Search in sources :

Example 6 with IdmProfileDto

use of eu.bcvsolutions.idm.core.api.dto.IdmProfileDto in project CzechIdMng by bcvsolutions.

the class DefaultTwoFactorAuthenticationManager method confirm.

@Override
@Transactional
public boolean confirm(UUID identityId, TwoFactorRegistrationConfirmDto registrationConfirm) {
    Assert.notNull(identityId, "Identity identifier is required.");
    Assert.notNull(registrationConfirm, "Two factor confirm request is required.");
    // 
    // support two factor authentication, even when identity is not authenticated by IdM (secret is required to persist only)
    IdmPasswordDto password = passwordService.findOrCreateByIdentity(identityId);
    if (password == null) {
        throw new EntityNotFoundException(IdmIdentityDto.class, identityId);
    }
    // 
    GuardedString verificationSecret = registrationConfirm.getVerificationSecret();
    GuardedString verificationCode = registrationConfirm.getVerificationCode();
    // 
    if (!verifyCode(verificationSecret, verificationCode)) {
        throw new ResultCodeException(CoreResultCode.TWO_FACTOR_VERIFICATION_CODE_FAILED);
    }
    // 
    password.setVerificationSecret(verificationSecret.asString());
    passwordService.save(password);
    // 
    IdmProfileDto profile = profileService.findOrCreateByIdentity(identityId);
    profile.setTwoFactorAuthenticationType(registrationConfirm.getTwoFactorAuthenticationType());
    profileService.save(profile);
    // 
    return true;
}
Also used : IdmProfileDto(eu.bcvsolutions.idm.core.api.dto.IdmProfileDto) IdmPasswordDto(eu.bcvsolutions.idm.core.api.dto.IdmPasswordDto) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) EntityNotFoundException(eu.bcvsolutions.idm.core.api.exception.EntityNotFoundException) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) Transactional(org.springframework.transaction.annotation.Transactional)

Example 7 with IdmProfileDto

use of eu.bcvsolutions.idm.core.api.dto.IdmProfileDto in project CzechIdMng by bcvsolutions.

the class SelfProfileEvaluatorIntegrationTest method testPolicy.

@Test
public void testPolicy() {
    IdmIdentityDto identity = getHelper().createIdentity();
    IdmIdentityDto identityOther = getHelper().createIdentity();
    IdmRoleDto role = getHelper().createRole();
    getHelper().createIdentityRole(identity, role);
    // 
    List<IdmProfileDto> profiles = null;
    IdmProfileDto profile = getHelper().createProfile(identity);
    // other
    getHelper().createProfile(identityOther);
    // check created identity doesn't have compositions
    try {
        getHelper().login(identity);
        profiles = service.find(null, IdmBasePermission.READ).getContent();
        Assert.assertTrue(profiles.isEmpty());
    } finally {
        logout();
    }
    // 
    // create authorization policy - assign to role
    getHelper().createAuthorizationPolicy(role.getId(), CoreGroupPermission.PROFILE, IdmProfile.class, SelfProfileEvaluator.class, IdmBasePermission.READ);
    // 
    try {
        getHelper().login(identity);
        // 
        // evaluate	access
        profiles = service.find(null, IdmBasePermission.READ).getContent();
        Assert.assertEquals(1, profiles.size());
        Assert.assertEquals(profile.getId(), profiles.get(0).getId());
        // 
        Set<String> permissions = service.getPermissions(profile);
        Assert.assertEquals(1, permissions.size());
        Assert.assertEquals(IdmBasePermission.READ.name(), permissions.iterator().next());
    } finally {
        logout();
    }
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmProfileDto(eu.bcvsolutions.idm.core.api.dto.IdmProfileDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) Test(org.junit.Test) AbstractEvaluatorIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractEvaluatorIntegrationTest)

Example 8 with IdmProfileDto

use of eu.bcvsolutions.idm.core.api.dto.IdmProfileDto in project CzechIdMng by bcvsolutions.

the class IdmProfileControllerRestTest method prepareDto.

@Override
protected IdmProfileDto prepareDto() {
    IdmIdentityDto owner = getHelper().createIdentity((GuardedString) null);
    IdmProfileDto dto = new IdmProfileDto();
    dto.setIdentity(owner.getId());
    return dto;
}
Also used : IdmProfileDto(eu.bcvsolutions.idm.core.api.dto.IdmProfileDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)

Example 9 with IdmProfileDto

use of eu.bcvsolutions.idm.core.api.dto.IdmProfileDto in project CzechIdMng by bcvsolutions.

the class IdmProfileControllerRestTest method testFindByIdentity.

@Test
public void testFindByIdentity() {
    IdmIdentityDto owner = getHelper().createIdentity((GuardedString) null);
    IdmProfileDto profileOne = prepareDto();
    profileOne.setIdentity(owner.getId());
    profileOne = createDto(profileOne);
    // other
    createDto();
    // other
    createDto();
    IdmProfileFilter filter = new IdmProfileFilter();
    filter.setIdentityId(owner.getId());
    List<IdmProfileDto> results = find(filter);
    // 
    Assert.assertEquals(1, results.size());
    Assert.assertEquals(profileOne, results.get(0));
}
Also used : IdmProfileDto(eu.bcvsolutions.idm.core.api.dto.IdmProfileDto) IdmProfileFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmProfileFilter) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) Test(org.junit.Test) AbstractReadWriteDtoControllerRestTest(eu.bcvsolutions.idm.core.api.rest.AbstractReadWriteDtoControllerRestTest)

Example 10 with IdmProfileDto

use of eu.bcvsolutions.idm.core.api.dto.IdmProfileDto in project CzechIdMng by bcvsolutions.

the class IdmIdentityControllerRestTest method testProfile.

@Test
public void testProfile() throws UnsupportedEncodingException, IOException, Exception {
    IdmIdentityDto owner = getHelper().createIdentity((GuardedString) null);
    // 
    // profile image
    getMockMvc().perform(MockMvcRequestBuilders.get(getDetailUrl(owner.getId()) + "/profile").with(authentication(getAdminAuthentication()))).andExpect(status().isNoContent());
    getMockMvc().perform(MockMvcRequestBuilders.get(getDetailUrl(owner.getId()) + "/profile/image").with(authentication(getAdminAuthentication()))).andExpect(status().isNoContent());
    // 
    String fileName = "file.png";
    String content = "some image";
    String response = getMockMvc().perform(MockMvcRequestBuilders.multipart(getDetailUrl(owner.getId()) + "/profile/image").file(new MockMultipartFile("data", fileName, "image/png", IOUtils.toByteArray(IOUtils.toInputStream(content)))).param("fileName", fileName).with(authentication(getAdminAuthentication()))).andExpect(status().isOk()).andExpect(content().contentType(TestHelper.HAL_CONTENT_TYPE)).andReturn().getResponse().getContentAsString();
    IdmProfileDto createdProfile = (IdmProfileDto) getMapper().readValue(response, IdmProfileDto.class);
    // 
    Assert.assertNotNull(createdProfile);
    Assert.assertNotNull(createdProfile.getId());
    Assert.assertNotNull(createdProfile.getImage());
    IdmAttachmentDto image = attachmentManager.get(createdProfile.getImage());
    Assert.assertEquals(content.length(), image.getFilesize().intValue());
    Assert.assertEquals(createdProfile.getId(), image.getOwnerId());
    Assert.assertEquals(attachmentManager.getOwnerType(createdProfile), image.getOwnerType());
    Assert.assertEquals(fileName, image.getName());
    InputStream is = attachmentManager.getAttachmentData(image.getId());
    try {
        Assert.assertEquals(content, IOUtils.toString(is));
    } finally {
        IOUtils.closeQuietly(is);
    }
    // 
    // get profile
    response = getMockMvc().perform(MockMvcRequestBuilders.get(getDetailUrl(owner.getId()) + "/profile").with(authentication(getAdminAuthentication()))).andExpect(status().isOk()).andExpect(content().contentType(TestHelper.HAL_CONTENT_TYPE)).andReturn().getResponse().getContentAsString();
    createdProfile = (IdmProfileDto) getMapper().readValue(response, IdmProfileDto.class);
    Assert.assertEquals(image.getId(), createdProfile.getImage());
    // 
    // get profile image
    response = getMockMvc().perform(MockMvcRequestBuilders.get(getDetailUrl(owner.getId()) + "/profile/image").with(authentication(getAdminAuthentication()))).andExpect(status().isOk()).andReturn().getResponse().getContentAsString();
    Assert.assertEquals(content, response);
    // 
    // get profile permissions
    response = getMockMvc().perform(get(getDetailUrl(owner.getId()) + "/profile/permissions").with(authentication(getAdminAuthentication())).contentType(TestHelper.HAL_CONTENT_TYPE)).andExpect(status().isOk()).andReturn().getResponse().getContentAsString();
    // 
    // convert embedded object to list of strings
    List<String> permissions = getMapper().readValue(response, new TypeReference<List<String>>() {
    });
    Assert.assertNotNull(permissions);
    Assert.assertFalse(permissions.isEmpty());
    Assert.assertTrue(permissions.stream().anyMatch(p -> p.equals(IdmBasePermission.ADMIN.getName())));
    // 
    // delete image
    response = getMockMvc().perform(MockMvcRequestBuilders.delete(getDetailUrl(owner.getId()) + "/profile/image").with(authentication(getAdminAuthentication()))).andExpect(status().isOk()).andReturn().getResponse().getContentAsString();
    createdProfile = (IdmProfileDto) getMapper().readValue(response, IdmProfileDto.class);
    Assert.assertNull(createdProfile.getImage());
    // 
    // get profile without image
    getMockMvc().perform(MockMvcRequestBuilders.get(getDetailUrl(owner.getId()) + "/profile/image").with(authentication(getAdminAuthentication()))).andExpect(status().isNoContent());
    // 
    identityService.delete(owner);
    // 
    // profile is deleted
    getMockMvc().perform(MockMvcRequestBuilders.get(getDetailUrl(owner.getId()) + "/profile/image").with(authentication(getAdminAuthentication()))).andExpect(status().isNoContent());
    // attachment is deleted
    Assert.assertNull(attachmentManager.get(image));
    Assert.assertNull(profileService.get(createdProfile));
}
Also used : MockMultipartFile(org.springframework.mock.web.MockMultipartFile) IdmAttachmentDto(eu.bcvsolutions.idm.core.ecm.api.dto.IdmAttachmentDto) MockMvcResultMatchers.jsonPath(org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath) ZonedDateTime(java.time.ZonedDateTime) IdmFormAttributeDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormAttributeDto) IdmTreeNodeDto(eu.bcvsolutions.idm.core.api.dto.IdmTreeNodeDto) Autowired(org.springframework.beans.factory.annotation.Autowired) ConfigurationService(eu.bcvsolutions.idm.core.api.service.ConfigurationService) FormService(eu.bcvsolutions.idm.core.eav.api.service.FormService) StringUtils(org.apache.commons.lang3.StringUtils) IdmPasswordDto(eu.bcvsolutions.idm.core.api.dto.IdmPasswordDto) CoreGroupPermission(eu.bcvsolutions.idm.core.model.domain.CoreGroupPermission) IdmFormValueDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormValueDto) SecurityMockMvcRequestPostProcessors.authentication(org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.authentication) IdmIdentityFormValue(eu.bcvsolutions.idm.core.model.entity.eav.IdmIdentityFormValue) TypeReference(com.fasterxml.jackson.core.type.TypeReference) IdmProfileService(eu.bcvsolutions.idm.core.api.service.IdmProfileService) IdmIdentity(eu.bcvsolutions.idm.core.model.entity.IdmIdentity) IdmIdentityContractService(eu.bcvsolutions.idm.core.api.service.IdmIdentityContractService) Set(java.util.Set) IdmFormProjectionDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormProjectionDto) UUID(java.util.UUID) IdmFormAttributeFilter(eu.bcvsolutions.idm.core.eav.api.dto.filter.IdmFormAttributeFilter) Collectors(java.util.stream.Collectors) IdentityState(eu.bcvsolutions.idm.core.api.domain.IdentityState) MockMultipartFile(org.springframework.mock.web.MockMultipartFile) MockMvcRequestBuilders.patch(org.springframework.test.web.servlet.request.MockMvcRequestBuilders.patch) IOUtils(org.apache.commons.io.IOUtils) List(java.util.List) Matchers.equalTo(org.hamcrest.Matchers.equalTo) PanelDto(eu.bcvsolutions.idm.core.api.dto.PanelDto) IdmIdentityService(eu.bcvsolutions.idm.core.api.service.IdmIdentityService) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) UnsupportedEncodingException(java.io.UnsupportedEncodingException) IdmAttachmentDto(eu.bcvsolutions.idm.core.ecm.api.dto.IdmAttachmentDto) MockMvcResultMatchers.content(org.springframework.test.web.servlet.result.MockMvcResultMatchers.content) FilterManager(eu.bcvsolutions.idm.core.api.repository.filter.FilterManager) AbstractReadWriteDtoControllerRestTest(eu.bcvsolutions.idm.core.api.rest.AbstractReadWriteDtoControllerRestTest) IdmPasswordService(eu.bcvsolutions.idm.core.api.service.IdmPasswordService) IdmTreeTypeDto(eu.bcvsolutions.idm.core.api.dto.IdmTreeTypeDto) DataFilter(eu.bcvsolutions.idm.core.api.dto.filter.DataFilter) IdmBasePermission(eu.bcvsolutions.idm.core.security.api.domain.IdmBasePermission) Lists(com.google.common.collect.Lists) AbstractReadWriteDtoController(eu.bcvsolutions.idm.core.api.rest.AbstractReadWriteDtoController) LookupService(eu.bcvsolutions.idm.core.api.service.LookupService) MockMvcResultMatchers.status(org.springframework.test.web.servlet.result.MockMvcResultMatchers.status) IdmIdentityFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityFilter) IdmFormProjectionService(eu.bcvsolutions.idm.core.eav.api.service.IdmFormProjectionService) TestHelper(eu.bcvsolutions.idm.test.api.TestHelper) IdmFormInstanceDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormInstanceDto) IdentityFormValueEvaluator(eu.bcvsolutions.idm.core.security.evaluator.eav.IdentityFormValueEvaluator) AttachmentManager(eu.bcvsolutions.idm.core.ecm.api.service.AttachmentManager) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmProfileDto(eu.bcvsolutions.idm.core.api.dto.IdmProfileDto) Matchers(org.hamcrest.Matchers) MultiValueMap(org.springframework.util.MultiValueMap) IOException(java.io.IOException) Test(org.junit.Test) MockMvcRequestBuilders(org.springframework.test.web.servlet.request.MockMvcRequestBuilders) ConfigurationMap(eu.bcvsolutions.idm.core.api.domain.ConfigurationMap) IdmFormDefinitionDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormDefinitionDto) URLEncoder(java.net.URLEncoder) IdmBulkActionDto(eu.bcvsolutions.idm.core.api.bulk.action.dto.IdmBulkActionDto) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) SelfIdentityEvaluator(eu.bcvsolutions.idm.core.security.evaluator.identity.SelfIdentityEvaluator) Ignore(org.junit.Ignore) PrivateIdentityConfiguration(eu.bcvsolutions.idm.core.api.config.domain.PrivateIdentityConfiguration) ResolvedIncompatibleRoleDto(eu.bcvsolutions.idm.core.api.dto.ResolvedIncompatibleRoleDto) IdentityDisableBulkAction(eu.bcvsolutions.idm.core.bulk.action.impl.IdentityDisableBulkAction) MockMvcRequestBuilders.get(org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get) Assert(org.junit.Assert) IdmIncompatibleRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIncompatibleRoleDto) LinkedMultiValueMap(org.springframework.util.LinkedMultiValueMap) InputStream(java.io.InputStream) IdmProfileDto(eu.bcvsolutions.idm.core.api.dto.IdmProfileDto) InputStream(java.io.InputStream) List(java.util.List) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) AbstractReadWriteDtoControllerRestTest(eu.bcvsolutions.idm.core.api.rest.AbstractReadWriteDtoControllerRestTest) Test(org.junit.Test)

Aggregations

IdmProfileDto (eu.bcvsolutions.idm.core.api.dto.IdmProfileDto)32 IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)22 Test (org.junit.Test)16 GuardedString (eu.bcvsolutions.idm.core.security.api.domain.GuardedString)11 IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)9 IdmPasswordDto (eu.bcvsolutions.idm.core.api.dto.IdmPasswordDto)6 ApiOperation (io.swagger.annotations.ApiOperation)6 PreAuthorize (org.springframework.security.access.prepost.PreAuthorize)6 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)6 ResponseBody (org.springframework.web.bind.annotation.ResponseBody)6 IdmProfileFilter (eu.bcvsolutions.idm.core.api.dto.filter.IdmProfileFilter)5 AbstractReadWriteDtoControllerRestTest (eu.bcvsolutions.idm.core.api.rest.AbstractReadWriteDtoControllerRestTest)5 IdmAttachmentDto (eu.bcvsolutions.idm.core.ecm.api.dto.IdmAttachmentDto)5 AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)5 ResponseEntity (org.springframework.http.ResponseEntity)5 Transactional (org.springframework.transaction.annotation.Transactional)4 ConfigurationMap (eu.bcvsolutions.idm.core.api.domain.ConfigurationMap)3 DefaultEventResult (eu.bcvsolutions.idm.core.api.event.DefaultEventResult)3 EntityNotFoundException (eu.bcvsolutions.idm.core.api.exception.EntityNotFoundException)3 ResultCodeException (eu.bcvsolutions.idm.core.api.exception.ResultCodeException)3