001/* 002 * The contents of this file are subject to the terms of the Common Development and 003 * Distribution License (the License). You may not use this file except in compliance with the 004 * License. 005 * 006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the 007 * specific language governing permission and limitations under the License. 008 * 009 * When distributing Covered Software, include this CDDL Header Notice in each file and include 010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL 011 * Header, with the fields enclosed by brackets [] replaced by your own identifying 012 * information: "Portions copyright [year] [name of copyright owner]". 013 * 014 * Copyright 2015 ForgeRock AS. 015 */ 016 017package org.forgerock.openam.selfservice.config.beans; 018 019import org.forgerock.openam.sm.config.ConfigAttribute; 020import org.forgerock.openam.sm.config.ConfigSource; 021import org.forgerock.util.Reject; 022 023import java.util.HashMap; 024import java.util.HashSet; 025import java.util.Locale; 026import java.util.Map; 027import java.util.Set; 028 029/** 030 * Represents forgotten password console configuration. 031 * 032 * @supported.all.api 033 * @since 13.0.0 034 */ 035public final class ForgottenPasswordConsoleConfig extends CommonConsoleConfig { 036 037 private final String emailVerificationUrl; 038 private final int minimumAnswersToVerify; 039 private final boolean enabled; 040 private final String configProviderClass; 041 private final long tokenExpiry; 042 private final boolean emailEnabled; 043 private final Map<Locale, String> subjectTranslations; 044 private final Map<Locale, String> messageTranslations; 045 private final boolean captchaEnabled; 046 private final boolean kbaEnabled; 047 private final Set<String> validQueryAttributes; 048 049 private ForgottenPasswordConsoleConfig(ForgottenPasswordBuilder builder) { 050 super(builder); 051 emailVerificationUrl = builder.emailVerificationUrl; 052 minimumAnswersToVerify = builder.minimumAnswersToVerify; 053 configProviderClass = builder.configProviderClass; 054 enabled = builder.enabled; 055 emailEnabled = builder.emailEnabled; 056 tokenExpiry = builder.tokenExpiry; 057 captchaEnabled = builder.captchaEnabled; 058 kbaEnabled = builder.kbaEnabled; 059 subjectTranslations = builder.subjectTranslations; 060 messageTranslations = builder.messageTranslations; 061 validQueryAttributes = builder.validQueryAttributes; 062 } 063 064 @Override 065 public String getConfigProviderClass() { 066 return configProviderClass; 067 } 068 069 /** 070 * Gets the verification Url to be sent with the email body. 071 * 072 * @return email verification Url 073 */ 074 public String getEmailVerificationUrl() { 075 return emailVerificationUrl; 076 } 077 078 /** 079 * Get the minimum count of questions to verify. 080 * 081 * @return minimum count 082 */ 083 public int getMinimumAnswersToVerify() { 084 return minimumAnswersToVerify; 085 } 086 087 /** 088 * Whether the service is enabled. 089 * 090 * @return whether the service is enabled 091 */ 092 public boolean isEnabled() { 093 return enabled; 094 } 095 096 /** 097 * Whether email verification is enabled. 098 * 099 * @return whether email verification is enabled 100 */ 101 public boolean isEmailEnabled() { 102 return emailEnabled; 103 } 104 105 /** 106 * Gets the token expiry time in seconds. 107 * 108 * @return the token expiry time 109 */ 110 public long getTokenExpiry() { 111 return tokenExpiry; 112 } 113 114 /** 115 * Whether the captcha stage is enabled. 116 * 117 * @return whether the captcha stage is enabled 118 */ 119 public boolean isCaptchaEnabled() { 120 return captchaEnabled; 121 } 122 123 124 /** 125 * Whether the KBA stage is enabled. 126 * 127 * @return whether the KBA stage is enabled 128 */ 129 public boolean isKbaEnabled() { 130 return kbaEnabled; 131 } 132 133 /** 134 * Gets the map of locales to subject strings. 135 * 136 * @return the map of locales to subject text strings. 137 */ 138 public Map<Locale, String> getSubjectTranslations() { 139 return subjectTranslations; 140 } 141 142 /** 143 * Gets the map of locales to email body text strings. 144 * 145 * @return the map of locales to email body text strings. 146 */ 147 public Map<Locale, String> getMessageTranslations() { 148 return messageTranslations; 149 } 150 151 /** 152 * Get set of valid query attributes. 153 * 154 * @return valid query attributes 155 */ 156 public Set<String> getValidQueryAttributes() { 157 return validQueryAttributes; 158 } 159 160 /** 161 * Builder for {@link ForgottenPasswordConsoleConfig}. 162 */ 163 @ConfigSource({"MailServer", "selfService"}) 164 public static final class ForgottenPasswordBuilder 165 extends CommonConsoleConfigBuilder<ForgottenPasswordConsoleConfig> { 166 167 private String emailVerificationUrl; 168 private int minimumAnswersToVerify; 169 private boolean enabled; 170 private String configProviderClass; 171 private long tokenExpiry; 172 private boolean emailEnabled; 173 private final Map<Locale, String> subjectTranslations; 174 private final Map<Locale, String> messageTranslations; 175 private boolean captchaEnabled; 176 private boolean kbaEnabled; 177 private final Set<String> validQueryAttributes; 178 179 /** 180 * Constructs a new builder. 181 */ 182 public ForgottenPasswordBuilder() { 183 subjectTranslations = new HashMap<>(); 184 messageTranslations = new HashMap<>(); 185 validQueryAttributes = new HashSet<>(); 186 } 187 188 /** 189 * Sets the email verification url. 190 * 191 * @param emailVerificationUrl 192 * email verification url 193 */ 194 @ConfigAttribute("selfServiceForgottenPasswordConfirmationUrl") 195 public void setEmailVerificationUrl(String emailVerificationUrl) { 196 this.emailVerificationUrl = emailVerificationUrl; 197 } 198 199 /** 200 * Sets whether the service is enabled. 201 * 202 * @param enabled 203 * whether the service is enabled 204 */ 205 @ConfigAttribute("selfServiceForgottenPasswordEnabled") 206 public void setEnabled(boolean enabled) { 207 this.enabled = enabled; 208 } 209 210 211 /** 212 * Sets the config provider class. 213 * 214 * @param configProviderClass 215 * config provider class 216 */ 217 @ConfigAttribute("selfServiceForgottenPasswordServiceConfigClass") 218 public void setConfigProviderClass(String configProviderClass) { 219 this.configProviderClass = configProviderClass; 220 } 221 222 /** 223 * Sets the token expiry time. 224 * 225 * @param tokenExpiry 226 * token expiry time 227 */ 228 @ConfigAttribute("selfServiceForgottenPasswordTokenTTL") 229 public void setTokenExpiry(long tokenExpiry) { 230 this.tokenExpiry = tokenExpiry; 231 } 232 233 /** 234 * Sets whether email is enabled. 235 * 236 * @param emailEnabled 237 * whether email is enabled 238 */ 239 @ConfigAttribute("selfServiceForgottenPasswordEmailVerificationEnabled") 240 public void setEmailEnabled(boolean emailEnabled) { 241 this.emailEnabled = emailEnabled; 242 } 243 244 /** 245 * Sets the email subject translations. 246 * 247 * @param subjectTranslations 248 * email subject translations 249 */ 250 @ConfigAttribute(value = "selfServiceForgottenPasswordEmailSubject", 251 transformer = LocaleMessageTransformer.class) 252 public void setSubjectTranslations(Map<Locale, String> subjectTranslations) { 253 this.subjectTranslations.putAll(subjectTranslations); 254 } 255 256 /** 257 * Sets the email body translations. 258 * 259 * @param messageTranslations 260 * email body translations 261 */ 262 @ConfigAttribute(value = "selfServiceForgottenPasswordEmailBody", 263 transformer = LocaleMessageTransformer.class) 264 public void setMessageTranslations(Map<Locale, String> messageTranslations) { 265 this.messageTranslations.putAll(messageTranslations); 266 } 267 268 /** 269 * Sets whether captcha is enabled. 270 * 271 * @param captchaEnabled 272 * whether captcha is enabled 273 */ 274 @ConfigAttribute("selfServiceForgottenPasswordCaptchaEnabled") 275 public void setCaptchaEnabled(boolean captchaEnabled) { 276 this.captchaEnabled = captchaEnabled; 277 } 278 279 /** 280 * Sets whether KBA is enabled. 281 * 282 * @param kbaEnabled 283 * whether KBA is enabled 284 */ 285 @ConfigAttribute("selfServiceForgottenPasswordKbaEnabled") 286 public void setKbaEnabled(boolean kbaEnabled) { 287 this.kbaEnabled = kbaEnabled; 288 } 289 290 /** 291 * Sets the minimum number of answers to be verified. 292 * 293 * @param minimumAnswersToVerify 294 * minimum number of answers to be verified 295 */ 296 @ConfigAttribute("selfServiceMinimumAnswersToVerify") 297 public void setMinimumAnswersToVerify(int minimumAnswersToVerify) { 298 this.minimumAnswersToVerify = minimumAnswersToVerify; 299 } 300 301 /** 302 * Sets the valid set of query attributes. 303 * 304 * @param validQueryAttributes 305 * valid query attributes 306 */ 307 @ConfigAttribute("selfServiceValidQueryAttributes") 308 public void setValidQueryAttributes(Set<String> validQueryAttributes) { 309 this.validQueryAttributes.addAll(validQueryAttributes); 310 } 311 312 @Override 313 boolean isCaptchaEnabled() { 314 return captchaEnabled; 315 } 316 317 @Override 318 boolean isKbaEnabled() { 319 return kbaEnabled; 320 } 321 322 @Override 323 ForgottenPasswordConsoleConfig internalBuild() { 324 Reject.ifNull(configProviderClass, "Config provider class name required"); 325 Reject.ifFalse(tokenExpiry > 0, "Token expiry must be greater than zero"); 326 327 if (emailEnabled) { 328 Reject.ifNull(emailVerificationUrl, "Email verification Url is required"); 329 Reject.ifTrue(subjectTranslations.isEmpty(), "Subject translations are required"); 330 Reject.ifTrue(messageTranslations.isEmpty(), "Message translations are required"); 331 } 332 333 if (kbaEnabled) { 334 Reject.ifFalse(minimumAnswersToVerify > 0, "Minimum questions to be verified must be greater than 0"); 335 } 336 337 return new ForgottenPasswordConsoleConfig(this); 338 } 339 340 } 341 342}