Examples with IdmPasswordValidationDto eu.bcvsolutions.idm.core.api.dto.IdmPasswordValidationDto used on opensource projects

Search in sources :

Example 11 with IdmPasswordValidationDto

use of eu.bcvsolutions.idm.core.api.dto.IdmPasswordValidationDto in project CzechIdMng by bcvsolutions.

the class DefaultIdmPasswordPolicyServiceIntegrationTest method testMinCharacterCountExplicitlySetZero.

@Test
public void testMinCharacterCountExplicitlySetZero() {
    IdmPasswordPolicyDto policy = new IdmPasswordPolicyDto();
    policy.setName("test_20");
    policy.setType(IdmPasswordPolicyType.VALIDATE);
    policy.setMinPasswordLength(0);
    policy.setMinNumber(0);
    policy.setMinLowerChar(0);
    policy.setMinSpecialChar(0);
    policy.setMinUpperChar(0);
    IdmPasswordValidationDto password = new IdmPasswordValidationDto();
    try {
        password.setPassword("asdfg12345###");
        this.passwordPolicyService.validate(password, policy);
        password.setPassword("");
        this.passwordPolicyService.validate(password, policy);
        password.setPassword("123456@#$%^&*ASDFGHJK");
        this.passwordPolicyService.validate(password, policy);
    } catch (Exception e) {
    // nothing, success
    }
}
Also used : IdmPasswordPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmPasswordPolicyDto) IdmPasswordValidationDto(eu.bcvsolutions.idm.core.api.dto.IdmPasswordValidationDto) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) PasswordChangeException(eu.bcvsolutions.idm.core.api.exception.PasswordChangeException) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 12 with IdmPasswordValidationDto

use of eu.bcvsolutions.idm.core.api.dto.IdmPasswordValidationDto in project CzechIdMng by bcvsolutions.

the class DefaultIdmPasswordPolicyServiceIntegrationTest method testContainsCombination.

@Test
public void testContainsCombination() {
    String firstName = "DěmÓ";
    String lastName = "Těšť";
    String username = "ExámplÉ";
    IdmIdentityDto identity = this.getHelper().createIdentity((GuardedString) null);
    identity.setFirstName(firstName);
    identity.setUsername(username);
    identity.setLastName(lastName);
    identity = identityService.save(identity);
    IdmPasswordPolicyDto policy = new IdmPasswordPolicyDto();
    policy.setType(IdmPasswordPolicyType.VALIDATE);
    policy.setEnchancedControl(true);
    policy.setIdentityAttributeCheck(IdmIdentity_.firstName.getName().toUpperCase() + ", " + IdmIdentity_.username.getName().toUpperCase());
    // Equals
    IdmPasswordValidationDto validation = new IdmPasswordValidationDto();
    validation.setIdentity(identity);
    validation.setPassword(firstName);
    try {
        passwordPolicyService.validate(validation, policy);
        fail("Password pass.");
    } catch (ResultCodeException e) {
    // Success
    } catch (Exception e) {
        fail(e.getMessage());
    }
    // Equals
    validation.setPassword(username);
    try {
        passwordPolicyService.validate(validation, policy);
        fail("Password pass.");
    } catch (ResultCodeException e) {
    // Success
    } catch (Exception e) {
        fail(e.getMessage());
    }
    // Equals with not controlled
    validation.setPassword(lastName);
    try {
        passwordPolicyService.validate(validation, policy);
    // Success
    } catch (ResultCodeException e) {
        fail("Password not pass.");
    } catch (Exception e) {
        fail(e.getMessage());
    }
}
Also used : IdmPasswordPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmPasswordPolicyDto) IdmPasswordValidationDto(eu.bcvsolutions.idm.core.api.dto.IdmPasswordValidationDto) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) PasswordChangeException(eu.bcvsolutions.idm.core.api.exception.PasswordChangeException) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 13 with IdmPasswordValidationDto

use of eu.bcvsolutions.idm.core.api.dto.IdmPasswordValidationDto in project CzechIdMng by bcvsolutions.

the class IdentityPasswordValidateProcessor method process.

@Override
public EventResult<IdmIdentityDto> process(EntityEvent<IdmIdentityDto> event) {
    PasswordChangeDto passwordChangeDto = (PasswordChangeDto) event.getProperties().get(IdentityPasswordProcessor.PROPERTY_PASSWORD_CHANGE_DTO);
    IdmIdentityDto identity = event.getContent();
    // 
    Assert.notNull(passwordChangeDto, "Password change dto is required.");
    Assert.notNull(identity, "Identity is required.");
    // 
    LOG.debug("Call validate password for systems and default password policy for identity username [{}]", event.getContent().getUsername());
    // 
    List<IdmPasswordPolicyDto> passwordPolicyList = validateDefinition(identity, passwordChangeDto);
    // 
    // Find user accounts
    AccIdentityAccountFilter filter = new AccIdentityAccountFilter();
    filter.setIdentityId(identity.getId());
    List<AccIdentityAccountDto> identityAccounts = identityAccountService.find(filter, null).getContent();
    // 
    if (!securityService.isAdmin()) {
        // check accounts and property all_only
        PasswordChangeType passwordChangeType = identityConfiguration.getPasswordChangeType();
        if (passwordChangeType == PasswordChangeType.ALL_ONLY) {
            // get distinct account ids from identity accounts
            List<String> accountIds = identityAccounts.stream().filter(identityAccount -> {
                // filter by ownership
                return (identityAccount.isOwnership());
            }).map(AccIdentityAccountDto::getAccount).map(UUID::toString).collect(Collectors.toList());
            // 
            if (!accountIds.isEmpty() && !passwordChangeDto.getAccounts().isEmpty()) {
                // size of the found accounts must match the account size in the password change - ALL_ONLY
                boolean containsAll = accountIds.size() == passwordChangeDto.getAccounts().size();
                if (!containsAll) {
                    throw new ResultCodeException(CoreResultCode.PASSWORD_CHANGE_ALL_ONLY);
                }
            }
        }
    }
    // 
    // validate
    IdmPasswordValidationDto passwordValidationDto = new IdmPasswordValidationDto();
    // get old password for validation - till, from and password history
    IdmPasswordDto oldPassword = this.passwordService.findOneByIdentity(identity.getId());
    passwordValidationDto.setOldPassword(oldPassword == null ? null : oldPassword.getId());
    passwordValidationDto.setIdentity(identity);
    passwordValidationDto.setPassword(passwordChangeDto.getNewPassword());
    this.passwordPolicyService.validate(passwordValidationDto, passwordPolicyList);
    // 
    return new DefaultEventResult<>(event, this);
}
Also used : IdmPasswordPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmPasswordPolicyDto) ProvisioningEvent(eu.bcvsolutions.idm.acc.event.ProvisioningEvent) Autowired(org.springframework.beans.factory.annotation.Autowired) Enabled(eu.bcvsolutions.idm.core.security.api.domain.Enabled) CoreEventProcessor(eu.bcvsolutions.idm.core.api.event.CoreEventProcessor) IdmPasswordDto(eu.bcvsolutions.idm.core.api.dto.IdmPasswordDto) IdmPasswordService(eu.bcvsolutions.idm.core.api.service.IdmPasswordService) SecurityService(eu.bcvsolutions.idm.core.security.api.service.SecurityService) ArrayList(java.util.ArrayList) IdmPasswordValidationDto(eu.bcvsolutions.idm.core.api.dto.IdmPasswordValidationDto) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) DefaultEventResult(eu.bcvsolutions.idm.core.api.event.DefaultEventResult) IdentityEventType(eu.bcvsolutions.idm.core.model.event.IdentityEvent.IdentityEventType) EventResult(eu.bcvsolutions.idm.core.api.event.EventResult) IdentityProcessor(eu.bcvsolutions.idm.core.api.event.processor.IdentityProcessor) EntityEvent(eu.bcvsolutions.idm.core.api.event.EntityEvent) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) Description(org.springframework.context.annotation.Description) AccModuleDescriptor(eu.bcvsolutions.idm.acc.AccModuleDescriptor) PasswordChangeType(eu.bcvsolutions.idm.core.api.domain.PasswordChangeType) AccIdentityAccountRepository(eu.bcvsolutions.idm.acc.repository.AccIdentityAccountRepository) IdmPasswordPolicyType(eu.bcvsolutions.idm.core.api.domain.IdmPasswordPolicyType) IdentityPasswordProcessor(eu.bcvsolutions.idm.core.model.event.processor.identity.IdentityPasswordProcessor) AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) UUID(java.util.UUID) Collectors(java.util.stream.Collectors) List(java.util.List) Component(org.springframework.stereotype.Component) IdmPasswordPolicy(eu.bcvsolutions.idm.core.model.entity.IdmPasswordPolicy) CoreResultCode(eu.bcvsolutions.idm.core.api.domain.CoreResultCode) AccIdentityAccountService(eu.bcvsolutions.idm.acc.service.api.AccIdentityAccountService) IdentityConfiguration(eu.bcvsolutions.idm.core.api.config.domain.IdentityConfiguration) PasswordChangeDto(eu.bcvsolutions.idm.core.api.dto.PasswordChangeDto) Assert(org.springframework.util.Assert) IdmPasswordPolicyService(eu.bcvsolutions.idm.core.api.service.IdmPasswordPolicyService) PasswordChangeType(eu.bcvsolutions.idm.core.api.domain.PasswordChangeType) PasswordChangeDto(eu.bcvsolutions.idm.core.api.dto.PasswordChangeDto) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) IdmPasswordPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmPasswordPolicyDto) IdmPasswordValidationDto(eu.bcvsolutions.idm.core.api.dto.IdmPasswordValidationDto) IdmPasswordDto(eu.bcvsolutions.idm.core.api.dto.IdmPasswordDto) AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) DefaultEventResult(eu.bcvsolutions.idm.core.api.event.DefaultEventResult) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)

Example 14 with IdmPasswordValidationDto

use of eu.bcvsolutions.idm.core.api.dto.IdmPasswordValidationDto in project CzechIdMng by bcvsolutions.

the class DefaultIdmPasswordPolicyIntegrationTest method testValidationProhibitedChars.

@Test
public void testValidationProhibitedChars() {
    IdmPasswordPolicyDto policy = new IdmPasswordPolicyDto();
    policy.setName("test_14");
    policy.setType(IdmPasswordPolicyType.GENERATE);
    policy.setGenerateType(IdmPasswordPolicyGenerateType.RANDOM);
    policy.setMaxPasswordLength(5);
    policy.setMinPasswordLength(1);
    policy.setProhibitedCharacters("12abcDEF!@");
    IdmPasswordValidationDto password = new IdmPasswordValidationDto();
    try {
        password.setPassword("test");
        this.passwordPolicyService.validate(password, policy);
        password.setPassword("ABde");
        this.passwordPolicyService.validate(password, policy);
    } catch (Exception e) {
        fail("Password validate prohibited characters. " + policy);
    }
    try {
        password.setPassword("tEst");
        this.passwordPolicyService.validate(password, policy);
        fail("Password validate prohibited characters. " + policy);
    } catch (Exception e) {
    // nothing, success
    }
    try {
        password.setPassword("eddD");
        this.passwordPolicyService.validate(password, policy);
        fail("Password validate prohibited characters. " + policy);
    } catch (Exception e) {
    // nothing, success
    }
    try {
        password.setPassword("5416");
        this.passwordPolicyService.validate(password, policy);
        fail("Password validate prohibited characters. " + policy);
    } catch (Exception e) {
    // nothing, success
    }
    try {
        password.setPassword("test!");
        this.passwordPolicyService.validate(password, policy);
        fail("Password validate prohibited characters. " + policy);
    } catch (Exception e) {
    // nothing, success
    }
}
Also used : IdmPasswordPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmPasswordPolicyDto) IdmPasswordValidationDto(eu.bcvsolutions.idm.core.api.dto.IdmPasswordValidationDto) Test(org.junit.Test) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)

Example 15 with IdmPasswordValidationDto

use of eu.bcvsolutions.idm.core.api.dto.IdmPasswordValidationDto in project CzechIdMng by bcvsolutions.

the class DefaultIdmPasswordPolicyIntegrationTest method testValidateSpecialChar.

@Test
public void testValidateSpecialChar() {
    IdmPasswordPolicyDto policy = new IdmPasswordPolicyDto();
    policy.setName("test_13");
    policy.setType(IdmPasswordPolicyType.GENERATE);
    policy.setGenerateType(IdmPasswordPolicyGenerateType.RANDOM);
    policy.setMaxPasswordLength(3);
    policy.setMinPasswordLength(1);
    policy.setMinSpecialChar(2);
    IdmPasswordValidationDto password = new IdmPasswordValidationDto();
    try {
        password.setPassword("!@");
        this.passwordPolicyService.validate(password, policy);
        password.setPassword("!@#");
        this.passwordPolicyService.validate(password, policy);
        password.setPassword("!@a");
        this.passwordPolicyService.validate(password, policy);
    } catch (Exception e) {
        fail("Password validation special chars. " + e.getMessage());
    }
    try {
        password.setPassword("!");
        this.passwordPolicyService.validate(password, policy);
        fail("Password validation special chars. " + policy);
    } catch (Exception e) {
    // nothing, success
    }
    try {
        password.setPassword("!@#$");
        this.passwordPolicyService.validate(password, policy);
        fail("Password validation special chars. " + policy);
    } catch (Exception e) {
    // nothing, success
    }
    try {
        password.setPassword("test");
        this.passwordPolicyService.validate(password, policy);
        fail("Password validation special chars. " + policy);
    } catch (Exception e) {
    // nothing, success
    }
}
Also used : IdmPasswordPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmPasswordPolicyDto) IdmPasswordValidationDto(eu.bcvsolutions.idm.core.api.dto.IdmPasswordValidationDto) Test(org.junit.Test) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)

Aggregations

IdmPasswordValidationDto (eu.bcvsolutions.idm.core.api.dto.IdmPasswordValidationDto)29 IdmPasswordPolicyDto (eu.bcvsolutions.idm.core.api.dto.IdmPasswordPolicyDto)27 AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)24 Test (org.junit.Test)24 ResultCodeException (eu.bcvsolutions.idm.core.api.exception.ResultCodeException)18 PasswordChangeException (eu.bcvsolutions.idm.core.api.exception.PasswordChangeException)15 IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)14 GuardedString (eu.bcvsolutions.idm.core.security.api.domain.GuardedString)7 IdmPasswordDto (eu.bcvsolutions.idm.core.api.dto.IdmPasswordDto)5 PasswordChangeDto (eu.bcvsolutions.idm.core.api.dto.PasswordChangeDto)5 DefaultEventResult (eu.bcvsolutions.idm.core.api.event.DefaultEventResult)4 IdmPasswordPolicyType (eu.bcvsolutions.idm.core.api.domain.IdmPasswordPolicyType)2 PasswordChangeType (eu.bcvsolutions.idm.core.api.domain.PasswordChangeType)2 IdentityProcessor (eu.bcvsolutions.idm.core.api.event.processor.IdentityProcessor)2 IdmPasswordPolicyService (eu.bcvsolutions.idm.core.api.service.IdmPasswordPolicyService)2 ImmutableMap (com.google.common.collect.ImmutableMap)1 Lists (com.google.common.collect.Lists)1 AccModuleDescriptor (eu.bcvsolutions.idm.acc.AccModuleDescriptor)1 PasswordFilterEncoderConfiguration (eu.bcvsolutions.idm.acc.config.domain.PasswordFilterEncoderConfiguration)1 AccResultCode (eu.bcvsolutions.idm.acc.domain.AccResultCode)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial