Examples with IdmPasswordDto eu.bcvsolutions.idm.core.api.dto.IdmPasswordDto used on opensource projects

Search in sources :

Example 21 with IdmPasswordDto

use of eu.bcvsolutions.idm.core.api.dto.IdmPasswordDto in project CzechIdMng by bcvsolutions.

the class DefaultAccMultipleSystemAuthenticatorIntegrationTest method testMustChangePasswordException.

@Test(expected = MustChangePasswordException.class)
public void testMustChangePasswordException() {
    String passwordSystem = getHelper().createName();
    String passwordIdm = getHelper().createName();
    IdmIdentityDto identity = getHelper().createIdentity(new GuardedString(passwordIdm));
    IdmPasswordDto password = passwordService.findOneByIdentity(identity.getId());
    password.setMustChange(true);
    passwordService.save(password);
    SysSystemDto systemOne = createSystem(null);
    addSystemToIdentity(identity, systemOne);
    changePassword(identity, passwordSystem, getAccountIdForSystem(identity, systemOne));
    setupAuthentication(systemOne);
    // System One
    LoginDto loginDto = new LoginDto();
    loginDto.setUsername(identity.getUsername());
    loginDto.setPassword(new GuardedString(passwordSystem));
    // valid credentials
    Assert.assertTrue(authenticationManager.validate(loginDto));
    // but must change password before authentication
    authenticationManager.authenticate(loginDto);
}
Also used : IdmPasswordDto(eu.bcvsolutions.idm.core.api.dto.IdmPasswordDto) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) LoginDto(eu.bcvsolutions.idm.core.security.api.dto.LoginDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 22 with IdmPasswordDto

use of eu.bcvsolutions.idm.core.api.dto.IdmPasswordDto in project CzechIdMng by bcvsolutions.

the class DefaultLoginService method getValidIdentity.

private IdmIdentityDto getValidIdentity(LoginDto loginDto, boolean propagateException) {
    String username = loginDto.getUsername();
    LOG.info("Identity with username [{}] authenticating", username);
    IdmIdentityDto identity = identityService.getByUsername(username);
    // identity exists
    if (identity == null) {
        String validationMessage = MessageFormat.format("Check identity can login: The identity " + "[{0}] either doesn't exist or is deleted.", username);
        if (!propagateException) {
            LOG.debug(validationMessage);
            return null;
        }
        throw new IdentityNotFoundException(validationMessage);
    }
    // identity is valid
    if (identity.isDisabled()) {
        String validationMessage = MessageFormat.format("Check identity can login: The identity [{0}] is disabled.", username);
        if (!propagateException) {
            LOG.debug(validationMessage);
            return null;
        }
        throw new IdentityDisabledException(validationMessage);
    }
    // GuardedString isn't necessary password is in hash.
    IdmPasswordDto password = passwordService.findOneByIdentity(identity.getId());
    if (password == null) {
        String validationMessage = MessageFormat.format("Identity [{0}] does not have pasword stored in IdM.", username);
        if (!propagateException) {
            LOG.debug(validationMessage);
            return null;
        }
        throw new IdmAuthenticationException(validationMessage);
    }
    // check if password expired
    if (password.getValidTill() != null && password.getValidTill().isBefore(LocalDate.now())) {
        String validationMessage = MessageFormat.format("Password for identity [{0}] is expired.", username);
        if (!propagateException) {
            LOG.debug(validationMessage);
            return null;
        }
        throw new ResultCodeException(CoreResultCode.PASSWORD_EXPIRED);
    }
    // given password is correct
    if (!passwordService.checkPassword(loginDto.getPassword(), password)) {
        String validationMessage = MessageFormat.format("Identity [{0}] password check failed.", username);
        if (!propagateException) {
            LOG.debug(validationMessage);
            return null;
        }
        throw new IdmAuthenticationException(validationMessage);
    }
    // 
    return identity;
}
Also used : IdentityDisabledException(eu.bcvsolutions.idm.core.security.api.exception.IdentityDisabledException) IdmPasswordDto(eu.bcvsolutions.idm.core.api.dto.IdmPasswordDto) IdmAuthenticationException(eu.bcvsolutions.idm.core.security.api.exception.IdmAuthenticationException) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) IdentityNotFoundException(eu.bcvsolutions.idm.core.security.api.exception.IdentityNotFoundException) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)

Example 23 with IdmPasswordDto

use of eu.bcvsolutions.idm.core.api.dto.IdmPasswordDto in project CzechIdMng by bcvsolutions.

the class DefaultTwoFactorAuthenticationManager method confirm.

@Override
@Transactional
public boolean confirm(UUID identityId, TwoFactorRegistrationConfirmDto registrationConfirm) {
    Assert.notNull(identityId, "Identity identifier is required.");
    Assert.notNull(registrationConfirm, "Two factor confirm request is required.");
    // 
    // support two factor authentication, even when identity is not authenticated by IdM (secret is required to persist only)
    IdmPasswordDto password = passwordService.findOrCreateByIdentity(identityId);
    if (password == null) {
        throw new EntityNotFoundException(IdmIdentityDto.class, identityId);
    }
    // 
    GuardedString verificationSecret = registrationConfirm.getVerificationSecret();
    GuardedString verificationCode = registrationConfirm.getVerificationCode();
    // 
    if (!verifyCode(verificationSecret, verificationCode)) {
        throw new ResultCodeException(CoreResultCode.TWO_FACTOR_VERIFICATION_CODE_FAILED);
    }
    // 
    password.setVerificationSecret(verificationSecret.asString());
    passwordService.save(password);
    // 
    IdmProfileDto profile = profileService.findOrCreateByIdentity(identityId);
    profile.setTwoFactorAuthenticationType(registrationConfirm.getTwoFactorAuthenticationType());
    profileService.save(profile);
    // 
    return true;
}
Also used : IdmProfileDto(eu.bcvsolutions.idm.core.api.dto.IdmProfileDto) IdmPasswordDto(eu.bcvsolutions.idm.core.api.dto.IdmPasswordDto) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) EntityNotFoundException(eu.bcvsolutions.idm.core.api.exception.EntityNotFoundException) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) Transactional(org.springframework.transaction.annotation.Transactional)

Example 24 with IdmPasswordDto

use of eu.bcvsolutions.idm.core.api.dto.IdmPasswordDto in project CzechIdMng by bcvsolutions.

the class DefaultTwoFactorAuthenticationManager method requireTwoFactorAuthentication.

@Override
@Transactional
public boolean requireTwoFactorAuthentication(UUID identityId, UUID tokenId) {
    // check two factor authentication is enabled
    TwoFactorAuthenticationType twoFactorAuthenticationType = getTwoFactorAuthenticationType(identityId);
    if (twoFactorAuthenticationType == null) {
        return false;
    }
    // 
    IdmTokenDto token = tokenManager.getToken(tokenId);
    if (token.isSecretVerified()) {
        // token was already verified
        return false;
    }
    // 
    if (TwoFactorAuthenticationType.NOTIFICATION == twoFactorAuthenticationType) {
        IdmPasswordDto password = passwordService.findOneByIdentity(identityId);
        if (password == null) {
            throw new EntityNotFoundException(IdmIdentityDto.class, identityId);
        }
        sendVerificationCode(identityService.get(identityId), generateCode(new GuardedString(password.getVerificationSecret())));
    }
    // 
    return true;
}
Also used : IdmTokenDto(eu.bcvsolutions.idm.core.api.dto.IdmTokenDto) TwoFactorAuthenticationType(eu.bcvsolutions.idm.core.security.api.domain.TwoFactorAuthenticationType) IdmPasswordDto(eu.bcvsolutions.idm.core.api.dto.IdmPasswordDto) EntityNotFoundException(eu.bcvsolutions.idm.core.api.exception.EntityNotFoundException) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) Transactional(org.springframework.transaction.annotation.Transactional)

Example 25 with IdmPasswordDto

use of eu.bcvsolutions.idm.core.api.dto.IdmPasswordDto in project CzechIdMng by bcvsolutions.

the class PasswordExpiredTaskExecutorIntegrationTest method testSimpleMessageDry.

@Test
public void testSimpleMessageDry() {
    // prepare date
    IdmIdentityDto identity = getHelper().createIdentity();
    // 
    try {
        IdmPasswordDto password = passwordService.findOneByIdentity(identity.getId());
        password.setValidTill(LocalDate.now().minusDays(1));
        password = passwordService.save(password);
        // prepare task
        IdmScheduledTaskDto scheduledTask = scheduledTaskService.save(SchedulerTestUtils.createIdmScheduledTask(UUID.randomUUID().toString()));
        IdmLongRunningTaskDto longRunningTask = longRunningService.save(SchedulerTestUtils.createIdmLongRunningTask(scheduledTask, PasswordExpiredTaskExecutor.class));
        PasswordExpiredTaskExecutor executor = AutowireHelper.autowireBean(new PasswordExpiredTaskExecutor());
        executor.setLongRunningTaskId(longRunningTask.getId());
        executor.init(new HashMap<>());
        // first process
        Boolean result = executor.process();
        Page<IdmProcessedTaskItemDto> queueItems = itemService.findQueueItems(scheduledTask, null);
        Page<IdmProcessedTaskItemDto> logItems = itemService.findLogItems(longRunningTask, null);
        // first check
        Assert.assertTrue(result);
        Assert.assertTrue(executor.getCount() > 0);
        Assert.assertTrue(queueItems.getTotalElements() > 0);
        Assert.assertTrue(logItems.getTotalElements() > 0);
        Assert.assertTrue(logItems.getContent().stream().map(IdmProcessedTaskItemDto::getReferencedEntityId).anyMatch(password.getId()::equals));
        // second process
        longRunningTask = longRunningService.save(SchedulerTestUtils.createIdmLongRunningTask(scheduledTask, PasswordExpiredTaskExecutor.class));
        executor.setLongRunningTaskId(longRunningTask.getId());
        executor.init(new HashMap<>());
        result = executor.process();
        itemService.findQueueItems(scheduledTask, null);
        logItems = itemService.findLogItems(longRunningTask, null);
        // second check
        Assert.assertTrue(result);
        Assert.assertEquals(Long.valueOf(0), executor.getCount());
        Assert.assertTrue(queueItems.getTotalElements() > 0);
        Assert.assertEquals(0, logItems.getTotalElements());
    } finally {
        identityService.delete(identity);
    }
}
Also used : IdmLongRunningTaskDto(eu.bcvsolutions.idm.core.scheduler.api.dto.IdmLongRunningTaskDto) IdmScheduledTaskDto(eu.bcvsolutions.idm.core.scheduler.api.dto.IdmScheduledTaskDto) IdmPasswordDto(eu.bcvsolutions.idm.core.api.dto.IdmPasswordDto) IdmProcessedTaskItemDto(eu.bcvsolutions.idm.core.scheduler.api.dto.IdmProcessedTaskItemDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) Test(org.junit.Test) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)

Aggregations

IdmPasswordDto (eu.bcvsolutions.idm.core.api.dto.IdmPasswordDto)88 IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)71 Test (org.junit.Test)65 GuardedString (eu.bcvsolutions.idm.core.security.api.domain.GuardedString)53 AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)52 IdmPasswordPolicyDto (eu.bcvsolutions.idm.core.api.dto.IdmPasswordPolicyDto)28 PasswordChangeDto (eu.bcvsolutions.idm.core.api.dto.PasswordChangeDto)20 LoginDto (eu.bcvsolutions.idm.core.security.api.dto.LoginDto)19 ResultCodeException (eu.bcvsolutions.idm.core.api.exception.ResultCodeException)11 Transactional (org.springframework.transaction.annotation.Transactional)11 SysSystemDto (eu.bcvsolutions.idm.acc.dto.SysSystemDto)10 AbstractPasswordFilterIntegrationTest (eu.bcvsolutions.idm.acc.AbstractPasswordFilterIntegrationTest)9 IdmLongRunningTaskDto (eu.bcvsolutions.idm.core.scheduler.api.dto.IdmLongRunningTaskDto)9 IdmProcessedTaskItemDto (eu.bcvsolutions.idm.core.scheduler.api.dto.IdmProcessedTaskItemDto)9 IdmScheduledTaskDto (eu.bcvsolutions.idm.core.scheduler.api.dto.IdmScheduledTaskDto)9 ZonedDateTime (java.time.ZonedDateTime)9 UUID (java.util.UUID)9 IdmPasswordFilter (eu.bcvsolutions.idm.core.api.dto.filter.IdmPasswordFilter)8 IdmAuthenticationException (eu.bcvsolutions.idm.core.security.api.exception.IdmAuthenticationException)8 DefaultEventResult (eu.bcvsolutions.idm.core.api.event.DefaultEventResult)7
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial