Examples with IdmPasswordDto eu.bcvsolutions.idm.core.api.dto.IdmPasswordDto used on opensource projects

Example 61 with IdmPasswordDto

use of eu.bcvsolutions.idm.core.api.dto.IdmPasswordDto in project CzechIdMng by bcvsolutions.

the class IdmIdentityControllerRestTest method testGetWithoutBlockLoginDate.

@Test
public void testGetWithoutBlockLoginDate() {
    IdmIdentityDto identity = createDto();
    IdmPasswordDto password = getHelper().getPassword(identity);
    password.setBlockLoginDate(ZonedDateTime.now().minusDays(1));
    passwordService.save(password);
    // 
    identity = getDto(identity.getId());
    // 
    Assert.assertNull(identity.getBlockLoginDate());
}

Example 62 with IdmPasswordDto

use of eu.bcvsolutions.idm.core.api.dto.IdmPasswordDto in project CzechIdMng by bcvsolutions.

the class DefaultIdmPasswordService method delete.

@Override
@Transactional
public void delete(IdmIdentityDto identity) {
    Assert.notNull(identity, "Identity is required.");
    // 
    IdmPasswordDto passwordDto = getPasswordByIdentity(identity.getId());
    if (passwordDto != null) {
        this.delete(passwordDto);
    }
}

Example 63 with IdmPasswordDto

use of eu.bcvsolutions.idm.core.api.dto.IdmPasswordDto in project CzechIdMng by bcvsolutions.

the class DefaultIdmPasswordService method findOrCreateByIdentity.

@Override
@Transactional
public IdmPasswordDto findOrCreateByIdentity(Serializable codeable) {
    IdmIdentityDto identityDto = lookupService.lookupDto(IdmIdentityDto.class, codeable);
    // 
    if (identityDto == null) {
        return null;
    }
    // 
    UUID identityId = identityDto.getId();
    IdmPasswordDto passwordDto = this.findOneByIdentity(identityId);
    // 
    if (passwordDto != null) {
        return passwordDto;
    }
    // 
    // TODO: two passwords can be created in multi thread access (lock by identity before the get)
    passwordDto = new IdmPasswordDto();
    passwordDto.setIdentity(identityId);
    passwordDto.setMustChange(false);
    passwordDto.setValidFrom(LocalDate.now());
    // 
    return this.save(passwordDto);
}

Example 64 with IdmPasswordDto

use of eu.bcvsolutions.idm.core.api.dto.IdmPasswordDto in project CzechIdMng by bcvsolutions.

the class DefaultTwoFactorAuthenticationManager method authenticate.

@Override
@Transactional
public LoginDto authenticate(LoginDto loginTwoFactorRequestDto) {
    Assert.notNull(loginTwoFactorRequestDto, "Login request is required.");
    // 
    IdmJwtAuthenticationDto claims = null;
    String loggedAction = siemLogger.buildAction(SiemLoggerManager.LOGIN_LEVEL_KEY);
    String targetName = loginTwoFactorRequestDto.getUsername();
    String targetUuid = null;
    try {
        Optional<Jwt> jwt = HttpFilterUtils.parseToken(loginTwoFactorRequestDto.getToken());
        if (!jwt.isPresent()) {
            throw new ResultCodeException(CoreResultCode.AUTH_FAILED, "Verification code must be filled");
        }
        HttpFilterUtils.verifyToken(jwt.get(), jwtAuthenticationMapper.getVerifier());
        // authentication dto from request
        try {
            claims = jwtAuthenticationMapper.getClaims(jwt.get());
            targetName = claims.getCurrentUsername();
            targetUuid = Objects.toString(claims.getCurrentIdentityId(), "");
        } catch (IOException ex) {
            throw new ResultCodeException(CoreResultCode.TOKEN_READ_FAILED, ex);
        }
        // we need to check expiration, before current (automatically prolonged) token is used by mapper
        if (claims.getExpiration() != null && claims.getExpiration().isBefore(ZonedDateTime.now())) {
            throw new ResultCodeException(CoreResultCode.AUTH_EXPIRED);
        }
        UUID identityId = claims.getCurrentIdentityId();
        IdmIdentityDto identity = identityService.get(identityId);
        if (identity == null) {
            throw new EntityNotFoundException(IdmIdentityDto.class, identityId);
        }
        IdmPasswordDto password = passwordService.findOneByIdentity(identityId);
        if (password == null) {
            throw new EntityNotFoundException(IdmPasswordDto.class, identityId);
        }
        if (!verifyCode(password, loginTwoFactorRequestDto.getPassword())) {
            throw new ResultCodeException(CoreResultCode.TWO_FACTOR_VERIFICATION_CODE_FAILED);
        }
        // 
        if (password.isMustChange() && !loginTwoFactorRequestDto.isSkipMustChange()) {
            throw new MustChangePasswordException(claims.getCurrentUsername());
        }
        // set token verified
        IdmTokenDto token = tokenManager.getToken(claims.getId());
        token.setSecretVerified(true);
        // and login - new login dto new to be constructed to preserve original login metadata
        LoginDto loginDto = new LoginDto();
        loginDto.setUsername(claims.getCurrentUsername());
        loginDto.setAuthenticationModule(claims.getFromModule());
        // 
        LoginDto resultLoginDto = jwtAuthenticationService.createJwtAuthenticationAndAuthenticate(loginDto, identity, token);
        siemLogger.log(loggedAction, SiemLoggerManager.SUCCESS_ACTION_STATUS, targetName, targetUuid, null, null, null, null);
        return resultLoginDto;
    } catch (Exception e) {
        siemLogger.log(loggedAction, SiemLoggerManager.FAILED_ACTION_STATUS, targetName, targetUuid, null, null, null, e.getMessage());
        throw e;
    }
}

Example 65 with IdmPasswordDto

use of eu.bcvsolutions.idm.core.api.dto.IdmPasswordDto in project CzechIdMng by bcvsolutions.

the class PasswordNeverExpiresProcessor method process.

@Override
public EventResult<IdmPasswordDto> process(EntityEvent<IdmPasswordDto> event) {
    IdmPasswordDto passwordDto = event.getContent();
    // If this password never expires, set valid till to null. Even if someone set valid till value.
    if (passwordDto.isPasswordNeverExpires()) {
        passwordDto.setValidTill(null);
    }
    // 
    event.setContent(passwordDto);
    // 
    return new DefaultEventResult<>(event, this);
}