From e5d291ddec9d5855aaec0a48ad6708d140c87e64 Mon Sep 17 00:00:00 2001 From: Rashmini Date: Fri, 13 Oct 2023 11:45:50 +0530 Subject: [PATCH] Update config names for max failed attempts and max resend attempts --- .../recovery/IdentityRecoveryConstants.java | 4 +- .../ResendConfirmationManager.java | 2 +- .../connector/RecoveryConfigImpl.java | 44 +++++++++---------- .../password/PasswordRecoveryManagerImpl.java | 2 +- .../NotificationPasswordRecoveryManager.java | 2 +- .../recovery/store/JDBCRecoveryDataStore.java | 3 +- .../connector/RecoveryConfigImplTest.java | 12 ++--- 7 files changed, 35 insertions(+), 34 deletions(-) diff --git a/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/IdentityRecoveryConstants.java b/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/IdentityRecoveryConstants.java index 431d739655..15cdcaa269 100644 --- a/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/IdentityRecoveryConstants.java +++ b/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/IdentityRecoveryConstants.java @@ -632,9 +632,9 @@ public static class ConnectorConfig { public static final String ENABLE_AUTO_LGOIN_AFTER_PASSWORD_RESET = "Recovery.AutoLogin.Enable"; public static final String SELF_REGISTRATION_AUTO_LOGIN = "SelfRegistration.AutoLogin.Enable"; public static final String SELF_REGISTRATION_AUTO_LOGIN_ALIAS_NAME = "SelfRegistration.AutoLogin.AliasName"; - public static final String RECOVERY_OTP_PASSWORD_MAX_FAILED_ATTEMPTS = "Recovery.OTP" + + public static final String RECOVERY_NOTIFICATION_PASSWORD_MAX_FAILED_ATTEMPTS = "Recovery.Notification" + ".Password.MaxFailedAttempts"; - public static final String RECOVERY_OTP_PASSWORD_MAX_RESEND_ATTEMPTS = "Recovery.OTP" + + public static final String RECOVERY_NOTIFICATION_PASSWORD_MAX_RESEND_ATTEMPTS = "Recovery.Notification" + ".Password.MaxResendAttempts"; } diff --git a/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/confirmation/ResendConfirmationManager.java b/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/confirmation/ResendConfirmationManager.java index 248746a5d4..5e2ee120ef 100644 --- a/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/confirmation/ResendConfirmationManager.java +++ b/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/confirmation/ResendConfirmationManager.java @@ -154,7 +154,7 @@ public ResendConfirmationDTO resendConfirmation(String tenantDomain, String rese userRecoveryData); int resendCount = userRecoveryFlowData.getResendCount(); if (resendCount >= Integer.parseInt(Utils.getRecoveryConfigs(IdentityRecoveryConstants.ConnectorConfig. - RECOVERY_OTP_PASSWORD_MAX_RESEND_ATTEMPTS, tenantDomain))) { + RECOVERY_NOTIFICATION_PASSWORD_MAX_RESEND_ATTEMPTS, tenantDomain))) { userAccountRecoveryManager.invalidateRecoveryData(recoveryFlowId); throw Utils.handleClientException( IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_INVALID_RECOVERY_FLOW_ID.getCode(), diff --git a/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/connector/RecoveryConfigImpl.java b/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/connector/RecoveryConfigImpl.java index 0405768fad..e973e3fd17 100644 --- a/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/connector/RecoveryConfigImpl.java +++ b/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/connector/RecoveryConfigImpl.java @@ -112,10 +112,10 @@ public Map getPropertyNameMapping() { "Recovery callback URL regex"); nameMapping.put(IdentityRecoveryConstants.ConnectorConfig.ENABLE_AUTO_LGOIN_AFTER_PASSWORD_RESET, "Enable Auto Login After Password Reset"); - nameMapping.put(IdentityRecoveryConstants.ConnectorConfig.RECOVERY_OTP_PASSWORD_MAX_FAILED_ATTEMPTS, - "Max failed attempts for OTP based recovery"); - nameMapping.put(IdentityRecoveryConstants.ConnectorConfig.RECOVERY_OTP_PASSWORD_MAX_RESEND_ATTEMPTS, - "Max resend attempts for OTP based recovery"); + nameMapping.put(IdentityRecoveryConstants.ConnectorConfig.RECOVERY_NOTIFICATION_PASSWORD_MAX_FAILED_ATTEMPTS, + "Max failed attempts for password recovery"); + nameMapping.put(IdentityRecoveryConstants.ConnectorConfig.RECOVERY_NOTIFICATION_PASSWORD_MAX_RESEND_ATTEMPTS, + "Max resend attempts for password recovery"); return nameMapping; } @@ -172,8 +172,8 @@ public String[] getPropertyNames() { properties.add(IdentityRecoveryConstants.ConnectorConfig.FORCE_MIN_NO_QUESTION_ANSWERED); properties.add(IdentityRecoveryConstants.ConnectorConfig.RECOVERY_CALLBACK_REGEX); properties.add(IdentityRecoveryConstants.ConnectorConfig.ENABLE_AUTO_LGOIN_AFTER_PASSWORD_RESET); - properties.add(IdentityRecoveryConstants.ConnectorConfig.RECOVERY_OTP_PASSWORD_MAX_FAILED_ATTEMPTS); - properties.add(IdentityRecoveryConstants.ConnectorConfig.RECOVERY_OTP_PASSWORD_MAX_RESEND_ATTEMPTS); + properties.add(IdentityRecoveryConstants.ConnectorConfig.RECOVERY_NOTIFICATION_PASSWORD_MAX_FAILED_ATTEMPTS); + properties.add(IdentityRecoveryConstants.ConnectorConfig.RECOVERY_NOTIFICATION_PASSWORD_MAX_RESEND_ATTEMPTS); return properties.toArray(new String[0]); } @@ -200,8 +200,8 @@ public Properties getDefaultPropertyValues(String tenantDomain) throws IdentityG String minimumForcedChallengeQuestionsAnswered = "1"; String recoveryCallbackRegex = IdentityRecoveryConstants.DEFAULT_CALLBACK_REGEX; String enableAdminPasswordResetAutoLoginProperty = "false"; - String recoveryOTPMaxFailedAttempts = "3"; - String recoveryOTPMaxResendAttempts = "5"; + String recoveryMaxFailedAttempts = "3"; + String recoveryMaxResendAttempts = "5"; String notificationBasedPasswordRecovery = IdentityUtil.getProperty( IdentityRecoveryConstants.ConnectorConfig.NOTIFICATION_BASED_PW_RECOVERY); @@ -242,10 +242,10 @@ public Properties getDefaultPropertyValues(String tenantDomain) throws IdentityG IdentityRecoveryConstants.ConnectorConfig.RECOVERY_CALLBACK_REGEX); String adminPasswordResetAutoLoginProperty = IdentityUtil.getProperty( IdentityRecoveryConstants.ConnectorConfig.ENABLE_AUTO_LGOIN_AFTER_PASSWORD_RESET); - String otpMaxFailedAttempts = IdentityUtil.getProperty(IdentityRecoveryConstants. - ConnectorConfig.RECOVERY_OTP_PASSWORD_MAX_FAILED_ATTEMPTS); - String otpMaxResendAttempts = IdentityUtil.getProperty(IdentityRecoveryConstants. - ConnectorConfig.RECOVERY_OTP_PASSWORD_MAX_RESEND_ATTEMPTS); + String maxFailedAttempts = IdentityUtil.getProperty(IdentityRecoveryConstants. + ConnectorConfig.RECOVERY_NOTIFICATION_PASSWORD_MAX_FAILED_ATTEMPTS); + String maxResendAttempts = IdentityUtil.getProperty(IdentityRecoveryConstants. + ConnectorConfig.RECOVERY_NOTIFICATION_PASSWORD_MAX_RESEND_ATTEMPTS); if (StringUtils.isNotEmpty(expiryTimeSMSOTPProperty)) { expiryTimeSMSOTP = expiryTimeSMSOTPProperty; @@ -307,11 +307,11 @@ public Properties getDefaultPropertyValues(String tenantDomain) throws IdentityG if (StringUtils.isNotEmpty(adminPasswordResetAutoLoginProperty)) { enableAdminPasswordResetAutoLoginProperty = adminPasswordResetAutoLoginProperty; } - if (StringUtils.isNotEmpty(otpMaxFailedAttempts)) { - recoveryOTPMaxFailedAttempts = otpMaxFailedAttempts; + if (StringUtils.isNotEmpty(maxFailedAttempts)) { + recoveryMaxFailedAttempts = maxFailedAttempts; } - if (StringUtils.isNotEmpty(otpMaxResendAttempts)) { - recoveryOTPMaxResendAttempts = otpMaxResendAttempts; + if (StringUtils.isNotEmpty(maxResendAttempts)) { + recoveryMaxResendAttempts = maxResendAttempts; } Map defaultProperties = new HashMap<>(); @@ -354,10 +354,10 @@ public Properties getDefaultPropertyValues(String tenantDomain) throws IdentityG defaultProperties.put(IdentityRecoveryConstants.ConnectorConfig.RECOVERY_CALLBACK_REGEX, recoveryCallbackRegex); defaultProperties.put(IdentityRecoveryConstants.ConnectorConfig.ENABLE_AUTO_LGOIN_AFTER_PASSWORD_RESET, enableAdminPasswordResetAutoLoginProperty); - defaultProperties.put(IdentityRecoveryConstants.ConnectorConfig.RECOVERY_OTP_PASSWORD_MAX_FAILED_ATTEMPTS, - recoveryOTPMaxFailedAttempts); - defaultProperties.put(IdentityRecoveryConstants.ConnectorConfig.RECOVERY_OTP_PASSWORD_MAX_RESEND_ATTEMPTS, - recoveryOTPMaxResendAttempts); + defaultProperties.put(IdentityRecoveryConstants.ConnectorConfig + .RECOVERY_NOTIFICATION_PASSWORD_MAX_FAILED_ATTEMPTS, recoveryMaxFailedAttempts); + defaultProperties.put(IdentityRecoveryConstants.ConnectorConfig + .RECOVERY_NOTIFICATION_PASSWORD_MAX_RESEND_ATTEMPTS, recoveryMaxResendAttempts); Properties properties = new Properties(); properties.putAll(defaultProperties); @@ -433,10 +433,10 @@ public Map getMetaData() { meta.put(IdentityRecoveryConstants.ConnectorConfig.RECOVERY_CALLBACK_REGEX, getPropertyObject(IdentityMgtConstants.DataTypes.STRING.getValue())); - meta.put(IdentityRecoveryConstants.ConnectorConfig.RECOVERY_OTP_PASSWORD_MAX_FAILED_ATTEMPTS, + meta.put(IdentityRecoveryConstants.ConnectorConfig.RECOVERY_NOTIFICATION_PASSWORD_MAX_FAILED_ATTEMPTS, getPropertyObject(IdentityMgtConstants.DataTypes.INTEGER.getValue())); - meta.put(IdentityRecoveryConstants.ConnectorConfig.RECOVERY_OTP_PASSWORD_MAX_RESEND_ATTEMPTS, + meta.put(IdentityRecoveryConstants.ConnectorConfig.RECOVERY_NOTIFICATION_PASSWORD_MAX_RESEND_ATTEMPTS, getPropertyObject(IdentityMgtConstants.DataTypes.INTEGER.getValue())); return meta; diff --git a/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/internal/service/impl/password/PasswordRecoveryManagerImpl.java b/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/internal/service/impl/password/PasswordRecoveryManagerImpl.java index 0b1eb93bad..f9b2029b64 100644 --- a/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/internal/service/impl/password/PasswordRecoveryManagerImpl.java +++ b/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/internal/service/impl/password/PasswordRecoveryManagerImpl.java @@ -280,7 +280,7 @@ public PasswordResetCodeDTO confirm(String otp, String confirmationCode, String } failedAttempts = failedAttempts + 1; if (failedAttempts >= Integer.parseInt(Utils.getRecoveryConfigs(IdentityRecoveryConstants.ConnectorConfig. - RECOVERY_OTP_PASSWORD_MAX_FAILED_ATTEMPTS, tenantDomain))) { + RECOVERY_NOTIFICATION_PASSWORD_MAX_FAILED_ATTEMPTS, tenantDomain))) { userAccountRecoveryManager.invalidateRecoveryData(recoveryFlowId); throw Utils.handleClientException( IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_INVALID_RECOVERY_FLOW_ID.getCode(), diff --git a/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/password/NotificationPasswordRecoveryManager.java b/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/password/NotificationPasswordRecoveryManager.java index 8ff31ae33d..a3bdc92c7a 100644 --- a/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/password/NotificationPasswordRecoveryManager.java +++ b/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/password/NotificationPasswordRecoveryManager.java @@ -701,7 +701,7 @@ public User updateUserPassword(String code, String confirmationCode, String pass if (!(StringUtils.equals(hashedCode, userRecoveryData.getSecret()) || StringUtils.equals(code, userRecoveryData.getSecret()))) { if ((failedAttempts + 1) >= Integer.parseInt(Utils.getRecoveryConfigs(IdentityRecoveryConstants. - ConnectorConfig.RECOVERY_OTP_PASSWORD_MAX_FAILED_ATTEMPTS, userRecoveryData.getUser(). + ConnectorConfig.RECOVERY_NOTIFICATION_PASSWORD_MAX_FAILED_ATTEMPTS, userRecoveryData.getUser(). getTenantDomain()))) { userRecoveryDataStore.invalidateWithRecoveryFlowId(confirmationCode); throw Utils.handleClientException( diff --git a/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/store/JDBCRecoveryDataStore.java b/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/store/JDBCRecoveryDataStore.java index 060445a32b..568ee5b299 100644 --- a/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/store/JDBCRecoveryDataStore.java +++ b/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/store/JDBCRecoveryDataStore.java @@ -1062,7 +1062,8 @@ private boolean isRecoveryFlowIdExpired(String tenantDomain, long createdTimesta codeExpiryTime = Integer.parseInt(Utils.getRecoveryConfigs( IdentityRecoveryConstants.ConnectorConfig.PASSWORD_RECOVERY_SMS_OTP_EXPIRY_TIME, tenantDomain)); allowedResendAttempts = Integer.parseInt(Utils.getRecoveryConfigs( - IdentityRecoveryConstants.ConnectorConfig.RECOVERY_OTP_PASSWORD_MAX_RESEND_ATTEMPTS, tenantDomain)); + IdentityRecoveryConstants.ConnectorConfig.RECOVERY_NOTIFICATION_PASSWORD_MAX_RESEND_ATTEMPTS, + tenantDomain)); recoveryFlowIdExpiryTime = codeExpiryTime * allowedResendAttempts; } else { recoveryFlowIdExpiryTime = Integer.parseInt( diff --git a/components/org.wso2.carbon.identity.recovery/src/test/java/org/wso2/carbon/identity/recovery/connector/RecoveryConfigImplTest.java b/components/org.wso2.carbon.identity.recovery/src/test/java/org/wso2/carbon/identity/recovery/connector/RecoveryConfigImplTest.java index 007fa278cd..344d89f2b7 100644 --- a/components/org.wso2.carbon.identity.recovery/src/test/java/org/wso2/carbon/identity/recovery/connector/RecoveryConfigImplTest.java +++ b/components/org.wso2.carbon.identity.recovery/src/test/java/org/wso2/carbon/identity/recovery/connector/RecoveryConfigImplTest.java @@ -122,10 +122,10 @@ public void testGetPropertyNameMapping() { "Recovery callback URL regex"); nameMappingExpected.put(IdentityRecoveryConstants.ConnectorConfig.ENABLE_AUTO_LGOIN_AFTER_PASSWORD_RESET, "Enable Auto Login After Password Reset"); - nameMappingExpected.put(IdentityRecoveryConstants.ConnectorConfig.RECOVERY_OTP_PASSWORD_MAX_FAILED_ATTEMPTS, - "Max failed attempts for OTP based recovery"); - nameMappingExpected.put(IdentityRecoveryConstants.ConnectorConfig.RECOVERY_OTP_PASSWORD_MAX_RESEND_ATTEMPTS, - "Max resend attempts for OTP based recovery"); + nameMappingExpected.put(IdentityRecoveryConstants.ConnectorConfig + .RECOVERY_NOTIFICATION_PASSWORD_MAX_FAILED_ATTEMPTS, "Max failed attempts for password recovery"); + nameMappingExpected.put(IdentityRecoveryConstants.ConnectorConfig + .RECOVERY_NOTIFICATION_PASSWORD_MAX_RESEND_ATTEMPTS,"Max resend attempts for password recovery"); Map nameMapping = recoveryConfigImpl.getPropertyNameMapping(); @@ -265,9 +265,9 @@ public void testGetDefaultPropertyValues() throws IdentityGovernanceException { defaultPropertiesExpected.put(IdentityRecoveryConstants.ConnectorConfig. ENABLE_AUTO_LGOIN_AFTER_PASSWORD_RESET, enableAutoLoginAfterPasswordReset); defaultPropertiesExpected.put(IdentityRecoveryConstants.ConnectorConfig. - RECOVERY_OTP_PASSWORD_MAX_FAILED_ATTEMPTS, recoveryOTPMaxFailedAttempts); + RECOVERY_NOTIFICATION_PASSWORD_MAX_FAILED_ATTEMPTS, recoveryOTPMaxFailedAttempts); defaultPropertiesExpected.put(IdentityRecoveryConstants.ConnectorConfig. - RECOVERY_OTP_PASSWORD_MAX_RESEND_ATTEMPTS, recoveryOTPMaxResendAttempts); + RECOVERY_NOTIFICATION_PASSWORD_MAX_RESEND_ATTEMPTS, recoveryOTPMaxResendAttempts); String tenantDomain = "admin"; // Here tenantDomain parameter is not used by method itself