001/* 002 * Copyright 2022 Anyware Services 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 */ 016 017package org.ametys.web.frontoffice; 018 019import java.util.Map; 020import java.util.UUID; 021 022import org.apache.avalon.framework.parameters.Parameters; 023import org.apache.avalon.framework.service.ServiceException; 024import org.apache.avalon.framework.service.ServiceManager; 025import org.apache.cocoon.ProcessingException; 026import org.apache.cocoon.acting.ServiceableAction; 027import org.apache.cocoon.environment.ObjectModelHelper; 028import org.apache.cocoon.environment.Redirector; 029import org.apache.cocoon.environment.Request; 030import org.apache.cocoon.environment.SourceResolver; 031 032import org.ametys.core.user.UserIdentity; 033import org.ametys.plugins.repository.AmetysObjectResolver; 034import org.ametys.plugins.repository.AmetysRepositoryException; 035import org.ametys.web.repository.page.Page; 036import org.ametys.web.usermanagement.UserSignupManager; 037 038/** 039 * This action redirects to the change password page when user try to connect with a weak password 040 * 041 */ 042public class FrontWeakPasswordRedirectAction extends ServiceableAction 043{ 044 private UserSignupManager _userSignupManager; 045 private AmetysObjectResolver _resolver; 046 047 @Override 048 public void service(ServiceManager smanager) throws ServiceException 049 { 050 super.service(smanager); 051 052 _userSignupManager = (UserSignupManager) smanager.lookup(UserSignupManager.ROLE); 053 _resolver = (AmetysObjectResolver) smanager.lookup(AmetysObjectResolver.ROLE); 054 } 055 056 @Override 057 public Map act(Redirector redirector, SourceResolver resolver, Map objectModel, String source, Parameters parameters) throws Exception 058 { 059 String siteName = parameters.getParameter("site"); 060 061 Request request = ObjectModelHelper.getRequest(objectModel); 062 063 String userIdentityAsStr = request.getParameter("userIdentity"); 064 UserIdentity userIdentity = UserIdentity.stringToUserIdentity(userIdentityAsStr); 065 066 String pwdChangePageId = request.getParameter("pageId"); 067 try 068 { 069 Page pwdChangePage = _resolver.resolveById(pwdChangePageId); 070 071 if (!_userSignupManager.isPwdChangePage(pwdChangePage)) 072 { 073 throw new ProcessingException("Page with id '" + pwdChangePageId + "' does not contains change password service. Unable to redirect to the password change page"); 074 } 075 076 // Generate a new token. 077 String token = UUID.randomUUID().toString().replace("-", ""); 078 079 // Insert the token in the database. 080 _userSignupManager.addPasswordToken(siteName, userIdentity.getLogin(), token, userIdentity.getPopulationId()); 081 082 // Redirect to the change password page 083 String resetPasswordUri = _userSignupManager.getResetPasswordUri(pwdChangePage, userIdentity.getLogin(), userIdentity.getPopulationId(), token, false); 084 resetPasswordUri += "&weak-password=true"; 085 redirector.redirect(true, resetPasswordUri); 086 } 087 catch (AmetysRepositoryException e) 088 { 089 throw new ProcessingException("Fail to get page with id '" + pwdChangePageId + "'. Unable to redirect to change password page", e); 090 } 091 092 return null; 093 } 094 095}