|
|
|
@ -18,15 +18,16 @@
|
|
|
|
|
|
|
|
|
|
package org.wso2.carbon.device.mgt.jaxrs.util;
|
|
|
|
|
|
|
|
|
|
import org.apache.commons.codec.binary.Base64;
|
|
|
|
|
import org.apache.commons.logging.Log;
|
|
|
|
|
import org.apache.commons.logging.LogFactory;
|
|
|
|
|
import org.wso2.carbon.device.mgt.jaxrs.beans.UserCredentialWrapper;
|
|
|
|
|
import org.wso2.carbon.device.mgt.jaxrs.beans.PasswordResetWrapper;
|
|
|
|
|
import org.wso2.carbon.device.mgt.jaxrs.beans.OldPasswordResetWrapper;
|
|
|
|
|
import org.wso2.carbon.user.api.UserStoreException;
|
|
|
|
|
import org.wso2.carbon.user.api.UserStoreManager;
|
|
|
|
|
|
|
|
|
|
import javax.ws.rs.core.Response;
|
|
|
|
|
import java.io.UnsupportedEncodingException;
|
|
|
|
|
import java.util.regex.Pattern;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* This class builds Credential modification related Responses
|
|
|
|
@ -34,26 +35,38 @@ import java.io.UnsupportedEncodingException;
|
|
|
|
|
public class CredentialManagementResponseBuilder {
|
|
|
|
|
|
|
|
|
|
private static Log log = LogFactory.getLog(CredentialManagementResponseBuilder.class);
|
|
|
|
|
private static String PASSWORD_VALIDATION_REGEX_TAG = "PasswordJavaRegEx";
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Builds the response to change the password of a user
|
|
|
|
|
* @param username - Username of the user.
|
|
|
|
|
* @param credentials - User credentials
|
|
|
|
|
* @return Response Object
|
|
|
|
|
*/
|
|
|
|
|
public static Response buildChangePasswordResponse(UserCredentialWrapper credentials) {
|
|
|
|
|
public static Response buildChangePasswordResponse(String username, OldPasswordResetWrapper credentials) {
|
|
|
|
|
try {
|
|
|
|
|
UserStoreManager userStoreManager = DeviceMgtAPIUtils.getUserStoreManager();
|
|
|
|
|
byte[] decodedNewPassword = Base64.decodeBase64(credentials.getNewPassword());
|
|
|
|
|
byte[] decodedOldPassword = Base64.decodeBase64(credentials.getOldPassword());
|
|
|
|
|
userStoreManager.updateCredential(credentials.getUsername(), new String(
|
|
|
|
|
decodedNewPassword, "UTF-8"), new String(decodedOldPassword, "UTF-8"));
|
|
|
|
|
if (!userStoreManager.isExistingUser(username)) {
|
|
|
|
|
return Response.status(Response.Status.BAD_REQUEST).entity("No user found with the username "
|
|
|
|
|
+ username).build();
|
|
|
|
|
}
|
|
|
|
|
if (credentials == null || credentials.getNewPassword() == null || credentials.getOldPassword() == null) {
|
|
|
|
|
return Response.status(Response.Status.BAD_REQUEST).entity("Password cannot be empty.")
|
|
|
|
|
.build();
|
|
|
|
|
}
|
|
|
|
|
if (!validateCredential(credentials.getNewPassword())) {
|
|
|
|
|
return Response.status(Response.Status.BAD_REQUEST).entity("Password does not match with required format.")
|
|
|
|
|
.build();
|
|
|
|
|
}
|
|
|
|
|
userStoreManager.updateCredential(username, credentials.getNewPassword(),
|
|
|
|
|
credentials.getOldPassword());
|
|
|
|
|
return Response.status(Response.Status.OK).entity("UserImpl password by username: " +
|
|
|
|
|
credentials.getUsername() + " was successfully changed.").build();
|
|
|
|
|
username + " was successfully changed.").build();
|
|
|
|
|
} catch (UserStoreException e) {
|
|
|
|
|
log.error(e.getMessage(), e);
|
|
|
|
|
return Response.status(Response.Status.BAD_REQUEST).entity("Old password does not match.").build();
|
|
|
|
|
} catch (UnsupportedEncodingException e) {
|
|
|
|
|
String errorMsg = "Could not change the password of the user: " + credentials.getUsername() +
|
|
|
|
|
String errorMsg = "Could not change the password of the user: " + username +
|
|
|
|
|
". The Character Encoding is not supported.";
|
|
|
|
|
log.error(errorMsg, e);
|
|
|
|
|
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(errorMsg).build();
|
|
|
|
@ -62,27 +75,51 @@ public class CredentialManagementResponseBuilder {
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Builds the response to reset the password of a user
|
|
|
|
|
* @param username - Username of the user.
|
|
|
|
|
* @param credentials - User credentials
|
|
|
|
|
* @return Response Object
|
|
|
|
|
*/
|
|
|
|
|
public static Response buildResetPasswordResponse(UserCredentialWrapper credentials) {
|
|
|
|
|
public static Response buildResetPasswordResponse(String username, PasswordResetWrapper credentials) {
|
|
|
|
|
try {
|
|
|
|
|
UserStoreManager userStoreManager = DeviceMgtAPIUtils.getUserStoreManager();
|
|
|
|
|
byte[] decodedNewPassword = Base64.decodeBase64(credentials.getNewPassword());
|
|
|
|
|
userStoreManager.updateCredentialByAdmin(credentials.getUsername(), new String(
|
|
|
|
|
decodedNewPassword, "UTF-8"));
|
|
|
|
|
return Response.status(Response.Status.CREATED).entity("UserImpl password by username: " +
|
|
|
|
|
credentials.getUsername() + " was successfully changed.").build();
|
|
|
|
|
if (!userStoreManager.isExistingUser(username)) {
|
|
|
|
|
return Response.status(Response.Status.BAD_REQUEST).entity("No user found with the username "
|
|
|
|
|
+ username).build();
|
|
|
|
|
}
|
|
|
|
|
if (credentials == null || credentials.getNewPassword() == null) {
|
|
|
|
|
return Response.status(Response.Status.BAD_REQUEST).entity("Password cannot be empty.")
|
|
|
|
|
.build();
|
|
|
|
|
}
|
|
|
|
|
if (!validateCredential(credentials.getNewPassword())) {
|
|
|
|
|
return Response.status(Response.Status.BAD_REQUEST).entity("Password does not match with required format.")
|
|
|
|
|
.build();
|
|
|
|
|
}
|
|
|
|
|
userStoreManager.updateCredentialByAdmin(username, credentials.getNewPassword());
|
|
|
|
|
return Response.status(Response.Status.OK).entity("UserImpl password by username: " +
|
|
|
|
|
username + " was successfully changed.").build();
|
|
|
|
|
} catch (UserStoreException e) {
|
|
|
|
|
String msg = "ErrorResponse occurred while updating the credentials of user '" + credentials.getUsername() + "'";
|
|
|
|
|
String msg = "ErrorResponse occurred while updating the credentials of user '" + username + "'";
|
|
|
|
|
log.error(msg, e);
|
|
|
|
|
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
|
|
|
|
|
} catch (UnsupportedEncodingException e) {
|
|
|
|
|
String msg = "Could not change the password of the user: " + credentials.getUsername() +
|
|
|
|
|
String msg = "Could not change the password of the user: " + username +
|
|
|
|
|
". The Character Encoding is not supported.";
|
|
|
|
|
log.error(msg, e);
|
|
|
|
|
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private static boolean validateCredential(String password)
|
|
|
|
|
throws UserStoreException, UnsupportedEncodingException {
|
|
|
|
|
String passwordValidationRegex = DeviceMgtAPIUtils.getRealmService().getBootstrapRealmConfiguration()
|
|
|
|
|
.getUserStoreProperty(PASSWORD_VALIDATION_REGEX_TAG);
|
|
|
|
|
if (passwordValidationRegex != null) {
|
|
|
|
|
Pattern pattern = Pattern.compile(passwordValidationRegex);
|
|
|
|
|
if (pattern.matcher(password).matches()) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|