Example 16 with IdmPasswordValidationDto
use of eu.bcvsolutions.idm.core.api.dto.IdmPasswordValidationDto in project CzechIdMng by bcvsolutions.
the class DefaultIdmPasswordPolicyIntegrationTest method testValidateBase.
@Test
public void testValidateBase() {
IdmPasswordPolicyDto policy = new IdmPasswordPolicyDto();
policy.setName("test_15");
policy.setType(IdmPasswordPolicyType.GENERATE);
policy.setGenerateType(IdmPasswordPolicyGenerateType.RANDOM);
policy.setMaxPasswordLength(5);
policy.setMinPasswordLength(1);
policy.setNumberBase("123");
policy.setMinNumber(3);
IdmPasswordValidationDto password = new IdmPasswordValidationDto();
try {
password.setPassword("123");
this.passwordPolicyService.validate(password, policy);
password.setPassword("1234");
this.passwordPolicyService.validate(password, policy);
password.setPassword("111");
this.passwordPolicyService.validate(password, policy);
} catch (Exception e) {
fail("Password base validation. " + policy);
}
try {
password.setPassword("124");
this.passwordPolicyService.validate(password, policy);
fail("Password base validation. " + policy);
} catch (Exception e) {
// nothing, success
}
try {
password.setPassword("456");
this.passwordPolicyService.validate(password, policy);
fail("Password base validation. " + policy);
} catch (Exception e) {
// nothing, success
}
}
Also used :
IdmPasswordPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmPasswordPolicyDto)
IdmPasswordValidationDto(eu.bcvsolutions.idm.core.api.dto.IdmPasswordValidationDto)
Test(org.junit.Test)
AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)
Example 17 with IdmPasswordValidationDto
use of eu.bcvsolutions.idm.core.api.dto.IdmPasswordValidationDto in project CzechIdMng by bcvsolutions.
the class AbstractIdentityPasswordValidateProcessor method process.
@Override
public EventResult<IdmIdentityDto> process(EntityEvent<IdmIdentityDto> event) {
IdmIdentityDto identity = event.getContent();
PasswordChangeDto passwordChangeDto = (PasswordChangeDto) event.getProperties().get(IdentityPasswordProcessor.PROPERTY_PASSWORD_CHANGE_DTO);
Assert.notNull(passwordChangeDto, "Password change dto is required.");
//
if (requiresOriginalPassword()) {
PasswordChangeType passwordChangeType = identityConfiguration.getPasswordChangeType();
if (passwordChangeType == PasswordChangeType.DISABLED) {
// check if isn't disable password change
throw new ResultCodeException(CoreResultCode.PASSWORD_CHANGE_DISABLED);
} else if (passwordChangeType == PasswordChangeType.ALL_ONLY && !passwordChangeDto.isAll()) {
// for all only must change also password for czechidm
throw new ResultCodeException(CoreResultCode.PASSWORD_CHANGE_ALL_ONLY);
}
// checkAccess(identity, IdentityBasePermission.PASSWORDCHANGE) is called before event publishing
if (identity.getId().equals(securityService.getCurrentId()) && identityConfiguration.isRequireOldPassword()) {
if (passwordChangeDto.getOldPassword() == null) {
throw new ResultCodeException(CoreResultCode.PASSWORD_CHANGE_CURRENT_FAILED_IDM);
}
// authentication trough chain
LoginDto loginDto = new LoginDto();
loginDto.setUsername(identity.getUsername());
loginDto.setPassword(passwordChangeDto.getOldPassword());
// password is changed => prevent to validate this flag again
loginDto.setSkipMustChange(true);
//
boolean successChainValidation = authenticationManager.validate(loginDto);
if (!successChainValidation) {
throw new ResultCodeException(CoreResultCode.PASSWORD_CHANGE_CURRENT_FAILED_IDM);
}
}
}
if (passwordChangeDto.isAll() || passwordChangeDto.isIdm()) {
// change identity's password
// validate password
IdmPasswordValidationDto passwordValidationDto = new IdmPasswordValidationDto();
// set old password for validation - valid till, from and history check
IdmPasswordDto oldPassword = this.passwordService.findOneByIdentity(identity.getId());
passwordValidationDto.setOldPassword(oldPassword == null ? null : oldPassword.getId());
passwordValidationDto.setPassword(passwordChangeDto.getNewPassword());
passwordValidationDto.setIdentity(identity);
this.passwordPolicyService.validate(passwordValidationDto);
}
return new DefaultEventResult<>(event, this);
}
Also used :
PasswordChangeType(eu.bcvsolutions.idm.core.api.domain.PasswordChangeType)
IdmPasswordValidationDto(eu.bcvsolutions.idm.core.api.dto.IdmPasswordValidationDto)
PasswordChangeDto(eu.bcvsolutions.idm.core.api.dto.PasswordChangeDto)
IdmPasswordDto(eu.bcvsolutions.idm.core.api.dto.IdmPasswordDto)
ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException)
DefaultEventResult(eu.bcvsolutions.idm.core.api.event.DefaultEventResult)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
LoginDto(eu.bcvsolutions.idm.core.security.api.dto.LoginDto)
Example 18 with IdmPasswordValidationDto
use of eu.bcvsolutions.idm.core.api.dto.IdmPasswordValidationDto in project CzechIdMng by bcvsolutions.
the class IdentityCreatePasswordValidateProcessor method process.
@Override
public EventResult<IdmIdentityDto> process(EntityEvent<IdmIdentityDto> event) {
GuardedString password = event.getContent().getPassword();
IdmIdentityDto identity = event.getContent();
// when create identity password can be null
if (password != null) {
IdmPasswordValidationDto passwordValidationDto = new IdmPasswordValidationDto();
passwordValidationDto.setPassword(password);
passwordValidationDto.setIdentity(identity);
// validate create new password by default password policy
this.passwordPolicyService.validate(passwordValidationDto);
}
return new DefaultEventResult<>(event, this);
}
Also used :
IdmPasswordValidationDto(eu.bcvsolutions.idm.core.api.dto.IdmPasswordValidationDto)
DefaultEventResult(eu.bcvsolutions.idm.core.api.event.DefaultEventResult)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
Example 19 with IdmPasswordValidationDto
use of eu.bcvsolutions.idm.core.api.dto.IdmPasswordValidationDto in project CzechIdMng by bcvsolutions.
the class DefaultIdmPasswordPolicyServiceIntegrationTest method testContainsUsername.
@Test
public void testContainsUsername() {
IdmIdentityDto identity = this.getHelper().createIdentity("John217", (GuardedString) null);
IdmPasswordPolicyDto policy = new IdmPasswordPolicyDto();
policy.setType(IdmPasswordPolicyType.VALIDATE);
policy.setEnchancedControl(true);
policy.setIdentityAttributeCheck(IdmIdentity_.username.getName().toUpperCase());
// Equals
IdmPasswordValidationDto validation = new IdmPasswordValidationDto();
validation.setIdentity(identity);
validation.setPassword(identity.getUsername());
try {
passwordPolicyService.validate(validation, policy);
fail("Password pass.");
} catch (ResultCodeException e) {
// Success
} catch (Exception e) {
fail(e.getMessage());
}
// Prefix with lower
validation.setPassword("123" + identity.getUsername().toLowerCase());
try {
passwordPolicyService.validate(validation, policy);
fail("Password pass.");
} catch (ResultCodeException e) {
// Success
} catch (Exception e) {
fail(e.getMessage());
}
// Suffix with upper
validation.setPassword(identity.getUsername().toUpperCase() + System.currentTimeMillis());
try {
passwordPolicyService.validate(validation, policy);
fail("Password pass.");
} catch (ResultCodeException e) {
// Success
} catch (Exception e) {
fail(e.getMessage());
}
// Suffix and prefix with accent
validation.setPassword("demojÓhn217" + System.currentTimeMillis());
try {
passwordPolicyService.validate(validation, policy);
fail("Password pass.");
} catch (ResultCodeException e) {
// Success
} catch (Exception e) {
fail(e.getMessage());
}
// Prefix with accent
validation.setPassword("demojÓhň217");
try {
passwordPolicyService.validate(validation, policy);
fail("Password pass.");
} catch (ResultCodeException e) {
// Success
} catch (Exception e) {
fail(e.getMessage());
}
// Success prefix
validation.setPassword("demojoh");
try {
passwordPolicyService.validate(validation, policy);
// Success
} catch (ResultCodeException e) {
fail("Password not pass.");
} catch (Exception e) {
fail(e.getMessage());
}
// Success suffix with accent
validation.setPassword("jóhdemo");
try {
passwordPolicyService.validate(validation, policy);
// Success
} catch (ResultCodeException e) {
fail("Password not pass.");
} catch (Exception e) {
fail(e.getMessage());
}
// Compound username
identity.setUsername("Dobromila-,Josefa_\tM.");
identityService.save(identity);
validation.setPassword("joseFadobrómílá");
try {
passwordPolicyService.validate(validation, policy);
fail("Password pass.");
} catch (ResultCodeException e) {
// Success
} catch (Exception e) {
fail(e.getMessage());
}
// Success compound username
validation.setPassword("josefmJeLidumil");
try {
passwordPolicyService.validate(validation, policy);
} catch (ResultCodeException e) {
fail("Password not pass.");
} catch (Exception e) {
fail(e.getMessage());
}
}
Also used :
IdmPasswordPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmPasswordPolicyDto)
IdmPasswordValidationDto(eu.bcvsolutions.idm.core.api.dto.IdmPasswordValidationDto)
ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException)
PasswordChangeException(eu.bcvsolutions.idm.core.api.exception.PasswordChangeException)
AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)
Test(org.junit.Test)
Example 20 with IdmPasswordValidationDto
use of eu.bcvsolutions.idm.core.api.dto.IdmPasswordValidationDto in project CzechIdMng by bcvsolutions.
the class DefaultIdmPasswordPolicyServiceIntegrationTest method testContainsEmail.
@Test
public void testContainsEmail() {
String email = "repa@example.tld";
IdmIdentityDto identity = this.getHelper().createIdentity((GuardedString) null);
identity.setEmail(email);
identity = identityService.save(identity);
IdmPasswordPolicyDto policy = new IdmPasswordPolicyDto();
policy.setType(IdmPasswordPolicyType.VALIDATE);
policy.setEnchancedControl(true);
policy.setIdentityAttributeCheck(IdmIdentity_.email.getName().toUpperCase());
// Equals
IdmPasswordValidationDto validation = new IdmPasswordValidationDto();
validation.setIdentity(identity);
validation.setPassword(email);
try {
passwordPolicyService.validate(validation, policy);
fail("Password pass.");
} catch (ResultCodeException e) {
// Success
} catch (Exception e) {
fail(e.getMessage());
}
// Prefix with lower
validation.setPassword("123" + email.toLowerCase());
try {
passwordPolicyService.validate(validation, policy);
fail("Password pass.");
} catch (ResultCodeException e) {
// Success
} catch (Exception e) {
fail(e.getMessage());
}
// Suffix with upper
validation.setPassword(email.toUpperCase() + System.currentTimeMillis());
try {
passwordPolicyService.validate(validation, policy);
fail("Password pass.");
} catch (ResultCodeException e) {
// Success
} catch (Exception e) {
fail(e.getMessage());
}
// Suffix and prefix with accent
validation.setPassword("demořěpá@example.tld" + System.currentTimeMillis());
try {
passwordPolicyService.validate(validation, policy);
fail("Password pass.");
} catch (ResultCodeException e) {
// Success
} catch (Exception e) {
fail(e.getMessage());
}
// Prefix with accent
validation.setPassword("demoŘĚPÁ@example");
try {
passwordPolicyService.validate(validation, policy);
// Success
} catch (ResultCodeException e) {
fail("Password pass.");
} catch (Exception e) {
fail(e.getMessage());
}
// Success prefix
validation.setPassword("demorepa@example.");
try {
passwordPolicyService.validate(validation, policy);
// Success
} catch (ResultCodeException e) {
fail("Password not pass.");
} catch (Exception e) {
fail(e.getMessage());
}
// Success suffix with accent
validation.setPassword("@example.tdldemo");
try {
passwordPolicyService.validate(validation, policy);
// Success
} catch (ResultCodeException e) {
fail("Password not pass.");
} catch (Exception e) {
fail(e.getMessage());
}
// Success suffix with accent
validation.setPassword("@");
try {
passwordPolicyService.validate(validation, policy);
// Success
} catch (ResultCodeException e) {
fail("Password not pass.");
} catch (Exception e) {
fail(e.getMessage());
}
}
Also used :
IdmPasswordPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmPasswordPolicyDto)
IdmPasswordValidationDto(eu.bcvsolutions.idm.core.api.dto.IdmPasswordValidationDto)
ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException)
PasswordChangeException(eu.bcvsolutions.idm.core.api.exception.PasswordChangeException)
AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)
Test(org.junit.Test)
Aggregations
IdmPasswordValidationDto (eu.bcvsolutions.idm.core.api.dto.IdmPasswordValidationDto)29
IdmPasswordPolicyDto (eu.bcvsolutions.idm.core.api.dto.IdmPasswordPolicyDto)27
AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)24
Test (org.junit.Test)24
ResultCodeException (eu.bcvsolutions.idm.core.api.exception.ResultCodeException)18
PasswordChangeException (eu.bcvsolutions.idm.core.api.exception.PasswordChangeException)15
IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)14
GuardedString (eu.bcvsolutions.idm.core.security.api.domain.GuardedString)7
IdmPasswordDto (eu.bcvsolutions.idm.core.api.dto.IdmPasswordDto)5
PasswordChangeDto (eu.bcvsolutions.idm.core.api.dto.PasswordChangeDto)5
DefaultEventResult (eu.bcvsolutions.idm.core.api.event.DefaultEventResult)4
IdmPasswordPolicyType (eu.bcvsolutions.idm.core.api.domain.IdmPasswordPolicyType)2
PasswordChangeType (eu.bcvsolutions.idm.core.api.domain.PasswordChangeType)2
IdentityProcessor (eu.bcvsolutions.idm.core.api.event.processor.IdentityProcessor)2
IdmPasswordPolicyService (eu.bcvsolutions.idm.core.api.service.IdmPasswordPolicyService)2
ImmutableMap (com.google.common.collect.ImmutableMap)1
Lists (com.google.common.collect.Lists)1
AccModuleDescriptor (eu.bcvsolutions.idm.acc.AccModuleDescriptor)1
PasswordFilterEncoderConfiguration (eu.bcvsolutions.idm.acc.config.domain.PasswordFilterEncoderConfiguration)1
AccResultCode (eu.bcvsolutions.idm.acc.domain.AccResultCode)1
