profile update sms and email verification

src/main/java/password/pwm/PwmConstants.java

@@ -197,6 +197,7 @@ public enum JSP_URL {
         FORGOTTEN_USERNAME_COMPLETE("forgottenusername-complete.jsp"),
         UPDATE_ATTRIBUTES("updateprofile.jsp"),
         UPDATE_ATTRIBUTES_AGREEMENT("updateprofile-agreement.jsp"),
+        UPDATE_ATTRIBUTES_ENTER_CODE("updateprofile-entercode.jsp"),
         UPDATE_ATTRIBUTES_CONFIRM("updateprofile-confirm.jsp"),
         NEW_USER("newuser.jsp"),
         NEW_USER_ENTER_CODE("newuser-entercode.jsp"),

src/main/java/password/pwm/bean/LoginInfoBean.java

@@ -34,15 +34,16 @@
 import java.util.List;
 
 public class LoginInfoBean implements Serializable {
-    private transient PasswordData userCurrentPassword;
+    private transient PasswordData pw;
 
-    private AuthenticationType authenticationType = AuthenticationType.UNAUTHENTICATED;
-    private List<AuthenticationType> authenticationFlags = new ArrayList<>();
-    private PwmAuthenticationSource authenticationSource;
+    private AuthenticationType type = AuthenticationType.UNAUTHENTICATED;
+    private List<AuthenticationType> flags = new ArrayList<>();
+    private PwmAuthenticationSource authSource;
     private Date authTime;
+
     private String guid = (Long.toString(new Date().getTime(),36) + PwmRandom.getInstance().alphaNumericString(64));
 
-    private transient BasicAuthInfo originalBasicAuthInfo;
+    private transient BasicAuthInfo basicAuth;
 
     private Date oauthExpiration;
     private transient String oauthRefreshToken;
@@ -60,34 +61,34 @@ public void setAuthTime(final Date authTime)
         this.authTime = authTime;
     }
 
-    public AuthenticationType getAuthenticationType()
+    public AuthenticationType getType()
     {
-        return authenticationType;
+        return type;
     }
 
-    public void setAuthenticationType(AuthenticationType authenticationType)
+    public void setType(AuthenticationType type)
     {
-        this.authenticationType = authenticationType;
+        this.type = type;
     }
 
     public PasswordData getUserCurrentPassword()
     {
-        return userCurrentPassword;
+        return pw;
     }
 
     public void setUserCurrentPassword(PasswordData userCurrentPassword)
     {
-        this.userCurrentPassword = userCurrentPassword;
+        this.pw = userCurrentPassword;
     }
 
-    public BasicAuthInfo getOriginalBasicAuthInfo()
+    public BasicAuthInfo getBasicAuth()
     {
-        return originalBasicAuthInfo;
+        return basicAuth;
     }
 
-    public void setOriginalBasicAuthInfo(final BasicAuthInfo originalBasicAuthInfo)
+    public void setBasicAuth(final BasicAuthInfo basicAuth)
     {
-        this.originalBasicAuthInfo = originalBasicAuthInfo;
+        this.basicAuth = basicAuth;
     }
 
     public Date getOauthExpiration()
@@ -118,16 +119,16 @@ public void setAuthRecordCookieSet(boolean authRecordCookieSet) {
         this.authRecordCookieSet = authRecordCookieSet;
     }
 
-    public List<AuthenticationType> getAuthenticationFlags() {
-        return authenticationFlags;
+    public List<AuthenticationType> getFlags() {
+        return flags;
     }
 
-    public PwmAuthenticationSource getAuthenticationSource() {
-        return authenticationSource;
+    public PwmAuthenticationSource getAuthSource() {
+        return authSource;
     }
 
-    public void setAuthenticationSource(PwmAuthenticationSource authenticationSource) {
-        this.authenticationSource = authenticationSource;
+    public void setAuthSource(PwmAuthenticationSource authSource) {
+        this.authSource = authSource;
     }
 
     public String getGuid() {

src/main/java/password/pwm/bean/TokenVerificationProgress.java

@@ -0,0 +1,41 @@
+package password.pwm.bean;
+
+import java.io.Serializable;
+import java.util.HashSet;
+import java.util.Set;
+
+public class TokenVerificationProgress implements Serializable {
+    private Set<TokenChannel> passedTokens = new HashSet<>();
+    private Set<TokenChannel> issuedTokens = new HashSet<>();
+    private TokenChannel phase;
+    private String tokenDisplayText;
+
+    public enum TokenChannel {
+        EMAIL,
+        SMS,
+    }
+
+    public Set<TokenChannel> getPassedTokens() {
+        return passedTokens;
+    }
+
+    public Set<TokenChannel> getIssuedTokens() {
+        return issuedTokens;
+    }
+
+    public TokenChannel getPhase() {
+        return phase;
+    }
+
+    public void setPhase(TokenChannel phase) {
+        this.phase = phase;
+    }
+
+    public String getTokenDisplayText() {
+        return tokenDisplayText;
+    }
+
+    public void setTokenDisplayText(String tokenDisplayText) {
+        this.tokenDisplayText = tokenDisplayText;
+    }
+}

src/main/java/password/pwm/config/PwmSetting.java

@@ -248,6 +248,8 @@ public enum PwmSetting {
             "email.changePassword.helpdesk", PwmSettingSyntax.EMAIL, PwmSettingCategory.EMAIL_TEMPLATES),
     EMAIL_UPDATEPROFILE(
             "email.updateProfile", PwmSettingSyntax.EMAIL, PwmSettingCategory.EMAIL_TEMPLATES),
+    EMAIL_UPDATEPROFILE_VERIFICATION(
+            "email.updateProfile.token", PwmSettingSyntax.EMAIL, PwmSettingCategory.EMAIL_TEMPLATES),
     EMAIL_NEWUSER(
             "email.newUser", PwmSettingSyntax.EMAIL, PwmSettingCategory.EMAIL_TEMPLATES),
     EMAIL_NEWUSER_VERIFICATION(
@@ -310,6 +312,15 @@ public enum PwmSetting {
             "sms.requestId.characters", PwmSettingSyntax.STRING, PwmSettingCategory.SMS_GATEWAY),
     SMS_REQUESTID_LENGTH(
             "sms.requestId.length", PwmSettingSyntax.NUMERIC, PwmSettingCategory.SMS_GATEWAY),
+    SMS_USE_URL_SHORTENER(
+            "sms.useUrlShortener", PwmSettingSyntax.BOOLEAN, PwmSettingCategory.SMS_GATEWAY),
+    SMS_SUCCESS_RESULT_CODE(
+            "sms.successResultCodes", PwmSettingSyntax.STRING_ARRAY, PwmSettingCategory.SMS_GATEWAY),
+    URL_SHORTENER_CLASS(
+            "urlshortener.classname", PwmSettingSyntax.STRING, PwmSettingCategory.SMS_GATEWAY),
+    URL_SHORTENER_PARAMETERS(
+            "urlshortener.parameters", PwmSettingSyntax.STRING_ARRAY, PwmSettingCategory.SMS_GATEWAY),
+
     SMS_CHALLENGE_TOKEN_TEXT(
             "sms.challenge.token.message", PwmSettingSyntax.LOCALIZED_STRING, PwmSettingCategory.SMS_MESSAGES),
     SMS_CHALLENGE_NEW_PASSWORD_TEXT(
@@ -324,14 +335,8 @@ public enum PwmSetting {
             "sms.activation.message", PwmSettingSyntax.LOCALIZED_STRING, PwmSettingCategory.SMS_MESSAGES),
     SMS_FORGOTTEN_USERNAME_TEXT(
             "sms.forgottenUsername.message", PwmSettingSyntax.LOCALIZED_STRING, PwmSettingCategory.SMS_MESSAGES),
-    SMS_USE_URL_SHORTENER(
-            "sms.useUrlShortener", PwmSettingSyntax.BOOLEAN, PwmSettingCategory.SMS_GATEWAY),
-    SMS_SUCCESS_RESULT_CODE(
-            "sms.successResultCodes", PwmSettingSyntax.STRING_ARRAY, PwmSettingCategory.SMS_GATEWAY),
-    URL_SHORTENER_CLASS(
-            "urlshortener.classname", PwmSettingSyntax.STRING, PwmSettingCategory.SMS_GATEWAY),
-    URL_SHORTENER_PARAMETERS(
-            "urlshortener.parameters", PwmSettingSyntax.STRING_ARRAY, PwmSettingCategory.SMS_GATEWAY),
+    SMS_UPDATE_PROFILE_TOKEN_TEXT(
+            "sms.updateProfile.token.message", PwmSettingSyntax.LOCALIZED_STRING, PwmSettingCategory.SMS_MESSAGES),
 
 
     //global password policy settings
@@ -782,6 +787,11 @@ public enum PwmSetting {
             "updateAttributes.form", PwmSettingSyntax.FORM, PwmSettingCategory.UPDATE_PROFILE),
     UPDATE_PROFILE_SHOW_CONFIRMATION(
             "updateAttributes.showConfirmation", PwmSettingSyntax.BOOLEAN, PwmSettingCategory.UPDATE_PROFILE),
+    UPDATE_PROFILE_EMAIL_VERIFICATION(
+            "updateAttributes.email.verification", PwmSettingSyntax.BOOLEAN, PwmSettingCategory.UPDATE_PROFILE),
+    UPDATE_PROFILE_SMS_VERIFICATION(
+            "updateAttributes.sms.verification", PwmSettingSyntax.BOOLEAN, PwmSettingCategory.UPDATE_PROFILE),
+
 
     // shortcut settings
     SHORTCUT_ENABLE(

src/main/java/password/pwm/http/PwmSession.java

@@ -215,7 +215,7 @@ public String toString() {
                 debugData.put("passwordStatus",getUserInfoBean().getPasswordState());
                 debugData.put("guid",getUserInfoBean().getUserGuid());
                 debugData.put("dn",getUserInfoBean().getUserIdentity());
-                debugData.put("authType",getLoginInfoBean().getAuthenticationType());
+                debugData.put("authType",getLoginInfoBean().getType());
                 debugData.put("needsNewPW",getUserInfoBean().isRequiresNewPassword());
                 debugData.put("needsNewCR",getUserInfoBean().isRequiresResponseConfig());
                 debugData.put("needsNewProfile",getUserInfoBean().isRequiresUpdateProfile());

src/main/java/password/pwm/http/bean/NewUserBean.java

@@ -22,6 +22,7 @@
 
 package password.pwm.http.bean;
 
+import password.pwm.bean.TokenVerificationProgress;
 import password.pwm.error.PwmUnrecoverableException;
 import password.pwm.util.PasswordData;
 
@@ -35,17 +36,11 @@ public class NewUserBean extends PwmSessionBean {
     private String profileID;
     private NewUserForm newUserForm;
 
-    private String tokenDisplayText;
-
     private boolean agreementPassed;
-    private boolean emailTokenIssued;
-    private boolean emailTokenPassed;
-    private boolean smsTokenIssued;
-    private boolean smsTokenPassed;
     private boolean formPassed;
-    private NewUserVerificationPhase verificationPhase = NewUserVerificationPhase.NONE;
     private Date createStartTime;
     private boolean urlSpecifiedProfile;
+    private final TokenVerificationProgress tokenVerificationProgress = new TokenVerificationProgress();
 
     public static class NewUserForm implements Serializable {
         private Map<String,String> formData;
@@ -111,33 +106,6 @@ public void setProfileID(String profileID) {
         this.profileID = profileID;
     }
 
-    public boolean isEmailTokenIssued() {
-        return emailTokenIssued;
-    }
-
-    public void setEmailTokenIssued(final boolean emailTokenIssued) {
-        this.emailTokenIssued = emailTokenIssued;
-    }
-
-    public boolean isSmsTokenIssued() {
-        return smsTokenIssued;
-    }
-
-    public void setSmsTokenIssued(final boolean smsTokenIssued) {
-        this.smsTokenIssued = smsTokenIssued;
-    }
-
-    public String getTokenDisplayText()
-    {
-        return tokenDisplayText;
-    }
-
-    public void setTokenDisplayText(String tokenDisplayText)
-    {
-        this.tokenDisplayText = tokenDisplayText;
-    }
-
-
     public boolean isAgreementPassed() {
         return agreementPassed;
     }
@@ -146,43 +114,13 @@ public void setAgreementPassed(boolean agreementPassed) {
         this.agreementPassed = agreementPassed;
     }
 
-    public boolean isEmailTokenPassed() {
-        return emailTokenPassed;
-    }
-
-    public void setEmailTokenPassed(final boolean emailTokenPassed) {
-        this.emailTokenPassed = emailTokenPassed;
-    }
-
-    public boolean isSmsTokenPassed() {
-        return smsTokenPassed;
-    }
-
-    public void setSmsTokenPassed(final boolean smsTokenPassed) {
-        this.smsTokenPassed = smsTokenPassed;
-    }
-
     public boolean isFormPassed() {
         return formPassed;
     }
 
     public void setFormPassed(final boolean formPassed) {
         this.formPassed = formPassed;
     }
-
-    public void setVerificationPhase(NewUserVerificationPhase verificationPhase) {
-    	this.verificationPhase = verificationPhase;
-    }
-
-    public NewUserVerificationPhase getVerificationPhase() {
-    	return verificationPhase;
-    }
-
-    public enum NewUserVerificationPhase {
-    	NONE,
-    	EMAIL,
-    	SMS,
-    }
 
     public Date getCreateStartTime()
     {
@@ -219,4 +157,8 @@ public Type getType() {
     public Set<Flag> getFlags() {
         return Collections.emptySet();
     }
+
+    public TokenVerificationProgress getTokenVerificationProgress() {
+        return tokenVerificationProgress;
+    }
 }

src/main/java/password/pwm/http/bean/UpdateProfileBean.java

@@ -22,8 +22,9 @@
 
 package password.pwm.http.bean;
 
+import password.pwm.bean.TokenVerificationProgress;
+
 import java.util.Collections;
-import java.util.LinkedHashMap;
 import java.util.Map;
 import java.util.Set;
 
@@ -33,7 +34,8 @@ public class UpdateProfileBean extends PwmSessionBean {
     private boolean confirmationPassed;
     private boolean formSubmitted;
 
-    private final Map<String,String> formData = new LinkedHashMap<>();
+    private Map<String,String> formData;
+    private final TokenVerificationProgress tokenVerificationProgress = new TokenVerificationProgress();
 
     public Type getType() {
         return Type.AUTHENTICATED;
@@ -51,6 +53,10 @@ public Map<String, String> getFormData() {
         return formData;
     }
 
+    public void setFormData(Map<String, String> formData) {
+        this.formData = formData;
+    }
+
     public boolean isConfirmationPassed() {
         return confirmationPassed;
     }
@@ -68,6 +74,10 @@ public void setFormSubmitted(boolean formSubmitted) {
     }
 
     public Set<Flag> getFlags() {
-        return Collections.singleton(Flag.ProhibitCookieSession);
+        return Collections.emptySet();
+    }
+
+    public TokenVerificationProgress getTokenVerificationProgress() {
+        return tokenVerificationProgress;
     }
 }

src/main/java/password/pwm/http/filter/AuthenticationFilter.java

@@ -130,7 +130,7 @@ private void processAuthenticatedSession(
         // read the basic auth info out of the header (if it exists);
         final BasicAuthInfo basicAuthInfo = BasicAuthInfo.parseAuthHeader(pwmApplication, pwmRequest);
 
-        final BasicAuthInfo originalBasicAuthInfo = pwmSession.getLoginInfoBean().getOriginalBasicAuthInfo();
+        final BasicAuthInfo originalBasicAuthInfo = pwmSession.getLoginInfoBean().getBasicAuth();
 
         //check to make sure basic auth info is same as currently known user in session.
         if (basicAuthInfo != null && originalBasicAuthInfo != null && !(originalBasicAuthInfo.equals(basicAuthInfo))) {
@@ -171,7 +171,7 @@ private void processAuthenticatedSession(
     }
 
     private static void handleAuthenticationCookie(final PwmRequest pwmRequest) {
-        if (!pwmRequest.isAuthenticated() || pwmRequest.getPwmSession().getLoginInfoBean().getAuthenticationType() != AuthenticationType.AUTHENTICATED) {
+        if (!pwmRequest.isAuthenticated() || pwmRequest.getPwmSession().getLoginInfoBean().getType() != AuthenticationType.AUTHENTICATED) {
             return;
         }
 
@@ -326,7 +326,7 @@ public static boolean forceRequiredRedirects(
         }
 
         // high priority pw change
-        if (pwmRequest.getPwmSession().getLoginInfoBean().getAuthenticationType() == AuthenticationType.AUTH_FROM_PUBLIC_MODULE) {
+        if (pwmRequest.getPwmSession().getLoginInfoBean().getType() == AuthenticationType.AUTH_FROM_PUBLIC_MODULE) {
             if (!pwmURL.isChangePasswordURL()) {
                 LOGGER.debug(pwmRequest, "user is authenticated via forgotten password mechanism, redirecting to change password servlet");
                 pwmRequest.sendRedirect(
@@ -445,7 +445,7 @@ public void attemptAuthentication(
                         final UserSearchEngine userSearchEngine = new UserSearchEngine(pwmApplication, pwmSession.getLabel());
                         final UserIdentity userIdentity = userSearchEngine.resolveUsername(basicAuthInfo.getUsername(), null, null);
                         sessionAuthenticator.authenticateUser(userIdentity, basicAuthInfo.getPassword());
-                        pwmSession.getLoginInfoBean().setOriginalBasicAuthInfo(basicAuthInfo);
+                        pwmSession.getLoginInfoBean().setBasicAuth(basicAuthInfo);
 
                     } catch (ChaiUnavailableException e) {
                         StatisticsManager.incrementStat(pwmRequest, Statistic.LDAP_UNAVAILABLE_COUNT);