use of ca.corefacility.bioinformatics.irida.model.user.PasswordReset in project irida by phac-nml.
the class PasswordResetControllerTest method testSubmitPasswordReset.
@Test
public void testSubmitPasswordReset() {
String username = "tom";
String email = "tom@somewhere.com";
User user = new User(1L, username, email, null, null, null, null);
PasswordReset passwordReset = new PasswordReset(user);
String resetId = passwordReset.getId();
String password = "Password1!";
ExtendedModelMap model = new ExtendedModelMap();
when(passwordResetService.read(resetId)).thenReturn(passwordReset);
String sendNewPassword = controller.sendNewPassword(resetId, password, password, model, LocaleContextHolder.getLocale());
assertEquals(PasswordResetController.SUCCESS_REDIRECT + Base64.getEncoder().encodeToString(email.getBytes()), sendNewPassword);
assertEquals("User should not be logged in after resetting password", username, SecurityContextHolder.getContext().getAuthentication().getName());
verify(passwordResetService).read(resetId);
verify(userService).changePassword(user.getId(), password);
verify(passwordResetService).delete(resetId);
}
use of ca.corefacility.bioinformatics.irida.model.user.PasswordReset in project irida by phac-nml.
the class PasswordResetControllerTest method testSubmitPasswordNoMatch.
@Test
public void testSubmitPasswordNoMatch() {
User user = new User(1L, "tom", null, null, null, null, null);
PasswordReset passwordReset = new PasswordReset(user);
String resetId = passwordReset.getId();
String password = "Password1!";
ExtendedModelMap model = new ExtendedModelMap();
when(passwordResetService.read(resetId)).thenReturn(passwordReset);
String sendNewPassword = controller.sendNewPassword(resetId, password, "not the same", model, LocaleContextHolder.getLocale());
assertEquals(PasswordResetController.PASSWORD_RESET_PAGE, sendNewPassword);
assertTrue(model.containsKey("errors"));
verify(passwordResetService, times(2)).read(resetId);
}
use of ca.corefacility.bioinformatics.irida.model.user.PasswordReset in project irida by phac-nml.
the class CredentialsExpiredAuthenticationFailureHandlerTest method testOnAuthenticationFailure.
@Test
public void testOnAuthenticationFailure() throws IOException, ServletException {
String username = "tom";
User user = new User();
PasswordReset reset = new PasswordReset(user);
String expectedRedirect = "/password_reset/" + reset.getId() + "?expired=true";
AuthenticationException exception = new CredentialsExpiredException("Credentials expired");
HttpServletRequest request = mock(HttpServletRequest.class);
HttpServletResponse response = mock(HttpServletResponse.class);
when(request.getParameter("username")).thenReturn(username);
when(request.getContextPath()).thenReturn("");
when(userService.getUserByUsername(username)).thenReturn(user);
when(resetService.create(any(PasswordReset.class))).thenReturn(reset);
handler.onAuthenticationFailure(request, response, exception);
verify(request).getParameter("username");
verify(userService).getUserByUsername(username);
verify(resetService).create(any(PasswordReset.class));
ArgumentCaptor<String> redirectCaptor = ArgumentCaptor.forClass(String.class);
verify(response).sendRedirect(redirectCaptor.capture());
String redirect = redirectCaptor.getValue();
assertEquals(expectedRedirect, redirect);
}
use of ca.corefacility.bioinformatics.irida.model.user.PasswordReset in project irida by phac-nml.
the class CredentialsExpriredAuthenticationFailureHandler method onAuthenticationFailure.
/**
* Handle CredentialsExpiredException and create a {@link PasswordReset}. If
* not CredentialsExpiredException pass to super.
*/
@Override
public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException {
if (exception instanceof CredentialsExpiredException) {
// get the username of the user who tried to login
String username = request.getParameter("username");
logger.trace("Password is expired for [ " + username + " ]. Generating a password reset.");
// set an anonymous auth token
setAuthentication();
// get the user and create a password reset
User userByUsername = userService.getUserByUsername(username);
PasswordReset create = resetService.create(new PasswordReset(userByUsername));
// Clear the anonymous auth token
SecurityContextHolder.clearContext();
// redirect the user to the password reset page
String contextPath = request.getContextPath();
String resetId = create.getId();
response.sendRedirect(contextPath + "/password_reset/" + resetId + "?expired=true");
} else {
super.onAuthenticationFailure(request, response, exception);
}
}
use of ca.corefacility.bioinformatics.irida.model.user.PasswordReset in project irida by phac-nml.
the class PasswordResetControllerTest method testGetResetPage.
@Test
public void testGetResetPage() {
User user = new User(1L, "tom", null, null, null, null, null);
PasswordReset passwordReset = new PasswordReset(user);
String resetId = passwordReset.getId();
ExtendedModelMap model = new ExtendedModelMap();
when(passwordResetService.read(resetId)).thenReturn(passwordReset);
String resetPage = controller.getResetPage(resetId, false, model);
assertEquals(PasswordResetController.PASSWORD_RESET_PAGE, resetPage);
assertTrue(model.containsKey("errors"));
assertTrue(model.containsKey("passwordReset"));
assertTrue(model.containsKey("user"));
verify(passwordResetService).read(resetId);
}
Aggregations