CAS 6.4.0-RC4+ : Forgot Username
17 views
Skip to first unread message
Chris Durham
Jul 9, 2021, 11:02:51 PM7/9/21
to CAS Developer
We are trying to make use of the Password Management functionality that is being built into CAS but are facing an issue with the Forgot Username functionality. When the email is set we aren't getting a principal (and therefore a username) in the email.
/**
* Process forgot username email and do a lookup.
*
* @param requestContext the request context
* @param query the query
* @return the event
*/
protected Event locateUserAndProcess(final RequestContext requestContext, final PasswordManagementQuery query) {
val username = passwordManagementService.findUsername(query);
if (StringUtils.isBlank(username)) {
return getErrorEvent("username.missing", "No username could be located for the given email address", requestContext);
}
if (sendForgotUsernameEmailToAccount(query, requestContext)) {
return success();
}
return getErrorEvent("username.failed", "Failed to send the username to the given email address", requestContext);
}
/**
* Send forgot username email to account.
*
* @param query the query
* @param requestContext the request context
* @return the boolean
*/
protected boolean sendForgotUsernameEmailToAccount(final PasswordManagementQuery query,
final RequestContext requestContext) {
val parameters = CollectionUtils.<String, Object>wrap("email", query.getEmail());
val credential = new BasicIdentifiableCredential();
credential.setId(query.getUsername());
val person = principalResolver.resolve(credential);
FunctionUtils.doIfNotNull(person, principal -> parameters.put("principal", principal));
val reset = casProperties.getAuthn().getPm().getForgotUsername().getMail();
val request = WebUtils.getHttpServletRequestFromExternalWebflowContext(requestContext);
val body = EmailMessageBodyBuilder.builder().properties(reset)
.locale(Optional.ofNullable(request.getLocale()))
.parameters(parameters).build().produce();
return this.communicationsManager.email(reset, query.getEmail(), body);
}
Looking at the code in SendForgotUsernameInstructionsAction
/**
* Process forgot username email and do a lookup.
*
* @param requestContext the request context
* @param query the query
* @return the event
*/
protected Event locateUserAndProcess(final RequestContext requestContext, final PasswordManagementQuery query) {
val username = passwordManagementService.findUsername(query);
if (StringUtils.isBlank(username)) {
return getErrorEvent("username.missing", "No username could be located for the given email address", requestContext);
}
if (sendForgotUsernameEmailToAccount(query, requestContext)) {
return success();
}
return getErrorEvent("username.failed", "Failed to send the username to the given email address", requestContext);
}
/**
* Send forgot username email to account.
*
* @param query the query
* @param requestContext the request context
* @return the boolean
*/
protected boolean sendForgotUsernameEmailToAccount(final PasswordManagementQuery query,
final RequestContext requestContext) {
val parameters = CollectionUtils.<String, Object>wrap("email", query.getEmail());
val credential = new BasicIdentifiableCredential();
credential.setId(query.getUsername());
val person = principalResolver.resolve(credential);
FunctionUtils.doIfNotNull(person, principal -> parameters.put("principal", principal));
val reset = casProperties.getAuthn().getPm().getForgotUsername().getMail();
val request = WebUtils.getHttpServletRequestFromExternalWebflowContext(requestContext);
val body = EmailMessageBodyBuilder.builder().properties(reset)
.locale(Optional.ofNullable(request.getLocale()))
.parameters(parameters).build().produce();
return this.communicationsManager.email(reset, query.getEmail(), body);
}
And cross-checking to the last commit in this file I can see it was refactored to pass query rather than distinct username and email fields. The locateUserAndProcess method has to query to find the username, but then never puts the returned value in 'query' which I believe is why sendForgotUsernameEmailToAccount is unable to construct a principal as query.getUsername() returns null.
Should username be set into query in locateUserAndProcess? Would a suitable patch be welcome?
As an extension to this, if a single email was associated with multiple usernames, would a patch that catered for that be welcome too?
Thanks
Chris
Reply all
Reply to author
Forward
0 new messages