Examples with IdmPasswordDto eu.bcvsolutions.idm.core.api.dto.IdmPasswordDto used on opensource projects

Example 56 with IdmPasswordDto

use of eu.bcvsolutions.idm.core.api.dto.IdmPasswordDto in project CzechIdMng by bcvsolutions.

the class PasswordExpirationWarningTaskExecutorIntegrationTest method testNotSendWarningMessageToDisabledIdentity.

@Test
public void testNotSendWarningMessageToDisabledIdentity() {
    // prepare date
    IdmIdentityDto identity = getHelper().createIdentity();
    // 
    try {
        IdmPasswordDto password = passwordService.findOneByIdentity(identity.getId());
        password.setValidTill(LocalDate.now().plusDays(1));
        passwordService.save(password);
        // disable identity
        identity.setState(IdentityState.DISABLED_MANUALLY);
        identityService.save(identity);
        // prepare task
        IdmScheduledTaskDto scheduledTask = scheduledTaskService.save(SchedulerTestUtils.createIdmScheduledTask(UUID.randomUUID().toString()));
        IdmLongRunningTaskDto longRunningTask = longRunningService.save(SchedulerTestUtils.createIdmLongRunningTask(scheduledTask, PasswordExpirationWarningTaskExecutor.class));
        PasswordExpirationWarningTaskExecutor executor = AutowireHelper.autowireBean(new PasswordExpirationWarningTaskExecutor());
        executor.setLongRunningTaskId(longRunningTask.getId());
        executor.init(ImmutableMap.of(PasswordExpirationWarningTaskExecutor.PARAMETER_DAYS_BEFORE, "2"));
        // first process
        Boolean result = executor.process();
        Page<IdmProcessedTaskItemDto> logItems = itemService.findLogItems(longRunningTask, null);
        // check
        Assert.assertTrue(result);
        Assert.assertFalse(logItems.getContent().stream().map(IdmProcessedTaskItemDto::getReferencedEntityId).anyMatch(password.getId()::equals));
    } finally {
        identityService.delete(identity);
    }
}

Example 57 with IdmPasswordDto

use of eu.bcvsolutions.idm.core.api.dto.IdmPasswordDto in project CzechIdMng by bcvsolutions.

the class IdmPasswordControllerRestTest method testPost.

@Override
public void testPost() throws Exception {
    IdmPasswordDto dto = prepareDto();
    ObjectMapper mapper = getMapper();
    String response = getMockMvc().perform(post(getBaseUrl()).with(authentication(getAdminAuthentication())).content(mapper.writeValueAsString(dto)).contentType(TestHelper.HAL_CONTENT_TYPE)).andExpect(content().contentType(TestHelper.HAL_CONTENT_TYPE)).andReturn().getResponse().getContentAsString();
    IdmPasswordDto password = (IdmPasswordDto) mapper.readValue(response, dto.getClass());
    Assert.assertNotNull(password);
    Assert.assertNotNull(password.getId());
    password = getDto(password.getId());
    Assert.assertNotNull(password.getCreator());
    Assert.assertNull(password.getPassword());
    IdmIdentityDto identity = getHelper().createIdentity((GuardedString) null);
    IdmPasswordDto newPassword = new IdmPasswordDto();
    newPassword.setIdentity(identity.getId());
    newPassword.setPassword("testPassword");
    // Create new password
    getMockMvc().perform(post(getBaseUrl()).with(authentication(getAdminAuthentication())).content(mapper.writeValueAsString(newPassword)).contentType(TestHelper.HAL_CONTENT_TYPE)).andExpect(status().isBadRequest());
}

Example 58 with IdmPasswordDto

use of eu.bcvsolutions.idm.core.api.dto.IdmPasswordDto in project CzechIdMng by bcvsolutions.

the class IdentityPasswordExpiredProcessor method process.

@Override
public EventResult<IdmIdentityDto> process(EntityEvent<IdmIdentityDto> event) {
    IdmIdentityDto identity = event.getContent();
    IdmPasswordDto password = passwordService.findOneByIdentity(identity.getId());
    // 
    LOG.info("Sending warning notification to identity [{}], password expired in [{}]", identity.getUsername(), password.getValidTill());
    DateTimeFormatter dateFormat = DateTimeFormatter.ofPattern(getConfigurationService().getDateFormat());
    // 
    notificationManager.send(CoreModuleDescriptor.TOPIC_PASSWORD_EXPIRED, new IdmMessageDto.Builder(NotificationLevel.WARNING).addParameter("expiration", password.getValidTill().format(dateFormat)).addParameter("identity", identity).build(), identity);
    return new DefaultEventResult<>(event, this);
}

Example 59 with IdmPasswordDto

use of eu.bcvsolutions.idm.core.api.dto.IdmPasswordDto in project CzechIdMng by bcvsolutions.

the class InitAdminIdentityProcessor method process.

@Override
public EventResult<ModuleDescriptorDto> process(EntityEvent<ModuleDescriptorDto> event) {
    IdmRoleDto adminRole = roleConfiguration.getAdminRole();
    if (adminRole == null) {
        LOG.warn("Admin role is not configured. Admin identity cannot be created, skipping.");
        // 
        return null;
    }
    // 
    // Create admin, if no other valid identity with admin role exists.
    IdmIdentityFilter filter = new IdmIdentityFilter();
    filter.setRoles(Lists.newArrayList(adminRole.getId()));
    filter.setDisabled(Boolean.FALSE);
    long adminCount = identityService.count(filter);
    if (adminCount > 0) {
        LOG.debug("Super admin identities found [{}], were created before. Admin with username [{}] will not be created.", adminCount, ADMIN_USERNAME);
        // 
        return null;
    }
    // 
    // create admin identity
    IdmIdentityDto identityAdmin = new IdmIdentityDto();
    identityAdmin.setUsername(ADMIN_USERNAME);
    identityAdmin.setPassword(new GuardedString(ADMIN_PASSWORD));
    identityAdmin.setLastName("Administrator");
    identityAdmin = identityService.save(identityAdmin);
    // 
    // set never expires to identity password
    IdmPasswordDto adminPassword = passwordService.findOneByIdentity(identityAdmin.getId());
    adminPassword.setPasswordNeverExpires(true);
    passwordService.save(adminPassword);
    // 
    LOG.info("Admin identity created [{}]", ADMIN_USERNAME);
    // 
    // set show system information to profile
    IdmProfileDto adminProfile = profileService.findOrCreateByIdentity(identityAdmin.getId());
    adminProfile.setSystemInformation(true);
    profileService.save(adminProfile);
    // 
    // create prime contract (required for assigned role)
    IdmIdentityContractDto contract = identityContractService.getPrimeContract(identityAdmin.getId());
    if (contract == null) {
        contract = identityContractService.prepareMainContract(identityAdmin.getId());
        contract.setValidFrom(null);
        contract.setValidTill(null);
        contract = identityContractService.save(contract);
    }
    // 
    // assign admin role
    IdmIdentityRoleDto identityRole = new IdmIdentityRoleDto();
    identityRole.setIdentityContract(contract.getId());
    identityRole.setRole(adminRole.getId());
    identityRoleService.save(identityRole);
    // 
    return new DefaultEventResult<>(event, this);
}

Example 60 with IdmPasswordDto

use of eu.bcvsolutions.idm.core.api.dto.IdmPasswordDto in project CzechIdMng by bcvsolutions.

the class AbstractIdentityPasswordValidateProcessor method process.

@Override
public EventResult<IdmIdentityDto> process(EntityEvent<IdmIdentityDto> event) {
    IdmIdentityDto identity = event.getContent();
    PasswordChangeDto passwordChangeDto = (PasswordChangeDto) event.getProperties().get(IdentityPasswordProcessor.PROPERTY_PASSWORD_CHANGE_DTO);
    Assert.notNull(passwordChangeDto, "Password change dto is required.");
    // 
    if (requiresOriginalPassword()) {
        PasswordChangeType passwordChangeType = identityConfiguration.getPasswordChangeType();
        if (passwordChangeType == PasswordChangeType.DISABLED) {
            // check if isn't disable password change
            throw new ResultCodeException(CoreResultCode.PASSWORD_CHANGE_DISABLED);
        } else if (passwordChangeType == PasswordChangeType.ALL_ONLY && !passwordChangeDto.isAll()) {
            // for all only must change also password for czechidm
            throw new ResultCodeException(CoreResultCode.PASSWORD_CHANGE_ALL_ONLY);
        }
        // checkAccess(identity, IdentityBasePermission.PASSWORDCHANGE) is called before event publishing
        if (identity.getId().equals(securityService.getCurrentId()) && identityConfiguration.isRequireOldPassword()) {
            if (passwordChangeDto.getOldPassword() == null) {
                throw new ResultCodeException(CoreResultCode.PASSWORD_CHANGE_CURRENT_FAILED_IDM);
            }
            // authentication trough chain
            LoginDto loginDto = new LoginDto();
            loginDto.setUsername(identity.getUsername());
            loginDto.setPassword(passwordChangeDto.getOldPassword());
            // password is changed => prevent to validate this flag again
            loginDto.setSkipMustChange(true);
            // 
            boolean successChainValidation = authenticationManager.validate(loginDto);
            if (!successChainValidation) {
                throw new ResultCodeException(CoreResultCode.PASSWORD_CHANGE_CURRENT_FAILED_IDM);
            }
        }
    }
    if (passwordChangeDto.isAll() || passwordChangeDto.isIdm()) {
        // change identity's password
        // validate password
        IdmPasswordValidationDto passwordValidationDto = new IdmPasswordValidationDto();
        // set old password for validation - valid till, from and history check
        IdmPasswordDto oldPassword = this.passwordService.findOneByIdentity(identity.getId());
        passwordValidationDto.setOldPassword(oldPassword == null ? null : oldPassword.getId());
        passwordValidationDto.setPassword(passwordChangeDto.getNewPassword());
        passwordValidationDto.setIdentity(identity);
        this.passwordPolicyService.validate(passwordValidationDto);
    }
    return new DefaultEventResult<>(event, this);
}