use of com.sequenceiq.freeipa.flow.freeipa.user.event.SetPasswordRequest in project cloudbreak by hortonworks.
the class SetPasswordHandler method accept.
@Override
public void accept(Event<SetPasswordRequest> setPasswordRequestEvent) {
SetPasswordRequest request = setPasswordRequestEvent.getData();
LOGGER.info("SetPasswordHandler accepting request {}", request);
try {
Stack stack = stackService.getStackById(request.getResourceId());
MDCBuilder.buildMdcContext(stack);
FreeIpaClient freeIpaClient = freeIpaClientFactory.getFreeIpaClientForStack(stack);
if (FreeIpaCapabilities.hasSetPasswordHashSupport(freeIpaClient.getConfig())) {
LOGGER.info("IPA has password hash support. Credentials information from UMS will be used.");
WorkloadCredential workloadCredential = umsCredentialProvider.getCredentials(request.getUserCrn(), MDCUtils.getRequestId());
setPasswordHash(stack, request, freeIpaClient, workloadCredential);
if (StringUtils.isBlank(workloadCredential.getHashedPassword())) {
LOGGER.info("IPA has password hash support but user does not have a password set in UMS; using the provided password directly.");
freeIpaClient.userSetPasswordWithExpiration(request.getUsername(), request.getPassword(), request.getExpirationInstant());
}
} else {
LOGGER.info("IPA does not have password hash support; using the provided password directly.");
freeIpaClient.userSetPasswordWithExpiration(request.getUsername(), request.getPassword(), request.getExpirationInstant());
}
SetPasswordResult result = new SetPasswordResult(request);
request.getResult().onNext(result);
} catch (Exception e) {
request.getResult().onError(e);
}
}
use of com.sequenceiq.freeipa.flow.freeipa.user.event.SetPasswordRequest in project cloudbreak by hortonworks.
the class SetPasswordHandlerTest method testWithPasswordHashSupportWithoutUmsPassword.
@Test
void testWithPasswordHashSupportWithoutUmsPassword() throws FreeIpaClientException, IOException {
SetPasswordRequest request = new SetPasswordRequest(1L, "environment", USER, USER_CRN, "password", Optional.empty());
FreeIpaClient mockFreeIpaClient = newfreeIpaClient(true);
when(freeIpaClientFactory.getFreeIpaClientForStack(any())).thenReturn(mockFreeIpaClient);
setupMocksForPasswordHashSupport(false, false);
underTest.accept(new Event<>(request));
verify(workloadCredentialService, times(1)).setWorkloadCredential(anyBoolean(), any(), any());
verify(mockFreeIpaClient, times(1)).userSetPasswordWithExpiration(any(), any(), any());
}
use of com.sequenceiq.freeipa.flow.freeipa.user.event.SetPasswordRequest in project cloudbreak by hortonworks.
the class SetPasswordHandlerTest method testWithPasswordHashSupportWithUmsPasswordWithUpdateOptimizationIpaCredentialsUpToDate.
@Test
void testWithPasswordHashSupportWithUmsPasswordWithUpdateOptimizationIpaCredentialsUpToDate() throws FreeIpaClientException, IOException {
SetPasswordRequest request = new SetPasswordRequest(1L, "environment", USER, USER_CRN, "password", Optional.empty());
FreeIpaClient mockFreeIpaClient = newfreeIpaClient(true);
when(freeIpaClientFactory.getFreeIpaClientForStack(any())).thenReturn(mockFreeIpaClient);
setupMocksForPasswordHashSupport(true, true);
User user = getIpaUser(USER);
when(mockFreeIpaClient.userFind(USER)).thenReturn(Optional.of(user));
UserMetadata userMetadata = new UserMetadata(USER_CRN, UMS_WORKLOAD_CREDENTIALS_VERSION);
doReturn(Optional.of(userMetadata)).when(userMetadataConverter).toUserMetadata(argThat(matchesUser(user)));
underTest.accept(new Event<>(request));
verify(workloadCredentialService, times(0)).setWorkloadCredential(eq(true), any(), any());
verify(mockFreeIpaClient, times(0)).userSetPasswordWithExpiration(any(), any(), any());
}
use of com.sequenceiq.freeipa.flow.freeipa.user.event.SetPasswordRequest in project cloudbreak by hortonworks.
the class SetPasswordHandlerTest method testWithPasswordHashSupportWithUmsPasswordWithUpdateOptimizationIpaCredentialsVersionUnknown.
@Test
void testWithPasswordHashSupportWithUmsPasswordWithUpdateOptimizationIpaCredentialsVersionUnknown() throws FreeIpaClientException, IOException {
SetPasswordRequest request = new SetPasswordRequest(1L, "environment", USER, USER_CRN, "password", Optional.empty());
FreeIpaClient mockFreeIpaClient = newfreeIpaClient(true);
when(freeIpaClientFactory.getFreeIpaClientForStack(any())).thenReturn(mockFreeIpaClient);
setupMocksForPasswordHashSupport(true, true);
User user = getIpaUser(USER);
when(mockFreeIpaClient.userFind(USER)).thenReturn(Optional.of(user));
doReturn(Optional.empty()).when(userMetadataConverter).toUserMetadata(argThat(matchesUser(user)));
underTest.accept(new Event<>(request));
verify(workloadCredentialService, times(1)).setWorkloadCredential(eq(true), any(), any());
verify(mockFreeIpaClient, times(0)).userSetPasswordWithExpiration(any(), any(), any());
}
use of com.sequenceiq.freeipa.flow.freeipa.user.event.SetPasswordRequest in project cloudbreak by hortonworks.
the class SetPasswordHandlerTest method testWithPasswordHashSupportWithUmsPasswordWithUpdateOptimizationIpaCredentialsStale.
@Test
void testWithPasswordHashSupportWithUmsPasswordWithUpdateOptimizationIpaCredentialsStale() throws FreeIpaClientException, IOException {
SetPasswordRequest request = new SetPasswordRequest(1L, "environment", USER, USER_CRN, "password", Optional.empty());
FreeIpaClient mockFreeIpaClient = newfreeIpaClient(true);
when(freeIpaClientFactory.getFreeIpaClientForStack(any())).thenReturn(mockFreeIpaClient);
setupMocksForPasswordHashSupport(true, true);
User user = getIpaUser(USER);
when(mockFreeIpaClient.userFind(USER)).thenReturn(Optional.of(user));
UserMetadata userMetadata = new UserMetadata(USER_CRN, UMS_WORKLOAD_CREDENTIALS_VERSION - 1);
doReturn(Optional.of(userMetadata)).when(userMetadataConverter).toUserMetadata(argThat(matchesUser(user)));
underTest.accept(new Event<>(request));
verify(workloadCredentialService, times(1)).setWorkloadCredential(eq(true), any(), any());
verify(mockFreeIpaClient, times(0)).userSetPasswordWithExpiration(any(), any(), any());
}
Aggregations