Example 86 with ProtectedStringType
use of com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType in project midpoint by Evolveum.
the class TestWSSecurity method test161ChangeDarthAdderPasswordSatisfiesPolicyStrict.
@Test
public void test161ChangeDarthAdderPasswordSatisfiesPolicyStrict() throws Exception {
final String TEST_NAME = "test160ChangeDarthAdderPasswordSatisfiesPolicyShortcut";
displayTestTitle(TEST_NAME);
LogfileTestTailer tailer = createLogTailer();
ProtectedStringType protectedString = ModelClientUtil.createProtectedString(USER_DARTHADDER_PASSWORD_NEW2);
ObjectDeltaListType deltaList = ModelClientUtil.createModificationDeltaList(UserType.class, USER_DARTHADDER_OID, "credentials/password/value", ModificationTypeType.REPLACE, protectedString);
dartAdderLastPasswordChangeStartTs = TestUtil.currentTime();
// WHEN
ObjectDeltaOperationListType deltaOpList = modelPort.executeChanges(deltaList, null);
// THEN
assertSuccess(deltaOpList);
dartAdderLastPasswordChangeEndTs = TestUtil.currentTime();
tailer.tail();
displayAudit(tailer);
assertAuditLoginLogout(tailer);
assertAuditIds(tailer);
assertAuditOperation(tailer, "MODIFY_OBJECT");
tailer.assertAudit(4);
modelPort = createModelPort(USER_DARTHADDER_USERNAME, USER_DARTHADDER_PASSWORD_NEW2, WSConstants.PW_DIGEST);
UserType user = getObject(UserType.class, USER_DARTHADDER_OID);
display(user);
dartAdderLastPassword = user.getCredentials().getPassword();
assertNotNull("No password for DarthAdder", dartAdderLastPassword);
assertPasswordModifyMetadata(user, USER_DARTHADDER_OID, dartAdderLastPasswordChangeStartTs, dartAdderLastPasswordChangeEndTs);
}
Also used :
LogfileTestTailer(com.evolveum.midpoint.test.util.LogfileTestTailer)
ObjectDeltaOperationListType(com.evolveum.midpoint.xml.ns._public.common.api_types_3.ObjectDeltaOperationListType)
ProtectedStringType(com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType)
ObjectDeltaListType(com.evolveum.midpoint.xml.ns._public.common.api_types_3.ObjectDeltaListType)
UserType(com.evolveum.midpoint.xml.ns._public.common.common_3.UserType)
Test(org.testng.annotations.Test)
Example 87 with ProtectedStringType
use of com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType in project midpoint by Evolveum.
the class TestMappingDynamicSimple method testGenerateProtectedString.
@Test
public void testGenerateProtectedString() throws Exception {
final String TEST_NAME = "testGenerateProtectedString";
TestUtil.displayTestTile(TEST_NAME);
// GIVEN
Mapping<PrismPropertyValue<ProtectedStringType>, PrismPropertyDefinition<ProtectedStringType>> mapping = evaluator.createMapping("mapping-generate.xml", TEST_NAME, SchemaConstants.PATH_PASSWORD_VALUE, null);
OperationResult opResult = new OperationResult(TEST_NAME);
// WHEN
mapping.evaluate(null, opResult);
// THEN
PrismValueDeltaSetTriple<PrismPropertyValue<ProtectedStringType>> outputTriple = mapping.getOutputTriple();
outputTriple.checkConsistence();
ProtectedStringType value1 = MappingTestEvaluator.getSingleValue("plus set", outputTriple.getZeroSet());
PrismAsserts.assertTripleNoPlus(outputTriple);
PrismAsserts.assertTripleNoMinus(outputTriple);
System.out.println("Generated excrypted value: " + value1);
assertNotNull(value1);
assertNotNull(value1.getEncryptedDataType());
}
Also used :
PrismPropertyDefinition(com.evolveum.midpoint.prism.PrismPropertyDefinition)
OperationResult(com.evolveum.midpoint.schema.result.OperationResult)
PolyString(com.evolveum.midpoint.prism.polystring.PolyString)
ProtectedStringType(com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType)
PrismPropertyValue(com.evolveum.midpoint.prism.PrismPropertyValue)
Test(org.testng.annotations.Test)
Example 88 with ProtectedStringType
use of com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType in project midpoint by Evolveum.
the class AbstractManualResourceTest method test230ModifyAccountWillChangePasswordAndEnable.
/**
* Change password, enable. There is still pending disable delta. Make sure all the deltas are
* stored correctly.
*/
@Test
public void test230ModifyAccountWillChangePasswordAndEnable() throws Exception {
final String TEST_NAME = "test230ModifyAccountWillChangePasswordAndEnable";
displayTestTile(TEST_NAME);
// GIVEN
Task task = createTask(TEST_NAME);
OperationResult result = task.getResult();
ObjectDelta<UserType> delta = ObjectDelta.createModificationReplaceProperty(UserType.class, userWillOid, SchemaConstants.PATH_ACTIVATION_ADMINISTRATIVE_STATUS, prismContext, ActivationStatusType.ENABLED);
ProtectedStringType ps = new ProtectedStringType();
ps.setClearValue(USER_WILL_PASSWORD_NEW);
delta.addModificationReplaceProperty(SchemaConstants.PATH_PASSWORD_VALUE, ps);
display("ObjectDelta", delta);
accountWillSecondReqestTimestampStart = clock.currentTimeXMLGregorianCalendar();
// WHEN
displayWhen(TEST_NAME);
executeChanges(delta, null, task, result);
// THEN
displayThen(TEST_NAME);
display("result", result);
willSecondLastCaseOid = assertInProgress(result);
accountWillSecondReqestTimestampEnd = clock.currentTimeXMLGregorianCalendar();
PrismObject<ShadowType> shadowRepo = repositoryService.getObject(ShadowType.class, accountWillOid, null, result);
display("Repo shadow", shadowRepo);
assertPendingOperationDeltas(shadowRepo, 3);
PendingOperationType pendingOperation = findPendingOperation(shadowRepo, OperationResultStatusType.IN_PROGRESS, SchemaConstants.PATH_PASSWORD_VALUE);
assertPendingOperation(shadowRepo, pendingOperation, accountWillSecondReqestTimestampStart, accountWillSecondReqestTimestampEnd);
assertNotNull("No ID in pending operation", pendingOperation.getId());
// Still old data in the repo. The operation is not completed yet.
assertShadowActivationAdministrativeStatusFromCache(shadowRepo, ActivationStatusType.ENABLED);
assertAttribute(shadowRepo, ATTR_USERNAME_QNAME, USER_WILL_NAME);
assertAttributeFromCache(shadowRepo, ATTR_FULLNAME_QNAME, USER_WILL_FULL_NAME_PIRATE);
PrismObject<ShadowType> shadowProvisioning = modelService.getObject(ShadowType.class, accountWillOid, null, task, result);
display("Model shadow", shadowProvisioning);
ShadowType shadowTypeProvisioning = shadowProvisioning.asObjectable();
assertShadowName(shadowProvisioning, USER_WILL_NAME);
assertEquals("Wrong kind (provisioning)", ShadowKindType.ACCOUNT, shadowTypeProvisioning.getKind());
assertShadowActivationAdministrativeStatus(shadowProvisioning, ActivationStatusType.ENABLED);
assertAttribute(shadowProvisioning, ATTR_USERNAME_QNAME, USER_WILL_NAME);
assertAttribute(shadowProvisioning, ATTR_FULLNAME_QNAME, USER_WILL_FULL_NAME_PIRATE);
assertAttributeFromBackingStore(shadowProvisioning, ATTR_DESCRIPTION_QNAME, ACCOUNT_WILL_DESCRIPTION_MANUAL);
assertShadowPassword(shadowProvisioning);
assertPendingOperationDeltas(shadowProvisioning, 3);
pendingOperation = findPendingOperation(shadowProvisioning, OperationResultStatusType.IN_PROGRESS, SchemaConstants.PATH_PASSWORD_VALUE);
assertPendingOperation(shadowProvisioning, pendingOperation, accountWillSecondReqestTimestampStart, accountWillSecondReqestTimestampEnd);
PrismObject<ShadowType> shadowProvisioningFuture = modelService.getObject(ShadowType.class, accountWillOid, SelectorOptions.createCollection(GetOperationOptions.createPointInTimeType(PointInTimeType.FUTURE)), task, result);
display("Model shadow (future)", shadowProvisioningFuture);
assertShadowName(shadowProvisioningFuture, USER_WILL_NAME);
assertEquals("Wrong kind (provisioning)", ShadowKindType.ACCOUNT, shadowProvisioningFuture.asObjectable().getKind());
assertShadowActivationAdministrativeStatus(shadowProvisioningFuture, ActivationStatusType.ENABLED);
assertAttribute(shadowProvisioningFuture, ATTR_USERNAME_QNAME, USER_WILL_NAME);
assertAttribute(shadowProvisioningFuture, ATTR_FULLNAME_QNAME, USER_WILL_FULL_NAME_PIRATE);
assertAttributeFromBackingStore(shadowProvisioningFuture, ATTR_DESCRIPTION_QNAME, ACCOUNT_WILL_DESCRIPTION_MANUAL);
assertShadow(shadowProvisioningFuture);
assertNotNull("No async reference in result", willSecondLastCaseOid);
assertCase(willLastCaseOid, SchemaConstants.CASE_STATE_OPEN);
assertCase(willSecondLastCaseOid, SchemaConstants.CASE_STATE_OPEN);
}
Also used :
Task(com.evolveum.midpoint.task.api.Task)
PendingOperationType(com.evolveum.midpoint.xml.ns._public.common.common_3.PendingOperationType)
ShadowType(com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType)
OperationResult(com.evolveum.midpoint.schema.result.OperationResult)
UserType(com.evolveum.midpoint.xml.ns._public.common.common_3.UserType)
ProtectedStringType(com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType)
Test(org.testng.annotations.Test)
AbstractConfiguredModelIntegrationTest(com.evolveum.midpoint.model.intest.AbstractConfiguredModelIntegrationTest)
Example 89 with ProtectedStringType
use of com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType in project midpoint by Evolveum.
the class ImportTest method assertDummyResource.
private void assertDummyResource(PrismObject<ResourceType> resource, boolean fromRepo) {
PrismContainer<Containerable> configurationPropertiesContainer = assertResource(resource, "Dummy Resource", RESOURCE_DUMMY_NAMESPACE, dummyConnector.getOid(), fromRepo);
PrismProperty<ProtectedStringType> guardedProperty = configurationPropertiesContainer.findProperty(new QName(CONNECTOR_DUMMY_NAMESPACE, "uselessGuardedString"));
// The resource was pulled from the repository. Therefore it does not have the right schema here. We should proceed with caution
// and inspect the DOM elements there
assertNotNull("No uselessGuardedString property in configuration properties", guardedProperty);
PrismPropertyValue<ProtectedStringType> guardedPVal = guardedProperty.getValue();
if (fromRepo) {
Object passwordRawElement = guardedPVal.getRawElement();
if (!(passwordRawElement instanceof MapXNode)) {
AssertJUnit.fail("Expected password value of type " + MapXNode.class + " but got " + passwordRawElement.getClass());
}
MapXNode passwordXNode = (MapXNode) passwordRawElement;
assertTrue("uselessGuardedString was not encrypted (clearValue)", passwordXNode.get(new QName("clearValue")) == null);
assertTrue("uselessGuardedString was not encrypted (no encryptedData)", passwordXNode.get(new QName("encryptedData")) != null);
} else {
ProtectedStringType psType = guardedPVal.getValue();
assertNull("uselessGuardedString was not encrypted (clearValue)", psType.getClearValue());
assertNotNull("uselessGuardedString was not encrypted (no EncryptedData)", psType.getEncryptedDataType());
}
}
Also used :
QName(javax.xml.namespace.QName)
MapXNode(com.evolveum.midpoint.prism.xnode.MapXNode)
ProtectedStringType(com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType)
Example 90 with ProtectedStringType
use of com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType in project midpoint by Evolveum.
the class ImportTest method test003ImportUsers.
@Test
public void test003ImportUsers() throws Exception {
TestUtil.displayTestTile(this, "test003ImportUsers");
// GIVEN
Task task = taskManager.createTaskInstance();
OperationResult result = new OperationResult(ImportTest.class.getName() + "test003ImportUsers");
FileInputStream stream = new FileInputStream(IMPORT_USERS_FILE);
dummyAuditService.clear();
XMLGregorianCalendar startTime = clock.currentTimeXMLGregorianCalendar();
// WHEN
modelService.importObjectsFromStream(stream, getDefaultImportOptions(), task, result);
// THEN
XMLGregorianCalendar endTime = clock.currentTimeXMLGregorianCalendar();
result.computeStatus();
display("Result after good import", result);
TestUtil.assertSuccess("Import has failed (result)", result);
// Check import with fixed OID
UserType jack = repositoryService.getObject(UserType.class, USER_JACK_OID, null, result).asObjectable();
display("Jack", jack);
assertNotNull(jack);
PrismAsserts.assertEqualsPolyString("wrong givenName", "Jack", jack.getGivenName());
PrismAsserts.assertEqualsPolyString("wrong familyName", "Sparrow", jack.getFamilyName());
PrismAsserts.assertEqualsPolyString("wrong fullName", "Cpt. Jack Sparrow", jack.getFullName());
PrismAsserts.assertEquals("wrong costCenter", "<No 'cost' & no \"center\">", jack.getCostCenter());
// Jack has a password. Check if it was encrypted
ProtectedStringType protectedString = jack.getCredentials().getPassword().getValue();
assertNull("Arrgh! Pirate sectrets were revealed!", protectedString.getClearValue());
assertNotNull("Er? The pirate sectrets were lost!", protectedString.getEncryptedDataType());
assertMetadata(jack, startTime, endTime);
// Check import with generated OID
// EqualsFilter equal = EqualsFilter.createEqual(UserType.class, PrismTestUtil.getPrismContext(), UserType.F_NAME, "guybrush");
// ObjectQuery query = ObjectQuery.createObjectQuery(equal);
ObjectQuery query = ObjectQueryUtil.createNameQuery("guybrush", PrismTestUtil.getPrismContext());
List<PrismObject<UserType>> users = repositoryService.searchObjects(UserType.class, query, null, result);
assertNotNull(users);
assertEquals("Search retuned unexpected results", 1, users.size());
UserType guybrush = users.get(0).asObjectable();
assertNotNull(guybrush);
guybrushOid = guybrush.getOid();
assertNotNull(guybrushOid);
PrismAsserts.assertEqualsPolyString("wrong givenName", "Guybrush", guybrush.getGivenName());
PrismAsserts.assertEqualsPolyString("wrong familyName", "Threepwood", guybrush.getFamilyName());
PrismAsserts.assertEqualsPolyString("wrong fullName", "Guybrush Threepwood", guybrush.getFullName());
assertMetadata(guybrush, startTime, endTime);
assertUsers(4);
// Check audit
display("Audit", dummyAuditService);
dummyAuditService.assertRecords(6);
}
Also used :
XMLGregorianCalendar(javax.xml.datatype.XMLGregorianCalendar)
Task(com.evolveum.midpoint.task.api.Task)
OperationResult(com.evolveum.midpoint.schema.result.OperationResult)
ProtectedStringType(com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType)
ObjectQuery(com.evolveum.midpoint.prism.query.ObjectQuery)
FileInputStream(java.io.FileInputStream)
Test(org.testng.annotations.Test)
AbstractConfiguredModelIntegrationTest(com.evolveum.midpoint.model.intest.AbstractConfiguredModelIntegrationTest)
Aggregations
ProtectedStringType (com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType)120
OperationResult (com.evolveum.midpoint.schema.result.OperationResult)48
Test (org.testng.annotations.Test)48
Task (com.evolveum.midpoint.task.api.Task)39
UserType (com.evolveum.midpoint.xml.ns._public.common.common_3.UserType)25
ItemPath (com.evolveum.midpoint.prism.path.ItemPath)24
QName (javax.xml.namespace.QName)20
PolyString (com.evolveum.midpoint.prism.polystring.PolyString)18
PasswordType (com.evolveum.midpoint.xml.ns._public.common.common_3.PasswordType)18
CredentialsType (com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsType)15
SchemaException (com.evolveum.midpoint.util.exception.SchemaException)13
ObjectDelta (com.evolveum.midpoint.prism.delta.ObjectDelta)11
ShadowType (com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType)10
AbstractInitializedModelIntegrationTest (com.evolveum.midpoint.model.intest.AbstractInitializedModelIntegrationTest)9
AbstractModelIntegrationTest (com.evolveum.midpoint.model.test.AbstractModelIntegrationTest)9
EncryptionException (com.evolveum.midpoint.prism.crypto.EncryptionException)9
MapXNode (com.evolveum.midpoint.prism.xnode.MapXNode)9
Document (org.w3c.dom.Document)8
ArrayList (java.util.ArrayList)7
Entry (org.apache.directory.api.ldap.model.entry.Entry)7
