Name

global.PasswordResetUtil

Description

Utility class for password reset application

Script

var PasswordResetUtil = Class.create();
  PasswordResetUtil.prototype = Object.extendsObject(PwdAjaxRequestProcessor, {

  isPublic: function() {
  return true;
  },
  
  validatePassword : function() {
      var validateErr = SNC.PasswordResetUtil.validateStrongerPassword();
  if ("true" != validateErr) 
  	this.setAnswer("false");
  else
  	this.setAnswer("true");
  },
  
  sendResetEmail: function() {
  if(!this._validateSecurity()){
  	return;
  }

  var result = this.newItem("result");
  var userId = gs.getSession().getProperty('sysparm_sys_user_id');
  // We get the requestId from the trustworthy session so no need to sanitize
  var requestId = gs.getSession().getProperty('sysparm_request_id');
  var redirectUrl = gs.getSession().getProperty('pwd_redirect_url');
  gs.getSession().putProperty('pwd_reset_done_redirect', gs.getSession().getProperty('pwd_redirect_url'));

  var isRequestInValid = new SNC.PwdTrackingManager().isRequestInvalid(requestId);
  if (isRequestInValid) {
  	result.setAttribute("result","true");
  } else {
  	this._sendResetEmail(userId,requestId, result, redirectUrl);
  }
  },
  
  _sendResetEmail: function(userId, requestId, result, redirectUrl) {
  var user = this.validateUser(userId);
  if (user == undefined) {
  	result.setAttribute("result","false");
  	return;
  }

  result.setAttribute("result", this.raiseSendEmailEvent(user, requestId, redirectUrl));
  },
  
  sendEmailWithPasswordResetUrl: function(userId, requestId, redirectUrl) {
  var isRequestInvalid = new SNC.PwdTrackingManager().isRequestInvalid(requestId);
  if (isRequestInvalid) {
  	return true;
  }
  var user = this.validateUser(userId);
  if (user == undefined)
  	return false;

  return this.raiseSendEmailEvent(user, requestId, redirectUrl);
  },
  
  validateUser: function(userId) {
  var usr = new GlideRecord('sys_user');
  usr.addQuery('sys_id', userId);
  usr.addQuery('active', 'true');
  usr.queryNoDomain();
  if(!usr.next()){
  	gs.log("User : " + userId + " is eiter inactive or doesn't exist on the instance");
  	return;
  }
  return usr;
  },
  
  raiseSendEmailEvent: function(user, requestId, redirectUrl) {
  var token = SNC.PasswordResetUtil.generateUniqueUserToken(user.sys_id);
  var resetPasswordURL = '';
  if(GlideStringUtil.notNil(token)) {
  	resetPasswordURL = '/passwordreset.do?sysparm_id=' + user.sys_id + '&sysparm_request_id=' + requestId + '&sysparm_nostack=true&sysparm_token=' + token;
  	if (redirectUrl) {
  		resetPasswordURL = resetPasswordURL + '&sysparm_redirect_url='+redirectUrl;
  	}
  }
  else {
  	logError("Failed to generate unique token for user. Password reset failed for user : " + user.user_name);
  	return false;
  }
  var eventName = 'password.reset.url';
  var shortenedURL = new GlideTinyURL().createTinyURLWithCustomLength(resetPasswordURL, 10);
  var passwordURL = this.getInstanceURL() + shortenedURL;
  var param1 = GlideProperties.get("glide.pwd_reset.onetime.token.validity","12");
  var param2 = passwordURL;
  gs.eventQueue(eventName, user, param1, param2);
  return true;
  },

  getInstanceURL: function() {
      var url = gs.getProperty("glide.servlet.uri");
      var overrideUrl = gs.getProperty("glide.email.override.url");
      url = overrideUrl ? overrideUrl : url;
      if (GlideStringUtil.nil(url)) {
          gs.log("glide.servlet.url is empty!");
          return "";
      }
      url = url.trim();
      var len = url.length;
      if (url[len - 1] == '/')
          url = url.substring(0, len - 1);
      if (url.substring(len - 9, len) == "nav_to.do")
          url = url.substring(0, len - 10);

      return url;
  },
  
  getVerificationLabel: function(verificationId) {
  return new SNC.PwdVerification(verificationId).getLabel();
  },
  
  encryptWithKMFModule: function(password) {
  var kmfCryptoOperation = new sn_kmf_ns.KMFCryptoOperation(PwdConstants.PASSWORD_RESET_KMF_MODULE, PwdConstants.SYMMETRIC_WRAPPING).withAlgorithm(PwdConstants.AES_ALGORITHM).withInputFormat(PwdConstants.KMF_NONE);
  return kmfCryptoOperation.doOperation(password);
  },

  decryptWithKMFModule: function(encryptedPassword) {
      var kmfCryptoOperation = new sn_kmf_ns.KMFCryptoOperation(PwdConstants.PASSWORD_RESET_KMF_MODULE, PwdConstants.SYMMETRIC_UNWRAPPING).withAlgorithm(PwdConstants.AES_ALGORITHM).withOutputFormat(PwdConstants.KMF_NONE);
      return kmfCryptoOperation.doOperation(encryptedPassword);
  },

  useNotifyInPasswordReset: function() {
  var useNotify = GlideProperties.getBoolean('password_reset.sms.use_notify',true);
  return GlidePluginManager.isRegistered('com.snc.notify') && useNotify;
  },

  updateVerificationResult: function(user, verificationId, contextId, status, requestId) {
  requestId = gs.nil(requestId) ? '' : requestId;
  contextId = gs.nil(contextId) ? requestId : contextId;
  var requestToVerificationManager = new SNC.MapRequestToVerificationManager();
  requestToVerificationManager.createOrUpdate(contextId, verificationId, status);
  },

  type: 'PasswordResetUtil'
});

Sys ID

5076fc10d7102200c2f64187ed610363

Offical Documentation

Official Docs: