Skip to content

Commit

Permalink
Merge pull request #895 from ThaminduR/fix-21290
Browse files Browse the repository at this point in the history 
Change execution order to ensure the account is locked in case of a notification sending failure
  • Loading branch information
@sadilchamishka
sadilchamishka authored Jan 20, 2025
2 parents 5a1aad8 + 7001b6b commit a9f93bf
Showing 1 changed file with 28 additions and 27 deletions.
55 changes: 28 additions & 27 deletions .../src/main/java/org/wso2/carbon/identity/recovery/handler/UserSelfRegistrationHandler.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -135,6 +135,34 @@ public void handleEvent(Event event) throws IdentityEventException {
return;
}

// If account lock on creation is enabled, lock the account by persisting the account lock claim.
if (isAccountLockOnCreation || isEnableConfirmationOnCreation) {
HashMap<String, String> userClaims = new HashMap<>();
if (isAccountLockOnCreation) {
// Need to lock user account.
userClaims.put(IdentityRecoveryConstants.ACCOUNT_LOCKED_CLAIM, Boolean.TRUE.toString());
userClaims.put(IdentityRecoveryConstants.ACCOUNT_LOCKED_REASON_CLAIM,
IdentityMgtConstants.LockedReason.PENDING_SELF_REGISTRATION.toString());
}
if (Utils.isAccountStateClaimExisting(tenantDomain)) {
userClaims.put(IdentityRecoveryConstants.ACCOUNT_STATE_CLAIM_URI,
IdentityRecoveryConstants.PENDING_SELF_REGISTRATION);
}
try {
userStoreManager.setUserClaimValues(user.getUserName(), userClaims, null);
if (log.isDebugEnabled()) {
if (isAccountLockOnCreation) {
log.debug("Locked user account: " + user.getUserName());
}
if (isEnableConfirmationOnCreation) {
log.debug("Send verification notification for user account: " + user.getUserName());
}
}
} catch (UserStoreException e) {
throw new IdentityEventException("Error while lock user account :" + user.getUserName(), e);
}
}

boolean isSelfRegistrationConfirmationNotify = Boolean.parseBoolean(Utils.getSignUpConfigs
(IdentityRecoveryConstants.ConnectorConfig.SELF_REGISTRATION_NOTIFY_ACCOUNT_CONFIRMATION, user.getTenantDomain()));

Expand Down Expand Up @@ -166,33 +194,6 @@ public void handleEvent(Event event) throws IdentityEventException {
} catch (IdentityRecoveryException e) {
throw new IdentityEventException("Error while sending self sign up notification ", e);
}
if (isAccountLockOnCreation || isEnableConfirmationOnCreation) {
HashMap<String, String> userClaims = new HashMap<>();
if (isAccountLockOnCreation) {
// Need to lock user account.
userClaims.put(IdentityRecoveryConstants.ACCOUNT_LOCKED_CLAIM, Boolean.TRUE.toString());
userClaims.put(IdentityRecoveryConstants.ACCOUNT_LOCKED_REASON_CLAIM,
IdentityMgtConstants.LockedReason.PENDING_SELF_REGISTRATION.toString());
}
if (Utils.isAccountStateClaimExisting(tenantDomain)) {
userClaims.put(IdentityRecoveryConstants.ACCOUNT_STATE_CLAIM_URI,
IdentityRecoveryConstants.PENDING_SELF_REGISTRATION);
}
try {
userStoreManager.setUserClaimValues(user.getUserName(), userClaims, null);
if (log.isDebugEnabled()) {
if (isAccountLockOnCreation) {
log.debug("Locked user account: " + user.getUserName());
}
if (isEnableConfirmationOnCreation) {
log.debug("Send verification notification for user account: " + user.getUserName());
}
}
} catch (UserStoreException e) {
throw new IdentityEventException("Error while lock user account :" + user.getUserName(), e);
}
}

}
}

Expand Down

0 comments on commit a9f93bf

Please sign in to comment.