skip new user form when all values are hidden/ro and supplied by signedForm param

src/main/java/password/pwm/config/FormUtility.java

@@ -144,7 +144,7 @@ public class FormUtility {
     }
 
     public static Map<String,String> asStringMap(final Map<FormConfiguration, String> input) {
-        final Map<String,String> returnObj = new HashMap<>();
+        final Map<String,String> returnObj = new LinkedHashMap<>();
         for (final FormConfiguration formConfiguration : input.keySet()) {
             returnObj.put(formConfiguration.getName(), input.get(formConfiguration));
             if (formConfiguration.isConfirmationRequired()) {
@@ -156,6 +156,17 @@ public class FormUtility {
         return returnObj;
     }
 
+    public static Map<FormConfiguration,String> asFormConfigurationMap(final List<FormConfiguration> formConfigurations, final Map<String, String> values) {
+        final Map<FormConfiguration, String> returnMap = new LinkedHashMap<>();
+        for (final FormConfiguration formConfiguration : formConfigurations) {
+            final String name = formConfiguration.getName();
+            final String value = values.get(name);
+            returnMap.put(formConfiguration, value);
+        }
+        return returnMap;
+    }
+
+
     public static Map<FormConfiguration, String> readFormValuesFromRequest(
             final PwmRequest pwmRequest,
             final Collection<FormConfiguration> formItems,
@@ -167,24 +178,35 @@ public class FormUtility {
         return readFormValuesFromMap(tempMap, formItems, locale);
     }
 
+    public enum ValidationFlag {
+        allowResultCaching,
+        checkReadOnlyAndHidden,
+    }
+
     public static void validateFormValueUniqueness(
             final PwmApplication pwmApplication,
             final Map<FormConfiguration, String> formValues,
             final Locale locale,
             final Collection<UserIdentity> excludeDN,
-            final boolean allowResultCaching
+            final ValidationFlag... validationFlags
     )
             throws PwmDataValidationException, PwmUnrecoverableException
     {
+        final boolean allowResultCaching = JavaHelper.enumArrayContainsValue(validationFlags, ValidationFlag.allowResultCaching);
+        final boolean checkReadOnlyAndHidden = JavaHelper.enumArrayContainsValue(validationFlags, ValidationFlag.checkReadOnlyAndHidden);
+
+
         final Map<String, String> filterClauses = new HashMap<>();
         final Map<String,String> labelMap = new HashMap<>();
         for (final FormConfiguration formItem : formValues.keySet()) {
-            if (formItem.isUnique() && !formItem.isReadonly()) {
-                if (formItem.getType() != FormConfiguration.Type.hidden) {
-                    final String value = formValues.get(formItem);
-                    if (value != null && value.length() > 0) {
-                        filterClauses.put(formItem.getName(), value);
-                        labelMap.put(formItem.getName(), formItem.getLabel(locale));
+            if (formItem.isUnique()) {
+                if (checkReadOnlyAndHidden || formItem.isReadonly()) {
+                    if (checkReadOnlyAndHidden || (formItem.getType() != FormConfiguration.Type.hidden)) {
+                        final String value = formValues.get(formItem);
+                        if (value != null && value.length() > 0) {
+                            filterClauses.put(formItem.getName(), value);
+                            labelMap.put(formItem.getName(), formItem.getLabel(locale));
+                        }
                     }
                 }
             }
@@ -250,7 +272,7 @@ public class FormUtility {
                     resultSearchSizeLimit,
                     Collections.emptyList(),
                     SessionLabel.SYSTEM_LABEL
-                    ));
+            ));
 
             if (excludeDN != null && !excludeDN.isEmpty()) {
                 for (final UserIdentity loopIgnoreIdentity : excludeDN) {

src/main/java/password/pwm/http/bean/NewUserBean.java

@@ -33,6 +33,7 @@ import password.pwm.http.servlet.newuser.NewUserForm;
 import java.time.Instant;
 import java.util.Arrays;
 import java.util.Collections;
+import java.util.HashMap;
 import java.util.HashSet;
 import java.util.Map;
 import java.util.Set;
@@ -45,7 +46,7 @@ public class NewUserBean extends PwmSessionBean {
     private String profileID;
 
     @SerializedName("f")
-    private NewUserForm newUserForm;
+    private NewUserForm newUserForm = new NewUserForm(new HashMap<>(),null,null);
 
     @SerializedName("r")
     private Map<String,String> remoteInputData;

src/main/java/password/pwm/http/servlet/GuestRegistrationServlet.java

@@ -227,8 +227,7 @@ public class GuestRegistrationServlet extends AbstractPwmServlet {
                     pwmApplication,
                     formValues,
                     ssBean.getLocale(),
-                    Collections.singletonList(guestRegistrationBean.getUpdateUserIdentity()),
-                    false
+                    Collections.singletonList(guestRegistrationBean.getUpdateUserIdentity())
             );
 
             final Date expirationDate = readExpirationFromRequest(pwmRequest);

src/main/java/password/pwm/http/servlet/UpdateProfileServlet.java

@@ -69,6 +69,7 @@ import password.pwm.ws.server.RestResultBean;
 import javax.servlet.ServletException;
 import javax.servlet.annotation.WebServlet;
 import java.io.IOException;
+import java.util.ArrayList;
 import java.util.Collection;
 import java.util.Collections;
 import java.util.HashSet;
@@ -528,13 +529,18 @@ public class UpdateProfileServlet extends ControlledPwmServlet {
         // see if the values meet form requirements.
         FormUtility.validateFormValues(pwmRequest.getConfig(), formValues, userLocale);
 
+        final List<FormUtility.ValidationFlag> validationFlags = new ArrayList<>();
+        if (allowResultCaching) {
+            validationFlags.add(FormUtility.ValidationFlag.allowResultCaching);
+        }
+
         // check unique fields against ldap
         FormUtility.validateFormValueUniqueness(
                 pwmRequest.getPwmApplication(),
                 formValues,
                 userLocale,
                 Collections.singletonList(pwmRequest.getPwmSession().getUserInfo().getUserIdentity()),
-                allowResultCaching
+                validationFlags.toArray(new FormUtility.ValidationFlag[validationFlags.size()])
         );
     }
 

src/main/java/password/pwm/http/servlet/newuser/NewUserFormUtils.java

@@ -149,23 +149,34 @@ class NewUserFormUtils {
         return ldapData;
     }
 
-    static NewUserForm injectRemoteValuesIntoForm(
+    static void injectRemoteValuesIntoForm(final NewUserBean newUserBean, final NewUserProfile newUserProfile)
+            throws PwmUnrecoverableException
+    {
+        final NewUserForm oldForm = newUserBean.getNewUserForm();
+        final List<FormConfiguration> formConfigurations = newUserProfile.readSettingAsForm(PwmSetting.NEWUSER_FORM);
+        final Map<FormConfiguration,String> userFormValues = FormUtility.asFormConfigurationMap(formConfigurations, oldForm.getFormData());
+        final Map<String,String> injectedValues = newUserBean.getRemoteInputData();
+        final NewUserForm newUserForm = injectRemoteValuesIntoForm(userFormValues, injectedValues, newUserProfile, oldForm.getNewUserPassword(), oldForm.getConfirmPassword());
+        newUserBean.setNewUserForm(newUserForm);
+    }
+
+    private static NewUserForm injectRemoteValuesIntoForm(
             final Map<FormConfiguration, String> userFormValues,
             final Map<String,String> injectedValues,
             final NewUserProfile newUserProfile,
             final PasswordData passwordData1,
             final PasswordData passwordData2
     ) {
-        final Map<String,String> newFormValues = new HashMap<>();
+        final Map<String,String> newFormValues = new LinkedHashMap<>();
         newFormValues.putAll(FormUtility.asStringMap(userFormValues));
 
         final List<FormConfiguration> formConfigurations = newUserProfile.readSettingAsForm(PwmSetting.NEWUSER_FORM);
         if (injectedValues != null) {
             for (final FormConfiguration formConfiguration : formConfigurations) {
                 final String name = formConfiguration.getName();
-                if (formConfiguration.isReadonly()
-                        || !newFormValues.containsKey(name) && injectedValues.containsKey(name))
-                {
+                final boolean formHasValue = !StringUtil.isEmpty(newFormValues.get(name));
+
+                if (formConfiguration.isReadonly() || (!formHasValue && injectedValues.containsKey(name))) {
                     newFormValues.put(formConfiguration.getName(), injectedValues.get(formConfiguration.getName()));
                 }
             }

src/main/java/password/pwm/http/servlet/newuser/NewUserServlet.java

@@ -47,6 +47,7 @@ import password.pwm.http.PwmURL;
 import password.pwm.http.bean.NewUserBean;
 import password.pwm.http.servlet.AbstractPwmServlet;
 import password.pwm.http.servlet.ControlledPwmServlet;
+import password.pwm.http.servlet.PwmServlet;
 import password.pwm.http.servlet.PwmServletDefinition;
 import password.pwm.i18n.Message;
 import password.pwm.ldap.UserInfo;
@@ -69,6 +70,7 @@ import javax.servlet.annotation.WebServlet;
 import java.io.IOException;
 import java.math.BigDecimal;
 import java.time.Instant;
+import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Collection;
 import java.util.Collections;
@@ -183,6 +185,12 @@ public class NewUserServlet extends ControlledPwmServlet {
         final NewUserBean newUserBean = getNewUserBean(pwmRequest);
         final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
+        final NewUserProfile newUserProfile = getNewUserProfile(pwmRequest);
+
+        if (newUserBean.getCreateStartTime() != null) {
+            forwardToWait(pwmRequest, newUserProfile);
+            return;
+        }
 
         if (newUserBean.getProfileID() == null) {
             final Set<String> newUserProfileIDs = pwmApplication.getConfig().getNewUserProfiles().keySet();
@@ -202,14 +210,22 @@ public class NewUserServlet extends ControlledPwmServlet {
             }
         }
 
-        final NewUserProfile newUserProfile = getNewUserProfile(pwmRequest);
-
         // try to read the new user policy to make sure it's readable, that way an exception is thrown here instead of by the jsp
         newUserProfile.getNewUserPasswordPolicy(pwmApplication, pwmSession.getSessionStateBean().getLocale());//
 
-        if (newUserBean.getNewUserForm() == null) {
-            forwardToFormPage(pwmRequest, newUserBean);
-            return;
+        if (!newUserBean.isFormPassed()) {
+            if (showFormPage(newUserProfile)) {
+                forwardToFormPage(pwmRequest, newUserBean);
+                return;
+            } else {
+                NewUserFormUtils.injectRemoteValuesIntoForm(newUserBean, newUserProfile);
+                try {
+                    verifyForm(pwmRequest, newUserBean.getNewUserForm(), false);
+                } catch (PwmDataValidationException e) {
+                    throw new PwmUnrecoverableException(e.getErrorInformation());
+                }
+                newUserBean.setFormPassed(true);
+            }
         }
 
         final TokenVerificationProgress tokenVerificationProgress = newUserBean.getTokenVerificationProgress();
@@ -237,7 +253,7 @@ public class NewUserServlet extends ControlledPwmServlet {
 
         final String newUserAgreementText = newUserProfile.readSettingAsLocalizedString(PwmSetting.NEWUSER_AGREEMENT_MESSAGE,
                 pwmSession.getSessionStateBean().getLocale());
-        if (newUserAgreementText != null && !newUserAgreementText.isEmpty()) {
+        if (!StringUtil.isEmpty(newUserAgreementText)) {
             if (!newUserBean.isAgreementPassed()) {
                 final MacroMachine macroMachine = NewUserUtils.createMacroMachineForNewUser(
                         pwmApplication,
@@ -251,17 +267,13 @@ public class NewUserServlet extends ControlledPwmServlet {
             }
         }
 
-        if (!newUserBean.isFormPassed()) {
-            forwardToFormPage(pwmRequest, newUserBean);
-        }
-
         // success so create the new user.
         final String newUserDN = NewUserUtils.determineUserDN(pwmRequest, newUserBean.getNewUserForm());
 
         try {
             NewUserUtils.createUser(newUserBean.getNewUserForm(), pwmRequest, newUserDN);
             newUserBean.setCreateStartTime(Instant.now());
-            pwmRequest.forwardToJsp(JspUrl.NEW_USER_WAIT);
+            forwardToWait(pwmRequest, newUserProfile);
         } catch (PwmOperationalException e) {
             LOGGER.error(pwmRequest, "error during user creation: " + e.getMessage());
             if (newUserProfile.readSettingAsBoolean(PwmSetting.NEWUSER_DELETE_ON_FAIL)) {
@@ -272,6 +284,18 @@ public class NewUserServlet extends ControlledPwmServlet {
         }
     }
 
+    private boolean showFormPage(final NewUserProfile profile) {
+        final boolean promptForPassword = profile.readSettingAsBoolean(PwmSetting.NEWUSER_PROMPT_FOR_PASSWORD);
+        boolean formNeedsShowing = false;
+        final List<FormConfiguration> formConfigurations = profile.readSettingAsForm(PwmSetting.NEWUSER_FORM);
+        for (final FormConfiguration formConfiguration : formConfigurations) {
+            if (formConfiguration.getType() != FormConfiguration.Type.hidden) {
+                formNeedsShowing = true;
+            }
+        }
+        return formNeedsShowing || promptForPassword;
+    }
+
     private boolean readProfileFromUrl(final PwmRequest pwmRequest, final NewUserBean newUserBean)
             throws PwmUnrecoverableException, ServletException, IOException
     {
@@ -350,12 +374,17 @@ public class NewUserServlet extends ControlledPwmServlet {
         final Map<FormConfiguration,String> formValueData = FormUtility.readFormValuesFromMap(newUserForm.getFormData(), formDefinition, locale);
 
         FormUtility.validateFormValues(pwmApplication.getConfig(), formValueData, locale);
+        final List<FormUtility.ValidationFlag> validationFlags = new ArrayList<>();
+        validationFlags.add(FormUtility.ValidationFlag.checkReadOnlyAndHidden);
+        if (allowResultCaching) {
+            validationFlags.add(FormUtility.ValidationFlag.allowResultCaching);
+        }
         FormUtility.validateFormValueUniqueness(
                 pwmApplication,
                 formValueData,
                 locale,
                 Collections.emptyList(),
-                allowResultCaching
+                validationFlags.toArray(new FormUtility.ValidationFlag[validationFlags.size()])
         );
         final UserInfo uiBean = UserInfoBean.builder()
                 .cachedPasswordRuleAttributes(FormUtility.asStringMap(formValueData))
@@ -568,7 +597,7 @@ public class NewUserServlet extends ControlledPwmServlet {
         pwmRequest.getPwmApplication().getSessionStateService().clearBean(pwmRequest, NewUserBean.class);
         pwmRequest.sendRedirectToContinue();
 
-        return ProcessStatus.Continue;
+        return ProcessStatus.Halt;
     }
 
     @ActionHandler(action = "complete")
@@ -598,7 +627,7 @@ public class NewUserServlet extends ControlledPwmServlet {
         pwmRequest.getPwmApplication().getSessionStateService().clearBean(pwmRequest, NewUserBean.class);
 
         final String configuredRedirectUrl = newUserProfile.readSettingAsString(PwmSetting.NEWUSER_REDIRECT_URL);
-        if (!StringUtil.isEmpty(configuredRedirectUrl)) {
+        if (!StringUtil.isEmpty(configuredRedirectUrl) && StringUtil.isEmpty(pwmRequest.getPwmSession().getSessionStateBean().getForwardURL())) {
             final MacroMachine macroMachine = pwmRequest.getPwmSession().getSessionManager().getMacroMachine(pwmRequest.getPwmApplication());
             final String macroedUrl = macroMachine.expandMacros(configuredRedirectUrl);
             pwmRequest.sendRedirect(macroedUrl);
@@ -623,6 +652,23 @@ public class NewUserServlet extends ControlledPwmServlet {
         return pwmRequest.getConfig().getNewUserProfiles().get(profileID);
     }
 
+    private void forwardToWait(final PwmRequest pwmRequest, final NewUserProfile newUserProfile)
+            throws ServletException, PwmUnrecoverableException, IOException
+    {
+        final long pauseSeconds = newUserProfile.readSettingAsLong(PwmSetting.NEWUSER_MINIMUM_WAIT_TIME);
+        if (pauseSeconds > 0) {
+            pwmRequest.forwardToJsp(JspUrl.NEW_USER_WAIT);
+        } else {
+            final String newUserServletUrl = pwmRequest.getContextPath() + PwmServletDefinition.NewUser.servletUrl();
+            final String redirectUrl = PwmURL.appendAndEncodeUrlParameters(
+                    newUserServletUrl,
+                    Collections.singletonMap(PwmConstants.PARAM_ACTION_REQUEST,NewUserAction.complete.name())
+            );
+            pwmRequest.sendRedirect(redirectUrl);
+        }
+    }
+
+
     private void forwardToFormPage(final PwmRequest pwmRequest, final NewUserBean newUserBean)
             throws ServletException, PwmUnrecoverableException, IOException
     {

src/main/java/password/pwm/svc/token/TokenService.java

@@ -249,7 +249,7 @@ public class TokenService implements PwmService {
             throw new PwmOperationalException(errorInformation);
         }
 
-        LOGGER.trace(sessionLabel, "generated toke with payload: "  + tokenPayload.toDebugString());
+        LOGGER.trace(sessionLabel, "generated token with payload: "  + tokenPayload.toDebugString());
 
         final AuditRecord auditRecord = new AuditRecordFactory(pwmApplication).createUserAuditRecord(
                 AuditEvent.TOKEN_ISSUED,

src/main/resources/password/pwm/config/PwmSetting.xml

@@ -2569,9 +2569,7 @@
     </setting>
     <setting hidden="false" key="display.newuser.agreement" level="1">
         <flag>MacroSupport</flag>
-        <default>
-            <value />
-        </default>
+        <default/>
     </setting>
     <setting hidden="false" key="newUser.form" level="1">
         <ldapPermission actor="proxy" access="write"/>
@@ -2639,9 +2637,7 @@
         </properties>
     </setting>
     <setting hidden="false" key="newUser.profile.displayName" level="1">
-        <default>
-            <value></value>
-        </default>
+        <default/>
     </setting>
     <setting hidden="false" key="newUser.redirectUrl" level="1">
         <flag>MacroSupport</flag>

src/main/webapp/WEB-INF/jsp/newuser-entercode.jsp

@@ -69,7 +69,7 @@
     <script>
         PWM_GLOBAL['startupFunctions'].push(function(){
             PWM_MAIN.addEventHandler('button-cancel','click',function() {
-                PWM_MAIN.submitPostAction('NewUser', '<%=NewUserServlet.NewUserAction.reset%>');
+                PWM_MAIN.submitPostAction('newuser', '<%=NewUserServlet.NewUserAction.reset%>');
             });
         });
     </script>