Add improvements of OTP management

try_it
parent ba42f79fba
commit cfe805ab43

@ -1,49 +0,0 @@
/* Copyright (c) 2023, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved.
*
* Entgra (Pvt) Ltd. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.device.mgt.common.otp.mgt.wrapper;
public class DownloadURLDetails {
private String firstName;
private String URL;
private String email;
public String getURL() {
return URL;
}
public void setURL(String URL) {
this.URL = URL;
}
public String getFirstName() {
return firstName;
}
public void setFirstName(String firstName) {
this.firstName = firstName;
}
public String getEmail() {
return email;
}
public void setEmail(String email) {
this.email = email;
}
}

@ -22,21 +22,11 @@ import org.wso2.carbon.device.mgt.common.exceptions.DeviceManagementException;
import org.wso2.carbon.device.mgt.common.exceptions.OTPManagementException; import org.wso2.carbon.device.mgt.common.exceptions.OTPManagementException;
import org.wso2.carbon.device.mgt.common.invitation.mgt.DeviceEnrollmentInvitation; import org.wso2.carbon.device.mgt.common.invitation.mgt.DeviceEnrollmentInvitation;
import org.wso2.carbon.device.mgt.common.otp.mgt.dto.OneTimePinDTO; import org.wso2.carbon.device.mgt.common.otp.mgt.dto.OneTimePinDTO;
import org.wso2.carbon.device.mgt.common.otp.mgt.wrapper.DownloadURLDetails;
import org.wso2.carbon.device.mgt.common.otp.mgt.wrapper.OTPWrapper;
import java.util.Map; import java.util.Map;
public interface OTPManagementService { public interface OTPManagementService {
/**
* Create OTP token and store tenant details in the DB
* @param otpWrapper OTP Mail Wrapper object which contains tenant details of registering user
* @throws OTPManagementException if error occurs while creating OTP token and storing tenant details.
* @throws BadRequestException if found and incompatible payload to create OTP token.
*/
String sendUserVerifyingMail(OTPWrapper otpWrapper) throws OTPManagementException, DeviceManagementException;
/** /**
* Check the validity of the OTP * Check the validity of the OTP
* @param oneTimeToken OTP * @param oneTimeToken OTP
@ -64,12 +54,11 @@ public interface OTPManagementService {
void sendDeviceEnrollmentInvitationMail(DeviceEnrollmentInvitation deviceEnrollmentInvitation) void sendDeviceEnrollmentInvitationMail(DeviceEnrollmentInvitation deviceEnrollmentInvitation)
throws OTPManagementException; throws OTPManagementException;
/**
* Send an e-mail to the requesting e-mail address with a product download URL
* @param downloadURLDetails Contains the details to send product download e-mail
* @throws OTPManagementException if request payload doesn't contains required details to send the product
* download mail.
*/
void shareProductDownloadUrl(DownloadURLDetails downloadURLDetails) throws OTPManagementException;
} boolean hasEmailRegistered(String email, String emailDomain) throws OTPManagementException,
DeviceManagementException;
OneTimePinDTO generateOneTimePin(String email, String emailType, String userName, Object metaDataObj,
int tenantId, boolean persistPin) throws OTPManagementException;
}

@ -20,7 +20,6 @@ import com.google.gson.Gson;
import org.apache.commons.lang.StringUtils; import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.base.MultitenantConstants;
import org.wso2.carbon.context.CarbonContext; import org.wso2.carbon.context.CarbonContext;
import org.wso2.carbon.device.mgt.common.configuration.mgt.ConfigurationManagementException; import org.wso2.carbon.device.mgt.common.configuration.mgt.ConfigurationManagementException;
import org.wso2.carbon.device.mgt.common.exceptions.BadRequestException; import org.wso2.carbon.device.mgt.common.exceptions.BadRequestException;
@ -28,42 +27,32 @@ import org.wso2.carbon.device.mgt.common.exceptions.DBConnectionException;
import org.wso2.carbon.device.mgt.common.exceptions.DeviceManagementException; import org.wso2.carbon.device.mgt.common.exceptions.DeviceManagementException;
import org.wso2.carbon.device.mgt.common.exceptions.OTPManagementException; import org.wso2.carbon.device.mgt.common.exceptions.OTPManagementException;
import org.wso2.carbon.device.mgt.common.exceptions.TransactionManagementException; import org.wso2.carbon.device.mgt.common.exceptions.TransactionManagementException;
import org.wso2.carbon.device.mgt.common.exceptions.UnAuthorizedException;
import org.wso2.carbon.device.mgt.common.invitation.mgt.DeviceEnrollmentInvitation; import org.wso2.carbon.device.mgt.common.invitation.mgt.DeviceEnrollmentInvitation;
import org.wso2.carbon.device.mgt.common.invitation.mgt.DeviceEnrollmentInvitationDetails; import org.wso2.carbon.device.mgt.common.invitation.mgt.DeviceEnrollmentInvitationDetails;
import org.wso2.carbon.device.mgt.common.invitation.mgt.DeviceEnrollmentType; import org.wso2.carbon.device.mgt.common.invitation.mgt.DeviceEnrollmentType;
import org.wso2.carbon.device.mgt.common.metadata.mgt.Metadata;
import org.wso2.carbon.device.mgt.common.otp.mgt.OTPEmailTypes; import org.wso2.carbon.device.mgt.common.otp.mgt.OTPEmailTypes;
import org.wso2.carbon.device.mgt.common.otp.mgt.dto.OneTimePinDTO; import org.wso2.carbon.device.mgt.common.otp.mgt.dto.OneTimePinDTO;
import org.wso2.carbon.device.mgt.common.otp.mgt.wrapper.DownloadURLDetails;
import org.wso2.carbon.device.mgt.common.spi.OTPManagementService; import org.wso2.carbon.device.mgt.common.spi.OTPManagementService;
import org.wso2.carbon.device.mgt.core.DeviceManagementConstants; import org.wso2.carbon.device.mgt.core.DeviceManagementConstants;
import org.wso2.carbon.device.mgt.core.config.DeviceConfigurationManager;
import org.wso2.carbon.device.mgt.core.config.DeviceManagementConfig;
import org.wso2.carbon.device.mgt.core.config.keymanager.KeyManagerConfigurations;
import org.wso2.carbon.device.mgt.core.internal.DeviceManagementDataHolder; import org.wso2.carbon.device.mgt.core.internal.DeviceManagementDataHolder;
import org.wso2.carbon.device.mgt.core.otp.mgt.dao.OTPManagementDAO; import org.wso2.carbon.device.mgt.core.otp.mgt.dao.OTPManagementDAO;
import org.wso2.carbon.device.mgt.common.otp.mgt.wrapper.OTPWrapper;
import org.wso2.carbon.device.mgt.core.otp.mgt.dao.OTPManagementDAOFactory; import org.wso2.carbon.device.mgt.core.otp.mgt.dao.OTPManagementDAOFactory;
import org.wso2.carbon.device.mgt.core.otp.mgt.exception.OTPManagementDAOException; import org.wso2.carbon.device.mgt.core.otp.mgt.exception.OTPManagementDAOException;
import org.wso2.carbon.device.mgt.core.otp.mgt.util.ConnectionManagerUtil; import org.wso2.carbon.device.mgt.core.otp.mgt.util.ConnectionManagerUtil;
import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService; import org.wso2.carbon.device.mgt.core.service.DeviceManagementProviderService;
import org.wso2.carbon.device.mgt.core.service.EmailMetaInfo; import org.wso2.carbon.device.mgt.core.service.EmailMetaInfo;
import org.apache.commons.validator.routines.EmailValidator;
import org.wso2.carbon.device.mgt.core.util.DeviceManagerUtil; import org.wso2.carbon.device.mgt.core.util.DeviceManagerUtil;
import org.wso2.carbon.user.api.Tenant; import org.wso2.carbon.user.api.Tenant;
import org.wso2.carbon.user.api.UserStoreException; import org.wso2.carbon.user.api.UserStoreException;
import static org.wso2.carbon.device.mgt.common.DeviceManagementConstants.OTPProperties;
import java.sql.Timestamp; import java.sql.Timestamp;
import java.util.ArrayList;
import java.util.Calendar; import java.util.Calendar;
import java.util.Collections;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
import java.util.Properties; import java.util.Properties;
import java.util.UUID; import java.util.UUID;
import java.util.ArrayList;
import java.util.Collections;
public class OTPManagementServiceImpl implements OTPManagementService { public class OTPManagementServiceImpl implements OTPManagementService {
@ -79,60 +68,25 @@ public class OTPManagementServiceImpl implements OTPManagementService {
} }
@Override @Override
public String sendUserVerifyingMail(OTPWrapper otpWrapper) throws OTPManagementException, DeviceManagementException { public boolean hasEmailRegistered(String email, String emailDomain) throws OTPManagementException,
Tenant tenant = validateTenantCreatingDetails(otpWrapper); DeviceManagementException {
OneTimePinDTO oneTimePinDTO = createOneTimePin(otpWrapper.getEmail(), otpWrapper.getEmailType(),
otpWrapper.getUsername(), tenant, -1234);
try { try {
ConnectionManagerUtil.beginDBTransaction(); ConnectionManagerUtil.openDBConnection();
this.otpManagementDAO.addOTPData(Collections.singletonList(oneTimePinDTO)); if (otpManagementDAO.isEmailExist(email, emailDomain)) {
// Properties props = new Properties(); return true;
// props.setProperty("first-name", tenant.getAdminFirstName());
// props.setProperty("otp-token", oneTimePinDTO.getOtpToken());
// sendMail(props, tenant.getEmail(), DeviceManagementConstants.EmailAttributes.USER_VERIFY_TEMPLATE);
ConnectionManagerUtil.commitDBTransaction();
return oneTimePinDTO.getOtpToken();
} catch (TransactionManagementException e) {
String msg = "Error occurred while disabling AutoCommit.";
log.error(msg, e);
throw new OTPManagementException(msg, e);
} catch (DBConnectionException e) {
String msg = "Error occurred while getting database connection to add OPT data.";
log.error(msg, e);
throw new OTPManagementException(msg, e);
} catch (OTPManagementDAOException e) {
ConnectionManagerUtil.rollbackDBTransaction();
String msg = "Error occurred while saving the OTP data for given email" ;
log.error(msg, e);
throw new OTPManagementException(msg, e);
} finally {
ConnectionManagerUtil.closeDBConnection();
}
}
@Override
public void shareProductDownloadUrl(DownloadURLDetails downloadURLDetails) throws OTPManagementException {
if (StringUtils.isBlank(downloadURLDetails.getURL())) {
String msg = "Couldn't find the download URL with the request.";
log.error(msg);
throw new OTPManagementException(msg);
} }
if (StringUtils.isBlank(downloadURLDetails.getFirstName())) { } catch (DBConnectionException e) {
String msg = "Couldn't find the First Name with the request."; String msg = "Error occurred while getting database connection to validate the given email and email type.";
log.error(msg); log.error(msg);
throw new OTPManagementException(msg); throw new DeviceManagementException(msg);
} } catch (OTPManagementDAOException e) {
if (StringUtils.isBlank(downloadURLDetails.getEmail())) { String msg = "Error occurred while executing SQL query to validate the given email and email type.";
String msg = "Couldn't find the e-mail address with the request.";
log.error(msg); log.error(msg);
throw new OTPManagementException(msg); throw new OTPManagementException(msg);
} finally {
ConnectionManagerUtil.closeDBConnection();
} }
return false;
Properties props = new Properties();
props.setProperty("first-name", downloadURLDetails.getFirstName());
props.setProperty("download-url", downloadURLDetails.getURL());
sendMail(props, downloadURLDetails.getEmail(),
DeviceManagementConstants.EmailAttributes.PRODUCT_DOWNLOAD_LINK_SHARING_TEMPLATE);
} }
@Override @Override
@ -157,7 +111,7 @@ public class OTPManagementServiceImpl implements OTPManagementService {
Calendar calendar = Calendar.getInstance(); Calendar calendar = Calendar.getInstance();
Timestamp currentTimestamp = new Timestamp(calendar.getTime().getTime()); Timestamp currentTimestamp = new Timestamp(calendar.getTime().getTime());
Timestamp expiredTimestamp = new Timestamp( Timestamp expiredTimestamp = new Timestamp(
oneTimePinDTO.getCreatedAt().getTime() + oneTimePinDTO.getExpiryTime() * 1000); oneTimePinDTO.getCreatedAt().getTime() + oneTimePinDTO.getExpiryTime() * 1000L);
if (currentTimestamp.after(expiredTimestamp)) { if (currentTimestamp.after(expiredTimestamp)) {
String renewedOTP = UUID.randomUUID().toString(); String renewedOTP = UUID.randomUUID().toString();
@ -168,6 +122,8 @@ public class OTPManagementServiceImpl implements OTPManagementService {
Properties props = new Properties(); Properties props = new Properties();
props.setProperty("first-name", tenant.getAdminFirstName()); props.setProperty("first-name", tenant.getAdminFirstName());
props.setProperty("otp-token", renewedOTP); props.setProperty("otp-token", renewedOTP);
props.setProperty("email", oneTimePinDTO.getEmail());
props.setProperty("type", oneTimePinDTO.getEmailType());
sendMail(props, oneTimePinDTO.getEmail(), DeviceManagementConstants.EmailAttributes.USER_VERIFY_TEMPLATE); sendMail(props, oneTimePinDTO.getEmail(), DeviceManagementConstants.EmailAttributes.USER_VERIFY_TEMPLATE);
return null; return null;
} }
@ -251,8 +207,8 @@ public class OTPManagementServiceImpl implements OTPManagementService {
for (String username : deviceEnrollmentInvitation.getUsernames()) { for (String username : deviceEnrollmentInvitation.getUsernames()) {
String emailAddress = DeviceManagerUtil.getUserClaimValue( String emailAddress = DeviceManagerUtil.getUserClaimValue(
username, DeviceManagementConstants.User.CLAIM_EMAIL_ADDRESS); username, DeviceManagementConstants.User.CLAIM_EMAIL_ADDRESS);
oneTimePinDTO = createOneTimePin(emailAddress, OTPEmailTypes.DEVICE_ENROLLMENT.toString(), username, oneTimePinDTO = generateOneTimePin(emailAddress, OTPEmailTypes.DEVICE_ENROLLMENT.toString(), username,
null, tenantId); null, tenantId, false);
oneTimePinDTOList.add(oneTimePinDTO); oneTimePinDTOList.add(oneTimePinDTO);
props.setProperty("first-name", DeviceManagerUtil. props.setProperty("first-name", DeviceManagerUtil.
getUserClaimValue(username, DeviceManagementConstants.User.CLAIM_FIRST_NAME)); getUserClaimValue(username, DeviceManagementConstants.User.CLAIM_FIRST_NAME));
@ -284,7 +240,6 @@ public class OTPManagementServiceImpl implements OTPManagementService {
} }
} }
/** /**
* Create One Time Token * Create One Time Token
* @param email email * @param email email
@ -294,8 +249,9 @@ public class OTPManagementServiceImpl implements OTPManagementService {
* @param tenantId tenant Id * @param tenantId tenant Id
* @return {@link OneTimePinDTO} * @return {@link OneTimePinDTO}
*/ */
private OneTimePinDTO createOneTimePin(String email, String emailType, String userName, Object metaDataObj, @Override
int tenantId) { public OneTimePinDTO generateOneTimePin(String email, String emailType, String userName, Object metaDataObj,
int tenantId, boolean persistPin) throws OTPManagementException {
String otpValue = UUID.randomUUID().toString(); String otpValue = UUID.randomUUID().toString();
@ -310,6 +266,28 @@ public class OTPManagementServiceImpl implements OTPManagementService {
oneTimePinDTO.setMetaInfo(metaInfo); oneTimePinDTO.setMetaInfo(metaInfo);
oneTimePinDTO.setOtpToken(otpValue); oneTimePinDTO.setOtpToken(otpValue);
if (persistPin) {
try {
ConnectionManagerUtil.beginDBTransaction();
this.otpManagementDAO.addOTPData(Collections.singletonList(oneTimePinDTO));
ConnectionManagerUtil.commitDBTransaction();
} catch (TransactionManagementException e) {
String msg = "Error occurred while disabling AutoCommit.";
log.error(msg, e);
throw new OTPManagementException(msg, e);
} catch (DBConnectionException e) {
String msg = "Error occurred while getting database connection to add OPT data.";
log.error(msg, e);
throw new OTPManagementException(msg, e);
} catch (OTPManagementDAOException e) {
ConnectionManagerUtil.rollbackDBTransaction();
String msg = "Error occurred while saving the OTP data for given email" ;
log.error(msg, e);
throw new OTPManagementException(msg, e);
} finally {
ConnectionManagerUtil.closeDBConnection();
}
}
return oneTimePinDTO; return oneTimePinDTO;
} }
@ -336,121 +314,6 @@ public class OTPManagementServiceImpl implements OTPManagementService {
} }
} }
/**
* Validate Tenant details
* @param otpWrapper OTP-Wrapper
* @return {@link Tenant} if its valid payload otherwise throws {@link DeviceManagementException}
* @throws DeviceManagementException if invalid payload or unauthorized request received
*/
private Tenant validateTenantCreatingDetails(OTPWrapper otpWrapper) throws DeviceManagementException {
DeviceManagementConfig deviceManagementConfig = DeviceConfigurationManager.getInstance()
.getDeviceManagementConfig();
KeyManagerConfigurations kmConfig = deviceManagementConfig.getKeyManagerConfigurations();
if (StringUtils.isBlank(otpWrapper.getUsername())) {
String msg = "Received Blank username to create OTP. Username: " + otpWrapper.getUsername();
log.error(msg);
throw new BadRequestException(msg);
}
String[] superTenantDetails = otpWrapper.getUsername().split("@");
if (!MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(superTenantDetails[superTenantDetails.length - 1])
|| !superTenantDetails[0].equals(kmConfig.getAdminUsername())) {
String msg = "You don't have required permission to create OTP";
log.error(msg);
throw new UnAuthorizedException(msg);
}
Tenant tenant = new Tenant();
List<Metadata> properties = otpWrapper.getProperties();
for (Metadata property : properties) {
if (property == null) {
String msg = "Received invalid property to create OTP.";
log.error(msg);
throw new BadRequestException(msg);
}
switch (property.getMetaKey()) {
case OTPProperties.FIRST_NAME:
String firstName = property.getMetaValue();
if (StringUtils.isBlank(firstName)) {
String msg = "Received empty or blank first name field with OTP creating payload.";
log.error(msg);
throw new BadRequestException(msg);
}
tenant.setAdminFirstName(firstName);
break;
case OTPProperties.LAST_NAME:
String lastName = property.getMetaValue();
if (StringUtils.isBlank(lastName)) {
String msg = "Received empty or blank last name field with OTP creating payload.";
log.error(msg);
throw new BadRequestException(msg);
}
tenant.setAdminLastName(lastName);
break;
case OTPProperties.TENANT_ADMIN_PASSWORD:
String pwd = property.getMetaValue();
if (StringUtils.isBlank(pwd)) {
String msg = "Received empty or blank admin password field with OTP creating payload.";
log.error(msg);
throw new BadRequestException(msg);
}
tenant.setAdminPassword(pwd);
break;
default:
String msg = "Received invalid key with OTP properties for creating OTP.";
log.error(msg);
throw new BadRequestException(msg);
}
}
if (StringUtils.isBlank(otpWrapper.getEmail())) {
String msg = "Received empty or blank email field with OTP creating payload.";
log.error(msg);
throw new BadRequestException(msg);
}
EmailValidator validator = EmailValidator.getInstance();
if (!validator.isValid(otpWrapper.getEmail())) {
String msg = "Found invalid email. Hence please verify the email address and re-try. Email: " + otpWrapper
.getEmail();
log.error(msg);
throw new BadRequestException(msg);
}
if (StringUtils.isBlank(otpWrapper.getEmailType())) {
String msg = "Received empty or blank email type field with OTP creating payload.";
log.error(msg);
throw new BadRequestException(msg);
}
try {
ConnectionManagerUtil.openDBConnection();
if (otpManagementDAO.isEmailExist(otpWrapper.getEmail(), otpWrapper.getEmailType())) {
String msg = "Email is registered to execute the same action. Hence can't proceed.";
log.error(msg);
throw new BadRequestException(msg);
}
} catch (DBConnectionException e) {
String msg = "Error occurred while getting database connection to validate the given email and email type.";
log.error(msg);
throw new DeviceManagementException(msg);
} catch (OTPManagementDAOException e) {
String msg = "Error occurred while executing SQL query to validate the given email and email type.";
log.error(msg);
throw new DeviceManagementException(msg);
} finally {
ConnectionManagerUtil.closeDBConnection();
}
String[] tenantUsernameDetails = otpWrapper.getEmail().split("@");
tenant.setAdminName(tenantUsernameDetails[0]);
tenant.setDomain(tenantUsernameDetails[tenantUsernameDetails.length - 1]);
tenant.setEmail(otpWrapper.getEmail());
return tenant;
}
/** /**
* If OTP expired, resend the user verifying mail with renewed OTP * If OTP expired, resend the user verifying mail with renewed OTP
* @param props Mail body properties * @param props Mail body properties

@ -36,8 +36,9 @@
Hi $first-name, Hi $first-name,
</p> </p>
<p style="font-size: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; margin: 5px 0px;"> <p style="font-size: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; margin: 5px 0px;">
Congratulations!!! Thank you for registering with Entgra cloud. Please click and log in to the Congratulations!!! Thank you for registering with Entgra. Please click on the
following link to complete your registration with us. Click <a href="$base-url-https/self-register/sign-up?token=$otp-token">here</a>. following link to complete your registration with us. Click <a
href="$base-url-https/self-register/sign-up?token=$otp-token&type=$type&email=$email>here</a>.
</p> </p>
<p style="font-length: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; margin: 5px 0px;"> <p style="font-length: 1em; font-family: Arial, Helvetica; line-height: 170%; color: #666666; margin: 5px 0px;">

Loading…
Cancel
Save