From 1059bf8fc8dbaea21e7a0da30d711e191d46fcfd Mon Sep 17 00:00:00 2001 From: Rashmini Date: Mon, 28 Aug 2023 15:55:49 +0530 Subject: [PATCH 1/2] Disable current recovery service --- .../identity/recovery/IdentityRecoveryConstants.java | 1 + .../impl/password/PasswordRecoveryManagerImpl.java | 11 +++++++++++ 2 files changed, 12 insertions(+) diff --git a/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/IdentityRecoveryConstants.java b/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/IdentityRecoveryConstants.java index c46aa15b79..c1ff942296 100644 --- a/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/IdentityRecoveryConstants.java +++ b/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/IdentityRecoveryConstants.java @@ -354,6 +354,7 @@ public enum ErrorMessages { ERROR_CODE_EXPIRED_RECOVERY_CODE("UAR-10013", "Invalid recovery code: '%s'"), ERROR_CODE_USER_ACCOUNT_RECOVERY_VALIDATION_FAILED("UAR-10014", "User account recovery validation failed for user account: '%s'"), + ERROR_CODE_API_DISABLED("UAR-10017", "Recovery API is disabled"), ERROR_CODE_ERROR_STORING_RECOVERY_DATA("UAR-15001", "Error storing user recovery data"), ERROR_CODE_ERROR_GETTING_USERSTORE_MANAGER("UAR-15002", "Error getting userstore manager"), ERROR_CODE_ERROR_RETRIEVING_USER_CLAIM("UAR-15003", "Error getting the claims: '%s' " diff --git a/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/internal/service/impl/password/PasswordRecoveryManagerImpl.java b/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/internal/service/impl/password/PasswordRecoveryManagerImpl.java index 62822a46b8..390aab2032 100644 --- a/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/internal/service/impl/password/PasswordRecoveryManagerImpl.java +++ b/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/internal/service/impl/password/PasswordRecoveryManagerImpl.java @@ -23,6 +23,7 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.wso2.carbon.identity.application.common.model.User; +import org.wso2.carbon.identity.base.IdentityConstants; import org.wso2.carbon.identity.core.util.IdentityTenantUtil; import org.wso2.carbon.identity.core.util.IdentityUtil; import org.wso2.carbon.identity.event.IdentityEventException; @@ -184,6 +185,11 @@ public PasswordRecoverDTO notify(String recoveryCode, String channelId, String t public PasswordResetCodeDTO confirm(String confirmationCode, String tenantDomain, Map properties) throws IdentityRecoveryException { + if (!Boolean.parseBoolean(IdentityUtil.getProperty( + IdentityConstants.Recovery.RECOVERY_V1_API_ENABLE))) { + throw Utils.handleClientException( + IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_API_DISABLED, null); + } validateTenantDomain(tenantDomain); UserAccountRecoveryManager userAccountRecoveryManager = UserAccountRecoveryManager.getInstance(); // Get Recovery data. @@ -216,6 +222,11 @@ public PasswordResetCodeDTO confirm(String confirmationCode, String tenantDomain public SuccessfulPasswordResetDTO reset(String resetCode, char[] password, Map properties) throws IdentityRecoveryException { + if (!Boolean.parseBoolean(IdentityUtil.getProperty( + IdentityConstants.Recovery.RECOVERY_V1_API_ENABLE))) { + throw Utils.handleClientException( + IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_API_DISABLED, null); + } // Validate the password. if (ArrayUtils.isEmpty(password)) { throw Utils.handleClientException( From c66a1f3fd93f17dc62e18d312a0521da3a4375fc Mon Sep 17 00:00:00 2001 From: Rashmini Date: Thu, 21 Sep 2023 15:40:15 +0530 Subject: [PATCH 2/2] Fix formatting --- .../carbon/identity/recovery/IdentityRecoveryConstants.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/IdentityRecoveryConstants.java b/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/IdentityRecoveryConstants.java index 42869cceb0..b2cba738a5 100644 --- a/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/IdentityRecoveryConstants.java +++ b/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/IdentityRecoveryConstants.java @@ -374,7 +374,7 @@ public enum ErrorMessages { "User account recovery validation failed for user account: '%s'"), ERROR_CODE_INVALID_RECOVERY_FLOW_ID("UAR-10015", "Invalid confirmation code : '%s'."), ERROR_CODE_EXPIRED_RECOVERY_FLOW_ID("UAR-10016", "Expired confirmation code : '%s'."), - ERROR_CODE_API_DISABLED("UAR-10017", "Recovery API is disabled"), + ERROR_CODE_API_DISABLED("UAR-10017", "Recovery API is disabled."), ERROR_CODE_NO_RECOVERY_FLOW_DATA("UAR-10018", "No recovery flow data found for " + "recovery flow id : '%s'."), ERROR_CODE_ERROR_STORING_RECOVERY_DATA("UAR-15001", "Error storing user recovery data"),