Update User Password API

Call this function to update user’s password.

Below is the URL to access the API functions:

PUT /CentagateWS/webresources/password/updatesimple/{username}

Parameters

No	Parameters	Occurrence	Descriptions
1	Password	Required	User’s current Password, which need to be encrypted with AES using the Secret Key as Encryption Key and encoded with base64 format.
2	NewPassword	Required	User’s new Password, which need to be encrypted with AES using the Secret Key as Encryption Key and encoded with base64 format.
3	IntegrationKey	Required	The integration key where it acts as a key that identified the App that have integrated with the API

Sample Code

As in below there are some examples of source code of access the API functions:

Java

public static void main(String[] args) {

	ClientConfig config = new DefaultClientConfig ();
	Client client = Client.create ( config );
	WebResource service = client.resource ("https://<domain_name>/CentagateWS/webresources");
	
	String secretKey = "secretKey";
	String password = "password";
	String newPassword = "newPassword";
	
	String encryptedPassword = encryptPassword(password,secretKey);
	String encryptedNewPassword = encryptPassword(newPassword,secretKey);
			
	Gson gson = new Gson();

	HashMap<String, String> map = new HashMap<String, String>();
	map.put("password", encryptedPassword);
	map.put("newPassword", encryptedNewPassword);
	map.put("integrationKey","integrationKey");

	ClientResponse response = service.path("password").path("updatesimple").path("username").accept(MediaType.APPLICATION_JSON).put(ClientResponse.class, gson.toJson(map));
				
	String retJson = response.getEntity(String.class);

	HashMap<String, Object> returnData = (HashMap<String, Object>) gson.fromJson(retJson, HashMap.class);

	String code = returnData.get("code").toString();
	String message = returnData.get("message").toString();
	String object = returnData.get("object").toString();
}

public static String encryptPassword(String content, String key) {    	
    try {
        MessageDigest digest = MessageDigest.getInstance("SHA-256");
        byte[] aesKey = digest.digest(key.getBytes());
        SecretKey secretKey = new SecretKeySpec(aesKey,"AES");
        Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
        cipher.init(Cipher.ENCRYPT_MODE, secretKey);
        return Base64.getEncoder().encodeToString(cipher.doFinal(content.getBytes(StandardCharsets.UTF_8)));
    } catch (InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
        System.out.println(e.getMessage());
    }
    return null;
}

Node Js

const https = require('https')

var crypto = require('crypto');
var username = "<username>";
var password = "<password>";
var newPassword = "<newPassword>";

const data = JSON.stringify({
	password : password ,
	newPassword: newPassword
})

const options = {
	hostname: "<domain_name>",
	port: 443,
	path:'/CentagateWS/webresources/password/updatesimple/'+username)',
	method: 'PUT',
	headers: {
		'Accept': 'application/json',
		'Content-Type': 'application/json',
	}
}

const req = https.request(options, res =>{
	console.log(`HTTP Status Code: ${res.statusCode}`)
	var body = '';
	res.on('data', function(d){
		
	body += d;
	var parsed = JSON.parse(body);
	
	if (parsed.code == 0){
	   console.log('Authentication Succeed');
	   console.log('Response:');
	   console.log(body);
	}
	else {
	  console.log('Authentication Fail, ' +'Message:' + parsed.message);
	  console.log('Code:' + parsed.code); 
	}
		
	})
})

req.on('ERROR', error => {
	console.error(error)
})

req.write(data)
req.end()

PHP

<?php

    $username = "<username>";
    $url = 'https://<domain_name>/CentagateWS/webresources/password/updatesimple/'.$username;
    
    $ch = curl_init($url);
    
    $password = "<password>";
    $newPassword = "<newPassword>";
    
    $jsonData = array (
    	'password'=> $password,
    	'newPassword'=> $newPassword
    );
    
    $jsonDataEncoded = json_encode($jsonData);
    
    curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'PUT');
    curl_setopt($ch, CURLOPT_POSTFIELDS, $jsonDataEncoded);
    curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/json'));
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    
    $result = curl_exec($ch);
    
    
    $obj = json_decode($result); 
    if ($obj->{'code'} != 0){
    	print "Authentication fail";
    	print "Message: ".$obj->{'message'}; 
    	echo " <br>"; 
    	print "Code: ".$obj->{'code'};
    }
    else {
    	print "Authentication succeed";
    	echo " <br>"; 
    	print "Message: ".$obj->{'message'}; 
    	echo " <br>"; 
    	print "Code: ".$obj->{'code'}; 
    	echo " <br>"; 
    	print "Result:" ;
    	echo " <br>"; 
    	print $result;
    }
    
    curl_close($ch);

?>

Error Code

Return Code	Details
0	Success
10001	Permission not allowed
10002	Invalid Input
10003	DB protection error
10004	DB error
10011	Crypto error
20002	Company not found
23001	Invalid credentials (User not found / User is not active/Invalid current password)
23025	Web API error
28003	You are not allowed to use the last X passwords
28004	Password must at least contain X characters
28005	Password must mix letters and digits Password must mix lower and upper letters and digits Password must mix lower and upper letters, digits and special characters
28006	Password is blacklisted. Please choose another password
28007	New password must be different from the current password
28008	You are changing your password too frequent. Password cannot be changed within X (day)