/*
* Copyright (c) 2010, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.wso2.carbon.tenant.mgt.internal.util;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.admin.mgt.util.AdminManagementSubscriber;
import org.wso2.carbon.registry.core.RegistryConstants;
import org.wso2.carbon.registry.core.Resource;
import org.wso2.carbon.registry.core.session.UserRegistry;
import org.wso2.carbon.registry.core.utils.UUIDGenerator;
import org.wso2.carbon.user.core.tenant.Tenant;
import org.wso2.carbon.user.core.tenant.TenantManager;
import org.wso2.carbon.utils.multitenancy.MultitenantConstants;
import org.wso2.carbon.common.constants.StratosConstants;
import org.wso2.carbon.common.util.ClaimsMgtUtil;
import org.wso2.carbon.email.sender.api.EmailSender;
import org.wso2.carbon.tenant.mgt.beans.TenantInfoBean;
import org.wso2.carbon.tenant.mgt.internal.TenantMgtServiceComponent;
import java.util.HashMap;
import java.util.Map;
/**
* PasswordUtil - Utility class with the password related admin-management operations.
*/
public class PasswordUtil {
private static final Log log = LogFactory.getLog(PasswordUtil.class);
private static EmailSender passwordResetMsgSender;
/**
* Processing the password reset request by the user
*
* @param tenantInfoBean tenant details
* @return true if the reset request is processed successfully.
* @throws Exception if reset password failed.
*/
public static boolean resetPassword(TenantInfoBean tenantInfoBean) throws Exception {
AdminManagementSubscriber adminMgtSubscriber = new AdminManagementSubscriber();
String adminName = tenantInfoBean.getAdmin();
String domainName = tenantInfoBean.getTenantDomain();
TenantManager tenantManager = TenantMgtServiceComponent.getTenantManager();
int tenantId = tenantManager.getTenantId(domainName);
if (tenantId < 1) {
String msg = "Tenant with the domain " + domainName + " doesn't exist.";
log.error(msg);
return false; // tenant doesn't exist
}
Tenant tenant = (Tenant) tenantManager.getTenant(tenantId);
String email = tenant.getEmail();
String adminNameFromUserStore = ClaimsMgtUtil.getAdminUserNameFromTenantId(
TenantMgtServiceComponent.getRealmService(), tenantId);
// Admin Name is included in the email, in case if the user has
// forgotten that.
if (adminName.equals("")) {
log.debug("User provided only the domain name");
adminName = adminNameFromUserStore;
} else if (!(adminNameFromUserStore.equalsIgnoreCase(adminName))) {
log.warn("User provided incorrect admin name. Admin Name is: " +
adminNameFromUserStore);
adminName = adminNameFromUserStore;
}
// generating the confirmation key
String confirmationKey = UUIDGenerator.generateUUID();
UserRegistry superTenantGovernanceSystemRegistry =
TenantMgtServiceComponent.getGovernanceSystemRegistry(
MultitenantConstants.SUPER_TENANT_ID);
Resource resource;
String adminManagementPath = StratosConstants.ADMIN_MANAGEMENT_FLAG_PATH +
RegistryConstants.PATH_SEPARATOR + tenantId;
if (superTenantGovernanceSystemRegistry.resourceExists(adminManagementPath)) {
resource = superTenantGovernanceSystemRegistry.get(adminManagementPath);
} else {
resource = superTenantGovernanceSystemRegistry.newResource();
}
resource.setContent(confirmationKey);
superTenantGovernanceSystemRegistry.put(adminManagementPath, resource);
// data map
Map<String, String> dataToStore = new HashMap<String, String>();
dataToStore.put("email", email);
dataToStore.put("first-name", ClaimsMgtUtil.getFirstName(
TenantMgtServiceComponent.getRealmService(), tenant, tenantId));
dataToStore.put("admin", adminName);
dataToStore.put("tenantDomain", tenantInfoBean.getTenantDomain());
dataToStore.put("confirmationKey", confirmationKey);
try {
// Uses admin-mgt component to handle the admin credentials
// management.
adminMgtSubscriber.requestUserVerification(dataToStore);
log.info("Credentials Configurations mail has been sent for: " + domainName);
return true;
} catch (Exception e) {
String msg = "Error in verifying the user for the configuration of the admin " +
"management for " + domainName + ".";
log.error(msg);
}
return false;
}
/**
* Notifies the tenant admin the reset password by the super admin, via
* email.
*
* @param tenantInfoBean tenant information
* @throws Exception if retrieving the credentials or sending the mail failed.
*/
public static void notifyResetPassword(TenantInfoBean tenantInfoBean) throws Exception {
TenantManager tenantManager = TenantMgtServiceComponent.getTenantManager();
int tenantId = tenantInfoBean.getTenantId();
Tenant tenant = (Tenant) tenantManager.getTenant(tenantId);
String firstName = ClaimsMgtUtil.getFirstName(TenantMgtServiceComponent.getRealmService(),
tenant, tenant.getId());
// load the mail configuration
Map<String, String> userParams = new HashMap<String, String>();
userParams.put("admin-name", tenantInfoBean.getAdmin());
userParams.put("first-name", firstName);
userParams.put("domain-name", tenantInfoBean.getTenantDomain());
userParams.put("password", tenantInfoBean.getAdminPassword());
try {
passwordResetMsgSender.sendEmail(tenantInfoBean.getEmail(), userParams);
} catch (Exception e) {
// just catch from here..
String msg = "Error in sending the notification email.";
log.error(msg, e);
}
}
public static void setPasswordResetMsgSender(EmailSender passwordResetMsgSender) {
PasswordUtil.passwordResetMsgSender = passwordResetMsgSender;
}
}