Inform account status when password reset is initiated

components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/AuditConstants.java

@@ -36,6 +36,7 @@ public class AuditConstants {
     public static final String ACTION_PASSWORD_RECOVERY = "Password recovery";
     public static final String ACTION_USERNAME_RECOVERY = "Username recovery";
     public static final String ACTION_PASSWORD_RESET = "Password reset";
+    public static final String ACTION_ACCOUNT_STATUS_NOTIFY = "Account status notify";
     public static final String NOTIFICATION_TEMPLATE_TYPE = "Notification template";
     public static final String USER_STORE_DOMAIN = "UserStoreDomain";
     public static final String RECOVERY_SCENARIO = "RecoveryScenario";

components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/IdentityRecoveryConstants.java

@@ -66,6 +66,7 @@ public class IdentityRecoveryConstants {
     public static final String NOTIFICATION_ACCOUNT_ID_RECOVERY = "accountidrecovery";
     public static final String NOTIFICATION_TYPE_SELF_SIGNUP_SUCCESS = "selfSignUpSuccess";
     public static final String NOTIFICATION_TYPE_SELF_SIGNUP_NOTIFY = "selfSignUpNotify";
+    public static final String NOTIFICATION_TYPE_ACCOUNT_STATUS_NOTIFY = "accountStatusNotify";
     public static final String RECOVERY_STATUS_INCOMPLETE = "INCOMPLETE";
     public static final String RECOVERY_STATUS_COMPLETE = "COMPLETE";
     public static final String TEMPLATE_TYPE = "TEMPLATE_TYPE";

components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/password/NotificationPasswordRecoveryManager.java

@@ -162,6 +162,10 @@ IdentityEventConstants.Event.PRE_SEND_RECOVERY_NOTIFICATION, new UserRecoveryDat
                 throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_DISABLED_ACCOUNT,
                         user.getUserName());
             }
+            String eventName = Utils.resolveEventName(notificationChannel);
+            triggerAccountStatusNotification(user, notificationChannel,
+                    IdentityRecoveryConstants.NOTIFICATION_TYPE_ACCOUNT_STATUS_NOTIFY, "DISABLED", eventName,
+                    properties);
             return new NotificationResponseBean(user);
         } else if (Utils.isAccountLocked(user)) {
             // Check user in PENDING_SR or PENDING_AP status.
@@ -171,6 +175,10 @@ IdentityEventConstants.Event.PRE_SEND_RECOVERY_NOTIFICATION, new UserRecoveryDat
                 throw Utils.handleClientException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_LOCKED_ACCOUNT,
                         user.getUserName());
             }
+            String eventName = Utils.resolveEventName(notificationChannel);
+            triggerAccountStatusNotification(user, notificationChannel,
+                    IdentityRecoveryConstants.NOTIFICATION_TYPE_ACCOUNT_STATUS_NOTIFY, "LOCKED", eventName,
+                    properties);
             return new NotificationResponseBean(user);
         }
         UserRecoveryDataStore userRecoveryDataStore = JDBCRecoveryDataStore.getInstance();
@@ -1026,6 +1034,58 @@ private void triggerNotification(User user, String notificationChannel, String t
 
     }
 
+    /**
+     * Trigger notification to send account status information.
+     *
+     * @param user                User
+     * @param notificationChannel Notification channel
+     * @param templateName        Notification Template name
+     * @param status              Account status
+     * @param eventName           Event name
+     * @param metaProperties      Meta properties to be sent with the notification.
+     * @throws IdentityRecoveryException Error while triggering notification.
+     */
+    private void triggerAccountStatusNotification(User user, String notificationChannel, String templateName, String status,
+                                     String eventName, Property[] metaProperties)
+            throws IdentityRecoveryException {
+
+        HashMap<String, Object> properties = new HashMap<>();
+        properties.put(IdentityEventConstants.EventProperty.USER_NAME, user.getUserName());
+        properties.put(IdentityEventConstants.EventProperty.TENANT_DOMAIN, user.getTenantDomain());
+        properties.put(IdentityEventConstants.EventProperty.USER_STORE_DOMAIN, user.getUserStoreDomain());
+        properties.put(IdentityEventConstants.EventProperty.NOTIFICATION_CHANNEL, notificationChannel);
+        if (StringUtils.isNotBlank(status)) {
+            switch (status) {
+                case "LOCKED":
+                    properties.put("STATE", "ACCOUNT_LOCKED");
+                    break;
+                case "DISABLED":
+                    properties.put("STATE", "ACCOUNT_DISABLED");
+                    break;
+            }
+        }
+        if (metaProperties != null) {
+            for (Property metaProperty : metaProperties) {
+                if (StringUtils.isNotBlank(metaProperty.getValue()) && StringUtils.isNotBlank(metaProperty.getKey())) {
+                    properties.put(metaProperty.getKey(), metaProperty.getValue());
+                }
+            }
+        }
+        properties.put(IdentityRecoveryConstants.TEMPLATE_TYPE, templateName);
+        Event identityMgtEvent = new Event(eventName, properties);
+        try {
+            IdentityRecoveryServiceDataHolder.getInstance().getIdentityEventService().handleEvent(identityMgtEvent);
+            auditAccountStatusNotify(AuditConstants.ACTION_ACCOUNT_STATUS_NOTIFY, notificationChannel, user, null,
+                    FrameworkConstants.AUDIT_SUCCESS, templateName);
+        } catch (IdentityEventException e) {
+            auditAccountStatusNotify(AuditConstants.ACTION_ACCOUNT_STATUS_NOTIFY, notificationChannel, user,
+                    e.getMessage(), FrameworkConstants.AUDIT_FAILED, templateName);
+            throw Utils.handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_TRIGGER_NOTIFICATION,
+                    user.getUserName(), e);
+        }
+
+    }
+
     private void publishEvent(User user, String notify, String code, String password, Property[] metaProperties,
                               String eventName, UserRecoveryData userRecoveryData) throws
             IdentityRecoveryException {
@@ -1141,6 +1201,25 @@ private void auditPasswordRecovery(String action, String notificationChannel, Us
         Utils.createAuditMessage(action, user.getUserName(), dataObject, result);
     }
 
+    private void auditAccountStatusNotify(String action, String notificationChannel, User user, String errorMsg,
+                                       String result, String notificationTemplateType) {
+
+        // TODO: Update properly
+        JSONObject dataObject = new JSONObject();
+        dataObject.put(AuditConstants.REMOTE_ADDRESS_KEY, MDC.get(AuditConstants.REMOTE_ADDRESS_QUERY_KEY));
+        dataObject.put(AuditConstants.USER_AGENT_KEY, MDC.get(AuditConstants.USER_AGENT_QUERY_KEY));
+        dataObject.put(AuditConstants.NOTIFICATION_CHANNEL, notificationChannel);
+        dataObject.put(AuditConstants.SERVICE_PROVIDER_KEY, MDC.get(AuditConstants.SERVICE_PROVIDER_QUERY_KEY));
+        dataObject.put(AuditConstants.USER_STORE_DOMAIN, user.getUserStoreDomain());
+        dataObject.put(AuditConstants.TENANT_DOMAIN, user.getTenantDomain());
+        dataObject.put(AuditConstants.NOTIFICATION_TEMPLATE_TYPE, notificationTemplateType);
+
+        if (AUDIT_FAILED.equals(result)) {
+            dataObject.put(AuditConstants.ERROR_MESSAGE_KEY, errorMsg);
+        }
+        Utils.createAuditMessage(action, user.getUserName(), dataObject, result);
+    }
+
     private void auditPasswordReset(User user, String action, String errorMsg, String result, String recoveryScenario,
                                     String recoveryStep) {