From 8c8c3d4954d2bf5ff6b1c7f34aa3d320cb02ca74 Mon Sep 17 00:00:00 2001 From: shanggeeth Date: Fri, 20 Oct 2023 11:53:42 +0530 Subject: [PATCH] Send OTP in email in Ask-password flow based on the configuration --- .../recovery/handler/UserEmailVerificationHandler.java | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/handler/UserEmailVerificationHandler.java b/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/handler/UserEmailVerificationHandler.java index 18f46a13b5..924cb9cbb1 100644 --- a/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/handler/UserEmailVerificationHandler.java +++ b/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/handler/UserEmailVerificationHandler.java @@ -202,7 +202,14 @@ public void handleEvent(Event event) throws IdentityEventException { Utils.publishRecoveryEvent(eventProperties, IdentityEventConstants.Event.POST_VERIFY_EMAIL_CLAIM, confirmationCode); } else if (IdentityRecoveryConstants.ASK_PASSWORD_CLAIM.equals(claim.getClaimUri())) { - String confirmationCode = UUID.randomUUID().toString(); + String confirmationCode; + try { + confirmationCode = Utils.generateSecretKey( + NotificationChannels.EMAIL_CHANNEL.getChannelType(), RecoveryScenarios.ASK_PASSWORD.name(), + user.getTenantDomain(), "EmailVerification"); + } catch (IdentityRecoveryServerException e) { + throw new IdentityEventException("Error while fetching the OTP pattern ", e); + } if (isAccountClaimExist) { setUserClaim(IdentityRecoveryConstants.ACCOUNT_STATE_CLAIM_URI, IdentityRecoveryConstants.PENDING_ASK_PASSWORD, userStoreManager, user);