use of com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsPolicyType in project midpoint by Evolveum.
the class SecurityPolicyUtil method getCredentialPolicy.
public static NonceCredentialsPolicyType getCredentialPolicy(String policyName, SecurityPolicyType securityPolicy) throws SchemaException {
CredentialsPolicyType credentialsPolicy = securityPolicy.getCredentials();
if (credentialsPolicy == null) {
return null;
}
List<NonceCredentialsPolicyType> noncePolicies = credentialsPolicy.getNonce();
List<NonceCredentialsPolicyType> availableNoncePolicies = new ArrayList<>();
for (NonceCredentialsPolicyType noncePolicy : noncePolicies) {
if (noncePolicy.getName() == null && policyName == null) {
availableNoncePolicies.add(noncePolicy);
}
if (noncePolicy.getName() == null && policyName != null) {
continue;
}
if (noncePolicy.getName() != null && policyName == null) {
continue;
}
if (noncePolicy.getName().equals(policyName)) {
availableNoncePolicies.add(noncePolicy);
}
}
if (availableNoncePolicies.size() > 1) {
throw new SchemaException("Found more than one nonce credentials policy. Please review your configuration");
}
if (availableNoncePolicies.size() == 0) {
return null;
}
return availableNoncePolicies.iterator().next();
}
use of com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsPolicyType in project midpoint by Evolveum.
the class TestSecurityBasic method assertCredentialsPolicy.
private void assertCredentialsPolicy(PrismObject<UserType> user) throws ObjectNotFoundException, SchemaException {
OperationResult result = new OperationResult("assertCredentialsPolicy");
CredentialsPolicyType credentialsPolicy = modelInteractionService.getCredentialsPolicy(user, null, result);
result.computeStatus();
TestUtil.assertSuccess(result);
assertNotNull("No credentials policy for " + user, credentialsPolicy);
SecurityQuestionsCredentialsPolicyType securityQuestions = credentialsPolicy.getSecurityQuestions();
assertEquals("Unexepected number of security questions for " + user, 2, securityQuestions.getQuestion().size());
}
use of com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsPolicyType in project midpoint by Evolveum.
the class CredentialsProcessor method transformFocusExectionDeltaCredential.
private <O extends ObjectType> void transformFocusExectionDeltaCredential(LensContext<O> context, CredentialsPolicyType credsType, CredentialPolicyType credPolicyType, ItemPath valuePropertyPath, ObjectDelta<O> delta) throws SchemaException, EncryptionException {
if (delta.isDelete()) {
return;
}
CredentialPolicyType defaltCredPolicyType = credsType.getDefault();
CredentialsStorageMethodType storageMethod = SecurityUtil.getCredPolicyItem(defaltCredPolicyType, credPolicyType, pol -> pol.getStorageMethod());
if (storageMethod == null) {
return;
}
CredentialsStorageTypeType storageType = storageMethod.getStorageType();
if (storageType == null || storageType == CredentialsStorageTypeType.ENCRYPTION) {
return;
} else if (storageType == CredentialsStorageTypeType.HASHING) {
PrismPropertyValue<ProtectedStringType> pval = null;
if (delta.isAdd()) {
PrismProperty<ProtectedStringType> prop = delta.getObjectToAdd().findProperty(valuePropertyPath);
hashValues(prop.getValues(), storageMethod);
} else {
PropertyDelta<ProtectedStringType> propDelta = delta.findPropertyDelta(valuePropertyPath);
if (propDelta != null) {
hashValues(propDelta.getValuesToAdd(), storageMethod);
hashValues(propDelta.getValuesToReplace(), storageMethod);
hashValues(propDelta.getValuesToDelete(), storageMethod);
}
}
} else if (storageType == CredentialsStorageTypeType.NONE) {
if (delta.isAdd()) {
delta.getObjectToAdd().removeProperty(valuePropertyPath);
} else {
PropertyDelta<ProtectedStringType> propDelta = delta.findPropertyDelta(valuePropertyPath);
if (propDelta != null) {
// Replace with nothing. We need this to clear any existing value that there might be.
propDelta.setValueToReplace();
}
}
} else {
throw new SchemaException("Unkwnon storage type " + storageType);
}
}
Aggregations