2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
22 package org.onap.aaf.auth.gui.pages;
24 import java.io.IOException;
25 import java.net.ConnectException;
26 import java.text.ParseException;
27 import java.util.GregorianCalendar;
29 import org.onap.aaf.auth.cmd.AAFcli;
30 import org.onap.aaf.auth.cmd.user.Cred;
31 import org.onap.aaf.auth.env.AuthzTrans;
32 import org.onap.aaf.auth.gui.AAF_GUI;
33 import org.onap.aaf.auth.gui.BreadCrumbs;
34 import org.onap.aaf.auth.gui.NamedCode;
35 import org.onap.aaf.auth.gui.Page;
36 import org.onap.aaf.auth.org.Organization;
37 import org.onap.aaf.auth.org.OrganizationException;
38 import org.onap.aaf.auth.org.OrganizationFactory;
39 import org.onap.aaf.cadi.CadiException;
40 import org.onap.aaf.cadi.LocatorException;
41 import org.onap.aaf.cadi.client.Future;
42 import org.onap.aaf.cadi.client.Rcli;
43 import org.onap.aaf.cadi.client.Retryable;
44 import org.onap.aaf.misc.env.APIException;
45 import org.onap.aaf.misc.env.Env;
46 import org.onap.aaf.misc.env.Slot;
47 import org.onap.aaf.misc.env.TimeTaken;
48 import org.onap.aaf.misc.env.util.Chrono;
49 import org.onap.aaf.misc.xgen.Cache;
50 import org.onap.aaf.misc.xgen.DynamicCode;
51 import org.onap.aaf.misc.xgen.html.HTMLGen;
53 import aaf.v2_0.CredRequest;
54 import aaf.v2_0.Users;
56 public class PassChangeAction extends Page {
58 public PassChangeAction(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
59 super(gui.env,PassChangeForm.NAME,PassChangeForm.HREF, PassChangeForm.fields,
60 new BreadCrumbs(breadcrumbs),
61 new NamedCode(true,"content") {
62 final Slot sID = gui.env.slot(PassChangeForm.NAME+'.'+PassChangeForm.fields[0]);
63 final Slot sCurrPass = gui.env.slot(PassChangeForm.NAME+'.'+PassChangeForm.fields[1]);
64 final Slot sPassword = gui.env.slot(PassChangeForm.NAME+'.'+PassChangeForm.fields[2]);
65 final Slot sPassword2 = gui.env.slot(PassChangeForm.NAME+'.'+PassChangeForm.fields[3]);
66 final Slot startDate = gui.env.slot(PassChangeForm.NAME+'.'+PassChangeForm.fields[4]);
67 final Slot sNS = gui.env.slot(PassChangeForm.NAME+'.'+PassChangeForm.fields[5]);
70 public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
71 cache.dynamic(hgen, new DynamicCode<HTMLGen,AAF_GUI, AuthzTrans>() {
73 public void code(final AAF_GUI gui, final AuthzTrans trans,final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
74 final String id = trans.get(sID,null);
75 final String currPass = trans.get(sCurrPass,null);
76 final String password = trans.get(sPassword,null);
77 final String password2 = trans.get(sPassword2,null);
78 final String ns = trans.get(sNS, null);
83 if (id==null || id.indexOf('@')<=0) {
84 hgen.p("Data Entry Failure: Please enter a valid ID, including domain.");
85 } else if(password == null || password2 == null) {
86 hgen.p("Data Entry Failure: Both Password Fields need entries.");
87 } else if(!password.equals(password2)) {
88 hgen.p("Data Entry Failure: Passwords do not match.");
89 } else { // everything else is checked by Server
90 final CredRequest cred = new CredRequest();
92 cred.setPassword("".equals(currPass)?null:currPass);
94 fail = gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Boolean>() {
96 public Boolean code(Rcli<?> client)throws CadiException, ConnectException, APIException {
100 Organization org = OrganizationFactory.obtain(trans.env(), id);
102 go = PassChangeForm.skipCurrent(trans, org.getIdentity(trans, id));
104 } catch(OrganizationException e) {
105 trans.error().log(e);
108 if(cred.getPassword()==null) {
111 go=gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Boolean>() {
113 public Boolean code(Rcli<?> client) throws CadiException, ConnectException, APIException {
114 Future<Users> fc = client.read("/authn/creds/id/"+id,gui.getDF(Users.class));
115 if(fc.get(AAFcli.timeout())) {
116 GregorianCalendar now = new GregorianCalendar();
117 for(aaf.v2_0.Users.User u : fc.value.getUser()) {
118 if(u.getType()<10 && u.getExpires().toGregorianCalendar().after(now)) {
119 return false; // an existing, non expired, password type exists
122 return true; // no existing, no expired password
124 if(fc.code()==404) { // not found...
127 trans.error().log(gui.aafCon.readableErrMsg(fc));
135 hgen.p("Current Password required").br();
137 } catch (LocatorException e) {
138 trans.error().log(e);
142 TimeTaken tt = trans.start("Check Current Password",Env.REMOTE);
144 // Note: Need "Post", because of hiding password in SSL Data
145 Future<CredRequest> fcr = client.create("/authn/validate",gui.getDF(CredRequest.class),cred);
147 if(fcr.code() == 200) {
148 hgen.p("Current Password validated").br();
151 hgen.p(Cred.ATTEMPT_FAILED_SPECIFICS_WITHELD).br();
152 trans.info().log("Failed Validation",fcr.code(),fcr.body());
160 TimeTaken tt = trans.start("AAF Change Password",Env.REMOTE);
162 // Change over Cred to reset mode
163 cred.setPassword(password);
164 String start = trans.get(startDate, null);
167 cred.setStart(Chrono.timeStamp(Chrono.dateOnlyFmt.parse(start)));
168 } catch (ParseException e) {
169 throw new CadiException(e);
173 Future<CredRequest> fcr = gui.clientAsUser(trans.getUserPrincipal()).create("/authn/cred",gui.getDF(CredRequest.class),cred);
174 if(fcr.get(AAFcli.timeout())) {
176 hgen.p("New Password has been added. The previous one is still valid until Expiration.");
179 hgen.p(Cred.ATTEMPT_FAILED_SPECIFICS_WITHELD).br();
180 trans.info().log("Failed Validation",fcr.code(),fcr.body());
190 } catch (Exception e) {
191 hgen.p("Unknown Error");
198 hgen.incr(HTMLGen.A,true,"class=greenbutton","href="+PassChangeForm.HREF+"?id="+id).text("Try again").end();
201 hgen.incr(HTMLGen.A,true,"class=greenbutton","href="+Home.HREF).text("Back").end();
203 hgen.incr(HTMLGen.A,true,"class=greenbutton","href="+CredDetail.HREF+"?id="+id+"&ns="+ns).text("Back").end();