Interface UnauthenticatedSelfService
public interface UnauthenticatedSelfService
The
Below is the code snippet that shows how to get an instance of this service:
//returns an UnauthenticatedSelfService service instance
UnauthenticatedSelfService
API exposes the methods to a user who is not
logged-in to the system to submit a request to register himself in the system and reset his forgotten/expired password.
Below is the code snippet that shows how to get an instance of this service:
//returns an UnauthenticatedSelfService service instance
Hashtable<String, String> env = new Hashtable<String, String>();
env.put(OIMClient.JAVA_NAMING_PROVIDER_URL, "t3://oimhost:oimport";
env.put(OIMClient.JAVA_NAMING_FACTORY_INITIAL, "weblogic.jndi.WLInitialContextFactory");
env.put("APPSERVER_TYPE", "wls");
OIMClient client = new OIMClient(env);
UnauthenticatedSelfService unauthSelfSvc = client.getService(UnauthenticatedSelfService.class);
// Gets the list of challenge questions for the username provided as an argument of the method.
String[] challengeQuestions = unauthSelfSvc.getChallengeQuestions(userName)();
....
-
Method Summary
Modifier and TypeMethodDescriptionboolean
canSelfRecoverPassword
(String username) Find out if the user is eligible to recover the password using challenges.Returns list of HTTP Request Parameters that OIM will validate for redirectionReturns allowed backURLs that are allowed in OIM.Returns Allowed Back Url Mode set in OIM.String[]
getChallengeQuestions
(String userName) Accepts the user login id and returns the set of challenge questions set by the user.getChallengeQuestions
(String userName, Locale locale) Accepts the user login id and returns the set of challenge questions set by the user in given locale.Returns Map of All the Secure URL related System properties This map will have: - XL.AllowedBackURLsMode - URL Mode (String) - XL.AllowedBackURLs - List of URLs (List) - XL.AllowedBackURLsRequestParameters - List of URL request params (List)String[]
Deprecated.This method is not longer supported.getSystemChallengeQuestions
(Locale locale) Deprecated.This method is not longer supported.boolean
isValidTokenForResetPassword
(String userName, String userToken) Accepts user login id and user token and returns boolean flag if token is valid.boolean
notifyForgottenPassword
(String userLogin, Map<String, Serializable> optionsMap) Send forgot-password notification with a time-sensitive URL to user's email.void
notifyForgottenUsername
(String email, Map<String, Serializable> optionsMap) Notifies the user about the username at the email address provided.boolean
resetPassword
(String userName, String userToken, char[] password) Accepts user login id, user token and the new password and returns boolean flag depending on reset password success or failure.boolean
resetPassword
(String userName, Map<String, Object> quesAns, char[] passwd) Accepts user login id, map of questions and answers and the new password and returns boolean flag depending on reset password success or failure.void
setChallengeValues
(String userLogin, char[] password, Map<String, Object> challengeParams) Deprecated.This method is not longer supported.submitRegistrationRequest
(Map<String, Object> requestDataMap, Map<String, Object> quesAndAnsMap, String templateName, Map<String, String> datasetAttributes) Accepts the user registration data,the questions and answers set by user, request template name and the dataset.boolean
validateSelfRegistrationEmail
(String email, Map<String, Serializable> optionsMap) Validates whether the self registering user can register with the email address provided.
-
Method Details
-
getChallengeQuestions
String[] getChallengeQuestions(String userName) throws AuthSelfServiceException, UserAccountDisabledException, UserAccountInvalidException Accepts the user login id and returns the set of challenge questions set by the user.- Parameters:
userName
- The user login id in the system.- Returns:
- array of Strings containing the challenge questions defined by the user.
- Throws:
AuthSelfServiceException
UserAccountDisabledException
UserAccountInvalidException
-
getChallengeQuestions
Map<String,String> getChallengeQuestions(String userName, Locale locale) throws AuthSelfServiceException, UserAccountDisabledException, UserAccountInvalidException Accepts the user login id and returns the set of challenge questions set by the user in given locale.- Parameters:
userName
- The user login id in the system.locale
- Locale in which challenges needs to be returned- Returns:
- A map of String keys (representing Challenge Questions in english) and String values (representing localized challenge questions)
- Throws:
AuthSelfServiceException
UserAccountDisabledException
UserAccountInvalidException
-
resetPassword
boolean resetPassword(String userName, Map<String, Object> quesAns, char[] passwd) throws AuthSelfServiceException, UserAccountDisabledException, UserAccountInvalidException, NumberOfChallengesMismatchException, QuestionsNotDefinedException, PasswordIncorrectException, PasswordMismatchException, PasswordPolicyException, PasswordResetAttemptsExceededException, UserAlreadyLoggedInExceptionAccepts user login id, map of questions and answers and the new password and returns boolean flag depending on reset password success or failure.- Parameters:
userName
- The user login in the system.quesAns
- The map containing questions and answers answered by user.passwd
- New password- Returns:
- boolean value depending on the reset status.'true' indicates password is reset successfully.
- Throws:
AuthSelfServiceException
UserAccountDisabledException
UserAccountInvalidException
NumberOfChallengesMismatchException
QuestionsNotDefinedException
PasswordIncorrectException
PasswordMismatchException
PasswordPolicyException
PasswordResetAttemptsExceededException
UserAlreadyLoggedInException
-
getSystemChallengeQuestions
@Deprecated String[] getSystemChallengeQuestions() throws AuthSelfServiceException, InvalidLookupExceptionDeprecated.This method is not longer supported. The preferred way to do this is viaPasswordMgmtService.getApplicableDefaultChallengeQuestions(String,Boolean,Locale)
Returns the challenge questions that are available in the system.- Returns:
- An array of Strings containing challenge questions defined in system.
- Throws:
AuthSelfServiceException
InvalidLookupException
-
getSystemChallengeQuestions
@Deprecated Map<String,String> getSystemChallengeQuestions(Locale locale) throws AuthSelfServiceException, InvalidLookupException Deprecated.This method is not longer supported. The preferred way to do this is viaPasswordMgmtService.getApplicableDefaultChallengeQuestions(String,Boolean,Locale)
Returns the localized challenge questions that are available in the system based on the passed locale . UNSUPPORTED- Returns:
- A map of String keys (representing Challenge Questions in english) and String values (representing localized challenge questions)
- Throws:
AuthSelfServiceException
InvalidLookupException
-
submitRegistrationRequest
String submitRegistrationRequest(Map<String, Object> requestDataMap, Map<String, throws RequestServiceException, InvalidRequestException, InvalidRequestDataException, BulkBeneficiariesAddException, BulkEntitiesAddException, oracle.iam.platform.kernel.ValidationFailedException, UnauthenticatedSelfServiceExceptionObject> quesAndAnsMap, String templateName, Map<String, String> datasetAttributes) Accepts the user registration data,the questions and answers set by user, request template name and the dataset. Returns request ID.- Parameters:
requestDataMap
- Map containing details for user registration.quesAndAnsMap
- Map containing challenge questions and answers defined by user while registration.templateName
- template used for registration.datasetAttributes
- Map containing attributes and corresponding attribute references as defined in request dataset template CreateUserDataSet.xml- Returns:
- request ID
- Throws:
RequestServiceException
InvalidRequestException
InvalidRequestDataException
BulkBeneficiariesAddException
BulkEntitiesAddException
oracle.iam.platform.kernel.ValidationFailedException
UnauthenticatedSelfServiceException
-
setChallengeValues
@Deprecated void setChallengeValues(String userLogin, char[] password, Map<String, Object> challengeParams) throws UnauthenticatedSelfServiceException, UserAccountDisabledException, UserAccountInvalidException, NumberOfChallengesMismatchException, InvalidQuestionExceptionDeprecated.This method is not longer supported. The preferred way to do this is viaAuthenticatedSelfService.setChallengeValues(Map)
Set challenge questions and answers for unauthenticated user- Parameters:
userLogin
- User Loginpassword
- User passwordchallengeParams
- Challenge questions and answers map- Throws:
UnauthenticatedSelfServiceException
UserAccountInvalidException
UserAccountDisabledException
NumberOfChallengesMismatchException
InvalidQuestionException
-
validateSelfRegistrationEmail
Validates whether the self registering user can register with the email address provided. Email argument is mandatory and cannot be passed as null. Multiple usernames are allowed in case of MT-friendly OIM even for the same email and tenant name combination.- Parameters:
email
- The email address of the self registering user.optionsMap
- Further context information.- Returns:
- true in case there is no match.
-
notifyForgottenUsername
void notifyForgottenUsername(String email, Map<String, Serializable> optionsMap) throws UnauthenticatedSelfServiceException, NotificationExceptionNotifies the user about the username at the email address provided. Email argument is mandatory and cannot be passed as null. In case of MT-friendly OIM (i.e. OIM PaaS Edition), the optionsMap must contain an entry with either the key UserManagerConstants.AttributeName.TENANT_NAME and the tenant name string value or the key UserManagerConstants.AttributeName.TENANT_ID and the tenant GUID string value. Multiple usernames may be found in case of MT-friendly OIM and they will all be included in the sent email content.- Parameters:
email
- The email address of the user.optionsMap
- Further context information.- Throws:
UnauthenticatedSelfServiceException
- in case there is no match.NotificationException
- if there is an error while sending the email.
-
canSelfRecoverPassword
boolean canSelfRecoverPassword(String username) throws UserAccountDisabledException, UserAccountInvalidException, ResetPasswordException, PasswordPolicyException, QuestionsNotDefinedException, AuthSelfServiceException Find out if the user is eligible to recover the password using challenges.- Parameters:
username
- Username of the user- Returns:
- true - If user is able to recover the password. false - If user is not able to recover the password
- Throws:
UserAccountDisabledException
UserAccountInvalidException
ResetPasswordException
PasswordPolicyException
QuestionsNotDefinedException
AuthSelfServiceException
-
getAllowedBackURLs
Returns allowed backURLs that are allowed in OIM.- Returns:
- List of allowed back urls, Read from the OIM configuration files and system-property as XL.AllowedBackURLs for the customizations.
-
getAllowedBackURLsMode
String getAllowedBackURLsMode()Returns Allowed Back Url Mode set in OIM.- Returns:
- The allowed back url mode value read from system property XL.AllowedBackURLsMode.
-
getAllowedBackURLRequestParams
Returns list of HTTP Request Parameters that OIM will validate for redirection- Returns:
- List of HTTP Request Parameters read from system property XL.AllowedBackURLsRequestParameters
-
getSecureURLProperties
Returns Map of All the Secure URL related System properties This map will have: - XL.AllowedBackURLsMode - URL Mode (String) - XL.AllowedBackURLs - List of URLs (List) - XL.AllowedBackURLsRequestParameters - List of URL request params (List) -
notifyForgottenPassword
boolean notifyForgottenPassword(String userLogin, Map<String, Serializable> optionsMap) throws NotificationExceptionSend forgot-password notification with a time-sensitive URL to user's email. userLogin argument is mandatory and cannot be passed as null. In case of MT-friendly OIM (i.e. OIM PaaS Edition), the optionsMap must contain an entry with either the key UserManagerConstants.AttributeName.TENANT_NAME and the tenant name string value or the key UserManagerConstants.AttributeName.TENANT_ID and the tenant GUID string value. Multiple usernames may be found in case of MT-friendly OIM and they will all be included in the sent email content. In case of OIM-OAM integrated setup, backUrl should be passed in the optionsMap.- Parameters:
userLogin
- The userLogin of the user.optionsMap
- Further context information.- Throws:
NotificationException
- if there is an error while sending the email.
-
resetPassword
boolean resetPassword(String userName, String userToken, char[] password) throws PasswordPolicyException, UnauthenticatedSelfServiceException Accepts user login id, user token and the new password and returns boolean flag depending on reset password success or failure.- Parameters:
userName
- The user login in the system.userToken
- The token sent to user via email notifications.password
- New password- Returns:
- boolean value depending on the reset status.'true' indicates password is reset successfully.
- Throws:
PasswordPolicyException
UnauthenticatedSelfServiceException
-
isValidTokenForResetPassword
boolean isValidTokenForResetPassword(String userName, String userToken) throws UnauthenticatedSelfServiceException Accepts user login id and user token and returns boolean flag if token is valid.- Parameters:
userName
- The user login in the system.userToken
- The token sent to user via email notifications.- Returns:
- boolean value - true if token is valid.
- Throws:
UnauthenticatedSelfServiceException
-