Name
global.PasswordResetUtil
Description
Utility class for password reset application
Script
var PasswordResetUtil = Class.create();
PasswordResetUtil.prototype = Object.extendsObject(PwdAjaxRequestProcessor, {
isPublic: function() {
return true;
},
validatePassword : function() {
var validateErr = SNC.PasswordResetUtil.validateStrongerPassword();
if ("true" != validateErr)
this.setAnswer("false");
else
this.setAnswer("true");
},
sendResetEmail: function() {
if(!this._validateSecurity()){
return;
}
var result = this.newItem("result");
var userId = gs.getSession().getProperty('sysparm_sys_user_id');
// We get the requestId from the trustworthy session so no need to sanitize
var requestId = gs.getSession().getProperty('sysparm_request_id');
var redirectUrl = gs.getSession().getProperty('pwd_redirect_url');
gs.getSession().putProperty('pwd_reset_done_redirect', gs.getSession().getProperty('pwd_redirect_url'));
var isRequestInValid = new SNC.PwdTrackingManager().isRequestInvalid(requestId);
if (isRequestInValid) {
result.setAttribute("result","true");
} else {
this._sendResetEmail(userId,requestId, result, redirectUrl);
}
},
_sendResetEmail: function(userId, requestId, result, redirectUrl) {
var user = this.validateUser(userId);
if (user == undefined) {
result.setAttribute("result","false");
return;
}
result.setAttribute("result", this.raiseSendEmailEvent(user, requestId, redirectUrl));
},
sendEmailWithPasswordResetUrl: function(userId, requestId, redirectUrl) {
var isRequestInvalid = new SNC.PwdTrackingManager().isRequestInvalid(requestId);
if (isRequestInvalid) {
return true;
}
var user = this.validateUser(userId);
if (user == undefined)
return false;
return this.raiseSendEmailEvent(user, requestId, redirectUrl);
},
validateUser: function(userId) {
var usr = new GlideRecord('sys_user');
usr.addQuery('sys_id', userId);
usr.addQuery('active', 'true');
usr.queryNoDomain();
if(!usr.next()){
gs.log("User : " + userId + " is eiter inactive or doesn't exist on the instance");
return;
}
return usr;
},
raiseSendEmailEvent: function(user, requestId, redirectUrl) {
var token = SNC.PasswordResetUtil.generateUniqueUserToken(user.sys_id);
var resetPasswordURL = '';
if(GlideStringUtil.notNil(token)) {
resetPasswordURL = '/passwordreset.do?sysparm_id=' + user.sys_id + '&sysparm_request_id=' + requestId + '&sysparm_nostack=true&sysparm_token=' + token;
if (redirectUrl) {
resetPasswordURL = resetPasswordURL + '&sysparm_redirect_url='+redirectUrl;
}
}
else {
logError("Failed to generate unique token for user. Password reset failed for user : " + user.user_name);
return false;
}
var eventName = 'password.reset.url';
var shortenedURL = new GlideTinyURL().createTinyURLWithCustomLength(resetPasswordURL, 10);
var passwordURL = this.getInstanceURL() + shortenedURL;
var param1 = GlideProperties.get("glide.pwd_reset.onetime.token.validity","12");
var param2 = passwordURL;
gs.eventQueue(eventName, user, param1, param2);
return true;
},
getInstanceURL: function() {
var url = gs.getProperty("glide.servlet.uri");
var overrideUrl = gs.getProperty("glide.email.override.url");
url = overrideUrl ? overrideUrl : url;
if (GlideStringUtil.nil(url)) {
gs.log("glide.servlet.url is empty!");
return "";
}
url = url.trim();
var len = url.length;
if (url[len - 1] == '/')
url = url.substring(0, len - 1);
if (url.substring(len - 9, len) == "nav_to.do")
url = url.substring(0, len - 10);
return url;
},
getVerificationLabel: function(verificationId) {
return new SNC.PwdVerification(verificationId).getLabel();
},
encryptWithKMFModule: function(password) {
var kmfCryptoOperation = new sn_kmf_ns.KMFCryptoOperation(PwdConstants.PASSWORD_RESET_KMF_MODULE, PwdConstants.SYMMETRIC_WRAPPING).withAlgorithm(PwdConstants.AES_ALGORITHM).withInputFormat(PwdConstants.KMF_NONE);
return kmfCryptoOperation.doOperation(password);
},
decryptWithKMFModule: function(encryptedPassword) {
var kmfCryptoOperation = new sn_kmf_ns.KMFCryptoOperation(PwdConstants.PASSWORD_RESET_KMF_MODULE, PwdConstants.SYMMETRIC_UNWRAPPING).withAlgorithm(PwdConstants.AES_ALGORITHM).withOutputFormat(PwdConstants.KMF_NONE);
return kmfCryptoOperation.doOperation(encryptedPassword);
},
useNotifyInPasswordReset: function() {
var useNotify = GlideProperties.getBoolean('password_reset.sms.use_notify',true);
return GlidePluginManager.isRegistered('com.snc.notify') && useNotify;
},
updateVerificationResult: function(user, verificationId, contextId, status, requestId) {
requestId = gs.nil(requestId) ? '' : requestId;
contextId = gs.nil(contextId) ? requestId : contextId;
var requestToVerificationManager = new SNC.MapRequestToVerificationManager();
requestToVerificationManager.createOrUpdate(contextId, verificationId, status);
},
type: 'PasswordResetUtil'
});
Sys ID
5076fc10d7102200c2f64187ed610363