Examples with CredentialsType com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsType used on opensource projects

Example 16 with CredentialsType

use of com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsType in project midpoint by Evolveum.

the class PageSelfRegistration method prepareUserToSave.

private UserType prepareUserToSave(Task task, OperationResult result) throws ExpressionEvaluationException, SchemaException, ObjectNotFoundException {
    SelfRegistrationDto selfRegistrationConfiguration = getSelfRegistrationConfiguration();
    UserType userType = userModel.getObject();
    UserType userToSave = userType.clone();
    if (selfRegistrationConfiguration.getFormRef() == null) {
        userType.clone();
        if (selfRegistrationConfiguration.getRequiredLifecycleState() != null) {
            String userLifecycle = userToSave.getLifecycleState();
            if (!selfRegistrationConfiguration.getRequiredLifecycleState().equals(userLifecycle)) {
                LOGGER.error("Registration not allowed for a user {} -> Unsatisfied Configuration for required lifecycle, expected {} but was {}", new Object[] { userToSave.getEmailAddress() != null ? userToSave.getEmailAddress() : userToSave, selfRegistrationConfiguration.getRequiredLifecycleState(), userLifecycle });
                getSession().error(createStringResource("PageSelfRegistration.registration.failed.unsatisfied.registration.configuration").getString());
                throw new RestartResponseException(this);
            }
        }
    } else {
        try {
            userToSave = getDynamicFormPanel().getObject().asObjectable().clone();
        } catch (SchemaException e) {
            LoggingUtils.logException(LOGGER, "Failed to construct delta " + e.getMessage(), e);
            new RestartResponseException(this);
        }
    }
    // CredentialsType credentials =
    createCredentials(userToSave, selfRegistrationConfiguration.getNoncePolicy(), task, result);
    // userToSave.setCredentials(credentials);
    if (selfRegistrationConfiguration.getInitialLifecycleState() != null) {
        LOGGER.trace("Setting initial lifecycle state of registered user to {}", selfRegistrationConfiguration.getInitialLifecycleState());
        userToSave.setLifecycleState(selfRegistrationConfiguration.getInitialLifecycleState());
    }
    try {
        getPrismContext().adopt(userToSave);
    } catch (SchemaException e) {
    // nothing to do, try without it
    }
    return userToSave;
}

Example 17 with CredentialsType

use of com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsType in project midpoint by Evolveum.

the class TestOpenDjReadablePassword method assertShadowPassword.

@Override
protected void assertShadowPassword(ShadowType provisioningShadow) throws Exception {
    CredentialsType credentials = provisioningShadow.getCredentials();
    if (credentials == null) {
        return;
    }
    PasswordType passwordType = credentials.getPassword();
    if (passwordType == null) {
        return;
    }
    ProtectedStringType passwordValue = passwordType.getValue();
    assertNotNull("Missing password value in " + provisioningShadow, passwordValue);
    assertFalse("Empty password value in " + provisioningShadow, passwordValue.isEmpty());
    String clearPassword = protector.decryptString(passwordValue);
    display("Clear password of " + provisioningShadow + ": " + clearPassword);
    PrismContainerValue<PasswordType> passwordContainer = passwordType.asPrismContainerValue();
    PrismProperty<ProtectedStringType> valueProp = passwordContainer.findProperty(PasswordType.F_VALUE);
    assertFalse("Incomplete password value in " + provisioningShadow, valueProp.isIncomplete());
}

Example 18 with CredentialsType

use of com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsType in project midpoint by Evolveum.

the class TestOpenDjIncompletePassword method assertShadowPassword.

@Override
protected void assertShadowPassword(ShadowType provisioningShadow) {
    CredentialsType credentials = provisioningShadow.getCredentials();
    if (credentials == null) {
        return;
    }
    PasswordType passwordType = credentials.getPassword();
    if (passwordType == null) {
        return;
    }
    ProtectedStringType passwordValue = passwordType.getValue();
    assertNull("Unexpected password value in " + provisioningShadow + ": " + passwordValue, passwordValue);
    PrismContainerValue<PasswordType> passwordContainer = passwordType.asPrismContainerValue();
    PrismProperty<ProtectedStringType> valueProp = passwordContainer.findProperty(PasswordType.F_VALUE);
    assertTrue("Incomplete flag is NOT set for password value in " + provisioningShadow, valueProp.isIncomplete());
}

Example 19 with CredentialsType

use of com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsType in project midpoint by Evolveum.

the class ModelClientUtil method createPasswordCredentials.

public static CredentialsType createPasswordCredentials(String password) {
    CredentialsType credentialsType = new CredentialsType();
    credentialsType.setPassword(createPasswordType(password));
    return credentialsType;
}

Example 20 with CredentialsType

use of com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsType in project midpoint by Evolveum.

the class FocusProcessor method processActivationLockout.

private <F extends FocusType> void processActivationLockout(LensFocusContext<UserType> focusContext, XMLGregorianCalendar now, OperationResult result) throws ExpressionEvaluationException, ObjectNotFoundException, SchemaException, PolicyViolationException {
    ObjectDelta<UserType> focusPrimaryDelta = focusContext.getPrimaryDelta();
    if (focusPrimaryDelta != null) {
        PropertyDelta<LockoutStatusType> lockoutStatusDelta = focusContext.getPrimaryDelta().findPropertyDelta(SchemaConstants.PATH_ACTIVATION_LOCKOUT_STATUS);
        if (lockoutStatusDelta != null) {
            if (lockoutStatusDelta.isAdd()) {
                for (PrismPropertyValue<LockoutStatusType> pval : lockoutStatusDelta.getValuesToAdd()) {
                    if (pval.getValue() == LockoutStatusType.LOCKED) {
                        throw new SchemaException("Lockout status cannot be changed to LOCKED value");
                    }
                }
            } else if (lockoutStatusDelta.isReplace()) {
                for (PrismPropertyValue<LockoutStatusType> pval : lockoutStatusDelta.getValuesToReplace()) {
                    if (pval.getValue() == LockoutStatusType.LOCKED) {
                        throw new SchemaException("Lockout status cannot be changed to LOCKED value");
                    }
                }
            }
        }
    }
    ActivationType activationNew = null;
    ActivationType activationCurrent = null;
    LockoutStatusType lockoutStatusNew = null;
    LockoutStatusType lockoutStatusCurrent = null;
    PrismObject<UserType> focusNew = focusContext.getObjectNew();
    if (focusNew != null) {
        activationNew = focusNew.asObjectable().getActivation();
        if (activationNew != null) {
            lockoutStatusNew = activationNew.getLockoutStatus();
        }
    }
    PrismObject<UserType> focusCurrent = focusContext.getObjectCurrent();
    if (focusCurrent != null) {
        activationCurrent = focusCurrent.asObjectable().getActivation();
        if (activationCurrent != null) {
            lockoutStatusCurrent = activationCurrent.getLockoutStatus();
        }
    }
    if (lockoutStatusNew == lockoutStatusCurrent) {
        // No change, (almost) no work
        LOGGER.trace("Skipping lockout processing because there was no change ({} -> {})", lockoutStatusCurrent, lockoutStatusNew);
        return;
    }
    LOGGER.trace("Lockout change {} -> {}", lockoutStatusCurrent, lockoutStatusNew);
    if (lockoutStatusNew == LockoutStatusType.NORMAL) {
        CredentialsType credentialsTypeNew = focusNew.asObjectable().getCredentials();
        if (credentialsTypeNew != null) {
            resetFailedLogins(focusContext, credentialsTypeNew.getPassword(), SchemaConstants.PATH_CREDENTIALS_PASSWORD_FAILED_LOGINS);
            resetFailedLogins(focusContext, credentialsTypeNew.getNonce(), SchemaConstants.PATH_CREDENTIALS_NONCE_FAILED_LOGINS);
            resetFailedLogins(focusContext, credentialsTypeNew.getSecurityQuestions(), SchemaConstants.PATH_CREDENTIALS_SECURITY_QUESTIONS_FAILED_LOGINS);
        }
        if (activationNew != null && activationNew.getLockoutExpirationTimestamp() != null) {
            PrismContainerDefinition<ActivationType> activationDefinition = getActivationDefinition();
            PrismPropertyDefinition<XMLGregorianCalendar> lockoutExpirationTimestampDef = activationDefinition.findPropertyDefinition(ActivationType.F_LOCKOUT_EXPIRATION_TIMESTAMP);
            PropertyDelta<XMLGregorianCalendar> lockoutExpirationTimestampDelta = lockoutExpirationTimestampDef.createEmptyDelta(new ItemPath(UserType.F_ACTIVATION, ActivationType.F_LOCKOUT_EXPIRATION_TIMESTAMP));
            lockoutExpirationTimestampDelta.setValueToReplace();
            focusContext.swallowToProjectionWaveSecondaryDelta(lockoutExpirationTimestampDelta);
        }
    }
}