTO isValidOTP(String oneTimeToken) throws OTPManagementException, BadRequestException; } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/OTPManagementDAO.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/OTPManagementDAO.java index 9a9ae3eefb..86eb5e4ccf 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/OTPManagementDAO.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/OTPManagementDAO.java @@ -17,26 +17,26 @@ package org.wso2.carbon.device.mgt.core.otp.mgt.dao; -import org.wso2.carbon.device.mgt.common.otp.mgt.dto.OTPMailDTO; +import org.wso2.carbon.device.mgt.common.otp.mgt.dto.OneTimePinDTO; import org.wso2.carbon.device.mgt.core.otp.mgt.exception.OTPManagementDAOException; public interface OTPManagementDAO { /** * Save OTP token data and tenant details of registering user - * @param otpMailDTO OTPMailDTO + * @param oneTimePinDTO OTPMailDTO * @return Primary key of the newly adding data raw * @throws OTPManagementDAOException if error occurred whule storing data */ - int addOTPData(OTPMailDTO otpMailDTO) throws OTPManagementDAOException; + int addOTPData(OneTimePinDTO oneTimePinDTO) throws OTPManagementDAOException; /** * Get OTP data for requesting One Time Token * @param oneTimeToken One Time Token - * @return {@link OTPMailDTO} + * @return {@link OneTimePinDTO} * @throws OTPManagementDAOException if error ocured while getting OTP data for requesting one time token */ - OTPMailDTO getOTPDataByToken (String oneTimeToken) throws OTPManagementDAOException; + OneTimePinDTO getOTPDataByToken (String oneTimeToken) throws OTPManagementDAOException; /** * Expire the OTP diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/GenericOTPManagementDAOImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/GenericOTPManagementDAOImpl.java index a923756c88..515b2fc727 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/GenericOTPManagementDAOImpl.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/dao/impl/GenericOTPManagementDAOImpl.java @@ -20,7 +20,7 @@ package org.wso2.carbon.device.mgt.core.otp.mgt.dao.impl; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.wso2.carbon.device.mgt.common.exceptions.DBConnectionException; -import org.wso2.carbon.device.mgt.common.otp.mgt.dto.OTPMailDTO; +import org.wso2.carbon.device.mgt.common.otp.mgt.dto.OneTimePinDTO; import org.wso2.carbon.device.mgt.core.otp.mgt.dao.AbstractDAOImpl; import org.wso2.carbon.device.mgt.core.otp.mgt.dao.OTPManagementDAO; import org.wso2.carbon.device.mgt.core.otp.mgt.exception.OTPManagementDAOException; @@ -38,11 +38,11 @@ public class GenericOTPManagementDAOImpl extends AbstractDAOImpl implements OTPM private static final Log log = LogFactory.getLog(GenericOTPManagementDAOImpl.class); @Override - public int addOTPData(OTPMailDTO otpMailDTO) throws OTPManagementDAOException { + public int addOTPData(OneTimePinDTO oneTimePinDTO) throws OTPManagementDAOException { if (log.isDebugEnabled()) { log.debug("Request received in DAO Layer to create an OTP data entry"); log.debug("OTP Details : "); - log.debug("OTP key : " + otpMailDTO.getOtpToken() + " Email : " + otpMailDTO.getEmail()); + log.debug("OTP key : " + oneTimePinDTO.getOtpToken() + " Email : " + oneTimePinDTO.getEmail()); } String sql = "INSERT INTO DM_OTP_DATA " @@ -58,13 +58,13 @@ public class GenericOTPManagementDAOImpl extends AbstractDAOImpl implements OTPM Calendar calendar = Calendar.getInstance(); Timestamp timestamp = new Timestamp(calendar.getTime().getTime()); try (PreparedStatement stmt = conn.prepareStatement(sql, Statement.RETURN_GENERATED_KEYS)) { - stmt.setString(1, otpMailDTO.getOtpToken()); - stmt.setString(2, otpMailDTO.getEmail()); - stmt.setString(3, otpMailDTO.getEmailType()); - stmt.setString(4, otpMailDTO.getMetaInfo()); + stmt.setString(1, oneTimePinDTO.getOtpToken()); + stmt.setString(2, oneTimePinDTO.getEmail()); + stmt.setString(3, oneTimePinDTO.getEmailType()); + stmt.setString(4, oneTimePinDTO.getMetaInfo()); stmt.setTimestamp(5, timestamp); - stmt.setInt(6, otpMailDTO.getTenantId()); - stmt.setString(7, otpMailDTO.getUsername()); + stmt.setInt(6, oneTimePinDTO.getTenantId()); + stmt.setString(7, oneTimePinDTO.getUsername()); stmt.executeUpdate(); try (ResultSet rs = stmt.getGeneratedKeys()) { if (rs.next()) { @@ -75,18 +75,18 @@ public class GenericOTPManagementDAOImpl extends AbstractDAOImpl implements OTPM } } catch (DBConnectionException e) { String msg = "Error occurred while obtaining the DB connection to create an opt entry for email " - + otpMailDTO.getEmail(); + + oneTimePinDTO.getEmail(); log.error(msg, e); throw new OTPManagementDAOException(msg, e); } catch (SQLException e) { - String msg = "Error occurred while executing SQL to create an otp entry for email " + otpMailDTO.getEmail(); + String msg = "Error occurred while executing SQL to create an otp entry for email " + oneTimePinDTO.getEmail(); log.error(msg, e); throw new OTPManagementDAOException(msg, e); } } @Override - public OTPMailDTO getOTPDataByToken (String oneTimeToken) throws OTPManagementDAOException { + public OneTimePinDTO getOTPDataByToken (String oneTimeToken) throws OTPManagementDAOException { if (log.isDebugEnabled()) { log.debug("Request received in DAO Layer to get an OTP data entry for OTP"); @@ -113,18 +113,18 @@ public class GenericOTPManagementDAOImpl extends AbstractDAOImpl implements OTPM try (ResultSet rs = stmt.executeQuery()) { if (rs.next()) { - OTPMailDTO otpMailDTO = new OTPMailDTO(); - otpMailDTO.setId(rs.getInt("ID")); - otpMailDTO.setOtpToken(rs.getString("OTP_TOKEN")); - otpMailDTO.setEmail(rs.getString("EMAIL")); - otpMailDTO.setEmailType(rs.getString("EMAIL_TYPE")); - otpMailDTO.setMetaInfo(rs.getString("META_INFO")); - otpMailDTO.setCreatedAt(rs.getTimestamp("CREATED_AT")); - otpMailDTO.setExpiryTime(rs.getInt("EXPIRY_TIME")); - otpMailDTO.setExpired(rs.getBoolean("IS_EXPIRED")); - otpMailDTO.setTenantId(rs.getInt("TENANT_ID")); - otpMailDTO.setUsername(rs.getString("USERNAME")); - return otpMailDTO; + OneTimePinDTO oneTimePinDTO = new OneTimePinDTO(); + oneTimePinDTO.setId(rs.getInt("ID")); + oneTimePinDTO.setOtpToken(rs.getString("OTP_TOKEN")); + oneTimePinDTO.setEmail(rs.getString("EMAIL")); + oneTimePinDTO.setEmailType(rs.getString("EMAIL_TYPE")); + oneTimePinDTO.setMetaInfo(rs.getString("META_INFO")); + oneTimePinDTO.setCreatedAt(rs.getTimestamp("CREATED_AT")); + oneTimePinDTO.setExpiryTime(rs.getInt("EXPIRY_TIME")); + oneTimePinDTO.setExpired(rs.getBoolean("IS_EXPIRED")); + oneTimePinDTO.setTenantId(rs.getInt("TENANT_ID")); + oneTimePinDTO.setUsername(rs.getString("USERNAME")); + return oneTimePinDTO; } return null; } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java index de013ce4ae..68297a5554 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java @@ -28,7 +28,7 @@ import org.wso2.carbon.device.mgt.common.exceptions.OTPManagementException; import org.wso2.carbon.device.mgt.common.exceptions.TransactionManagementException; import org.wso2.carbon.device.mgt.common.exceptions.UnAuthorizedException; import org.wso2.carbon.device.mgt.common.metadata.mgt.Metadata; -import org.wso2.carbon.device.mgt.common.otp.mgt.dto.OTPMailDTO; +import org.wso2.carbon.device.mgt.common.otp.mgt.dto.OneTimePinDTO; import org.wso2.carbon.device.mgt.common.spi.OTPManagementService; import org.wso2.carbon.device.mgt.core.DeviceManagementConstants; import org.wso2.carbon.device.mgt.core.config.DeviceConfigurationManager; @@ -66,46 +66,21 @@ public class OTPManagementServiceImpl implements OTPManagementService { @Override public void sendUserVerifyingMail(OTPWrapper otpWrapper) throws OTPManagementException, DeviceManagementException { - - Tenant tenant = validateOTPTokenCreatingRequest(otpWrapper); - if (tenant == null){ - String msg = "Found invalid payload with OTP creating request"; - log.error(msg); - throw new BadRequestException(msg); - } - - DeviceManagementConfig deviceManagementConfig = DeviceConfigurationManager.getInstance() - .getDeviceManagementConfig(); - KeyManagerConfigurations kmConfig = deviceManagementConfig.getKeyManagerConfigurations(); - String superTenantUsername = kmConfig.getAdminUsername(); - - if (!otpWrapper.getUsername().equals(superTenantUsername)) { - String msg = "You don't have required permission to create OTP"; - log.error(msg); - throw new UnAuthorizedException(msg); - } - - Gson gson = new Gson(); - String metaInfo = gson.toJson(tenant); - String otpValue = UUID.randomUUID().toString(); - - OTPMailDTO otpMailDTO = new OTPMailDTO(); - otpMailDTO.setEmail(otpWrapper.getEmail()); - otpMailDTO.setTenantId(-1234); - otpMailDTO.setUsername(otpWrapper.getUsername()); - otpMailDTO.setEmailType(otpWrapper.getEmailType()); - otpMailDTO.setMetaInfo(metaInfo); - otpMailDTO.setOtpToken(otpValue); - + Tenant tenant = validateTenantCreatingDetails(otpWrapper); + OneTimePinDTO oneTimePinDTO = createOneTimePin(otpWrapper.getEmail(), otpWrapper.getEmailType(), + otpWrapper.getUsername(), tenant, -1234); try { ConnectionManagerUtil.beginDBTransaction(); - if (this.otpManagementDAO.addOTPData(otpMailDTO) == -1) { + if (this.otpManagementDAO.addOTPData(oneTimePinDTO) == -1) { ConnectionManagerUtil.rollbackDBTransaction(); String msg = "OTP data saving failed. Please, contact Administrator"; log.error(msg); throw new OTPManagementException(msg); } - sendMail(tenant.getAdminFirstName(), otpValue, tenant.getEmail()); + Properties props = new Properties(); + props.setProperty("first-name", tenant.getAdminFirstName()); + props.setProperty("otp-token", oneTimePinDTO.getOtpToken()); + sendMail(props, tenant.getEmail()); ConnectionManagerUtil.commitDBTransaction(); } catch (TransactionManagementException e) { String msg = "Error occurred while disabling AutoCommit."; @@ -117,7 +92,7 @@ public class OTPManagementServiceImpl implements OTPManagementService { throw new OTPManagementException(msg, e); } catch (OTPManagementDAOException e) { ConnectionManagerUtil.rollbackDBTransaction(); - String msg = "Error occurred while saving the OTP data. Email address: " + otpMailDTO.getEmail(); + String msg = "Error occurred while saving the OTP data. Email address: " + oneTimePinDTO.getEmail(); log.error(msg, e); throw new OTPManagementException(msg, e); } finally { @@ -126,15 +101,15 @@ public class OTPManagementServiceImpl implements OTPManagementService { } @Override - public OTPMailDTO isValidOTP(String oneTimeToken) throws OTPManagementException, BadRequestException { - OTPMailDTO otpMailDTO = getOTPDataByToken(oneTimeToken); - if (otpMailDTO == null) { + public OneTimePinDTO isValidOTP(String oneTimeToken) throws OTPManagementException, BadRequestException { + OneTimePinDTO oneTimePinDTO = getOTPDataByToken(oneTimeToken); + if (oneTimePinDTO == null) { String msg = "Couldn't found OTP data for the requesting OTP " + oneTimeToken + " In the system."; log.error(msg); throw new BadRequestException(msg); } - if (otpMailDTO.isExpired()) { + if (oneTimePinDTO.isExpired()) { log.warn("Token is expired. OTP: " + oneTimeToken); return null; } @@ -142,26 +117,59 @@ public class OTPManagementServiceImpl implements OTPManagementService { Calendar calendar = Calendar.getInstance(); Timestamp currentTimestamp = new Timestamp(calendar.getTime().getTime()); Timestamp expiredTimestamp = new Timestamp( - otpMailDTO.getCreatedAt().getTime() + otpMailDTO.getExpiryTime() * 1000); + oneTimePinDTO.getCreatedAt().getTime() + oneTimePinDTO.getExpiryTime() * 1000); if (currentTimestamp.after(expiredTimestamp)) { String renewedOTP = UUID.randomUUID().toString(); - renewOTP(otpMailDTO, renewedOTP); + renewOTP(oneTimePinDTO, renewedOTP); Gson gson = new Gson(); - Tenant tenant = gson.fromJson(otpMailDTO.getMetaInfo(), Tenant.class); - sendMail(tenant.getAdminFirstName(), renewedOTP, otpMailDTO.getEmail()); + Tenant tenant = gson.fromJson(oneTimePinDTO.getMetaInfo(), Tenant.class); + + Properties props = new Properties(); + props.setProperty("first-name", tenant.getAdminFirstName()); + props.setProperty("otp-token", renewedOTP); + sendMail(props, oneTimePinDTO.getEmail()); return null; } - return otpMailDTO; + return oneTimePinDTO; + } + + + /** + * Create One Time Token + * @param email email + * @param emailType email type + * @param userName username + * @param metaDataObj meta data object + * @param tenantId tenant Id + * @return {@link OneTimePinDTO} + */ + private OneTimePinDTO createOneTimePin(String email, String emailType, String userName, Object metaDataObj, + int tenantId) { + + String otpValue = UUID.randomUUID().toString(); + + Gson gson = new Gson(); + String metaInfo = gson.toJson(metaDataObj); + + OneTimePinDTO oneTimePinDTO = new OneTimePinDTO(); + oneTimePinDTO.setEmail(email); + oneTimePinDTO.setTenantId(tenantId); + oneTimePinDTO.setUsername(userName); + oneTimePinDTO.setEmailType(emailType); + oneTimePinDTO.setMetaInfo(metaInfo); + oneTimePinDTO.setOtpToken(otpValue); + + return oneTimePinDTO; } /** * Get OTPData from DB * @param oneTimeToken One Time Token - * @return {@link OTPMailDTO} + * @return {@link OneTimePinDTO} * @throws OTPManagementException if error occurred while getting OTP data for given OTP in DB */ - private OTPMailDTO getOTPDataByToken ( String oneTimeToken) throws OTPManagementException { + private OneTimePinDTO getOTPDataByToken ( String oneTimeToken) throws OTPManagementException { try { ConnectionManagerUtil.openDBConnection(); return otpManagementDAO.getOTPDataByToken(oneTimeToken); @@ -179,61 +187,85 @@ public class OTPManagementServiceImpl implements OTPManagementService { } /** - * Validate OTP token creating payload + * Validate Tenant details * @param otpWrapper OTP-Wrapper - * @return true if its valid payload otherwise returns false + * @return {@link Tenant} if its valid payload otherwise throws {@link DeviceManagementException} + * @throws DeviceManagementException if invalid payload or unauthorized request received */ - private Tenant validateOTPTokenCreatingRequest(OTPWrapper otpWrapper) { + private Tenant validateTenantCreatingDetails(OTPWrapper otpWrapper) throws DeviceManagementException { + + DeviceManagementConfig deviceManagementConfig = DeviceConfigurationManager.getInstance() + .getDeviceManagementConfig(); + KeyManagerConfigurations kmConfig = deviceManagementConfig.getKeyManagerConfigurations(); + String superTenantUsername = kmConfig.getAdminUsername(); + + if (!otpWrapper.getUsername().equals(superTenantUsername)) { + String msg = "You don't have required permission to create OTP"; + log.error(msg); + throw new UnAuthorizedException(msg); + } Tenant tenant = new Tenant(); List properties = otpWrapper.getProperties(); for (Metadata property : properties) { + if (property == null) { + String msg = "Received invalid property to create OTP."; + log.error(msg); + throw new BadRequestException(msg); + } switch (property.getMetaKey()) { case OTPProperties.FIRST_NAME: String firstName = property.getMetaValue(); if (StringUtils.isBlank(firstName)) { - log.error("Received empty or blank first name field with OTP creating payload."); - return null; + String msg = "Received empty or blank first name field with OTP creating payload."; + log.error(msg); + throw new BadRequestException(msg); } tenant.setAdminFirstName(firstName); break; case OTPProperties.LAST_NAME: String lastName = property.getMetaValue(); if (StringUtils.isBlank(lastName)) { - log.error("Received empty or blank last name field with OTP creating payload."); - return null; + String msg = "Received empty or blank last name field with OTP creating payload."; + log.error(msg); + throw new BadRequestException(msg); } tenant.setAdminLastName(lastName); break; case OTPProperties.TENANT_ADMIN_USERNAME: String username = property.getMetaValue(); if (StringUtils.isBlank(username)) { - log.error("Received empty or blank admin username field with OTP creating payload."); - return null; + String msg = "Received empty or blank admin username field with OTP creating payload."; + log.error(msg); + throw new BadRequestException(msg); } tenant.setAdminName(username); break; case OTPProperties.TENANT_ADMIN_PASSWORD: String pwd = property.getMetaValue(); if (StringUtils.isBlank(pwd)) { - log.error("Received empty or blank admin password field with OTP creating payload."); - return null; + String msg = "Received empty or blank admin password field with OTP creating payload."; + log.error(msg); + throw new BadRequestException(msg); } tenant.setAdminPassword(pwd); break; default: - log.error("Received invalid key with OTP properties for creating OTP."); - return null; + String msg = "Received invalid key with OTP properties for creating OTP."; + log.error(msg); + throw new BadRequestException(msg); } } if (StringUtils.isBlank(otpWrapper.getEmail())) { - log.error("Received empty or blank email field with OTP creating payload."); - return null; + String msg = "Received empty or blank email field with OTP creating payload."; + log.error(msg); + throw new BadRequestException(msg); } if (StringUtils.isBlank(otpWrapper.getEmailType())) { - log.error("Received empty or blank email type field with OTP creating payload."); - return null; + String msg = "Received empty or blank email type field with OTP creating payload."; + log.error(msg); + throw new BadRequestException(msg); } tenant.setEmail(otpWrapper.getEmail()); return tenant; @@ -241,19 +273,13 @@ public class OTPManagementServiceImpl implements OTPManagementService { /** * If OTP expired, resend the user verifying mail with renewed OTP - * @param firstName First Name of the User - * @param renewedOTP Renewed OTP + * @param props Mail body properties * @param mailAddress Mail Address of the User * @throws OTPManagementException if error occurred while resend the user verifying mail */ - private void sendMail(String firstName, String renewedOTP, String mailAddress) - throws OTPManagementException { - Properties props = new Properties(); - props.setProperty("first-name", firstName); - props.setProperty("otp-token", renewedOTP); - - EmailMetaInfo metaInfo = new EmailMetaInfo(mailAddress, props); + private void sendMail(Properties props, String mailAddress) throws OTPManagementException { try { + EmailMetaInfo metaInfo = new EmailMetaInfo(mailAddress, props); DeviceManagementDataHolder.getInstance().getDeviceManagementProvider() .sendEnrolmentInvitation(DeviceManagementConstants.EmailAttributes.USER_VERIFY_TEMPLATE, metaInfo); } catch (DeviceManagementException e) { @@ -261,20 +287,22 @@ public class OTPManagementServiceImpl implements OTPManagementService { log.error(msg, e); throw new OTPManagementException(msg, e); } catch (ConfigurationManagementException e) { - throw new OTPManagementException(e); + String msg = "Configuration error occurred. Hence mail sending failed."; + log.error(msg, e); + throw new OTPManagementException(msg, e); } } /** * Renew the OTP - * @param otpMailDTO {@link OTPMailDTO} + * @param oneTimePinDTO {@link OneTimePinDTO} * @param renewedOTP Renewed OTP * @throws OTPManagementException if error occurred while renew the OTP */ - private void renewOTP(OTPMailDTO otpMailDTO, String renewedOTP) throws OTPManagementException { + private void renewOTP(OneTimePinDTO oneTimePinDTO, String renewedOTP) throws OTPManagementException { try { ConnectionManagerUtil.beginDBTransaction(); - this.otpManagementDAO.renewOneTimeToken(otpMailDTO.getId(), renewedOTP); + this.otpManagementDAO.renewOneTimeToken(oneTimePinDTO.getId(), renewedOTP); ConnectionManagerUtil.commitDBTransaction(); } catch (TransactionManagementException e) { String msg = "Error occurred while disabling AutoCommit to renew the OTP."; diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OneTimeTokenAuthenticator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OneTimeTokenAuthenticator.java index c5e9d90824..472fb6d302 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OneTimeTokenAuthenticator.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OneTimeTokenAuthenticator.java @@ -20,7 +20,7 @@ package org.wso2.carbon.webapp.authenticator.framework.authenticator; import org.apache.catalina.connector.Response; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; -import org.wso2.carbon.device.mgt.common.otp.mgt.dto.OTPMailDTO; +import org.wso2.carbon.device.mgt.common.otp.mgt.dto.OneTimePinDTO; import org.wso2.carbon.device.mgt.common.spi.OTPManagementService; import org.wso2.carbon.webapp.authenticator.framework.AuthenticationInfo; import org.wso2.carbon.webapp.authenticator.framework.Constants; @@ -49,7 +49,7 @@ public class OneTimeTokenAuthenticator implements WebappAuthenticator { try { OTPManagementService otpManagementService = AuthenticatorFrameworkDataHolder.getInstance() .getOtpManagementService(); - OTPMailDTO validOTP = otpManagementService.isValidOTP(request.getHeader(Constants.HTTPHeaders + OneTimePinDTO validOTP = otpManagementService.isValidOTP(request.getHeader(Constants.HTTPHeaders .ONE_TIME_TOKEN_HEADER)); if (validOTP != null) { authenticationInfo.setStatus(Status.CONTINUE);