001/*
002 * The contents of this file are subject to the terms of the Common Development and
003 * Distribution License (the License). You may not use this file except in compliance with the
004 * License.
005 *
006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
007 * specific language governing permission and limitations under the License.
008 *
009 * When distributing Covered Software, include this CDDL Header Notice in each file and include
010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
011 * Header, with the fields enclosed by brackets [] replaced by your own identifying
012 * information: "Portions copyright [year] [name of copyright owner]".
013 *
014 * Copyright 2015 ForgeRock AS.
015 */
016
017package org.forgerock.openam.selfservice.config.beans;
018
019import org.forgerock.openam.sm.config.ConfigAttribute;
020import org.forgerock.openam.sm.config.ConfigSource;
021import org.forgerock.util.Reject;
022
023import java.util.HashMap;
024import java.util.HashSet;
025import java.util.Locale;
026import java.util.Map;
027import java.util.Set;
028
029/**
030 * Represents forgotten password console configuration.
031 *
032 * @supported.all.api
033 * @since 13.0.0
034 */
035public final class ForgottenPasswordConsoleConfig extends CommonConsoleConfig {
036
037    private final String emailVerificationUrl;
038    private final int minimumAnswersToVerify;
039    private final boolean enabled;
040    private final String configProviderClass;
041    private final long tokenExpiry;
042    private final boolean emailEnabled;
043    private final Map<Locale, String> subjectTranslations;
044    private final Map<Locale, String> messageTranslations;
045    private final boolean captchaEnabled;
046    private final boolean kbaEnabled;
047    private final Set<String> validQueryAttributes;
048
049    private ForgottenPasswordConsoleConfig(ForgottenPasswordBuilder builder) {
050        super(builder);
051        emailVerificationUrl = builder.emailVerificationUrl;
052        minimumAnswersToVerify = builder.minimumAnswersToVerify;
053        configProviderClass = builder.configProviderClass;
054        enabled = builder.enabled;
055        emailEnabled = builder.emailEnabled;
056        tokenExpiry = builder.tokenExpiry;
057        captchaEnabled = builder.captchaEnabled;
058        kbaEnabled = builder.kbaEnabled;
059        subjectTranslations = builder.subjectTranslations;
060        messageTranslations = builder.messageTranslations;
061        validQueryAttributes = builder.validQueryAttributes;
062    }
063
064    @Override
065    public String getConfigProviderClass() {
066        return configProviderClass;
067    }
068
069    /**
070     * Gets the verification Url to be sent with the email body.
071     *
072     * @return email verification Url
073     */
074    public String getEmailVerificationUrl() {
075        return emailVerificationUrl;
076    }
077
078    /**
079     * Get the minimum count of questions to verify.
080     *
081     * @return minimum count
082     */
083    public int getMinimumAnswersToVerify() {
084        return minimumAnswersToVerify;
085    }
086
087    /**
088     * Whether the service is enabled.
089     *
090     * @return whether the service is enabled
091     */
092    public boolean isEnabled() {
093        return enabled;
094    }
095
096    /**
097     * Whether email verification is enabled.
098     *
099     * @return whether email verification is enabled
100     */
101    public boolean isEmailEnabled() {
102        return emailEnabled;
103    }
104
105    /**
106     * Gets the token expiry time in seconds.
107     *
108     * @return the token expiry time
109     */
110    public long getTokenExpiry() {
111        return tokenExpiry;
112    }
113
114    /**
115     * Whether the captcha stage is enabled.
116     *
117     * @return whether the captcha stage is enabled
118     */
119    public boolean isCaptchaEnabled() {
120        return captchaEnabled;
121    }
122
123
124    /**
125     * Whether the KBA stage is enabled.
126     *
127     * @return whether the KBA stage is enabled
128     */
129    public boolean isKbaEnabled() {
130        return kbaEnabled;
131    }
132
133    /**
134     * Gets the map of locales to subject strings.
135     *
136     * @return the map of locales to subject text strings.
137     */
138    public Map<Locale, String> getSubjectTranslations() {
139        return subjectTranslations;
140    }
141
142    /**
143     * Gets the map of locales to email body text strings.
144     *
145     * @return the map of locales to email body text strings.
146     */
147    public Map<Locale, String> getMessageTranslations() {
148        return messageTranslations;
149    }
150
151    /**
152     * Get set of valid query attributes.
153     *
154     * @return valid query attributes
155     */
156    public Set<String> getValidQueryAttributes() {
157        return validQueryAttributes;
158    }
159
160    /**
161     * Builder for {@link ForgottenPasswordConsoleConfig}.
162     */
163    @ConfigSource({"MailServer", "selfService"})
164    public static final class ForgottenPasswordBuilder
165            extends CommonConsoleConfigBuilder<ForgottenPasswordConsoleConfig> {
166
167        private String emailVerificationUrl;
168        private int minimumAnswersToVerify;
169        private boolean enabled;
170        private String configProviderClass;
171        private long tokenExpiry;
172        private boolean emailEnabled;
173        private final Map<Locale, String> subjectTranslations;
174        private final Map<Locale, String> messageTranslations;
175        private boolean captchaEnabled;
176        private boolean kbaEnabled;
177        private final Set<String> validQueryAttributes;
178
179        /**
180         * Constructs a new builder.
181         */
182        public ForgottenPasswordBuilder() {
183            subjectTranslations = new HashMap<>();
184            messageTranslations = new HashMap<>();
185            validQueryAttributes = new HashSet<>();
186        }
187
188        /**
189         * Sets the email verification url.
190         *
191         * @param emailVerificationUrl
192         *         email verification url
193         */
194        @ConfigAttribute("selfServiceForgottenPasswordConfirmationUrl")
195        public void setEmailVerificationUrl(String emailVerificationUrl) {
196            this.emailVerificationUrl = emailVerificationUrl;
197        }
198
199        /**
200         * Sets whether the service is enabled.
201         *
202         * @param enabled
203         *         whether the service is enabled
204         */
205        @ConfigAttribute("selfServiceForgottenPasswordEnabled")
206        public void setEnabled(boolean enabled) {
207            this.enabled = enabled;
208        }
209
210
211        /**
212         * Sets the config provider class.
213         *
214         * @param configProviderClass
215         *         config provider class
216         */
217        @ConfigAttribute("selfServiceForgottenPasswordServiceConfigClass")
218        public void setConfigProviderClass(String configProviderClass) {
219            this.configProviderClass = configProviderClass;
220        }
221
222        /**
223         * Sets the token expiry time.
224         *
225         * @param tokenExpiry
226         *         token expiry time
227         */
228        @ConfigAttribute("selfServiceForgottenPasswordTokenTTL")
229        public void setTokenExpiry(long tokenExpiry) {
230            this.tokenExpiry = tokenExpiry;
231        }
232
233        /**
234         * Sets whether email is enabled.
235         *
236         * @param emailEnabled
237         *         whether email is enabled
238         */
239        @ConfigAttribute("selfServiceForgottenPasswordEmailVerificationEnabled")
240        public void setEmailEnabled(boolean emailEnabled) {
241            this.emailEnabled = emailEnabled;
242        }
243
244        /**
245         * Sets the email subject translations.
246         *
247         * @param subjectTranslations
248         *         email subject translations
249         */
250        @ConfigAttribute(value = "selfServiceForgottenPasswordEmailSubject",
251                transformer = LocaleMessageTransformer.class)
252        public void setSubjectTranslations(Map<Locale, String> subjectTranslations) {
253            this.subjectTranslations.putAll(subjectTranslations);
254        }
255
256        /**
257         * Sets the email body translations.
258         *
259         * @param messageTranslations
260         *         email body translations
261         */
262        @ConfigAttribute(value = "selfServiceForgottenPasswordEmailBody",
263                transformer = LocaleMessageTransformer.class)
264        public void setMessageTranslations(Map<Locale, String> messageTranslations) {
265            this.messageTranslations.putAll(messageTranslations);
266        }
267
268        /**
269         * Sets whether captcha is enabled.
270         *
271         * @param captchaEnabled
272         *         whether captcha is enabled
273         */
274        @ConfigAttribute("selfServiceForgottenPasswordCaptchaEnabled")
275        public void setCaptchaEnabled(boolean captchaEnabled) {
276            this.captchaEnabled = captchaEnabled;
277        }
278
279        /**
280         * Sets whether KBA is enabled.
281         *
282         * @param kbaEnabled
283         *         whether KBA is enabled
284         */
285        @ConfigAttribute("selfServiceForgottenPasswordKbaEnabled")
286        public void setKbaEnabled(boolean kbaEnabled) {
287            this.kbaEnabled = kbaEnabled;
288        }
289
290        /**
291         * Sets the minimum number of answers to be verified.
292         *
293         * @param minimumAnswersToVerify
294         *         minimum number of answers to be verified
295         */
296        @ConfigAttribute("selfServiceMinimumAnswersToVerify")
297        public void setMinimumAnswersToVerify(int minimumAnswersToVerify) {
298            this.minimumAnswersToVerify = minimumAnswersToVerify;
299        }
300
301        /**
302         * Sets the valid set of query attributes.
303         *
304         * @param validQueryAttributes
305         *         valid query attributes
306         */
307        @ConfigAttribute("selfServiceValidQueryAttributes")
308        public void setValidQueryAttributes(Set<String> validQueryAttributes) {
309            this.validQueryAttributes.addAll(validQueryAttributes);
310        }
311
312        @Override
313        boolean isCaptchaEnabled() {
314            return captchaEnabled;
315        }
316
317        @Override
318        boolean isKbaEnabled() {
319            return kbaEnabled;
320        }
321
322        @Override
323        ForgottenPasswordConsoleConfig internalBuild() {
324            Reject.ifNull(configProviderClass, "Config provider class name required");
325            Reject.ifFalse(tokenExpiry > 0, "Token expiry must be greater than zero");
326
327            if (emailEnabled) {
328                Reject.ifNull(emailVerificationUrl, "Email verification Url is required");
329                Reject.ifTrue(subjectTranslations.isEmpty(), "Subject translations are required");
330                Reject.ifTrue(messageTranslations.isEmpty(), "Message translations are required");
331            }
332
333            if (kbaEnabled) {
334                Reject.ifFalse(minimumAnswersToVerify > 0, "Minimum questions to be verified must be greater than 0");
335            }
336
337            return new ForgottenPasswordConsoleConfig(this);
338        }
339
340    }
341
342}