Add reset failcounter to token admin interface

bwreg-jpa/src/main/java/edu/kit/scc/webreg/entity/EventType.java

@@ -53,5 +53,6 @@ public enum EventType {
 	TWOFA_ENABLED,
 	TWOFA_DISABLED,
 	TWOFA_DELETED,
+	TWOFA_RESET_FAILCOUNTER,
 	
 }

bwreg-service/src/main/java/edu/kit/scc/webreg/service/twofa/TwoFaService.java

@@ -36,4 +36,7 @@ public interface TwoFaService {
 
 	Boolean hasActiveTokenById(Long identityId) throws TwoFaException;
 
+	LinotpSimpleResponse resetFailcounter(IdentityEntity identity, String serial, String executor)
+			throws TwoFaException;
+
 }

bwreg-service/src/main/java/edu/kit/scc/webreg/service/twofa/TwoFaServiceImpl.java

@@ -418,6 +418,40 @@ public class TwoFaServiceImpl implements TwoFaService {
 		
 		return response;
 	}
+
+	@Override
+	public LinotpSimpleResponse resetFailcounter(IdentityEntity identity, String serial, String executor) throws TwoFaException {
+		identity = identityDao.merge(identity);
+
+		TokenAuditor auditor = new TokenAuditor(auditEntryDao, auditDetailDao, appConfig);
+		auditor.startAuditTrail(executor, true);
+		auditor.setName(this.getClass().getName() + "-ResetFailcounter-Audit");
+		auditor.setIdentity(identity);
+		auditor.setDetail("Reset failcounter token " + serial + " for user " + identity.getId());
+
+		Map<String, String> configMap = configResolver.resolveConfig(identity);
+
+		LinotpConnection linotpConnection = new LinotpConnection(configMap);
+		linotpConnection.requestAdminSession();
+		LinotpSimpleResponse response = linotpConnection.resetFailcounter(serial);
+
+		auditor.logAction("" + identity.getId(), "RESET FAILCOUNTER", "serial-" + serial, "", AuditStatus.SUCCESS);
+
+		HashMap<String, Object> eventMap = new HashMap<String, Object>();
+		eventMap.put("identity", identity);
+		eventMap.put("respone", response);
+		eventMap.put("serial", serial);
+		TokenEvent event = new TokenEvent(eventMap);
+		try {
+			eventSubmitter.submit(event, EventType.TWOFA_RESET_FAILCOUNTER, executor);
+		} catch (EventSubmitException e) {
+			logger.warn("Could not submit event", e);
+		}
+
+		auditor.finishAuditTrail();
+		
+		return response;
+	}
 	
 	@Override
 	public LinotpSimpleResponse deleteToken(IdentityEntity identity, String serial, String executor) throws TwoFaException {

bwreg-service/src/main/java/edu/kit/scc/webreg/service/twofa/linotp/LinotpConnection.java

@@ -411,6 +411,32 @@ public class LinotpConnection {
 			throw new TwoFaException(e);
 		}		
 	}
+
+	public LinotpSimpleResponse resetFailcounter(String serial) throws TwoFaException {
+		try {
+			HttpPost httpPost = new HttpPost(configMap.get("url") + "/admin/reset");
+			List<NameValuePair> nvps = new ArrayList <NameValuePair>();
+			if (configMap.containsKey("realm"))
+				nvps.add(new BasicNameValuePair("realm", configMap.get("realm")));
+			nvps.add(new BasicNameValuePair("session", adminSession));
+			nvps.add(new BasicNameValuePair("serial", serial));
+			httpPost.setEntity(new UrlEncodedFormEntity(nvps));
+			
+			CloseableHttpResponse response = httpClient.execute(targetHost, httpPost, context);
+			try {
+			    HttpEntity entity = response.getEntity();
+			    String responseString = EntityUtils.toString(entity);
+			    logger.trace(responseString);
+
+			    return resultParser.parseSimpleResponse(responseString);
+
+			} finally {
+				response.close();
+			}
+		} catch (ParseException | IOException e) {
+			throw new TwoFaException(e);
+		}		
+	}
 	
 	public LinotpShowUserResponse getTokenList() throws TwoFaException {
 

bwreg-webapp/src/main/java/edu/kit/scc/webreg/bean/tadm/TokenAdminIndexBean.java

@@ -138,6 +138,25 @@ public class TokenAdminIndexBean implements Serializable {
 		}
 	}
 	
+	public void resetFailcounter(String serial) {
+		if (! getReadOnly()) {
+			try {
+				LinotpSimpleResponse response = twoFaService.resetFailcounter(selectedUser.getIdentity(), serial, "identity-" + session.getIdentityId());
+				userTokenList = twoFaService.findByIdentity(selectedUser.getIdentity());
+				if ((response.getResult() != null) && response.getResult().isStatus() &&
+						response.getResult().isValue()) {
+					messageGenerator.addInfoMessage("Info", "Token " + serial + " failcounter reset");
+				}
+				else {
+					messageGenerator.addWarningMessage("Warn", "Token " + serial + " failcounter could not be resetted");
+				}
+			} catch (TwoFaException e) {
+				logger.warn("TwoFaException", e);
+				messageGenerator.addErrorMessage("Error", e.toString());
+			}
+		}
+	}
+	
 	public Boolean getReadOnly() {
 		if (userTokenList != null)
 			return userTokenList.getReadOnly();

bwreg-webapp/src/main/webapp/token-admin/index.xhtml

@@ -82,6 +82,9 @@
 								<h:outputText value="#{messages.twofa_tokentype_tanlist}" rendered="#{token.tokenType == 'HMAC'}"/>
 								<h:outputText value="#{messages.twofa_tokentype_yubikey}" rendered="#{token.tokenType == 'yubico'}"/>
 							</h:panelGroup>
+
+							<p:outputLabel for="@next" value="#{messages.twofa_fail_count}:" />
+							<h:outputText value="#{token.failCount}" />
 		
 							<p:outputLabel for="@next" value="#{messages.twofa_active}:" />
 							<h:outputText value="#{token.isactive ? messages.yes : messages.no}" />
@@ -90,9 +93,12 @@
 							<h:outputText value="#{messages.twofa_token_not_init}" style="color:red;" />
 						</p:panel>
 						<p:commandButton action="#{tokenAdminIndexBean.disableToken(token.serial)}" value="#{messages.disable}" 
-							update="@form" rendered="#{token.isactive}"/>
+							update="@form" rendered="#{token.isactive}" style="font-size:75%;"/>
 						<p:commandButton action="#{tokenAdminIndexBean.enableToken(token.serial)}" value="#{messages.enable}" 
-							update="@form" rendered="#{! token.isactive and (! token.tokenDesc.contains('INIT'))}"/>
+							update="@form" rendered="#{! token.isactive and (! token.tokenDesc.contains('INIT'))}" style="font-size:75%;"/>
+
+						<p:commandButton action="#{tokenAdminIndexBean.resetFailcounter(token.serial)}" value="#{messages.reset_failcounter}" 
+							update="@form" style="font-size:75%;"/>
 					</p:outputPanel>
 				</p:panelGrid>
 			</p:panel>