Skip to content

Commit

Permalink
Improve code
Browse files Browse the repository at this point in the history
  • Loading branch information
@dewniMW
dewniMW committed Jun 3, 2024
1 parent 1134c29 commit 43a0970
Show file tree
Hide file tree
Showing 3 changed files with 62 additions and 38 deletions.
86 changes: 55 additions & 31 deletions component/common/src/main/java/org/wso2/carbon/identity/smsotp/common/SMSOTPServiceImpl.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -56,6 +56,11 @@
import java.util.Map;
import java.util.UUID;

import static org.wso2.carbon.identity.handler.event.account.lock.constants.AccountConstants.ACCOUNT_LOCKED_PROPERTY;
import static org.wso2.carbon.identity.handler.event.account.lock.constants.AccountConstants.ACCOUNT_UNLOCK_TIME_PROPERTY;
import static org.wso2.carbon.identity.handler.event.account.lock.constants.AccountConstants.FAILED_LOGIN_ATTEMPTS_PROPERTY;
import static org.wso2.carbon.identity.handler.event.account.lock.constants.AccountConstants.LOGIN_FAIL_TIMEOUT_RATIO_PROPERTY;

/**
* This class implements the SMSOTPService interface.
*/
Expand Down Expand Up @@ -412,10 +417,7 @@ private ValidationResponseDTO handleAccountLock(String userId, boolean showFailu

User user = getUserById(userId);
if (Utils.isAccountLocked(user)) {
FailureReasonDTO error = showFailureReason
? new FailureReasonDTO(Constants.ErrorMessage.CLIENT_ACCOUNT_LOCKED, userId)
: null;
return new ValidationResponseDTO(userId, false, error);
return createAccountLockedResponse(userId, showFailureReason);
}

int maxAttempts = 0;
Expand All @@ -425,21 +427,21 @@ private ValidationResponseDTO handleAccountLock(String userId, boolean showFailu
Property[] connectorConfigs = Utils.getAccountLockConnectorConfigs(user.getTenantDomain());
for (Property connectorConfig : connectorConfigs) {
switch (connectorConfig.getName()) {
case Constants.PROPERTY_ACCOUNT_LOCK_ON_FAILURE:
case ACCOUNT_LOCKED_PROPERTY:
if (!Boolean.parseBoolean(connectorConfig.getValue())) {
return null;
}
case Constants.PROPERTY_ACCOUNT_LOCK_ON_FAILURE_MAX:
case FAILED_LOGIN_ATTEMPTS_PROPERTY:
if (NumberUtils.isNumber(connectorConfig.getValue())) {
maxAttempts = Integer.parseInt(connectorConfig.getValue());
}
break;
case Constants.PROPERTY_ACCOUNT_LOCK_TIME:
case ACCOUNT_UNLOCK_TIME_PROPERTY:
if (NumberUtils.isNumber(connectorConfig.getValue())) {
unlockTimePropertyValue = Integer.parseInt(connectorConfig.getValue());
}
break;
case Constants.PROPERTY_LOGIN_FAIL_TIMEOUT_RATIO:
case LOGIN_FAIL_TIMEOUT_RATIO_PROPERTY:
if (NumberUtils.isNumber(connectorConfig.getValue())) {
double value = Double.parseDouble(connectorConfig.getValue());
if (value > 0) {
Expand All @@ -454,31 +456,12 @@ private ValidationResponseDTO handleAccountLock(String userId, boolean showFailu
if (claimValues == null) {
claimValues = new HashMap<>();
}
int currentAttempts = 0;
if (NumberUtils.isNumber(claimValues.get(Constants.SMS_OTP_FAILED_ATTEMPTS_CLAIM))) {
currentAttempts = Integer.parseInt(claimValues.get(Constants.SMS_OTP_FAILED_ATTEMPTS_CLAIM));
}
int failedLoginLockoutCountValue = 0;
if (NumberUtils.isNumber(claimValues.get(Constants.FAILED_LOGIN_LOCKOUT_COUNT_CLAIM))) {
failedLoginLockoutCountValue =
Integer.parseInt(claimValues.get(Constants.FAILED_LOGIN_LOCKOUT_COUNT_CLAIM));
}
int currentAttempts = getCurrentAttempts(claimValues);
int failedLoginLockoutCountValue = getFailedLoginLockoutCount(claimValues);

Map<String, String> updatedClaims = new HashMap<>();
if ((currentAttempts + 1) >= maxAttempts) {
// Calculate the incremental unlock time interval in milli seconds.
unlockTimePropertyValue = (long) (unlockTimePropertyValue * 1000 * 60 * Math.pow(unlockTimeRatio,
failedLoginLockoutCountValue));
// Calculate unlock time by adding current time and unlock time interval in milli seconds.
long unlockTime = System.currentTimeMillis() + unlockTimePropertyValue;
updatedClaims.put(Constants.ACCOUNT_LOCKED_CLAIM, Boolean.TRUE.toString());
updatedClaims.put(Constants.SMS_OTP_FAILED_ATTEMPTS_CLAIM, "0");
updatedClaims.put(Constants.ACCOUNT_UNLOCK_TIME_CLAIM, String.valueOf(unlockTime));
updatedClaims.put(Constants.FAILED_LOGIN_LOCKOUT_COUNT_CLAIM,
String.valueOf(failedLoginLockoutCountValue + 1));
updatedClaims.put(Constants.ACCOUNT_LOCKED_REASON_CLAIM_URI,
Constants.MAX_SMS_OTP_ATTEMPTS_EXCEEDED);
IdentityUtil.threadLocalProperties.get().put(Constants.ADMIN_INITIATED, false);
populateAccountLockClaims(unlockTimePropertyValue, unlockTimeRatio, failedLoginLockoutCountValue, updatedClaims);
setUserClaimValues(user, updatedClaims);
FailureReasonDTO error = showFailureReason
? new FailureReasonDTO(Constants.ErrorMessage.CLIENT_ACCOUNT_LOCKED, userId)
Expand All @@ -491,6 +474,47 @@ private ValidationResponseDTO handleAccountLock(String userId, boolean showFailu
}
}

private ValidationResponseDTO createAccountLockedResponse(String userId, boolean showFailureReason) {

FailureReasonDTO error = showFailureReason ?
new FailureReasonDTO(Constants.ErrorMessage.CLIENT_ACCOUNT_LOCKED, userId) : null;
return new ValidationResponseDTO(userId, false, error);
}

private void populateAccountLockClaims(long unlockTimePropertyValue, double unlockTimeRatio,
int failedLoginLockoutCountValue, Map<String, String> updatedClaims) {

// Calculate the incremental unlock time interval in milli seconds.
unlockTimePropertyValue = (long) (unlockTimePropertyValue * 1000 * 60 * Math.pow(unlockTimeRatio,
failedLoginLockoutCountValue));
// Calculate unlock time by adding current time and unlock time interval in milli seconds.
long unlockTime = System.currentTimeMillis() + unlockTimePropertyValue;
updatedClaims.put(Constants.ACCOUNT_LOCKED_CLAIM, Boolean.TRUE.toString());
updatedClaims.put(Constants.SMS_OTP_FAILED_ATTEMPTS_CLAIM, "0");
updatedClaims.put(Constants.ACCOUNT_UNLOCK_TIME_CLAIM, String.valueOf(unlockTime));
updatedClaims.put(Constants.FAILED_LOGIN_LOCKOUT_COUNT_CLAIM,
String.valueOf(failedLoginLockoutCountValue + 1));
updatedClaims.put(Constants.ACCOUNT_LOCKED_REASON_CLAIM_URI,
Constants.MAX_SMS_OTP_ATTEMPTS_EXCEEDED);
IdentityUtil.threadLocalProperties.get().put(Constants.ADMIN_INITIATED, false);
}

private int getCurrentAttempts(Map<String, String> claimValues) {

if (NumberUtils.isNumber(claimValues.get(Constants.SMS_OTP_FAILED_ATTEMPTS_CLAIM))) {
return Integer.parseInt(claimValues.get(Constants.SMS_OTP_FAILED_ATTEMPTS_CLAIM));
}
return 0;
}

private int getFailedLoginLockoutCount(Map<String, String> claimValues) {

if (NumberUtils.isNumber(claimValues.get(Constants.FAILED_LOGIN_LOCKOUT_COUNT_CLAIM))) {
return Integer.parseInt(claimValues.get(Constants.FAILED_LOGIN_LOCKOUT_COUNT_CLAIM));
}
return 0;
}

private User getUserById(String userId) throws SMSOTPException {

try {
Expand Down Expand Up @@ -552,7 +576,7 @@ private void resetOtpFailedAttempts(String userId) throws SMSOTPException {
Property[] connectorConfigs = Utils.getAccountLockConnectorConfigs(user.getTenantDomain());
// Return if account lock handler is not enabled.
for (Property connectorConfig : connectorConfigs) {
if ((Constants.PROPERTY_ACCOUNT_LOCK_ON_FAILURE.equals(connectorConfig.getName())) &&
if ((ACCOUNT_LOCKED_PROPERTY.equals(connectorConfig.getName())) &&
!Boolean.parseBoolean(connectorConfig.getValue())) {
return;
}
Expand Down
4 changes: 0 additions & 4 deletions ...onent/common/src/main/java/org/wso2/carbon/identity/smsotp/common/constant/Constants.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,10 +51,6 @@ public class Constants {
public static final String SMS_OTP_SHOW_FAILURE_REASON = "smsOtp.showValidationFailureReason";
public static final String SMS_OTP_LOCK_ACCOUNT_ON_FAILED_ATTEMPTS = "smsOtp.lockAccountOnFailedAttempts";

public static final String PROPERTY_LOGIN_FAIL_TIMEOUT_RATIO = "account.lock.handler.login.fail.timeout.ratio";
public static final String PROPERTY_ACCOUNT_LOCK_ON_FAILURE = "account.lock.handler.enable";
public static final String PROPERTY_ACCOUNT_LOCK_ON_FAILURE_MAX = "account.lock.handler.On.Failure.Max.Attempts";
public static final String PROPERTY_ACCOUNT_LOCK_TIME = "account.lock.handler.Time";
public static final String SMS_OTP_FAILED_ATTEMPTS_CLAIM = "http://wso2.org/claims/identity/failedSmsOtpAttempts";
public static final String FAILED_LOGIN_LOCKOUT_COUNT_CLAIM =
"http://wso2.org/claims/identity/failedLoginLockoutCount";
Expand Down
10 changes: 7 additions & 3 deletions component/common/src/main/java/org/wso2/carbon/identity/smsotp/common/util/Utils.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,11 @@
import java.util.Properties;
import java.util.UUID;

import static org.wso2.carbon.identity.handler.event.account.lock.constants.AccountConstants.ACCOUNT_LOCKED_PROPERTY;
import static org.wso2.carbon.identity.handler.event.account.lock.constants.AccountConstants.ACCOUNT_UNLOCK_TIME_PROPERTY;
import static org.wso2.carbon.identity.handler.event.account.lock.constants.AccountConstants.FAILED_LOGIN_ATTEMPTS_PROPERTY;
import static org.wso2.carbon.identity.handler.event.account.lock.constants.AccountConstants.LOGIN_FAIL_TIMEOUT_RATIO_PROPERTY;

/**
* Util functions for SMS OTP service.
*/
Expand Down Expand Up @@ -236,9 +241,8 @@ public static Property[] getAccountLockConnectorConfigs(String tenantDomain) thr

try {
return SMSOTPServiceDataHolder.getInstance().getIdentityGovernanceService().getConfiguration
(new String[]{Constants.PROPERTY_ACCOUNT_LOCK_ON_FAILURE,
Constants.PROPERTY_ACCOUNT_LOCK_ON_FAILURE_MAX, Constants.PROPERTY_ACCOUNT_LOCK_TIME,
Constants.PROPERTY_LOGIN_FAIL_TIMEOUT_RATIO}, tenantDomain);
(new String[]{ACCOUNT_LOCKED_PROPERTY, FAILED_LOGIN_ATTEMPTS_PROPERTY, ACCOUNT_UNLOCK_TIME_PROPERTY,
LOGIN_FAIL_TIMEOUT_RATIO_PROPERTY}, tenantDomain);
} catch (IdentityGovernanceException e) {
throw Utils.handleServerException(Constants.ErrorMessage.SERVER_ERROR_RETRIEVING_ACCOUNT_LOCK_CONFIGS, null,
e);
Expand Down

0 comments on commit 43a0970

Please sign in to comment.