Class SecurityAnswer
- java.lang.Object
-
- org.forgerock.selfservice.core.util.SecurityAnswer
-
public class SecurityAnswer extends Object
Utility Class for Security Answers.
-
-
Field Summary
Fields Modifier and Type Field Description static String
REQUIREMENT_PROPERTY_ANSWER
Represents the answer property.static String
REQUIREMENT_PROPERTY_CUSTOM_QUESTION
Represents the customQuestion property.static String
REQUIREMENT_PROPERTY_QUESTION_ID
Represents the questionId property.
-
Constructor Summary
Constructors Constructor Description SecurityAnswer()
Constructs aSecurityAnswer
object.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
verifyAndHashInput(CryptoService cryptoService, JsonValue kba, Map<String,Map<String,String>> kbaQuestions)
Verifies and hashes the input provided for security questions and answers.
-
-
-
Field Detail
-
REQUIREMENT_PROPERTY_ANSWER
public static final String REQUIREMENT_PROPERTY_ANSWER
Represents the answer property.- See Also:
- Constant Field Values
-
REQUIREMENT_PROPERTY_CUSTOM_QUESTION
public static final String REQUIREMENT_PROPERTY_CUSTOM_QUESTION
Represents the customQuestion property.- See Also:
- Constant Field Values
-
REQUIREMENT_PROPERTY_QUESTION_ID
public static final String REQUIREMENT_PROPERTY_QUESTION_ID
Represents the questionId property.- See Also:
- Constant Field Values
-
-
Constructor Detail
-
SecurityAnswer
public SecurityAnswer()
Constructs aSecurityAnswer
object.
-
-
Method Detail
-
verifyAndHashInput
public void verifyAndHashInput(CryptoService cryptoService, JsonValue kba, Map<String,Map<String,String>> kbaQuestions) throws ResourceException
Verifies and hashes the input provided for security questions and answers. The criteria for valid input is that questions cannot be repeated and cannot match a predefined admin question (regardless of locale). This check is done by removing any non word characters from the question before comparing.- Parameters:
cryptoService
- the cryptoservice used to hash answerskba
- the kba input provided. The input will be in the format of: [ { "answer": "foo", "customQuestion": "what was your first car?" }, { "answer": "bar", "questionId": "1" }, { "answer": { "$crypto": { "value": { "algorithm": "SHA-256", "data": "UWAXzofPG7AZFQBQMORbh1uVBHhHxzaO+B0CucfxXf8TJuX7kVxiH/mZleHdHQp4" }, "type": "salted-hash" } }, "questionId": "2" } ]kbaQuestions
- the admin defined kba questions. The format of these questions will be: { "1": { "en": "What's your favorite color?", "en_GB": "What is your favourite colour?", "fr": "Quelle est votre couleur préférée?" }, "2": { "en": "Who was your first employer?" } }- Throws:
ResourceException
- thrown if criteria isn't met or answer cannot be hashed
-
-