From ba409ef99d1bba76885a772335f87bff72977e1c Mon Sep 17 00:00:00 2001 From: jgomer2001 Date: Tue, 9 Jul 2024 09:33:08 -0500 Subject: [PATCH] fix: misc fixes #284 --- .../plugins/emailotp/EmailOTPService.java | 2 +- .../casa/plugins/emailotp/EmailOtpVM.java | 30 +++++++------------ .../plugins/emailotp/model/VerifiedEmail.java | 16 ++-------- .../main/resources/labels/zk-label.properties | 5 ---- 4 files changed, 14 insertions(+), 39 deletions(-) diff --git a/plugins/email_2fa_core/src/main/java/org/gluu/casa/plugins/emailotp/EmailOTPService.java b/plugins/email_2fa_core/src/main/java/org/gluu/casa/plugins/emailotp/EmailOTPService.java index 0a3dc6f3..1367dd87 100644 --- a/plugins/email_2fa_core/src/main/java/org/gluu/casa/plugins/emailotp/EmailOTPService.java +++ b/plugins/email_2fa_core/src/main/java/org/gluu/casa/plugins/emailotp/EmailOTPService.java @@ -480,7 +480,7 @@ protected PasswordAuthentication getPasswordAuthentication() { Transport.send(message); } catch (Exception e) { - logger.error("Failed to send OTP: {}", e.getMessage()); + logger.error("Failed to send OTP: {}", e); return false; } diff --git a/plugins/email_2fa_core/src/main/java/org/gluu/casa/plugins/emailotp/EmailOtpVM.java b/plugins/email_2fa_core/src/main/java/org/gluu/casa/plugins/emailotp/EmailOtpVM.java index f00aab05..c854c0ba 100644 --- a/plugins/email_2fa_core/src/main/java/org/gluu/casa/plugins/emailotp/EmailOtpVM.java +++ b/plugins/email_2fa_core/src/main/java/org/gluu/casa/plugins/emailotp/EmailOtpVM.java @@ -1,9 +1,7 @@ package org.gluu.casa.plugins.emailotp; import java.security.SecureRandom; -import java.util.List; -import java.util.regex.Matcher; -import java.util.regex.Pattern; +import java.util.*; import org.gluu.casa.core.pojo.User; import org.gluu.casa.misc.Utils; @@ -51,7 +49,6 @@ public void setUiEmailDelivered(boolean uiEmailDelivered) { SndFactorAuthenticationUtils sndFactorUtils; User user; - Pattern pattern; public boolean isEmailCodesMatch() { return emailCodesMatch; @@ -114,16 +111,18 @@ public void childInit() { @NotifyChange("uiEmailDelivered") public void sendCode(HtmlBasedComponent toFocus) { - logger.debug("email entered: {}", newEmail.getEmail()); + String theNewEmail = newEmail.getEmail(); + logger.debug("email entered: {}", theNewEmail); if (Utils.isNotEmpty(newEmail.getEmail())) { // Did user fill out the email text box? // Check for uniquess throughout all emails in LDAP. Only new emails are // accepted try { - if (!validateEmail(newEmail.getEmail())) { + if (!validateEmail(theNewEmail)) { UIUtils.showMessageUI(Clients.NOTIFICATION_TYPE_WARNING, Labels.getLabel("usr.email_invalid_format")); } - else if (emailOtpService.isEmailRegistered(newEmail.getEmail())) { + else if (emailIds.stream() + .filter(e -> theNewEmail.equals(e.getEmail())).findFirst().isPresent()) { UIUtils.showMessageUI(Clients.NOTIFICATION_TYPE_WARNING, Labels.getLabel("usr.email_already_exists")); } else { @@ -135,10 +134,10 @@ else if (emailOtpService.isEmailRegistered(newEmail.getEmail())) { logger.debug("sendCode. code={}", realCode); // Send message (service bean already knows all settings to perform this step) - uiEmailDelivered = emailOtpService.sendEmailWithOTPSigned(newEmail.getEmail(), subject, body); + uiEmailDelivered = emailOtpService.sendEmailWithOTPSigned(theNewEmail, subject, body); logger.debug("Signed message delivery: {}", uiEmailDelivered); if (!uiEmailDelivered) { - uiEmailDelivered = emailOtpService.sendEmailWithOTP(newEmail.getEmail(), subject, body); + uiEmailDelivered = emailOtpService.sendEmailWithOTP(theNewEmail, subject, body); logger.debug("Non signed message delivery: {}", uiEmailDelivered); } if (uiEmailDelivered) { @@ -170,7 +169,7 @@ public void checkCode(HtmlBasedComponent toFocus) { } } - @NotifyChange({ "emailCodesMatch", "code", "email", "newEmail", "emailIds" }) + @NotifyChange({ "emailCodesMatch", "code", "newEmail", "emailIds" }) public void add() { if (Utils.isNotEmpty(newEmail.getEmail())) { @@ -190,7 +189,7 @@ public void add() { } - @NotifyChange({ "uiCodesMatch", "code", "newPhone", "uiSmsDelivered" }) + @NotifyChange({ "uiCodesMatch", "code", "emailCodesMatch", "uiEmailDelivered", "newEmail" }) public void cancel() { emailCodesMatch = false; realCode = null; @@ -251,14 +250,7 @@ Pair getDeleteMessages(String email, String extraMessage) { } public boolean validateEmail(String email) { - try { - Pattern localPattern = Pattern.compile("^[A-Z0-9._%+-]+@[A-Z0-9.-]+\\.[A-Z]{2,6}$", Pattern.CASE_INSENSITIVE); - Matcher matcher = localPattern.matcher(email); - return matcher.matches(); - } catch (Exception e) { - logger.debug("validateEmail exception: {}", e.getMessage()); - return false; - } + return email.contains("@"); } private String generateCode(int charLength) { diff --git a/plugins/email_2fa_core/src/main/java/org/gluu/casa/plugins/emailotp/model/VerifiedEmail.java b/plugins/email_2fa_core/src/main/java/org/gluu/casa/plugins/emailotp/model/VerifiedEmail.java index eee57f47..3ca321fb 100644 --- a/plugins/email_2fa_core/src/main/java/org/gluu/casa/plugins/emailotp/model/VerifiedEmail.java +++ b/plugins/email_2fa_core/src/main/java/org/gluu/casa/plugins/emailotp/model/VerifiedEmail.java @@ -1,22 +1,13 @@ package org.gluu.casa.plugins.emailotp.model; import java.util.Objects; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - import com.fasterxml.jackson.annotation.JsonInclude; /** * Represents a registered credential corresponding to a verified email address - * - * */ public class VerifiedEmail implements Comparable { - @SuppressWarnings("unused") - private static Logger logger = LoggerFactory.getLogger(VerifiedEmail.class); - private String email; private long addedOn; @@ -32,17 +23,14 @@ public VerifiedEmail(String email) { } @Override - public boolean equals(java.lang.Object obj) { + public boolean equals(Object obj) { if (this == obj) { return true; } if (obj == null || getClass() != obj.getClass()) { return false; } - VerifiedEmail verObj = (VerifiedEmail) obj; - return email.equals(verObj.email) - && addedOn == verObj.addedOn - && nickName.equals(verObj.nickName); + return Objects.hashCode(email) == Objects.hashCode(((VerifiedEmail)obj).getEmail()); } @Override diff --git a/plugins/email_2fa_core/src/main/resources/labels/zk-label.properties b/plugins/email_2fa_core/src/main/resources/labels/zk-label.properties index 0ed716eb..d2a15b00 100644 --- a/plugins/email_2fa_core/src/main/resources/labels/zk-label.properties +++ b/plugins/email_2fa_core/src/main/resources/labels/zk-label.properties @@ -1,9 +1,6 @@ # Charset for this file must be UTF-8 email.settings_title=Email 2FA Core email.title=Email 2FA Core -email.user_message=Say something -email.button_label=Update -email.org_name=It seems you belong to panel.button=Check/update enrolled email panel.text=Registered email addresses for authentication using OTP. email.settings_button_label= Add @@ -31,10 +28,8 @@ usr.email_body=Hello from Gluu! {0} is the code to verify your email address. usr.email_subject=OTP for user validation #Utility labels -you_added=You have already enrolled: email_del_title=Remove enrolled email address? email_del_confirm=You are about to remove {0}, proceed? -email_enroll_again=Enroll again del_conflict_revert=If you remove this enrollment your preferred mechanism will be reset to password because {0} del_conflict_underflow=The number of enrolled credentials after removal will be less than {0} (the minimum required to use strong authentication).