|
21 | 21 | import java.io.ByteArrayOutputStream; |
22 | 22 | import java.net.URL; |
23 | 23 | import java.nio.charset.StandardCharsets; |
24 | | -import java.text.SimpleDateFormat; |
25 | | -import java.util.ArrayList; |
26 | 24 | import java.util.Base64; |
27 | | -import java.util.Calendar; |
28 | | -import java.util.Collections; |
29 | 25 | import java.util.Date; |
30 | 26 | import java.util.HashMap; |
31 | 27 | import java.util.HashSet; |
32 | | -import java.util.List; |
33 | 28 | import java.util.Locale; |
34 | 29 | import java.util.Map; |
35 | 30 | import java.util.Set; |
|
60 | 55 | import it.eng.knowage.mailsender.dto.ProfileNameMailEnum; |
61 | 56 | import it.eng.knowage.mailsender.dto.TypeMailEnum; |
62 | 57 | import it.eng.knowage.mailsender.factory.FactoryMailSender; |
63 | | -import it.eng.spago.error.EMFErrorSeverity; |
64 | 58 | import it.eng.spago.error.EMFUserError; |
65 | 59 | import it.eng.spago.security.IEngUserProfile; |
66 | 60 | import it.eng.spagobi.commons.SingletonConfig; |
67 | | -import it.eng.spagobi.commons.bo.Config; |
68 | 61 | import it.eng.spagobi.commons.bo.Role; |
69 | 62 | import it.eng.spagobi.commons.bo.UserProfile; |
70 | | -import it.eng.spagobi.commons.constants.SpagoBIConstants; |
71 | 63 | import it.eng.spagobi.commons.dao.DAOFactory; |
72 | | -import it.eng.spagobi.commons.dao.IConfigDAO; |
73 | 64 | import it.eng.spagobi.commons.dao.IRoleDAO; |
74 | 65 | import it.eng.spagobi.commons.metadata.SbiCommonInfo; |
75 | 66 | import it.eng.spagobi.commons.metadata.SbiExtRoles; |
76 | 67 | import it.eng.spagobi.commons.utilities.GeneralUtilities; |
77 | | -import it.eng.spagobi.commons.utilities.StringUtilities; |
78 | 68 | import it.eng.spagobi.commons.utilities.messages.IMessageBuilder; |
79 | 69 | import it.eng.spagobi.commons.utilities.messages.MessageBuilder; |
80 | 70 | import it.eng.spagobi.commons.utilities.messages.MessageBuilderFactory; |
@@ -254,185 +244,6 @@ public String update(@Valid SignupDTO signupDTO) { |
254 | 244 | return new JSONObject().toString(); |
255 | 245 | } |
256 | 246 |
|
257 | | - @GET |
258 | | - @Path("/forgotPassword") |
259 | | - @PublicService |
260 | | - public View forgotPassword(@Context HttpServletRequest req) { |
261 | | - |
262 | | - String currTheme = ThemesManager.getDefaultTheme(); |
263 | | - LOGGER.debug("currTheme: " + currTheme); |
264 | | - |
265 | | - String url = "/themes/" + currTheme + "/jsp/signup/forgotPassword.jsp"; |
266 | | - LOGGER.debug("url for active: " + url); |
267 | | - req.setAttribute("currTheme", currTheme); |
268 | | - return new View(url); |
269 | | - } |
270 | | - |
271 | | - @POST |
272 | | - @Path("/forgotPasswordMail") |
273 | | - @PublicService |
274 | | - public View forgotPasswordMail(@Context HttpServletRequest req) { |
275 | | - |
276 | | - String mail = request.getParameter("mail"); |
277 | | - MessageBuilder msgBuilder = new MessageBuilder(); |
278 | | - Locale locale = msgBuilder.getLocale(request); |
279 | | - |
280 | | - |
281 | | - if (mail != null) { |
282 | | - ISbiUserDAO userDao = DAOFactory.getSbiUserDAO(); |
283 | | - ArrayList<SbiUser> lstUser = userDao.loadSbiUserFromEmail(mail); |
284 | | - |
285 | | - if (lstUser != null && lstUser.size() == 1) { |
286 | | - try { |
287 | | - SbiUser user = lstUser.get(0); |
288 | | - |
289 | | - String host = request.getServerName(); |
290 | | - int port = request.getServerPort(); |
291 | | - |
292 | | - |
293 | | - String subject = msgBuilder.getMessage("signup.forgotPassword.mail.subject", locale); |
294 | | - |
295 | | - String token = SignupJWTTokenManager.createJWTToken(user.getUserId()); |
296 | | - String version = SbiCommonInfo.getVersion().substring(0, SbiCommonInfo.getVersion().lastIndexOf(".")); |
297 | | - |
298 | | - String urlString = request.getContextPath() + "/restful-services/signup/changePasswordMail?token=" + token + "&locale=" + locale |
299 | | - + "&version=" |
300 | | - + version; |
301 | | - URL url = new URL(request.getScheme(), host, port, urlString); |
302 | | - |
303 | | - String clickableLink = "<a href=\"" + url.toString() + "\">" + msgBuilder.getMessage("signup.forgotPassword.mail.text1", locale) + "</a>"; |
304 | | - |
305 | | - String mailText = msgBuilder.getMessage("signup.forgotPassword.mail.text2", locale); |
306 | | - mailText = mailText + "<br><br>" + clickableLink + "<br><br>" + msgBuilder.getMessage("signup.forgotPassword.mail.text3", locale) |
307 | | - + "<br><br>"; |
308 | | - mailText = mailText + msgBuilder.getMessage("signup.forgotPassword.mail.text4", locale); |
309 | | - sendMail(mail, subject, mailText); |
310 | | - } catch (Exception e) { |
311 | | - LOGGER.error("An unexpected error occurred while executing the forgotPasswordMail", e); |
312 | | - throw new SpagoBIServiceException("An unexpected error occurred while executing the forgotPasswordMail", e); |
313 | | - } |
314 | | - |
315 | | - } |
316 | | - |
317 | | - } |
318 | | - |
319 | | - String currTheme = ThemesManager.getDefaultTheme(); |
320 | | - LOGGER.debug("currTheme: " + currTheme); |
321 | | - |
322 | | - String url = "/themes/" + currTheme + "/jsp/signup/forgotPassword.jsp"; |
323 | | - req.setAttribute("currTheme", currTheme); |
324 | | - req.setAttribute("sendMail", "ok"); |
325 | | - return new View(url); |
326 | | - } |
327 | | - |
328 | | - @GET |
329 | | - @Path("/changePasswordMail") |
330 | | - @PublicService |
331 | | - public View changePasswordMail(@Context HttpServletRequest req) throws JSONException { |
332 | | - |
333 | | - String token = request.getParameter("token"); |
334 | | - MessageBuilder msgBuilder = new MessageBuilder(); |
335 | | - Locale locale = msgBuilder.getLocale(request); |
336 | | - String messageError = null; |
337 | | - String userId = null; |
338 | | - try { |
339 | | - userId = SignupJWTTokenManager.verifyJWTToken(token); |
340 | | - |
341 | | - ISbiUserDAO userDao = DAOFactory.getSbiUserDAO(); |
342 | | - SbiUser user = userDao.loadSbiUserByUserId(userId); |
343 | | - |
344 | | - if (user == null) { |
345 | | - messageError = msgBuilder.getMessage("signup.forgotPassword.unknownUser", locale); |
346 | | - } |
347 | | - |
348 | | - LOGGER.debug("OUT"); |
349 | | - |
350 | | - } catch (TokenExpiredException te) { |
351 | | - LOGGER.error("Expired Token [" + token + "]", te); |
352 | | - messageError = msgBuilder.getMessage("signup.forgotPassword.TokenExpired", locale); |
353 | | - } catch (Exception e) { |
354 | | - LOGGER.error("Generic token validation error [" + token + "]", e); |
355 | | - messageError = msgBuilder.getMessage("signup.forgotPassword.TokenError", locale); |
356 | | - } |
357 | | - |
358 | | - String currTheme = ThemesManager.getDefaultTheme(); |
359 | | - LOGGER.debug("currTheme: " + currTheme); |
360 | | - |
361 | | - String url = "/themes/" + currTheme + "/jsp/signup/changePassword.jsp"; |
362 | | - req.setAttribute("currTheme", currTheme); |
363 | | - req.setAttribute("userId", token); |
364 | | - req.setAttribute("messageErrorToken", messageError); |
365 | | - return new View(url); |
366 | | - } |
367 | | - |
368 | | - @POST |
369 | | - @Path("/changePassword") |
370 | | - @PublicService |
371 | | - public View changePassword(@Context HttpServletRequest req) throws Exception { |
372 | | - |
373 | | - String currTheme = ThemesManager.getDefaultTheme(); |
374 | | - LOGGER.debug("currTheme: " + currTheme); |
375 | | - String urlError = "/themes/" + currTheme + "/jsp/signup/changePassword.jsp"; |
376 | | - |
377 | | - MessageBuilder msgBuilder = new MessageBuilder(); |
378 | | - Locale locale = msgBuilder.getLocale(request); |
379 | | - |
380 | | - String password = request.getParameter("password"); |
381 | | - String confirmPassword = request.getParameter("confirmPassword"); |
382 | | - String userId = request.getParameter("userId"); |
383 | | - if (password == null || password.isEmpty() || !password.equals(confirmPassword)) { |
384 | | - LOGGER.error("Passwortd and confirm password are different"); |
385 | | - req.setAttribute("currTheme", currTheme); |
386 | | - req.setAttribute("userId", userId); |
387 | | - req.setAttribute("messageErrorChangePws", msgBuilder.getMessage("signup.check.pwdNotEqual", locale)); |
388 | | - return new View(urlError); |
389 | | - } |
390 | | - |
391 | | - try { |
392 | | - PasswordChecker.getInstance().isValid(password, password); |
393 | | - } catch (Exception e) { |
394 | | - LOGGER.error("Password is not valid", e); |
395 | | - req.setAttribute("currTheme", currTheme); |
396 | | - req.setAttribute("userId", userId); |
397 | | - req.setAttribute("messageErrorChangePws", msgBuilder.getMessage("signup.check.pwdInvalid", "messages", locale)); |
398 | | - return new View(urlError); |
399 | | - } |
400 | | - String dateFormat = "yyyy-MM-dd"; |
401 | | - ISbiUserDAO userDao = DAOFactory.getSbiUserDAO(); |
402 | | - SbiUser tmpUser = userDao.loadSbiUserByUserId(SignupJWTTokenManager.verifyJWTToken(userId)); |
403 | | - IConfigDAO configDao = DAOFactory.getSbiConfigDAO(); |
404 | | - List<Config> lstConfigChecks = configDao.loadConfigParametersByProperties(SpagoBIConstants.CHANGEPWD_EXPIRED_TIME); |
405 | | - Date beginDate = new Date(); |
406 | | - if (!lstConfigChecks.isEmpty()) { |
407 | | - Config check = lstConfigChecks.get(0); |
408 | | - if (check.isActive()) { |
409 | | - // define the new expired date |
410 | | - SimpleDateFormat sdf = new SimpleDateFormat(dateFormat); |
411 | | - Calendar cal = Calendar.getInstance(); |
412 | | - cal.set(beginDate.getYear() + 1900, beginDate.getMonth(), beginDate.getDate()); |
413 | | - // adds n days (getted from db) |
414 | | - cal.add(Calendar.DATE, Integer.parseInt(check.getValueCheck())); |
415 | | - try { |
416 | | - Date endDate = StringUtilities.stringToDate(sdf.format(cal.getTime()), dateFormat); |
417 | | - LOGGER.debug("End Date for expiration calculeted: " + endDate); |
418 | | - tmpUser.setDtPwdBegin(beginDate); |
419 | | - tmpUser.setDtPwdEnd(endDate); |
420 | | - } catch (Exception e) { |
421 | | - LOGGER.error("The control pwd goes on error: " + e); |
422 | | - throw new EMFUserError(EMFErrorSeverity.ERROR, 14008, Collections.emptyList(), Collections.emptyMap()); |
423 | | - } |
424 | | - } |
425 | | - } |
426 | | - tmpUser.setDtLastAccess(beginDate); // reset last access date |
427 | | - tmpUser.setPassword(Password.hashPassword(password));// SHA encrypt |
428 | | - tmpUser.setFlgPwdBlocked(false); // reset blocking flag |
429 | | - userDao.updateSbiUser(tmpUser, tmpUser.getId()); |
430 | | - |
431 | | - String url = "/themes/" + currTheme + "/jsp/signup/changePasswordOk.jsp"; |
432 | | - LOGGER.debug("url for active: " + url); |
433 | | - req.setAttribute("currTheme", currTheme); |
434 | | - return new View(url); |
435 | | - } |
436 | 247 |
|
437 | 248 | @GET |
438 | 249 | @Path("/prepareActive") |
|
0 commit comments