ForgottenLoginManagerImpl (Atlassian Crowd 4.3.0 API)

java.lang.Object
- com.atlassian.crowd.manager.login.ForgottenLoginManagerImpl

All Implemented Interfaces:: ForgottenLoginManager

@Transactional
public class ForgottenLoginManagerImpl
extends Object
implements ForgottenLoginManager

Field Summary
- Fields inherited from interface com.atlassian.crowd.manager.login.ForgottenLoginManager
  DEFAULT_TOKEN_EXPIRY_SECONDS

Constructor Summary

Constructors
Constructor and Description
`ForgottenLoginManagerImpl(ApplicationService applicationService, DirectoryManager directoryManager, PermissionManager permissionManager, ExpirableUserTokenDao expirableUserTokenDao, com.atlassian.security.random.SecureTokenGenerator tokenGenerator, com.atlassian.event.api.EventPublisher eventPublisher, com.atlassian.sal.api.ApplicationProperties applicationProperties, Clock clock)`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`ExpirableUserToken`	`createAndStoreResetToken(long directoryId, String username, String email, int tokenExpirySeconds)` Creates an `ExpirableUserToken` for a given username in the given directory.
`Optional<ExpirableUserToken>`	`getToken(long directoryId, String username)` Returns password reset token for given user.
`boolean`	`isUserActive(long directoryId, String username)` Check if user is active
`boolean`	`isValidResetToken(long directoryId, String username, String token)` Returns `true` if the password reset token for the user with the specified username and directory ID are valid and not expired.
`boolean`	`removeByDirectoryAndUsername(long directoryId, String username)` Removes the password reset tokens associated to a username in a directory.
`void`	`resetUserCredential(long directoryId, String username, PasswordCredential credential, String token)` Resets the user credentials and invalidates the token.
`void`	`sendResetLink(Application application, String username, int tokenExpirySeconds)` Sends a reset link to the first user with the matching `username` from all the active directories assigned to the application.
`void`	`sendResetLink(long directoryId, String username, int tokenExpirySeconds)` Sends a reset link to the user with specified username and directory ID.
`boolean`	`sendUsernames(Application application, String email)` Sends the usernames associated with the given email address.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - ForgottenLoginManagerImpl
```
public ForgottenLoginManagerImpl(ApplicationService applicationService,
                                 DirectoryManager directoryManager,
                                 PermissionManager permissionManager,
                                 ExpirableUserTokenDao expirableUserTokenDao,
                                 com.atlassian.security.random.SecureTokenGenerator tokenGenerator,
                                 com.atlassian.event.api.EventPublisher eventPublisher,
                                 com.atlassian.sal.api.ApplicationProperties applicationProperties,
                                 Clock clock)
```
- Method Detail
  - sendResetLink
```
public void sendResetLink(Application application,
                          String username,
                          int tokenExpirySeconds)
                   throws UserNotFoundException,
                          InvalidEmailAddressException,
                          ApplicationPermissionException
```
    Description copied from interface: ForgottenLoginManager
    
    Sends a reset link to the first user with the matching username from all the active directories assigned to the application.
    
    Specified by:
    
    sendResetLink in interface ForgottenLoginManager
    
    Parameters:
    
    application - user is searched in application's assigned directories
    
    username - username of the user to send the password reset link
    
    tokenExpirySeconds - number of seconds before generated token expires, or DEFAULT_TOKEN_EXPIRY_SECONDS
    
    Throws:
    
    UserNotFoundException - if no user with the supplied username exists
    
    InvalidEmailAddressException - if the user does not have a valid email address to send the password reset email to
    
    ApplicationPermissionException - if the application does not have permission to modify the user
  - sendUsernames
```
public boolean sendUsernames(Application application,
                             String email)
                      throws InvalidEmailAddressException
```
    Description copied from interface: ForgottenLoginManager
    
    Sends the usernames associated with the given email address. No email will be sent if there are no usernames associated with a given email.
    
    The method returns a boolean, which should only ever be passed to authenticated applications to avoid leaking information.
    
    Specified by:
    
    sendUsernames in interface ForgottenLoginManager
    
    Parameters:
    
    application - search application's assigned directories for usernames associated with the email
    
    email - email address of the user
    
    Returns:
    
    true if any users with that address were found.
    
    Throws:
    
    InvalidEmailAddressException - if the email is not valid
  - sendResetLink
```
public void sendResetLink(long directoryId,
                          String username,
                          int tokenExpirySeconds)
                   throws DirectoryNotFoundException,
                          InvalidEmailAddressException,
                          UserNotFoundException,
                          OperationFailedException
```
    Description copied from interface: ForgottenLoginManager
    
    Sends a reset link to the user with specified username and directory ID.
    Similar to ForgottenLoginManager.sendResetLink(Application, String, int) except applying to a directory-specific user.
    
    Specified by:
    
    sendResetLink in interface ForgottenLoginManager
    
    Parameters:
    
    directoryId - directory ID of the user to modify
    
    username - username of the user to send the password reset link
    
    tokenExpirySeconds - number of seconds before generated token expires, or DEFAULT_TOKEN_EXPIRY_SECONDS
    
    Throws:
    
    DirectoryNotFoundException - if the directory specified by directoryId could not be found
    
    InvalidEmailAddressException - if the user does not have a valid email address to send the password reset email to
    
    UserNotFoundException - if the user specified by username could not be found
    
    OperationFailedException
  - isValidResetToken
```
public boolean isValidResetToken(long directoryId,
                                 String username,
                                 String token)
```
    Description copied from interface: ForgottenLoginManager
    
    Returns true if the password reset token for the user with the specified username and directory ID are valid and not expired. The valid password reset token is created by ForgottenLoginManager.sendResetLink(com.atlassian.crowd.model.application.Application, java.lang.String, int).
    
    Specified by:
    
    isValidResetToken in interface ForgottenLoginManager
    
    Parameters:
    
    directoryId - directory ID of the user to validate
    
    username - username of the user to verify the token
    
    token - password reset token
    
    Returns:
    
    true if the username and reset token are a valid combination and the reset token has not expired.
  - resetUserCredential
```
public void resetUserCredential(long directoryId,
                                String username,
                                PasswordCredential credential,
                                String token)
                         throws DirectoryNotFoundException,
                                UserNotFoundException,
                                InvalidResetPasswordTokenException,
                                OperationFailedException,
                                InvalidCredentialException,
                                DirectoryPermissionException
```
    Description copied from interface: ForgottenLoginManager
    
    Resets the user credentials and invalidates the token.
    
    Specified by:
    
    resetUserCredential in interface ForgottenLoginManager
    
    Parameters:
    
    directoryId - directory ID of the user
    
    username - user name of the user to perform a credential reset
    
    credential - new credentials
    
    token - password reset token
    
    Throws:
    
    DirectoryNotFoundException - if the directory could not be found.
    
    UserNotFoundException - if the user could not be found in the given directory.
    
    InvalidResetPasswordTokenException - if the reset token is not valid.
    
    OperationFailedException - if there was an error performing the operation or instantiating the backend directory.
    
    InvalidCredentialException - if the user's credential does not meet the validation requirements for an associated directory.
    
    DirectoryPermissionException - if the directory is not allowed to perform the operation
  - createAndStoreResetToken
```
public ExpirableUserToken createAndStoreResetToken(long directoryId,
                                                   String username,
                                                   String email,
                                                   int tokenExpirySeconds)
```
    Description copied from interface: ForgottenLoginManager
    
    Creates an ExpirableUserToken for a given username in the given directory. Note: no check is done to verify that the user actually exists in the given directory; if this is not the case, the returned token will be useless.
    
    Specified by:
    
    createAndStoreResetToken in interface ForgottenLoginManager
    
    Parameters:
    
    directoryId - the directory id associated with the user
    
    username - the username of the user to create the token for
    
    email - the email of the user to create the token for
    
    tokenExpirySeconds - number of seconds before generated token expires, or DEFAULT_TOKEN_EXPIRY_SECONDS
    
    Returns:
    
    The ExpirableUserToken
  - removeByDirectoryAndUsername
```
public boolean removeByDirectoryAndUsername(long directoryId,
                                            String username)
```
    Description copied from interface: ForgottenLoginManager
    
    Removes the password reset tokens associated to a username in a directory.
    
    Specified by:
    
    removeByDirectoryAndUsername in interface ForgottenLoginManager
    
    Parameters:
    
    directoryId - directory where the user lives
    
    username - username
    
    Returns:
    
    true if some tokens were removed
  - isUserActive
```
public boolean isUserActive(long directoryId,
                            String username)
```
    Description copied from interface: ForgottenLoginManager
    
    Check if user is active
    
    Specified by:
    
    isUserActive in interface ForgottenLoginManager
    
    Parameters:
    
    directoryId - directory where the user lives
    
    username - username
    
    Returns:
    
    true if user is active
  - getToken
```
public Optional<ExpirableUserToken> getToken(long directoryId,
                                             String username)
```
    Description copied from interface: ForgottenLoginManager
    
    Returns password reset token for given user. For testing purposes only.
    
    Specified by:
    
    getToken in interface ForgottenLoginManager

Class ForgottenLoginManagerImpl

Field Summary

Fields inherited from interface com.atlassian.crowd.manager.login.ForgottenLoginManager

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

ForgottenLoginManagerImpl

Method Detail

sendResetLink

sendUsernames

sendResetLink

isValidResetToken

resetUserCredential

createAndStoreResetToken

removeByDirectoryAndUsername

isUserActive

getToken