Skip to content

Commit

Permalink
Skip setting the verified claim for notification less password recove…
Browse files Browse the repository at this point in the history
…ry flows
  • Loading branch information
shanggeeth committed Dec 16, 2024
1 parent f244f5c commit becd0fa
Showing 1 changed file with 15 additions and 1 deletion.
Original file line number Diff line number Diff line change
Expand Up @@ -936,7 +936,7 @@ private HashMap<String, String> getAccountStateClaims(UserRecoveryData userRecov
Enum<RecoveryScenarios> recoveryScenario = userRecoveryData.getRecoveryScenario();
// If notifications are internally managed we try to set the verified claims since this is an opportunity
// to verify a user channel.
if (isNotificationInternallyManaged) {
if (isNotificationInternallyManaged && !isNotificationLessRecoveryMethod(recoveryScenario)) {
if (NotificationChannels.EMAIL_CHANNEL.getChannelType().equals(userRecoveryData.getRemainingSetIds())) {
userClaims.put(NotificationChannels.EMAIL_CHANNEL.getVerifiedClaimUrl(), Boolean.TRUE.toString());
} else if (NotificationChannels.SMS_CHANNEL.getChannelType().equals(userRecoveryData.getRemainingSetIds())) {
Expand Down Expand Up @@ -978,6 +978,20 @@ private HashMap<String, String> getAccountStateClaims(UserRecoveryData userRecov
return userClaims;
}

/**
* Check whether the recovery scenario is notification based.
* A set of recovery scenarios such as question based password recovery, and
* password reset on password expiry does not require sending notifications to the user.
*
* @param recoveryScenario Recovery scenario
* @return True if the recovery scenario does not require sending notifications
*/
private boolean isNotificationLessRecoveryMethod(Enum recoveryScenario) {

return RecoveryScenarios.QUESTION_BASED_PWD_RECOVERY.equals(recoveryScenario) ||
RecoveryScenarios.PASSWORD_EXPIRY.equals(recoveryScenario);
}

/**
* Validate Tenant domain of the user with the domain in the context.
*
Expand Down

0 comments on commit becd0fa

Please sign in to comment.