Search in sources :

Example 1 with SetPasswordRequest

use of com.sequenceiq.freeipa.flow.freeipa.user.event.SetPasswordRequest in project cloudbreak by hortonworks.

the class SetPasswordHandler method accept.

@Override
public void accept(Event<SetPasswordRequest> setPasswordRequestEvent) {
    SetPasswordRequest request = setPasswordRequestEvent.getData();
    LOGGER.info("SetPasswordHandler accepting request {}", request);
    try {
        Stack stack = stackService.getStackById(request.getResourceId());
        MDCBuilder.buildMdcContext(stack);
        FreeIpaClient freeIpaClient = freeIpaClientFactory.getFreeIpaClientForStack(stack);
        if (FreeIpaCapabilities.hasSetPasswordHashSupport(freeIpaClient.getConfig())) {
            LOGGER.info("IPA has password hash support. Credentials information from UMS will be used.");
            WorkloadCredential workloadCredential = umsCredentialProvider.getCredentials(request.getUserCrn(), MDCUtils.getRequestId());
            setPasswordHash(stack, request, freeIpaClient, workloadCredential);
            if (StringUtils.isBlank(workloadCredential.getHashedPassword())) {
                LOGGER.info("IPA has password hash support but user does not have a password set in UMS; using the provided password directly.");
                freeIpaClient.userSetPasswordWithExpiration(request.getUsername(), request.getPassword(), request.getExpirationInstant());
            }
        } else {
            LOGGER.info("IPA does not have password hash support; using the provided password directly.");
            freeIpaClient.userSetPasswordWithExpiration(request.getUsername(), request.getPassword(), request.getExpirationInstant());
        }
        SetPasswordResult result = new SetPasswordResult(request);
        request.getResult().onNext(result);
    } catch (Exception e) {
        request.getResult().onError(e);
    }
}
Also used : FreeIpaClient(com.sequenceiq.freeipa.client.FreeIpaClient) SetPasswordRequest(com.sequenceiq.freeipa.flow.freeipa.user.event.SetPasswordRequest) SetPasswordResult(com.sequenceiq.freeipa.flow.freeipa.user.event.SetPasswordResult) FreeIpaClientException(com.sequenceiq.freeipa.client.FreeIpaClientException) IOException(java.io.IOException) Stack(com.sequenceiq.freeipa.entity.Stack) WorkloadCredential(com.sequenceiq.freeipa.service.freeipa.user.model.WorkloadCredential)

Example 2 with SetPasswordRequest

use of com.sequenceiq.freeipa.flow.freeipa.user.event.SetPasswordRequest in project cloudbreak by hortonworks.

the class SetPasswordHandlerTest method testWithPasswordHashSupportWithoutUmsPassword.

@Test
void testWithPasswordHashSupportWithoutUmsPassword() throws FreeIpaClientException, IOException {
    SetPasswordRequest request = new SetPasswordRequest(1L, "environment", USER, USER_CRN, "password", Optional.empty());
    FreeIpaClient mockFreeIpaClient = newfreeIpaClient(true);
    when(freeIpaClientFactory.getFreeIpaClientForStack(any())).thenReturn(mockFreeIpaClient);
    setupMocksForPasswordHashSupport(false, false);
    underTest.accept(new Event<>(request));
    verify(workloadCredentialService, times(1)).setWorkloadCredential(anyBoolean(), any(), any());
    verify(mockFreeIpaClient, times(1)).userSetPasswordWithExpiration(any(), any(), any());
}
Also used : FreeIpaClient(com.sequenceiq.freeipa.client.FreeIpaClient) SetPasswordRequest(com.sequenceiq.freeipa.flow.freeipa.user.event.SetPasswordRequest) Test(org.junit.jupiter.api.Test)

Example 3 with SetPasswordRequest

use of com.sequenceiq.freeipa.flow.freeipa.user.event.SetPasswordRequest in project cloudbreak by hortonworks.

the class SetPasswordHandlerTest method testWithPasswordHashSupportWithUmsPasswordWithUpdateOptimizationIpaCredentialsUpToDate.

@Test
void testWithPasswordHashSupportWithUmsPasswordWithUpdateOptimizationIpaCredentialsUpToDate() throws FreeIpaClientException, IOException {
    SetPasswordRequest request = new SetPasswordRequest(1L, "environment", USER, USER_CRN, "password", Optional.empty());
    FreeIpaClient mockFreeIpaClient = newfreeIpaClient(true);
    when(freeIpaClientFactory.getFreeIpaClientForStack(any())).thenReturn(mockFreeIpaClient);
    setupMocksForPasswordHashSupport(true, true);
    User user = getIpaUser(USER);
    when(mockFreeIpaClient.userFind(USER)).thenReturn(Optional.of(user));
    UserMetadata userMetadata = new UserMetadata(USER_CRN, UMS_WORKLOAD_CREDENTIALS_VERSION);
    doReturn(Optional.of(userMetadata)).when(userMetadataConverter).toUserMetadata(argThat(matchesUser(user)));
    underTest.accept(new Event<>(request));
    verify(workloadCredentialService, times(0)).setWorkloadCredential(eq(true), any(), any());
    verify(mockFreeIpaClient, times(0)).userSetPasswordWithExpiration(any(), any(), any());
}
Also used : User(com.sequenceiq.freeipa.client.model.User) FreeIpaClient(com.sequenceiq.freeipa.client.FreeIpaClient) SetPasswordRequest(com.sequenceiq.freeipa.flow.freeipa.user.event.SetPasswordRequest) UserMetadata(com.sequenceiq.freeipa.service.freeipa.user.model.UserMetadata) Test(org.junit.jupiter.api.Test)

Example 4 with SetPasswordRequest

use of com.sequenceiq.freeipa.flow.freeipa.user.event.SetPasswordRequest in project cloudbreak by hortonworks.

the class SetPasswordHandlerTest method testWithPasswordHashSupportWithUmsPasswordWithUpdateOptimizationIpaCredentialsVersionUnknown.

@Test
void testWithPasswordHashSupportWithUmsPasswordWithUpdateOptimizationIpaCredentialsVersionUnknown() throws FreeIpaClientException, IOException {
    SetPasswordRequest request = new SetPasswordRequest(1L, "environment", USER, USER_CRN, "password", Optional.empty());
    FreeIpaClient mockFreeIpaClient = newfreeIpaClient(true);
    when(freeIpaClientFactory.getFreeIpaClientForStack(any())).thenReturn(mockFreeIpaClient);
    setupMocksForPasswordHashSupport(true, true);
    User user = getIpaUser(USER);
    when(mockFreeIpaClient.userFind(USER)).thenReturn(Optional.of(user));
    doReturn(Optional.empty()).when(userMetadataConverter).toUserMetadata(argThat(matchesUser(user)));
    underTest.accept(new Event<>(request));
    verify(workloadCredentialService, times(1)).setWorkloadCredential(eq(true), any(), any());
    verify(mockFreeIpaClient, times(0)).userSetPasswordWithExpiration(any(), any(), any());
}
Also used : User(com.sequenceiq.freeipa.client.model.User) FreeIpaClient(com.sequenceiq.freeipa.client.FreeIpaClient) SetPasswordRequest(com.sequenceiq.freeipa.flow.freeipa.user.event.SetPasswordRequest) Test(org.junit.jupiter.api.Test)

Example 5 with SetPasswordRequest

use of com.sequenceiq.freeipa.flow.freeipa.user.event.SetPasswordRequest in project cloudbreak by hortonworks.

the class SetPasswordHandlerTest method testWithPasswordHashSupportWithUmsPasswordWithUpdateOptimizationIpaCredentialsStale.

@Test
void testWithPasswordHashSupportWithUmsPasswordWithUpdateOptimizationIpaCredentialsStale() throws FreeIpaClientException, IOException {
    SetPasswordRequest request = new SetPasswordRequest(1L, "environment", USER, USER_CRN, "password", Optional.empty());
    FreeIpaClient mockFreeIpaClient = newfreeIpaClient(true);
    when(freeIpaClientFactory.getFreeIpaClientForStack(any())).thenReturn(mockFreeIpaClient);
    setupMocksForPasswordHashSupport(true, true);
    User user = getIpaUser(USER);
    when(mockFreeIpaClient.userFind(USER)).thenReturn(Optional.of(user));
    UserMetadata userMetadata = new UserMetadata(USER_CRN, UMS_WORKLOAD_CREDENTIALS_VERSION - 1);
    doReturn(Optional.of(userMetadata)).when(userMetadataConverter).toUserMetadata(argThat(matchesUser(user)));
    underTest.accept(new Event<>(request));
    verify(workloadCredentialService, times(1)).setWorkloadCredential(eq(true), any(), any());
    verify(mockFreeIpaClient, times(0)).userSetPasswordWithExpiration(any(), any(), any());
}
Also used : User(com.sequenceiq.freeipa.client.model.User) FreeIpaClient(com.sequenceiq.freeipa.client.FreeIpaClient) SetPasswordRequest(com.sequenceiq.freeipa.flow.freeipa.user.event.SetPasswordRequest) UserMetadata(com.sequenceiq.freeipa.service.freeipa.user.model.UserMetadata) Test(org.junit.jupiter.api.Test)

Aggregations

SetPasswordRequest (com.sequenceiq.freeipa.flow.freeipa.user.event.SetPasswordRequest)9 FreeIpaClient (com.sequenceiq.freeipa.client.FreeIpaClient)7 Test (org.junit.jupiter.api.Test)6 User (com.sequenceiq.freeipa.client.model.User)3 Stack (com.sequenceiq.freeipa.entity.Stack)2 UserMetadata (com.sequenceiq.freeipa.service.freeipa.user.model.UserMetadata)2 NotFoundException (com.sequenceiq.cloudbreak.common.exception.NotFoundException)1 OperationException (com.sequenceiq.cloudbreak.service.OperationException)1 FailureDetails (com.sequenceiq.freeipa.api.v1.freeipa.user.model.FailureDetails)1 SuccessDetails (com.sequenceiq.freeipa.api.v1.freeipa.user.model.SuccessDetails)1 FreeIpaClientException (com.sequenceiq.freeipa.client.FreeIpaClientException)1 SetPasswordResult (com.sequenceiq.freeipa.flow.freeipa.user.event.SetPasswordResult)1 WorkloadCredential (com.sequenceiq.freeipa.service.freeipa.user.model.WorkloadCredential)1 IOException (java.io.IOException)1 Instant (java.time.Instant)1 ArrayList (java.util.ArrayList)1