@Override protected CredentialPolicyType getEffectiveCredentialPolicy(SecurityPolicyType securityPolicy, SecurityQuestionsAuthenticationContext authnCtx) throws SchemaException { SecurityQuestionsCredentialsPolicyType policy = authnCtx.getPolicy(); if (policy == null){ policy = SecurityUtil.getEffectiveSecurityQuestionsCredentialsPolicy(securityPolicy); } authnCtx.setPolicy(policy); return policy; }
@Override protected boolean passwordMatches(ConnectionEnvironment connEnv, MidPointPrincipal principal, SecurityQuestionsCredentialsType passwordType, SecurityQuestionsAuthenticationContext authCtx) { SecurityQuestionsCredentialsPolicyType policy = authCtx.getPolicy(); Integer iNumberOfQuestions = policy.getQuestionNumber(); int numberOfQuestions = 0; if (iNumberOfQuestions != null){ numberOfQuestions = iNumberOfQuestions.intValue(); } Map<String, String> enteredQuestionsAnswers = authCtx.getQuestionAnswerMap(); if (numberOfQuestions > enteredQuestionsAnswers.size()){ return false; } List<SecurityQuestionAnswerType> quetionsAnswers = passwordType.getQuestionAnswer(); int matched = 0; for (SecurityQuestionAnswerType questionAnswer : quetionsAnswers){ String enteredAnswer = enteredQuestionsAnswers.get(questionAnswer.getQuestionIdentifier()); if (StringUtils.isNotBlank(enteredAnswer)) { if (decryptAndMatch(connEnv, principal, questionAnswer.getQuestionAnswer(), enteredAnswer)) { matched++; } } } return matched > 0 && matched >= numberOfQuestions; }