public interface ForgottenLoginManager
To reset a user's password, clients of ForgottenLoginManager
would do the following:
Modifier and Type | Field and Description |
---|---|
static int |
DEFAULT_TOKEN_EXPIRY_SECONDS |
Modifier and Type | Method and Description |
---|---|
ExpirableUserToken |
createAndStoreResetToken(long directoryId,
String username,
String email,
int tokenExpirySeconds)
Creates an
ExpirableUserToken for a given username in the given directory. |
Optional<ExpirableUserToken> |
getToken(long directoryId,
String username)
Returns password reset token for given user.
|
boolean |
isUserActive(long directoryId,
String username)
Check if user is active
|
boolean |
isValidResetToken(long directoryId,
String username,
String token)
Returns true if the password reset token for the user with the specified username and directory ID are
valid and not expired.
|
boolean |
removeByDirectoryAndUsername(long directoryId,
String username)
Removes the password reset tokens associated to a username in a directory.
|
void |
resetUserCredential(long directoryId,
String username,
PasswordCredential credential,
String token)
Resets the user credentials and invalidates the token.
|
void |
sendResetLink(Application application,
String username,
int tokenExpirySeconds)
Sends a reset link to the first user with the matching username from all the active directories assigned
to the application.
|
void |
sendResetLink(long directoryId,
String username,
int tokenExpirySeconds)
Sends a reset link to the user with specified username and directory ID.
|
boolean |
sendUsernames(Application application,
String email)
Sends the usernames associated with the given email address.
|
void sendResetLink(Application application, String username, int tokenExpirySeconds) throws UserNotFoundException, InvalidEmailAddressException, ApplicationPermissionException
application
- user is searched in application's assigned directoriesusername
- username of the user to send the password reset linktokenExpirySeconds
- number of seconds before generated token expires, or DEFAULT_TOKEN_EXPIRY_SECONDSUserNotFoundException
- if no user with the supplied username existsInvalidEmailAddressException
- if the user does not have a valid email address to send the password reset email toApplicationPermissionException
- if the application does not have permission to modify the userIllegalArgumentException
- if tokenExpirySeconds is less than 0boolean sendUsernames(Application application, String email) throws InvalidEmailAddressException
Sends the usernames associated with the given email address. No email will be sent if there are no usernames
associated with a given email
.
The method returns a boolean, which should only ever be passed to authenticated applications to avoid leaking information.
application
- search application's assigned directories for usernames associated with the email
email
- email address of the usertrue
if any users with that address were found.InvalidEmailAddressException
- if the email
is not validvoid sendResetLink(long directoryId, String username, int tokenExpirySeconds) throws DirectoryNotFoundException, UserNotFoundException, InvalidEmailAddressException, OperationFailedException
Similar to sendResetLink(Application, String, int)
except applying to a directory-specific
user.
directoryId
- directory ID of the user to modifyusername
- username of the user to send the password reset linktokenExpirySeconds
- number of seconds before generated token expires, or DEFAULT_TOKEN_EXPIRY_SECONDSDirectoryNotFoundException
- if the directory specified by directoryId could not be foundUserNotFoundException
- if the user specified by username could not be foundInvalidEmailAddressException
- if the user does not have a valid email address to send the password reset email toIllegalArgumentException
- if tokenExpirySeconds is less than 0OperationFailedException
boolean isValidResetToken(long directoryId, String username, String token)
sendResetLink(com.atlassian.crowd.model.application.Application, java.lang.String, int)
.directoryId
- directory ID of the user to validateusername
- username of the user to verify the tokentoken
- password reset tokenvoid resetUserCredential(long directoryId, String username, PasswordCredential credential, String token) throws DirectoryNotFoundException, UserNotFoundException, InvalidResetPasswordTokenException, OperationFailedException, InvalidCredentialException, DirectoryPermissionException
directoryId
- directory ID of the userusername
- user name of the user to perform a credential resetcredential
- new credentialstoken
- password reset tokenDirectoryNotFoundException
- if the directory could not be found.UserNotFoundException
- if the user could not be found in the given directory.InvalidResetPasswordTokenException
- if the reset token is not valid.OperationFailedException
- if there was an error performing the operation or instantiating the backend directory.InvalidCredentialException
- if the user's credential does not meet the validation requirements for an associated directory.DirectoryPermissionException
- if the directory is not allowed to perform the operationExpirableUserToken createAndStoreResetToken(long directoryId, String username, String email, int tokenExpirySeconds)
ExpirableUserToken
for a given username in the given directory.
Note: no check is done to verify that the user actually exists in the given directory;
if this is not the case, the returned token will be useless.directoryId
- the directory id associated with the userusername
- the username of the user to create the token foremail
- the email of the user to create the token fortokenExpirySeconds
- number of seconds before generated token expires, or DEFAULT_TOKEN_EXPIRY_SECONDSIllegalArgumentException
- if tokenExpirySeconds is less than 0boolean removeByDirectoryAndUsername(long directoryId, String username)
directoryId
- directory where the user livesusername
- usernameboolean isUserActive(long directoryId, String username)
directoryId
- directory where the user livesusername
- username@ExperimentalApi Optional<ExpirableUserToken> getToken(long directoryId, String username)
Copyright © 2020 Atlassian. All rights reserved.