public class PassChangeAction extends Page {
- public PassChangeAction(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
- super(gui.env,PassChangeForm.NAME,PassChangeForm.HREF, PassChangeForm.fields,
- new BreadCrumbs(breadcrumbs),
- new NamedCode(true,"content") {
- final Slot sID = gui.env.slot(PassChangeForm.NAME+'.'+PassChangeForm.fields[0]);
- final Slot sCurrPass = gui.env.slot(PassChangeForm.NAME+'.'+PassChangeForm.fields[1]);
- final Slot sPassword = gui.env.slot(PassChangeForm.NAME+'.'+PassChangeForm.fields[2]);
- final Slot sPassword2 = gui.env.slot(PassChangeForm.NAME+'.'+PassChangeForm.fields[3]);
- final Slot startDate = gui.env.slot(PassChangeForm.NAME+'.'+PassChangeForm.fields[4]);
- final Slot sNS = gui.env.slot(PassChangeForm.NAME+'.'+PassChangeForm.fields[5]);
-
- @Override
- public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- cache.dynamic(hgen, new DynamicCode<HTMLGen,AAF_GUI, AuthzTrans>() {
- @Override
- public void code(final AAF_GUI gui, final AuthzTrans trans,final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- final String id = trans.get(sID,null);
- final String currPass = trans.get(sCurrPass,null);
- final String password = trans.get(sPassword,null);
- final String password2 = trans.get(sPassword2,null);
- final String ns = trans.get(sNS, null);
-
- // Run Validations
- boolean fail = true;
-
- if (id==null || id.indexOf('@')<=0) {
- hgen.p("Data Entry Failure: Please enter a valid ID, including domain.");
- } else if(password == null || password2 == null) {
- hgen.p("Data Entry Failure: Both Password Fields need entries.");
- } else if(!password.equals(password2)) {
- hgen.p("Data Entry Failure: Passwords do not match.");
- } else { // everything else is checked by Server
- final CredRequest cred = new CredRequest();
- cred.setId(id);
- cred.setPassword("".equals(currPass)?null:currPass);
- try {
- fail = gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Boolean>() {
- @Override
- public Boolean code(Rcli<?> client)throws CadiException, ConnectException, APIException {
- boolean fail = true;
- boolean go = false;
- try {
- Organization org = OrganizationFactory.obtain(trans.env(), id);
- if(org!=null) {
- go = PassChangeForm.skipCurrent(trans, org.getIdentity(trans, id));
- }
- } catch(OrganizationException e) {
- trans.error().log(e);
- }
+ public PassChangeAction(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
+ super(gui.env,PassChangeForm.NAME,PassChangeForm.HREF, PassChangeForm.fields,
+ new BreadCrumbs(breadcrumbs),
+ new NamedCode(true,"content") {
+ final Slot sID = gui.env.slot(PassChangeForm.NAME+'.'+PassChangeForm.fields[0]);
+ final Slot sCurrPass = gui.env.slot(PassChangeForm.NAME+'.'+PassChangeForm.fields[1]);
+ final Slot sPassword = gui.env.slot(PassChangeForm.NAME+'.'+PassChangeForm.fields[2]);
+ final Slot sPassword2 = gui.env.slot(PassChangeForm.NAME+'.'+PassChangeForm.fields[3]);
+ final Slot startDate = gui.env.slot(PassChangeForm.NAME+'.'+PassChangeForm.fields[4]);
+ final Slot sNS = gui.env.slot(PassChangeForm.NAME+'.'+PassChangeForm.fields[5]);
+
+ @Override
+ public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ cache.dynamic(hgen, new DynamicCode<HTMLGen,AAF_GUI, AuthzTrans>() {
+ @Override
+ public void code(final AAF_GUI gui, final AuthzTrans trans,final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ final String id = trans.get(sID,null);
+ final String currPass = trans.get(sCurrPass,null);
+ final String password = trans.get(sPassword,null);
+ final String password2 = trans.get(sPassword2,null);
+ final String ns = trans.get(sNS, null);
+
+ // Run Validations
+ boolean fail = true;
+
+ if (id==null || id.indexOf('@')<=0) {
+ hgen.p("Data Entry Failure: Please enter a valid ID, including domain.");
+ } else if(password == null || password2 == null) {
+ hgen.p("Data Entry Failure: Both Password Fields need entries.");
+ } else if(!password.equals(password2)) {
+ hgen.p("Data Entry Failure: Passwords do not match.");
+ } else { // everything else is checked by Server
+ final CredRequest cred = new CredRequest();
+ cred.setId(id);
+ cred.setPassword("".equals(currPass)?null:currPass);
+ try {
+ fail = gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Boolean>() {
+ @Override
+ public Boolean code(Rcli<?> client)throws CadiException, ConnectException, APIException {
+ boolean fail = true;
+ boolean go = false;
+ try {
+ Organization org = OrganizationFactory.obtain(trans.env(), id);
+ if(org!=null) {
+ go = PassChangeForm.skipCurrent(trans, org.getIdentity(trans, id));
+ }
+ } catch(OrganizationException e) {
+ trans.error().log(e);
+ }
- if(cred.getPassword()==null) {
- try {
- if(!go) {
- go=gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Boolean>() {
- @Override
- public Boolean code(Rcli<?> client) throws CadiException, ConnectException, APIException {
- Future<Users> fc = client.read("/authn/creds/id/"+id,gui.getDF(Users.class));
- if(fc.get(AAFcli.timeout())) {
- GregorianCalendar now = new GregorianCalendar();
- for(aaf.v2_0.Users.User u : fc.value.getUser()) {
- if(u.getType()<10 && u.getExpires().toGregorianCalendar().after(now)) {
- return false; // an existing, non expired, password type exists
- }
- }
- return true; // no existing, no expired password
- } else {
- if(fc.code()==404) { // not found...
- return true;
- } else {
- trans.error().log(gui.aafCon.readableErrMsg(fc));
- }
- }
- return false;
- }
- });
- }
- if(!go) {
- hgen.p("Current Password required").br();
- }
- } catch (LocatorException e) {
- trans.error().log(e);
- }
+ if(cred.getPassword()==null) {
+ try {
+ if(!go) {
+ go=gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Boolean>() {
+ @Override
+ public Boolean code(Rcli<?> client) throws CadiException, ConnectException, APIException {
+ Future<Users> fc = client.read("/authn/creds/id/"+id,gui.getDF(Users.class));
+ if(fc.get(AAFcli.timeout())) {
+ GregorianCalendar now = new GregorianCalendar();
+ for(aaf.v2_0.Users.User u : fc.value.getUser()) {
+ if(u.getType()<10 && u.getExpires().toGregorianCalendar().after(now)) {
+ return false; // an existing, non expired, password type exists
+ }
+ }
+ return true; // no existing, no expired password
+ } else {
+ if(fc.code()==404) { // not found...
+ return true;
+ } else {
+ trans.error().log(gui.aafCon.readableErrMsg(fc));
+ }
+ }
+ return false;
+ }
+ });
+ }
+ if(!go) {
+ hgen.p("Current Password required").br();
+ }
+ } catch (LocatorException e) {
+ trans.error().log(e);
+ }
- } else {
- TimeTaken tt = trans.start("Check Current Password",Env.REMOTE);
- try {
- // Note: Need "Post", because of hiding password in SSL Data
- Future<CredRequest> fcr = client.create("/authn/validate",gui.getDF(CredRequest.class),cred);
- fcr.get(5000);
- if(fcr.code() == 200) {
- hgen.p("Current Password validated").br();
- go = true;
- } else {
- hgen.p(Cred.ATTEMPT_FAILED_SPECIFICS_WITHELD).br();
- trans.info().log("Failed Validation",fcr.code(),fcr.body());
- go = false;
- }
- } finally {
- tt.done();
- }
- }
- if(go) {
- TimeTaken tt = trans.start("AAF Change Password",Env.REMOTE);
- try {
- // Change over Cred to reset mode
- cred.setPassword(password);
- String start = trans.get(startDate, null);
- if(start!=null) {
- try {
- cred.setStart(Chrono.timeStamp(Chrono.dateOnlyFmt.parse(start)));
- } catch (ParseException e) {
- throw new CadiException(e);
- }
- }
-
- Future<CredRequest> fcr = gui.clientAsUser(trans.getUserPrincipal()).create("/authn/cred",gui.getDF(CredRequest.class),cred);
- if(fcr.get(AAFcli.timeout())) {
- // Do Remote Call
- hgen.p("New Password has been added. The previous one is still valid until Expiration.");
- fail = false;
- } else {
- hgen.p(Cred.ATTEMPT_FAILED_SPECIFICS_WITHELD).br();
- trans.info().log("Failed Validation",fcr.code(),fcr.body());
- }
- } finally {
- tt.done();
- }
- }
- return fail;
- }
-
- });
- } catch (Exception e) {
- hgen.p("Unknown Error");
- e.printStackTrace();
- }
-
- }
- hgen.br();
- if(fail) {
- hgen.incr(HTMLGen.A,true,"class=greenbutton","href="+PassChangeForm.HREF+"?id="+id).text("Try again").end();
- } else {
- if(ns==null) {
- hgen.incr(HTMLGen.A,true,"class=greenbutton","href="+Home.HREF).text("Back").end();
- } else {
- hgen.incr(HTMLGen.A,true,"class=greenbutton","href="+CredDetail.HREF+"?id="+id+"&ns="+ns).text("Back").end();
- }
- }
- }
- });
- }
- });
- }
+ } else {
+ TimeTaken tt = trans.start("Check Current Password",Env.REMOTE);
+ try {
+ // Note: Need "Post", because of hiding password in SSL Data
+ Future<CredRequest> fcr = client.create("/authn/validate",gui.getDF(CredRequest.class),cred);
+ fcr.get(5000);
+ if(fcr.code() == 200) {
+ hgen.p("Current Password validated").br();
+ go = true;
+ } else {
+ hgen.p(Cred.ATTEMPT_FAILED_SPECIFICS_WITHELD).br();
+ trans.info().log("Failed Validation",fcr.code(),fcr.body());
+ go = false;
+ }
+ } finally {
+ tt.done();
+ }
+ }
+ if(go) {
+ TimeTaken tt = trans.start("AAF Change Password",Env.REMOTE);
+ try {
+ // Change over Cred to reset mode
+ cred.setPassword(password);
+ String start = trans.get(startDate, null);
+ if(start!=null) {
+ try {
+ cred.setStart(Chrono.timeStamp(Chrono.dateOnlyFmt.parse(start)));
+ } catch (ParseException e) {
+ throw new CadiException(e);
+ }
+ }
+
+ Future<CredRequest> fcr = gui.clientAsUser(trans.getUserPrincipal()).create("/authn/cred",gui.getDF(CredRequest.class),cred);
+ if(fcr.get(AAFcli.timeout())) {
+ // Do Remote Call
+ hgen.p("New Password has been added. The previous one is still valid until Expiration.");
+ fail = false;
+ } else {
+ hgen.p(Cred.ATTEMPT_FAILED_SPECIFICS_WITHELD).br();
+ trans.info().log("Failed Validation",fcr.code(),fcr.body());
+ }
+ } finally {
+ tt.done();
+ }
+ }
+ return fail;
+ }
+
+ });
+ } catch (Exception e) {
+ hgen.p("Unknown Error");
+ e.printStackTrace();
+ }
+
+ }
+ hgen.br();
+ if(fail) {
+ hgen.incr(HTMLGen.A,true,"class=greenbutton","href="+PassChangeForm.HREF+"?id="+id).text("Try again").end();
+ } else {
+ if(ns==null) {
+ hgen.incr(HTMLGen.A,true,"class=greenbutton","href="+Home.HREF).text("Back").end();
+ } else {
+ hgen.incr(HTMLGen.A,true,"class=greenbutton","href="+CredDetail.HREF+"?id="+id+"&ns="+ns).text("Back").end();
+ }
+ }
+ }
+ });
+ }
+ });
+ }
}
Code Review / aaf / authz.git / blobdiff