|
@@ -45,6 +45,7 @@ import password.pwm.error.PwmOperationalException;
|
|
|
import password.pwm.error.PwmUnrecoverableException;
|
|
|
import password.pwm.http.HttpMethod;
|
|
|
import password.pwm.http.JspUrl;
|
|
|
+import password.pwm.http.ProcessStatus;
|
|
|
import password.pwm.http.PwmRequest;
|
|
|
import password.pwm.http.PwmSession;
|
|
|
import password.pwm.http.bean.SetupResponsesBean;
|
|
@@ -55,8 +56,6 @@ import password.pwm.svc.event.AuditEvent;
|
|
|
import password.pwm.svc.event.AuditRecordFactory;
|
|
|
import password.pwm.svc.event.UserAuditRecord;
|
|
|
import password.pwm.svc.stats.Statistic;
|
|
|
-import password.pwm.util.Validator;
|
|
|
-import password.pwm.util.java.JavaHelper;
|
|
|
import password.pwm.util.java.JsonUtil;
|
|
|
import password.pwm.util.java.TimeDuration;
|
|
|
import password.pwm.util.logging.PwmLogger;
|
|
@@ -85,7 +84,7 @@ import java.util.Map;
|
|
|
PwmConstants.URL_PREFIX_PRIVATE + "/SetupResponses",
|
|
|
}
|
|
|
)
|
|
|
-public class SetupResponsesServlet extends AbstractPwmServlet {
|
|
|
+public class SetupResponsesServlet extends ControlledPwmServlet {
|
|
|
|
|
|
private static final PwmLogger LOGGER = PwmLogger.forClass(SetupResponsesServlet.class);
|
|
|
|
|
@@ -122,13 +121,15 @@ public class SetupResponsesServlet extends AbstractPwmServlet {
|
|
|
}
|
|
|
}
|
|
|
|
|
|
- protected void processAction(final PwmRequest pwmRequest)
|
|
|
- throws ServletException, IOException, ChaiUnavailableException, PwmUnrecoverableException
|
|
|
- {
|
|
|
- // fetch the required beans / managers
|
|
|
+ private SetupResponsesBean getSetupResponseBean(final PwmRequest pwmRequest) throws PwmUnrecoverableException {
|
|
|
+ return pwmRequest.getPwmApplication().getSessionStateService().getBean(pwmRequest, SetupResponsesBean.class);
|
|
|
+ }
|
|
|
+
|
|
|
+ @Override
|
|
|
+ public void preProcessCheck(final PwmRequest pwmRequest) throws PwmUnrecoverableException, IOException, ServletException {
|
|
|
final PwmSession pwmSession = pwmRequest.getPwmSession();
|
|
|
final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
|
|
|
- final UserInfoBean uiBean = pwmSession.getUserInfoBean();
|
|
|
+ final SetupResponsesBean setupResponsesBean = getSetupResponseBean(pwmRequest);
|
|
|
|
|
|
if (!pwmSession.isAuthenticated()) {
|
|
|
pwmRequest.respondWithError(PwmError.ERROR_AUTHENTICATION_REQUIRED.toInfo());
|
|
@@ -140,14 +141,12 @@ public class SetupResponsesServlet extends AbstractPwmServlet {
|
|
|
}
|
|
|
|
|
|
if (!pwmApplication.getConfig().readSettingAsBoolean(PwmSetting.CHALLENGE_ENABLE)) {
|
|
|
- pwmRequest.respondWithError(PwmError.ERROR_SERVICE_NOT_AVAILABLE.toInfo());
|
|
|
- return;
|
|
|
+ throw new PwmUnrecoverableException(PwmError.ERROR_SERVICE_NOT_AVAILABLE);
|
|
|
}
|
|
|
|
|
|
// check to see if the user is permitted to setup responses
|
|
|
if (!pwmSession.getSessionManager().checkPermission(pwmApplication, Permission.SETUP_RESPONSE)) {
|
|
|
- pwmRequest.respondWithError(PwmError.ERROR_UNAUTHORIZED.toInfo());
|
|
|
- return;
|
|
|
+ throw new PwmUnrecoverableException(PwmError.ERROR_UNAUTHORIZED);
|
|
|
}
|
|
|
|
|
|
// check if the locale has changed since first seen.
|
|
@@ -156,63 +155,41 @@ public class SetupResponsesServlet extends AbstractPwmServlet {
|
|
|
pwmApplication.getSessionStateService().getBean(pwmRequest, SetupResponsesBean.class).setUserLocale(pwmSession.getSessionStateBean().getLocale());
|
|
|
}
|
|
|
|
|
|
- SetupResponsesBean setupResponsesBean = pwmApplication.getSessionStateService().getBean(pwmRequest, SetupResponsesBean.class);
|
|
|
initializeBean(pwmRequest, setupResponsesBean);
|
|
|
|
|
|
// check to see if the user has any challenges assigned
|
|
|
+ final UserInfoBean uiBean = pwmSession.getUserInfoBean();
|
|
|
if (setupResponsesBean.getResponseData().getChallengeSet() == null || setupResponsesBean.getResponseData().getChallengeSet().getChallenges().isEmpty()) {
|
|
|
- LOGGER.debug(pwmSession, "no challenge sets configured for user " + uiBean.getUserIdentity());
|
|
|
- pwmRequest.respondWithError(PwmError.ERROR_NO_CHALLENGES.toInfo());
|
|
|
- return;
|
|
|
+ final String errorMsg = "no challenge sets configured for user " + uiBean.getUserIdentity();
|
|
|
+ final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_NO_CHALLENGES, errorMsg);
|
|
|
+ LOGGER.debug(pwmSession, errorInformation);
|
|
|
+ throw new PwmUnrecoverableException(errorInformation);
|
|
|
}
|
|
|
+ }
|
|
|
|
|
|
- // read the action request parameter
|
|
|
- final SetupResponsesAction action = readProcessAction(pwmRequest);
|
|
|
-
|
|
|
- if (action != null) {
|
|
|
- Validator.validatePwmFormID(pwmRequest);
|
|
|
-
|
|
|
- switch (action) {
|
|
|
- case validateResponses:
|
|
|
- restValidateResponses(pwmRequest, setupResponsesBean);
|
|
|
- return;
|
|
|
-
|
|
|
- case setResponses:
|
|
|
- handleSetupResponses(pwmRequest, setupResponsesBean, false);
|
|
|
- break;
|
|
|
-
|
|
|
- case setHelpdeskResponses:
|
|
|
- handleSetupResponses(pwmRequest, setupResponsesBean, true);
|
|
|
- break;
|
|
|
-
|
|
|
- case confirmResponses:
|
|
|
- setupResponsesBean.setConfirmed(true);
|
|
|
- break;
|
|
|
-
|
|
|
- case clearExisting:
|
|
|
- handleClearResponses(pwmRequest);
|
|
|
- return;
|
|
|
-
|
|
|
- case changeResponses:
|
|
|
- pwmApplication.getSessionStateService().clearBean(pwmRequest, SetupResponsesBean.class);
|
|
|
- setupResponsesBean = pwmApplication.getSessionStateService().getBean(pwmRequest, SetupResponsesBean.class);
|
|
|
- this.initializeBean(pwmRequest, setupResponsesBean);
|
|
|
- setupResponsesBean.setUserLocale(pwmSession.getSessionStateBean().getLocale());
|
|
|
- break;
|
|
|
-
|
|
|
- default:
|
|
|
- JavaHelper.unhandledSwitchStatement(action);
|
|
|
-
|
|
|
- }
|
|
|
- }
|
|
|
+ @ActionHandler(action = "confirmResponses")
|
|
|
+ private ProcessStatus processConfirmResponses(final PwmRequest pwmRequest) throws PwmUnrecoverableException {
|
|
|
+ final SetupResponsesBean setupResponsesBean = getSetupResponseBean(pwmRequest);
|
|
|
+ setupResponsesBean.setConfirmed(true);
|
|
|
+ return ProcessStatus.Continue;
|
|
|
+ }
|
|
|
|
|
|
- this.advanceToNextStage(pwmRequest, setupResponsesBean);
|
|
|
+ @ActionHandler(action = "changeResponses")
|
|
|
+ private ProcessStatus processChangeResponses(final PwmRequest pwmRequest) throws PwmUnrecoverableException {
|
|
|
+ final SetupResponsesBean setupResponsesBean = getSetupResponseBean(pwmRequest);
|
|
|
+ final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
|
|
|
+ pwmApplication.getSessionStateService().clearBean(pwmRequest, SetupResponsesBean.class);
|
|
|
+ this.initializeBean(pwmRequest, setupResponsesBean);
|
|
|
+ setupResponsesBean.setUserLocale(pwmRequest.getLocale());
|
|
|
+ return ProcessStatus.Continue;
|
|
|
}
|
|
|
|
|
|
- private void handleClearResponses(
|
|
|
+ @ActionHandler(action = "clearExisting")
|
|
|
+ private ProcessStatus handleClearResponses(
|
|
|
final PwmRequest pwmRequest
|
|
|
)
|
|
|
- throws PwmUnrecoverableException, ChaiUnavailableException, IOException {
|
|
|
+ throws PwmUnrecoverableException, ChaiUnavailableException, IOException
|
|
|
+ {
|
|
|
LOGGER.trace(pwmRequest, "request for response clear received");
|
|
|
final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
|
|
|
final PwmSession pwmSession = pwmRequest.getPwmSession();
|
|
@@ -235,16 +212,73 @@ public class SetupResponsesServlet extends AbstractPwmServlet {
|
|
|
pwmRequest.sendRedirect(PwmServletDefinition.SetupResponses);
|
|
|
} catch (PwmOperationalException e) {
|
|
|
LOGGER.debug(pwmSession, e.getErrorInformation());
|
|
|
- pwmRequest.setResponseError(e.getErrorInformation());
|
|
|
+ setLastError(pwmRequest, e.getErrorInformation());
|
|
|
}
|
|
|
+ return ProcessStatus.Continue;
|
|
|
}
|
|
|
|
|
|
- private void advanceToNextStage(
|
|
|
- final PwmRequest pwmRequest,
|
|
|
- final SetupResponsesBean setupResponsesBean
|
|
|
+ @ActionHandler(action = "validateResponses")
|
|
|
+ private ProcessStatus restValidateResponses(
|
|
|
+ final PwmRequest pwmRequest
|
|
|
)
|
|
|
- throws PwmUnrecoverableException, IOException, ServletException, ChaiUnavailableException
|
|
|
+ throws IOException, ServletException, PwmUnrecoverableException, ChaiUnavailableException
|
|
|
{
|
|
|
+ final SetupResponsesBean setupResponsesBean = getSetupResponseBean(pwmRequest);
|
|
|
+ final Instant startTime = Instant.now();
|
|
|
+ final PwmSession pwmSession = pwmRequest.getPwmSession();
|
|
|
+ final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
|
|
|
+ final String responseModeParam = pwmRequest.readParameterAsString("responseMode");
|
|
|
+ final SetupResponsesBean.SetupData setupData = "helpdesk".equalsIgnoreCase(responseModeParam)
|
|
|
+ ? setupResponsesBean.getHelpdeskResponseData()
|
|
|
+ : setupResponsesBean.getResponseData();
|
|
|
+
|
|
|
+ boolean success = true;
|
|
|
+ String userMessage = Message.getLocalizedMessage(pwmSession.getSessionStateBean().getLocale(), Message.Success_ResponsesMeetRules, pwmApplication.getConfig());
|
|
|
+
|
|
|
+ try {
|
|
|
+ // read in the responses from the request
|
|
|
+ final Map<Challenge, String> responseMap = readResponsesFromJsonRequest(pwmRequest, setupData);
|
|
|
+ final int minRandomRequiredSetup = setupData.getMinRandomSetup();
|
|
|
+ pwmApplication.getCrService().validateResponses(setupData.getChallengeSet(), responseMap, minRandomRequiredSetup);
|
|
|
+ generateResponseInfoBean(pwmRequest, setupData.getChallengeSet(), responseMap, Collections.emptyMap());
|
|
|
+ } catch (PwmDataValidationException e) {
|
|
|
+ success = false;
|
|
|
+ userMessage = e.getErrorInformation().toUserStr(pwmSession, pwmApplication);
|
|
|
+ }
|
|
|
+
|
|
|
+ final ValidationResponseBean validationResponseBean = new ValidationResponseBean(userMessage,success);
|
|
|
+ final RestResultBean restResultBean = new RestResultBean(validationResponseBean);
|
|
|
+ LOGGER.trace(pwmRequest,"completed rest validate response in "
|
|
|
+ + TimeDuration.fromCurrent(startTime).asCompactString()
|
|
|
+ + ", result=" + JsonUtil.serialize(restResultBean));
|
|
|
+ pwmRequest.outputJsonResult(restResultBean);
|
|
|
+ return ProcessStatus.Halt;
|
|
|
+ }
|
|
|
+
|
|
|
+ @ActionHandler(action = "setHelpdeskResponses")
|
|
|
+ private ProcessStatus processSetHelpdeskResponses(final PwmRequest pwmRequest)
|
|
|
+ throws ChaiUnavailableException, PwmUnrecoverableException, ServletException, IOException
|
|
|
+ {
|
|
|
+ setupResponses(pwmRequest, true);
|
|
|
+ return ProcessStatus.Continue;
|
|
|
+ }
|
|
|
+
|
|
|
+ @ActionHandler(action = "setResponses")
|
|
|
+ private ProcessStatus processSetResponses(final PwmRequest pwmRequest)
|
|
|
+ throws ChaiUnavailableException, PwmUnrecoverableException, ServletException, IOException
|
|
|
+ {
|
|
|
+ setupResponses(pwmRequest, false);
|
|
|
+ return ProcessStatus.Continue;
|
|
|
+ }
|
|
|
+
|
|
|
+ @Override
|
|
|
+ protected void nextStep(final PwmRequest pwmRequest)
|
|
|
+ throws PwmUnrecoverableException, IOException, ChaiUnavailableException, ServletException
|
|
|
+ {
|
|
|
+ final SetupResponsesBean setupResponsesBean = getSetupResponseBean(pwmRequest);
|
|
|
+
|
|
|
+ initializeBean(pwmRequest, setupResponsesBean);
|
|
|
+
|
|
|
pwmRequest.setAttribute(PwmRequest.Attribute.ModuleBean, setupResponsesBean);
|
|
|
pwmRequest.setAttribute(PwmRequest.Attribute.ModuleBean_String, pwmRequest.getPwmApplication().getSecureService().encryptObjectToString(setupResponsesBean));
|
|
|
pwmRequest.setAttribute(PwmRequest.Attribute.SetupResponses_ResponseInfo, pwmRequest.getPwmSession().getUserInfoBean().getResponseInfoBean());
|
|
@@ -297,52 +331,14 @@ public class SetupResponsesServlet extends AbstractPwmServlet {
|
|
|
}
|
|
|
}
|
|
|
|
|
|
- /**
|
|
|
- * Handle requests for ajax feedback of user supplied responses.
|
|
|
- */
|
|
|
- private static void restValidateResponses(
|
|
|
- final PwmRequest pwmRequest,
|
|
|
- final SetupResponsesBean setupResponsesBean
|
|
|
- )
|
|
|
- throws IOException, ServletException, PwmUnrecoverableException, ChaiUnavailableException
|
|
|
- {
|
|
|
- final Instant startTime = Instant.now();
|
|
|
- final PwmSession pwmSession = pwmRequest.getPwmSession();
|
|
|
- final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
|
|
|
- final String responseModeParam = pwmRequest.readParameterAsString("responseMode");
|
|
|
- final SetupResponsesBean.SetupData setupData = "helpdesk".equalsIgnoreCase(responseModeParam)
|
|
|
- ? setupResponsesBean.getHelpdeskResponseData()
|
|
|
- : setupResponsesBean.getResponseData();
|
|
|
|
|
|
- boolean success = true;
|
|
|
- String userMessage = Message.getLocalizedMessage(pwmSession.getSessionStateBean().getLocale(), Message.Success_ResponsesMeetRules, pwmApplication.getConfig());
|
|
|
-
|
|
|
- try {
|
|
|
- // read in the responses from the request
|
|
|
- final Map<Challenge, String> responseMap = readResponsesFromJsonRequest(pwmRequest, setupData);
|
|
|
- final int minRandomRequiredSetup = setupData.getMinRandomSetup();
|
|
|
- pwmApplication.getCrService().validateResponses(setupData.getChallengeSet(), responseMap, minRandomRequiredSetup);
|
|
|
- generateResponseInfoBean(pwmRequest, setupData.getChallengeSet(), responseMap, Collections.emptyMap());
|
|
|
- } catch (PwmDataValidationException e) {
|
|
|
- success = false;
|
|
|
- userMessage = e.getErrorInformation().toUserStr(pwmSession, pwmApplication);
|
|
|
- }
|
|
|
-
|
|
|
- final ValidationResponseBean validationResponseBean = new ValidationResponseBean(userMessage,success);
|
|
|
- final RestResultBean restResultBean = new RestResultBean(validationResponseBean);
|
|
|
- LOGGER.trace(pwmRequest,"completed rest validate response in "
|
|
|
- + TimeDuration.fromCurrent(startTime).asCompactString()
|
|
|
- + ", result=" + JsonUtil.serialize(restResultBean));
|
|
|
- pwmRequest.outputJsonResult(restResultBean);
|
|
|
- }
|
|
|
-
|
|
|
- private void handleSetupResponses(
|
|
|
+ private void setupResponses(
|
|
|
final PwmRequest pwmRequest,
|
|
|
- final SetupResponsesBean setupResponsesBean,
|
|
|
final boolean helpdeskMode
|
|
|
)
|
|
|
throws PwmUnrecoverableException, IOException, ServletException, ChaiUnavailableException
|
|
|
{
|
|
|
+ final SetupResponsesBean setupResponsesBean = getSetupResponseBean(pwmRequest);
|
|
|
final SetupResponsesBean.SetupData setupData = helpdeskMode ? setupResponsesBean.getHelpdeskResponseData() : setupResponsesBean.getResponseData();
|
|
|
|
|
|
final ChallengeSet challengeSet = setupData.getChallengeSet();
|
|
@@ -356,7 +352,7 @@ public class SetupResponsesServlet extends AbstractPwmServlet {
|
|
|
pwmRequest.getPwmApplication().getCrService().validateResponses(challengeSet, responseMap, minRandomRequiredSetup);
|
|
|
} catch (PwmDataValidationException e) {
|
|
|
LOGGER.debug(pwmRequest, "error with new " + (helpdeskMode ? "helpdesk" : "user") + " responses: " + e.getErrorInformation().toDebugStr());
|
|
|
- pwmRequest.setResponseError(e.getErrorInformation());
|
|
|
+ setLastError(pwmRequest, e.getErrorInformation());
|
|
|
return;
|
|
|
}
|
|
|
|
|
@@ -539,7 +535,6 @@ public class SetupResponsesServlet extends AbstractPwmServlet {
|
|
|
{
|
|
|
if (pwmRequest.getPwmSession().getUserInfoBean().getResponseInfoBean() != null) {
|
|
|
setupResponsesBean.setHasExistingResponses(true);
|
|
|
-
|
|
|
}
|
|
|
|
|
|
final ChallengeProfile challengeProfile = pwmRequest.getPwmSession().getUserInfoBean().getChallengeProfile();
|