Examples with IdmPasswordDto eu.bcvsolutions.idm.core.api.dto.IdmPasswordDto used on opensource projects

Example 41 with IdmPasswordDto

use of eu.bcvsolutions.idm.core.api.dto.IdmPasswordDto in project CzechIdMng by bcvsolutions.

the class DefaultIdmIdentityService method applyContext.

@Override
protected IdmIdentityDto applyContext(IdmIdentityDto identity, IdmIdentityFilter context, BasePermission... permission) {
    identity = super.applyContext(identity, context, permission);
    // not found
    if (identity == null || context == null) {
        return identity;
    }
    // load password metadata
    if (context.isAddPasswordMetadata()) {
        IdmPasswordDto password = passwordService.findOneByIdentity(identity.getId());
        if (password != null) {
            password.setVerificationSecret(null);
            password.setPassword(null);
            // 
            identity.setPasswordMetadata(password);
            ZonedDateTime blockLoginDate = password.getBlockLoginDate();
            if (blockLoginDate != null && blockLoginDate.isAfter(ZonedDateTime.now())) {
                identity.setBlockLoginDate(blockLoginDate);
            }
        }
    }
    return identity;
}

Example 42 with IdmPasswordDto

use of eu.bcvsolutions.idm.core.api.dto.IdmPasswordDto in project CzechIdMng by bcvsolutions.

the class DefaultIdmPasswordService method increaseUnsuccessfulAttempts.

@Override
public void increaseUnsuccessfulAttempts(String username) {
    IdmPasswordDto passwordDto = getPasswordByIdentityUsername(username);
    if (passwordDto != null) {
        passwordDto.increaseUnsuccessfulAttempts();
        passwordDto = save(passwordDto);
    }
}

Example 43 with IdmPasswordDto

use of eu.bcvsolutions.idm.core.api.dto.IdmPasswordDto in project CzechIdMng by bcvsolutions.

the class PasswordExpirationWarningIntegrationTest method testNotSendWarningMessageToDisabledIdentity.

@Test
public void testNotSendWarningMessageToDisabledIdentity() {
    // prepare date
    IdmIdentityDto identity = helper.createIdentity();
    // 
    try {
        IdmPasswordDto password = passwordService.findOneByIdentity(identity.getId());
        password.setValidTill(new LocalDate().plusDays(1));
        passwordService.save(password);
        // disable identity
        identity.setDisabled(true);
        identityService.save(identity);
        // prepare task
        IdmScheduledTaskDto scheduledTask = scheduledTaskService.save(SchedulerTestUtils.createIdmScheduledTask(UUID.randomUUID().toString()));
        IdmLongRunningTaskDto longRunningTask = longRunningService.save(SchedulerTestUtils.createIdmLongRunningTask(scheduledTask, PasswordExpirationWarningTaskExecutor.class));
        PasswordExpirationWarningTaskExecutor executor = AutowireHelper.autowireBean(new PasswordExpirationWarningTaskExecutor());
        executor.setLongRunningTaskId(longRunningTask.getId());
        executor.init(ImmutableMap.of(PasswordExpirationWarningTaskExecutor.PARAMETER_DAYS_BEFORE, "2"));
        // first process
        Boolean result = executor.process();
        Page<IdmProcessedTaskItemDto> logItems = itemService.findLogItems(longRunningTask, null);
        // check
        Assert.assertTrue(result);
        Assert.assertFalse(logItems.getContent().stream().map(IdmProcessedTaskItemDto::getReferencedEntityId).anyMatch(password.getId()::equals));
    } finally {
        identityService.delete(identity);
    }
}

Example 44 with IdmPasswordDto

use of eu.bcvsolutions.idm.core.api.dto.IdmPasswordDto in project CzechIdMng by bcvsolutions.

the class PasswordExpiredIntegrationTest method testSimpleWarningMessageDry.

@Test
public void testSimpleWarningMessageDry() {
    // prepare date
    IdmIdentityDto identity = helper.createIdentity();
    // 
    try {
        IdmPasswordDto password = passwordService.findOneByIdentity(identity.getId());
        password.setValidTill(new LocalDate().minusDays(1));
        passwordService.save(password);
        // prepare task
        IdmScheduledTaskDto scheduledTask = scheduledTaskService.save(SchedulerTestUtils.createIdmScheduledTask(UUID.randomUUID().toString()));
        IdmLongRunningTaskDto longRunningTask = longRunningService.save(SchedulerTestUtils.createIdmLongRunningTask(scheduledTask, PasswordExpiredTaskExecutor.class));
        PasswordExpiredTaskExecutor executor = AutowireHelper.autowireBean(new PasswordExpiredTaskExecutor());
        executor.setLongRunningTaskId(longRunningTask.getId());
        executor.init(ImmutableMap.of(PasswordExpirationWarningTaskExecutor.PARAMETER_DAYS_BEFORE, "2"));
        // first process
        Boolean result = executor.process();
        Page<IdmProcessedTaskItemDto> queueItems = itemService.findQueueItems(scheduledTask, null);
        Page<IdmProcessedTaskItemDto> logItems = itemService.findLogItems(longRunningTask, null);
        // first check
        Assert.assertTrue(result);
        Assert.assertTrue(executor.getCount() > 0);
        Assert.assertTrue(queueItems.getTotalElements() > 0);
        Assert.assertTrue(logItems.getTotalElements() > 0);
        Assert.assertTrue(logItems.getContent().stream().map(IdmProcessedTaskItemDto::getReferencedEntityId).anyMatch(password.getId()::equals));
        // second process
        longRunningTask = longRunningService.save(SchedulerTestUtils.createIdmLongRunningTask(scheduledTask, PasswordExpiredTaskExecutor.class));
        executor.setLongRunningTaskId(longRunningTask.getId());
        executor.init(new HashMap<>());
        result = executor.process();
        itemService.findQueueItems(scheduledTask, null);
        logItems = itemService.findLogItems(longRunningTask, null);
        // second check
        Assert.assertTrue(result);
        Assert.assertEquals(Long.valueOf(0), executor.getCount());
        Assert.assertTrue(queueItems.getTotalElements() > 0);
        Assert.assertEquals(0, logItems.getTotalElements());
    } finally {
        identityService.delete(identity);
    }
}

Example 45 with IdmPasswordDto

use of eu.bcvsolutions.idm.core.api.dto.IdmPasswordDto in project CzechIdMng by bcvsolutions.

the class LoginControllerRestTest method testMustChangePasswordAfterTwoFactorLogin.

@Test
public void testMustChangePasswordAfterTwoFactorLogin() throws Exception {
    IdmIdentityDto identity = getHelper().createIdentity();
    IdmProfileDto profile = getHelper().createProfile(identity);
    IdmRoleDto role = getHelper().createRole();
    getHelper().createIdentityRole(identity, role);
    getHelper().createBasePolicy(role.getId(), CoreGroupPermission.IDENTITY, IdmIdentity.class, IdmBasePermission.READ);
    // login
    Map<String, String> login = new HashMap<>();
    login.put("username", identity.getUsername());
    login.put("password", identity.getPassword().asString());
    String response = getMockMvc().perform(post(BaseController.BASE_PATH + LoginController.AUTH_PATH).content(serialize(login)).contentType(TestHelper.HAL_CONTENT_TYPE)).andExpect(status().isOk()).andExpect(content().contentType(TestHelper.HAL_CONTENT_TYPE)).andReturn().getResponse().getContentAsString();
    String token = getToken(response);
    // 
    // init two factor authentication by profile controller
    response = getMockMvc().perform(put(BaseController.BASE_PATH + "/profiles/" + profile.getId() + "/two-factor/init").param(IdmAuthenticationFilter.AUTHENTICATION_TOKEN_NAME, token).param("twoFactorAuthenticationType", TwoFactorAuthenticationType.APPLICATION.name()).contentType(TestHelper.HAL_CONTENT_TYPE)).andExpect(status().isOk()).andExpect(content().contentType(TestHelper.HAL_CONTENT_TYPE)).andReturn().getResponse().getContentAsString();
    TwoFactorRegistrationResponseDto twoFactorInit = getMapper().readValue(response, TwoFactorRegistrationResponseDto.class);
    Assert.assertNotNull(twoFactorInit);
    Assert.assertNotNull(twoFactorInit.getVerificationSecret());
    // 
    // confirm two factor authentication by profile controller
    Map<String, String> twoFactorConfirm = new HashMap<>();
    twoFactorConfirm.put("verificationCode", twoFactorAuthenticationManager.generateCode(new GuardedString(twoFactorInit.getVerificationSecret())).asString());
    twoFactorConfirm.put("verificationSecret", twoFactorInit.getVerificationSecret());
    twoFactorConfirm.put("twoFactorAuthenticationType", TwoFactorAuthenticationType.APPLICATION.name());
    response = getMockMvc().perform(put(BaseController.BASE_PATH + "/profiles/" + profile.getId() + "/two-factor/confirm").param(IdmAuthenticationFilter.AUTHENTICATION_TOKEN_NAME, token).content(serialize(twoFactorConfirm)).contentType(TestHelper.HAL_CONTENT_TYPE)).andExpect(status().isOk()).andExpect(content().contentType(TestHelper.HAL_CONTENT_TYPE)).andReturn().getResponse().getContentAsString();
    IdmProfileDto updatedProfile = getMapper().readValue(response, IdmProfileDto.class);
    Assert.assertNotNull(updatedProfile);
    Assert.assertEquals(TwoFactorAuthenticationType.APPLICATION, updatedProfile.getTwoFactorAuthenticationType());
    // 
    // set password must change
    IdmPasswordDto password = getHelper().getPassword(identity);
    password.setMustChange(true);
    passwordService.save(password);
    // 
    // login as identity again
    response = getMockMvc().perform(post(BaseController.BASE_PATH + LoginController.AUTH_PATH).content(serialize(login)).contentType(TestHelper.HAL_CONTENT_TYPE)).andExpect(status().isUnauthorized()).andReturn().getResponse().getContentAsString();
    // 
    // get token form response
    token = getMapper().readTree(response).get("_errors").get(0).get("parameters").get("token").asText();
    Assert.assertNotNull(token);
    // 
    // two factor authentication
    Map<String, String> twoFactorLogin = new HashMap<>();
    GuardedString generateCode = twoFactorAuthenticationManager.generateCode(identity.getId());
    Assert.assertTrue(twoFactorAuthenticationManager.verifyCode(identity.getId(), generateCode));
    twoFactorLogin.put("verificationCode", generateCode.asString());
    twoFactorLogin.put("token", token);
    getMockMvc().perform(post(BaseController.BASE_PATH + "/authentication/two-factor").content(serialize(twoFactorLogin)).contentType(TestHelper.HAL_CONTENT_TYPE)).andExpect(status().isUnauthorized());
}