Merge remote-tracking branch 'origin/master'

pom.xml

@@ -62,6 +62,7 @@
             <properties>
                 <maven.javadoc.skip>true</maven.javadoc.skip>
                 <source.skip>true</source.skip>
+				<jspc.skip>true</jspc.skip>
             </properties>
         </profile>
     </profiles>

src/main/java/password/pwm/bean/pub/PublicUserInfoBean.java

@@ -22,14 +22,20 @@
 
 package password.pwm.bean.pub;
 
+import java.io.Serializable;
+import java.util.Collections;
+import java.util.Date;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Locale;
+import java.util.Map;
+
 import password.pwm.bean.PasswordStatus;
 import password.pwm.bean.UserInfoBean;
 import password.pwm.config.Configuration;
 import password.pwm.config.profile.PwmPasswordRule;
 import password.pwm.http.tag.PasswordRequirementsTag;
-
-import java.io.Serializable;
-import java.util.*;
+import password.pwm.util.macro.MacroMachine;
 
 public class PublicUserInfoBean implements Serializable {
     public String userDN;
@@ -48,7 +54,7 @@ public class PublicUserInfoBean implements Serializable {
     public List<String> passwordRules;
     public Map<String, String> attributes;
 
-    public static PublicUserInfoBean fromUserInfoBean(final UserInfoBean userInfoBean, final Configuration config, final Locale locale) {
+    public static PublicUserInfoBean fromUserInfoBean(final UserInfoBean userInfoBean, final Configuration config, final Locale locale, final MacroMachine macroMachine) {
         final PublicUserInfoBean publicUserInfoBean = new PublicUserInfoBean();
         publicUserInfoBean.userDN = (userInfoBean.getUserIdentity() == null) ? "" : userInfoBean.getUserIdentity().getUserDN();
         publicUserInfoBean.ldapProfile = (userInfoBean.getUserIdentity() == null) ? "" : userInfoBean.getUserIdentity().getLdapProfileID();
@@ -75,7 +81,8 @@ public class PublicUserInfoBean implements Serializable {
         publicUserInfoBean.passwordRules = PasswordRequirementsTag.getPasswordRequirementsStrings(
                 userInfoBean.getPasswordPolicy(),
                 config,
-                locale
+                locale,
+                macroMachine
         );
 
         if (userInfoBean.getCachedAttributeValues() != null && !userInfoBean.getCachedAttributeValues().isEmpty()) {

src/main/java/password/pwm/config/profile/PwmPasswordPolicy.java

@@ -22,21 +22,31 @@
 
 package password.pwm.config.profile;
 
-import com.novell.ldapchai.ChaiPasswordPolicy;
-import com.novell.ldapchai.ChaiPasswordRule;
-import com.novell.ldapchai.util.DefaultChaiPasswordPolicy;
-import com.novell.ldapchai.util.PasswordRuleHelper;
-import com.novell.ldapchai.util.StringHelper;
+import java.io.Serializable;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.LinkedHashMap;
+import java.util.List;
+import java.util.Locale;
+import java.util.Map;
+import java.util.Set;
+import java.util.regex.Pattern;
+import java.util.regex.PatternSyntaxException;
+
 import password.pwm.config.UserPermission;
 import password.pwm.config.option.ADPolicyComplexity;
 import password.pwm.health.HealthMessage;
 import password.pwm.health.HealthRecord;
 import password.pwm.util.logging.PwmLogger;
+import password.pwm.util.macro.MacroMachine;
 
-import java.io.Serializable;
-import java.util.*;
-import java.util.regex.Pattern;
-import java.util.regex.PatternSyntaxException;
+import com.novell.ldapchai.ChaiPasswordPolicy;
+import com.novell.ldapchai.ChaiPasswordRule;
+import com.novell.ldapchai.util.DefaultChaiPasswordPolicy;
+import com.novell.ldapchai.util.PasswordRuleHelper;
+import com.novell.ldapchai.util.StringHelper;
 
 
 /**

src/main/java/password/pwm/http/servlet/forgottenpw/RemoteVerificationMethod.java

@@ -38,6 +38,7 @@ import password.pwm.http.client.PwmHttpClientRequest;
 import password.pwm.http.client.PwmHttpClientResponse;
 import password.pwm.util.JsonUtil;
 import password.pwm.util.logging.PwmLogger;
+import password.pwm.util.macro.MacroMachine;
 import password.pwm.util.secure.PwmRandom;
 
 import java.util.*;
@@ -126,7 +127,8 @@ public class RemoteVerificationMethod implements RecoveryVerificationMethod {
 
         RemoteVerificationRequestBean remoteVerificationRequestBean = new RemoteVerificationRequestBean();
         remoteVerificationRequestBean.setResponseSessionID(this.remoteSessionID);
-        remoteVerificationRequestBean.setUserInfo(PublicUserInfoBean.fromUserInfoBean(userInfoBean, pwmApplication.getConfig(), locale));
+        MacroMachine macroMachine = MacroMachine.forUser(pwmApplication, PwmConstants.DEFAULT_LOCALE, SessionLabel.SYSTEM_LABEL, userInfoBean.getUserIdentity());
+        remoteVerificationRequestBean.setUserInfo(PublicUserInfoBean.fromUserInfoBean(userInfoBean, pwmApplication.getConfig(), locale, macroMachine));
         remoteVerificationRequestBean.setUserResponses(userResponses);
 
         PwmHttpClientRequest pwmHttpClientRequest = new PwmHttpClientRequest(

src/main/java/password/pwm/http/tag/PasswordRequirementsTag.java

@@ -23,6 +23,8 @@
 package password.pwm.http.tag;
 
 import password.pwm.PwmApplication;
+import password.pwm.PwmConstants;
+import password.pwm.bean.SessionLabel;
 import password.pwm.config.Configuration;
 import password.pwm.config.option.ADPolicyComplexity;
 import password.pwm.config.profile.NewUserProfile;
@@ -36,11 +38,13 @@ import password.pwm.i18n.Message;
 import password.pwm.util.LocaleHelper;
 import password.pwm.util.StringUtil;
 import password.pwm.util.logging.PwmLogger;
+import password.pwm.util.macro.MacroMachine;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.servlet.jsp.JspTagException;
 import javax.servlet.jsp.tagext.TagSupport;
+
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Locale;
@@ -62,7 +66,8 @@ public class PasswordRequirementsTag extends TagSupport {
     public static List<String> getPasswordRequirementsStrings(
             final PwmPasswordPolicy pwordPolicy,
             final Configuration config,
-            final Locale locale
+            final Locale locale,
+            final MacroMachine macroMachine
     ) {
         final List<String> returnValues = new ArrayList<>();
         final ADPolicyComplexity ADPolicyLevel = pwordPolicy.getRuleHelper().getADComplexityLevel();
@@ -213,7 +218,9 @@ public class PasswordRequirementsTag extends TagSupport {
                 final StringBuilder fieldValue = new StringBuilder();
                 for (final String loopValue : setValue) {
                     fieldValue.append(" ");
-                    fieldValue.append(StringUtil.escapeHtml(loopValue));
+
+                    String expandedValue = macroMachine.expandMacros(loopValue);
+                    fieldValue.append(StringUtil.escapeHtml(expandedValue));
                 }
                 returnValues.add(
                         getLocalString(Message.Requirement_DisAllowedValues, fieldValue.toString(), locale, config));
@@ -334,12 +341,14 @@ public class PasswordRequirementsTag extends TagSupport {
             final PwmSession pwmSession = pwmRequest.getPwmSession();
             final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
             final Configuration config = pwmApplication.getConfig();
+            final Locale locale = pwmSession.getSessionStateBean().getLocale();
 
+            pwmSession.getSessionManager().getMacroMachine(pwmApplication);
 
             final PwmPasswordPolicy passwordPolicy;
             if (getForm() != null && getForm().equalsIgnoreCase("newuser")) {
                 final NewUserProfile newUserProfile = NewUserServlet.getNewUserProfile(pwmRequest);
-                passwordPolicy = newUserProfile.getNewUserPasswordPolicy(pwmApplication, pwmSession.getSessionStateBean().getLocale());
+                passwordPolicy = newUserProfile.getNewUserPasswordPolicy(pwmApplication, locale);
             } else {
                 passwordPolicy = pwmSession.getUserInfoBean().getPasswordPolicy();
             }
@@ -348,9 +357,11 @@ public class PasswordRequirementsTag extends TagSupport {
             if (configuredRuleText != null && configuredRuleText.length() > 0) {
                 pageContext.getOut().write(configuredRuleText);
             } else {
+                MacroMachine macroMachine = pwmSession.getSessionManager().getMacroMachine(pwmApplication);
+
                 final String pre = prepend != null && prepend.length() > 0 ? prepend : "";
                 final String sep = separator != null && separator.length() > 0 ? separator : "<br/>";
-                final List<String> requirementsList = getPasswordRequirementsStrings(passwordPolicy, config, pwmSession.getSessionStateBean().getLocale());
+                final List<String> requirementsList = getPasswordRequirementsStrings(passwordPolicy, config, locale, macroMachine);
 
                 final StringBuilder requirementsText = new StringBuilder();
                 for (final String requirementStatement : requirementsList) {

src/main/java/password/pwm/util/PwmPasswordRuleValidator.java

@@ -27,10 +27,12 @@ import com.novell.ldapchai.ChaiUser;
 import com.novell.ldapchai.exception.ChaiError;
 import com.novell.ldapchai.exception.ChaiPasswordPolicyException;
 import com.novell.ldapchai.exception.ChaiUnavailableException;
+
 import password.pwm.AppProperty;
 import password.pwm.PwmApplication;
 import password.pwm.PwmConstants;
 import password.pwm.bean.pub.PublicUserInfoBean;
+import password.pwm.bean.SessionLabel;
 import password.pwm.bean.UserInfoBean;
 import password.pwm.config.Configuration;
 import password.pwm.config.PwmSetting;
@@ -38,9 +40,11 @@ import password.pwm.config.option.ADPolicyComplexity;
 import password.pwm.config.profile.PwmPasswordPolicy;
 import password.pwm.config.profile.PwmPasswordRule;
 import password.pwm.error.*;
+import password.pwm.http.PwmSession;
 import password.pwm.svc.PwmService;
 import password.pwm.svc.stats.Statistic;
 import password.pwm.util.logging.PwmLogger;
+import password.pwm.util.macro.MacroMachine;
 import password.pwm.util.operations.PasswordUtility;
 import password.pwm.ws.client.rest.RestClientHelper;
 
@@ -211,12 +215,15 @@ public class PwmPasswordRuleValidator {
 
         // check against disallowed values;
         if (!ruleHelper.getDisallowedValues().isEmpty()) {
+            MacroMachine macroMachine = MacroMachine.forUser(pwmApplication, PwmConstants.DEFAULT_LOCALE, SessionLabel.SYSTEM_LABEL, uiBean.getUserIdentity());
+
             final String lcasePwd = passwordString.toLowerCase();
             final Set<String> paramValues = new HashSet<>(ruleHelper.getDisallowedValues());
 
             for (final String loopValue : paramValues) {
                 if (loopValue != null && loopValue.length() > 0) {
-                    final String loweredLoop = loopValue.toLowerCase();
+                    final String expandedValue = macroMachine.expandMacros(loopValue);
+                    final String loweredLoop = expandedValue.toLowerCase();
                     if (lcasePwd.contains(loweredLoop)) {
                         errorList.add(new ErrorInformation(PwmError.PASSWORD_USING_DISALLOWED_VALUE));
                     }
@@ -542,7 +549,8 @@ public class PwmPasswordRuleValidator {
             sendData.put("policy",policyData);
         }
         if (uiBean != null) {
-            final PublicUserInfoBean publicUserInfoBean = PublicUserInfoBean.fromUserInfoBean(uiBean, pwmApplication.getConfig(), locale);
+            MacroMachine macroMachine = MacroMachine.forUser(pwmApplication, PwmConstants.DEFAULT_LOCALE, SessionLabel.SYSTEM_LABEL, uiBean.getUserIdentity());
+            final PublicUserInfoBean publicUserInfoBean = PublicUserInfoBean.fromUserInfoBean(uiBean, pwmApplication.getConfig(), locale, macroMachine);
             sendData.put("userInfo", publicUserInfoBean);
         }
 

src/main/java/password/pwm/util/macro/ExternalRestMacro.java

@@ -22,19 +22,21 @@
 
 package password.pwm.util.macro;
 
-import com.google.gson.reflect.TypeToken;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.regex.Pattern;
+
 import password.pwm.PwmApplication;
 import password.pwm.PwmConstants;
 import password.pwm.bean.pub.PublicUserInfoBean;
+import password.pwm.bean.SessionLabel;
 import password.pwm.bean.UserInfoBean;
 import password.pwm.error.PwmException;
 import password.pwm.util.JsonUtil;
 import password.pwm.util.logging.PwmLogger;
 import password.pwm.ws.client.rest.RestClientHelper;
 
-import java.util.HashMap;
-import java.util.Map;
-import java.util.regex.Pattern;
+import com.google.gson.reflect.TypeToken;
 
 /**
  * External macro @External1:<value>@ where 1 is incremental configuration item.
@@ -68,13 +70,15 @@ class ExternalRestMacro extends AbstractMacro {
 
         final String inputString = matchValue.substring(11,matchValue.length() -1);
         final Map<String,Object> sendData = new HashMap<>();
-        if (userInfoBean != null) {
-            final PublicUserInfoBean publicUserInfoBean = PublicUserInfoBean.fromUserInfoBean(userInfoBean, pwmApplication.getConfig(), PwmConstants.DEFAULT_LOCALE);
-            sendData.put("userInfo", publicUserInfoBean);
-        }
-        sendData.put("input",inputString);
 
         try {
+            if (userInfoBean != null) {
+                MacroMachine macroMachine = MacroMachine.forUser(pwmApplication, PwmConstants.DEFAULT_LOCALE, SessionLabel.SYSTEM_LABEL, userInfoBean.getUserIdentity());
+                final PublicUserInfoBean publicUserInfoBean = PublicUserInfoBean.fromUserInfoBean(userInfoBean, pwmApplication.getConfig(), PwmConstants.DEFAULT_LOCALE, macroMachine);
+                sendData.put("userInfo", publicUserInfoBean);
+            }
+            sendData.put("input",inputString);
+
             final String requestBody = JsonUtil.serializeMap(sendData);
             final String responseBody = RestClientHelper.makeOutboundRestWSCall(pwmApplication,
                     PwmConstants.DEFAULT_LOCALE, url,

src/main/java/password/pwm/ws/client/rest/RestTokenDataClient.java

@@ -22,7 +22,11 @@
 
 package password.pwm.ws.client.rest;
 
-import com.novell.ldapchai.exception.ChaiUnavailableException;
+import java.io.Serializable;
+import java.util.LinkedHashMap;
+import java.util.Locale;
+import java.util.Map;
+
 import password.pwm.PwmApplication;
 import password.pwm.PwmConstants;
 import password.pwm.bean.pub.PublicUserInfoBean;
@@ -37,11 +41,9 @@ import password.pwm.error.PwmUnrecoverableException;
 import password.pwm.ldap.UserStatusReader;
 import password.pwm.util.JsonUtil;
 import password.pwm.util.logging.PwmLogger;
+import password.pwm.util.macro.MacroMachine;
 
-import java.io.Serializable;
-import java.util.LinkedHashMap;
-import java.util.Locale;
-import java.util.Map;
+import com.novell.ldapchai.exception.ChaiUnavailableException;
 
 public class RestTokenDataClient implements RestClient {
 
@@ -108,7 +110,8 @@ public class RestTokenDataClient implements RestClient {
                     userIdentity
             );
 
-            final PublicUserInfoBean publicUserInfoBean = PublicUserInfoBean.fromUserInfoBean(userInfoBean, pwmApplication.getConfig(), PwmConstants.DEFAULT_LOCALE);
+            MacroMachine macroMachine = MacroMachine.forUser(pwmApplication, PwmConstants.DEFAULT_LOCALE, SessionLabel.SYSTEM_LABEL, userInfoBean.getUserIdentity());
+            final PublicUserInfoBean publicUserInfoBean = PublicUserInfoBean.fromUserInfoBean(userInfoBean, pwmApplication.getConfig(), PwmConstants.DEFAULT_LOCALE, macroMachine);
             sendData.put(RestClient.DATA_KEY_USERINFO, publicUserInfoBean);
         }
 

src/main/java/password/pwm/ws/server/rest/RestStatusServer.java

@@ -22,8 +22,18 @@
 
 package password.pwm.ws.server.rest;
 
-import password.pwm.bean.pub.PublicUserInfoBean;
+import java.net.URISyntaxException;
+import java.util.Date;
+
+import javax.ws.rs.GET;
+import javax.ws.rs.Path;
+import javax.ws.rs.Produces;
+import javax.ws.rs.QueryParam;
+import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.Response;
+
 import password.pwm.bean.UserInfoBean;
+import password.pwm.bean.pub.PublicUserInfoBean;
 import password.pwm.error.ErrorInformation;
 import password.pwm.error.PwmError;
 import password.pwm.error.PwmException;
@@ -35,20 +45,12 @@ import password.pwm.svc.stats.StatisticsManager;
 import password.pwm.util.JsonUtil;
 import password.pwm.util.TimeDuration;
 import password.pwm.util.logging.PwmLogger;
+import password.pwm.util.macro.MacroMachine;
 import password.pwm.ws.server.RestRequestBean;
 import password.pwm.ws.server.RestResultBean;
 import password.pwm.ws.server.RestServerHelper;
 import password.pwm.ws.server.ServicePermissions;
 
-import javax.ws.rs.GET;
-import javax.ws.rs.Path;
-import javax.ws.rs.Produces;
-import javax.ws.rs.QueryParam;
-import javax.ws.rs.core.MediaType;
-import javax.ws.rs.core.Response;
-import java.net.URISyntaxException;
-import java.util.Date;
-
 @Path("/status")
 public class RestStatusServer extends AbstractRestServer {
     public static final PwmLogger LOGGER = PwmLogger.forClass(RestStatusServer.class);
@@ -91,10 +93,12 @@ public class RestStatusServer extends AbstractRestServer {
                 userInfoBean = restRequestBean.getPwmSession().getUserInfoBean();
             }
             final RestResultBean restResultBean = new RestResultBean();
+            MacroMachine macroMachine = restRequestBean.getPwmSession().getSessionManager().getMacroMachine(restRequestBean.getPwmApplication());
             restResultBean.setData(PublicUserInfoBean.fromUserInfoBean(
                     userInfoBean,
                     restRequestBean.getPwmApplication().getConfig(),
-                    restRequestBean.getPwmSession().getSessionStateBean().getLocale()
+                    restRequestBean.getPwmSession().getSessionStateBean().getLocale(),
+                    macroMachine
             ));
 
             final StatisticsManager statsMgr = restRequestBean.getPwmApplication().getStatisticsManager();

src/main/webapp/WEB-INF/jsp/changepassword.jsp

@@ -22,6 +22,7 @@
 
 <!DOCTYPE html>
 <%@ page import="password.pwm.bean.PasswordStatus" %>
+<%@ page import="password.pwm.util.macro.MacroMachine" %>
 <%@ page language="java" session="true" isThreadSafe="true" contentType="text/html" %>
 <%@ taglib uri="pwm" prefix="pwm" %>
 <% final PwmRequest changepassword_pwmRequest = PwmRequest.forRequest(request,response); %>
@@ -43,9 +44,12 @@
                 <pwm:DisplayPasswordRequirements separator="</li>" prepend="<li>"/>
             </ul>
         </div>
-        <% final String passwordPolicyChangeMessage = changepassword_pwmRequest.getPwmSession().getUserInfoBean().getPasswordPolicy().getRuleHelper().getChangeMessage(); %>
+        <%
+            final String passwordPolicyChangeMessage = changepassword_pwmRequest.getPwmSession().getUserInfoBean().getPasswordPolicy().getRuleHelper().getChangeMessage();
+            MacroMachine macroMachine = JspUtility.getPwmSession(pageContext).getSessionManager().getMacroMachine(ContextManager.getPwmApplication(session));
+        %>
         <% if (passwordPolicyChangeMessage.length() > 1) { %>
-        <p><%= passwordPolicyChangeMessage %></p>
+        <p><%= macroMachine.expandMacros(passwordPolicyChangeMessage) %></p>
         <% } %>
         <br/>
         <%@ include file="fragment/message.jsp" %>

src/main/webapp/WEB-INF/jsp/helpdesk-detail.jsp

@@ -39,6 +39,7 @@
 <%@ page import="password.pwm.svc.event.UserAuditRecord" %>
 <%@ page import="password.pwm.util.StringUtil" %>
 <%@ page import="password.pwm.util.TimeDuration" %>
+<%@ page import="password.pwm.util.macro.MacroMachine" %>
 <%@ page import="java.text.DateFormat" %>
 <%@ page import="java.util.Date" %>
 <%@ page import="java.util.List" %>
@@ -457,7 +458,8 @@
                                         <td>
                                             <ul>
                                                 <%
-                                                    final List<String> requirementLines = PasswordRequirementsTag.getPasswordRequirementsStrings(searchedUserInfo.getPasswordPolicy(), ContextManager.getPwmApplication(session).getConfig(), pwmSession.getSessionStateBean().getLocale()); %>
+                                                    MacroMachine macroMachine = JspUtility.getPwmSession(pageContext).getSessionManager().getMacroMachine(ContextManager.getPwmApplication(session));
+                                                    final List<String> requirementLines = PasswordRequirementsTag.getPasswordRequirementsStrings(searchedUserInfo.getPasswordPolicy(), ContextManager.getPwmApplication(session).getConfig(), pwmSession.getSessionStateBean().getLocale(), macroMachine); %>
                                                 <% for (final String requirementLine : requirementLines) { %>
                                                 <li><%=requirementLine%>
                                                 </li>