Repository: incubator-usergrid Updated Branches: refs/heads/master 8e32c136a -> f011b3ddd
Fix logic issue when recaptcha is disabled Project: http://git-wip-us.apache.org/repos/asf/incubator-usergrid/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-usergrid/commit/322886b4 Tree: http://git-wip-us.apache.org/repos/asf/incubator-usergrid/tree/322886b4 Diff: http://git-wip-us.apache.org/repos/asf/incubator-usergrid/diff/322886b4 Branch: refs/heads/master Commit: 322886b4d87ad34c849ba76e04ddf14fb996e310 Parents: 49ae4ac Author: ryan bridges <rbrid...@apigee.com> Authored: Tue Jun 2 14:38:36 2015 -0400 Committer: ryan bridges <rbrid...@apigee.com> Committed: Tue Jun 2 14:38:36 2015 -0400 ---------------------------------------------------------------------- .../rest/applications/users/UsersResource.java | 45 +++++++-------- .../rest/management/users/UsersResource.java | 61 ++++++++------------ 2 files changed, 43 insertions(+), 63 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-usergrid/blob/322886b4/stack/rest/src/main/java/org/apache/usergrid/rest/applications/users/UsersResource.java ---------------------------------------------------------------------- diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/applications/users/UsersResource.java b/stack/rest/src/main/java/org/apache/usergrid/rest/applications/users/UsersResource.java index 1a1b576..044f54e 100644 --- a/stack/rest/src/main/java/org/apache/usergrid/rest/applications/users/UsersResource.java +++ b/stack/rest/src/main/java/org/apache/usergrid/rest/applications/users/UsersResource.java @@ -85,7 +85,7 @@ public class UsersResource extends ServiceResource { logger.info( "ServiceResource.addIdParameter" ); - UUID itemId = UUID.fromString( entityId.getPath() ); + UUID itemId = UUID.fromString(entityId.getPath()); addParameter( getServiceParameters(), itemId ); @@ -116,12 +116,12 @@ public class UsersResource extends ServiceResource { addParameter( getServiceParameters(), itemName.getPath() ); - addMatrixParams( getServiceParameters(), ui, itemName ); + addMatrixParams(getServiceParameters(), ui, itemName); Identifier id = Identifier.from( itemName.getPath() ); if ( id == null ) { throw new IllegalArgumentException( "Not a valid user identifier: " + itemName.getPath() ); } - return getSubResource( UserResource.class ).init( id ); + return getSubResource( UserResource.class ).init(id); } @@ -129,7 +129,7 @@ public class UsersResource extends ServiceResource { @Path("resetpw") @Produces(MediaType.TEXT_HTML) public Viewable showPasswordResetForm( @Context UriInfo ui ) { - return handleViewable( "resetpw_email_form", this ); + return handleViewable("resetpw_email_form", this); } @@ -142,32 +142,28 @@ public class UsersResource extends ServiceResource { @FormParam("recaptcha_response_field") String uresponse ) { try { - ReCaptchaImpl reCaptcha = new ReCaptchaImpl(); - reCaptcha.setPrivateKey( properties.getRecaptchaPrivate() ); + if ( isBlank(email) ) { + errorMsg = "No email provided, try again..."; + throw new Exception("No email provided"); + }else if (useReCaptcha()){ + ReCaptchaImpl reCaptcha = new ReCaptchaImpl(); + reCaptcha.setPrivateKey( properties.getRecaptchaPrivate() ); - ReCaptchaResponse reCaptchaResponse = + ReCaptchaResponse reCaptchaResponse = reCaptcha.checkAnswer( httpServletRequest.getRemoteAddr(), challenge, uresponse ); - if ( isBlank( email ) ) { - errorMsg = "No email provided, try again..."; - return handleViewable( "resetpw_email_form", this ); - } - - if ( !useReCaptcha() || reCaptchaResponse.isValid() ) { - user = management.getAppUserByIdentifier( getApplicationId(), Identifier.fromEmail( email ) ); - if ( user != null ) { - management.startAppUserPasswordResetFlow( getApplicationId(), user ); - return handleViewable( "resetpw_email_success", this ); - } - else { - errorMsg = "We don't recognize that email, try again..."; - return handleViewable( "resetpw_email_form", this ); + if(!reCaptchaResponse.isValid()){ + errorMsg = "Incorrect Captcha, try again..."; + throw new Exception("Incorrect Captcha"); } } - else { - errorMsg = "Incorrect Captcha, try again..."; - return handleViewable( "resetpw_email_form", this ); + user = management.getAppUserByIdentifier(getApplicationId(), Identifier.fromEmail(email)); + if (user == null) { + errorMsg = "We don't recognize that email, try again..."; + throw new Exception("Unrecognized email address"); } + management.startAppUserPasswordResetFlow( getApplicationId(), user ); + return handleViewable("resetpw_email_success", this); } catch ( RedirectionException e ) { throw e; @@ -177,7 +173,6 @@ public class UsersResource extends ServiceResource { } } - public String getErrorMsg() { return errorMsg; } http://git-wip-us.apache.org/repos/asf/incubator-usergrid/blob/322886b4/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UsersResource.java ---------------------------------------------------------------------- diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UsersResource.java b/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UsersResource.java index d907632..ffa4bf1 100644 --- a/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UsersResource.java +++ b/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UsersResource.java @@ -80,7 +80,7 @@ public class UsersResource extends AbstractContextResource { @Path(RootResource.USER_ID_PATH) public UserResource getUserById( @Context UriInfo ui, @PathParam( "userId" ) String userIdStr ) throws Exception { - return getUserResource(management.getAdminUserByUuid( UUID.fromString( userIdStr ) ), "user id", userIdStr); + return getUserResource(management.getAdminUserByUuid(UUID.fromString(userIdStr)), "user id", userIdStr); } @@ -103,7 +103,7 @@ public class UsersResource extends AbstractContextResource { if (user == null) { throw new ManagementException("Could not find organization for " + type + " : " + value); } - return getSubResource(UserResource.class).init( user ); + return getSubResource(UserResource.class).init(user); } @@ -176,60 +176,45 @@ public class UsersResource extends AbstractContextResource { @POST - @Path( "resetpw" ) - @Consumes( "application/x-www-form-urlencoded" ) - @Produces( MediaType.TEXT_HTML ) - public Viewable handlePasswordResetForm( @Context UriInfo ui, @FormParam( "email" ) String email, - @FormParam( "recaptcha_challenge_field" ) String challenge, - @FormParam( "recaptcha_response_field" ) String uresponse ) { + @Path("resetpw") + @Consumes("application/x-www-form-urlencoded") + @Produces(MediaType.TEXT_HTML) + public Viewable handlePasswordResetForm( @Context UriInfo ui, @FormParam("email") String email, + @FormParam("recaptcha_challenge_field") String challenge, + @FormParam("recaptcha_response_field") String uresponse ) { try { - if ( isBlank( email ) ) { + if ( isBlank(email) ) { errorMsg = "No email provided, try again..."; - return handleViewable( "resetpw_email_form", this ); - } - - //we don't require recaptcha - only use it if it is present in the props file - boolean reCaptchaPassed = false; - if ( useReCaptcha() ) { - + throw new Exception("No email provided"); + }else if (useReCaptcha()){ ReCaptchaImpl reCaptcha = new ReCaptchaImpl(); - reCaptcha.setPrivateKey(properties.getRecaptchaPrivate()); + reCaptcha.setPrivateKey( properties.getRecaptchaPrivate() ); ReCaptchaResponse reCaptchaResponse = - reCaptcha.checkAnswer(httpServletRequest.getRemoteAddr(), challenge, uresponse); + reCaptcha.checkAnswer( httpServletRequest.getRemoteAddr(), challenge, uresponse ); - if (reCaptchaResponse.isValid()) { - reCaptchaPassed = true; + if(!reCaptchaResponse.isValid()){ + errorMsg = "Incorrect Captcha, try again..."; + throw new Exception("Incorrect Captcha"); } - } else { - reCaptchaPassed = true; } - - if (reCaptchaPassed) { - user = management.findAdminUser(email); - if (user != null) { - management.startAdminUserPasswordResetFlow(user); - return handleViewable("resetpw_email_success", this); - } else { - errorMsg = "We don't recognize that email, try again..."; - return handleViewable("resetpw_email_form", this); - } - } else { - errorMsg = "Incorrect Captcha, try again..."; - return handleViewable("resetpw_email_form", this); + user = management.findAdminUser(email); + if (user == null) { + errorMsg = "We don't recognize that email, try again..."; + throw new Exception("Unrecognized email address"); } - + management.startAdminUserPasswordResetFlow(user); + return handleViewable("resetpw_email_success", this); } catch ( RedirectionException e ) { throw e; } catch ( Exception e ) { - return handleViewable( "error", e ); + return handleViewable( "resetpw_email_form", e ); } } - public String getErrorMsg() { return errorMsg; }
