use of eu.bcvsolutions.idm.core.api.dto.IdmProfileDto in project CzechIdMng by bcvsolutions.
the class DefaultTwoFactorAuthenticationManager method confirm.
@Override
@Transactional
public boolean confirm(UUID identityId, TwoFactorRegistrationConfirmDto registrationConfirm) {
Assert.notNull(identityId, "Identity identifier is required.");
Assert.notNull(registrationConfirm, "Two factor confirm request is required.");
//
// support two factor authentication, even when identity is not authenticated by IdM (secret is required to persist only)
IdmPasswordDto password = passwordService.findOrCreateByIdentity(identityId);
if (password == null) {
throw new EntityNotFoundException(IdmIdentityDto.class, identityId);
}
//
GuardedString verificationSecret = registrationConfirm.getVerificationSecret();
GuardedString verificationCode = registrationConfirm.getVerificationCode();
//
if (!verifyCode(verificationSecret, verificationCode)) {
throw new ResultCodeException(CoreResultCode.TWO_FACTOR_VERIFICATION_CODE_FAILED);
}
//
password.setVerificationSecret(verificationSecret.asString());
passwordService.save(password);
//
IdmProfileDto profile = profileService.findOrCreateByIdentity(identityId);
profile.setTwoFactorAuthenticationType(registrationConfirm.getTwoFactorAuthenticationType());
profileService.save(profile);
//
return true;
}
use of eu.bcvsolutions.idm.core.api.dto.IdmProfileDto in project CzechIdMng by bcvsolutions.
the class SelfProfileEvaluatorIntegrationTest method testPolicy.
@Test
public void testPolicy() {
IdmIdentityDto identity = getHelper().createIdentity();
IdmIdentityDto identityOther = getHelper().createIdentity();
IdmRoleDto role = getHelper().createRole();
getHelper().createIdentityRole(identity, role);
//
List<IdmProfileDto> profiles = null;
IdmProfileDto profile = getHelper().createProfile(identity);
// other
getHelper().createProfile(identityOther);
// check created identity doesn't have compositions
try {
getHelper().login(identity);
profiles = service.find(null, IdmBasePermission.READ).getContent();
Assert.assertTrue(profiles.isEmpty());
} finally {
logout();
}
//
// create authorization policy - assign to role
getHelper().createAuthorizationPolicy(role.getId(), CoreGroupPermission.PROFILE, IdmProfile.class, SelfProfileEvaluator.class, IdmBasePermission.READ);
//
try {
getHelper().login(identity);
//
// evaluate access
profiles = service.find(null, IdmBasePermission.READ).getContent();
Assert.assertEquals(1, profiles.size());
Assert.assertEquals(profile.getId(), profiles.get(0).getId());
//
Set<String> permissions = service.getPermissions(profile);
Assert.assertEquals(1, permissions.size());
Assert.assertEquals(IdmBasePermission.READ.name(), permissions.iterator().next());
} finally {
logout();
}
}
use of eu.bcvsolutions.idm.core.api.dto.IdmProfileDto in project CzechIdMng by bcvsolutions.
the class IdmProfileControllerRestTest method prepareDto.
@Override
protected IdmProfileDto prepareDto() {
IdmIdentityDto owner = getHelper().createIdentity((GuardedString) null);
IdmProfileDto dto = new IdmProfileDto();
dto.setIdentity(owner.getId());
return dto;
}
use of eu.bcvsolutions.idm.core.api.dto.IdmProfileDto in project CzechIdMng by bcvsolutions.
the class IdmProfileControllerRestTest method testFindByIdentity.
@Test
public void testFindByIdentity() {
IdmIdentityDto owner = getHelper().createIdentity((GuardedString) null);
IdmProfileDto profileOne = prepareDto();
profileOne.setIdentity(owner.getId());
profileOne = createDto(profileOne);
// other
createDto();
// other
createDto();
IdmProfileFilter filter = new IdmProfileFilter();
filter.setIdentityId(owner.getId());
List<IdmProfileDto> results = find(filter);
//
Assert.assertEquals(1, results.size());
Assert.assertEquals(profileOne, results.get(0));
}
use of eu.bcvsolutions.idm.core.api.dto.IdmProfileDto in project CzechIdMng by bcvsolutions.
the class IdmIdentityControllerRestTest method testProfile.
@Test
public void testProfile() throws UnsupportedEncodingException, IOException, Exception {
IdmIdentityDto owner = getHelper().createIdentity((GuardedString) null);
//
// profile image
getMockMvc().perform(MockMvcRequestBuilders.get(getDetailUrl(owner.getId()) + "/profile").with(authentication(getAdminAuthentication()))).andExpect(status().isNoContent());
getMockMvc().perform(MockMvcRequestBuilders.get(getDetailUrl(owner.getId()) + "/profile/image").with(authentication(getAdminAuthentication()))).andExpect(status().isNoContent());
//
String fileName = "file.png";
String content = "some image";
String response = getMockMvc().perform(MockMvcRequestBuilders.multipart(getDetailUrl(owner.getId()) + "/profile/image").file(new MockMultipartFile("data", fileName, "image/png", IOUtils.toByteArray(IOUtils.toInputStream(content)))).param("fileName", fileName).with(authentication(getAdminAuthentication()))).andExpect(status().isOk()).andExpect(content().contentType(TestHelper.HAL_CONTENT_TYPE)).andReturn().getResponse().getContentAsString();
IdmProfileDto createdProfile = (IdmProfileDto) getMapper().readValue(response, IdmProfileDto.class);
//
Assert.assertNotNull(createdProfile);
Assert.assertNotNull(createdProfile.getId());
Assert.assertNotNull(createdProfile.getImage());
IdmAttachmentDto image = attachmentManager.get(createdProfile.getImage());
Assert.assertEquals(content.length(), image.getFilesize().intValue());
Assert.assertEquals(createdProfile.getId(), image.getOwnerId());
Assert.assertEquals(attachmentManager.getOwnerType(createdProfile), image.getOwnerType());
Assert.assertEquals(fileName, image.getName());
InputStream is = attachmentManager.getAttachmentData(image.getId());
try {
Assert.assertEquals(content, IOUtils.toString(is));
} finally {
IOUtils.closeQuietly(is);
}
//
// get profile
response = getMockMvc().perform(MockMvcRequestBuilders.get(getDetailUrl(owner.getId()) + "/profile").with(authentication(getAdminAuthentication()))).andExpect(status().isOk()).andExpect(content().contentType(TestHelper.HAL_CONTENT_TYPE)).andReturn().getResponse().getContentAsString();
createdProfile = (IdmProfileDto) getMapper().readValue(response, IdmProfileDto.class);
Assert.assertEquals(image.getId(), createdProfile.getImage());
//
// get profile image
response = getMockMvc().perform(MockMvcRequestBuilders.get(getDetailUrl(owner.getId()) + "/profile/image").with(authentication(getAdminAuthentication()))).andExpect(status().isOk()).andReturn().getResponse().getContentAsString();
Assert.assertEquals(content, response);
//
// get profile permissions
response = getMockMvc().perform(get(getDetailUrl(owner.getId()) + "/profile/permissions").with(authentication(getAdminAuthentication())).contentType(TestHelper.HAL_CONTENT_TYPE)).andExpect(status().isOk()).andReturn().getResponse().getContentAsString();
//
// convert embedded object to list of strings
List<String> permissions = getMapper().readValue(response, new TypeReference<List<String>>() {
});
Assert.assertNotNull(permissions);
Assert.assertFalse(permissions.isEmpty());
Assert.assertTrue(permissions.stream().anyMatch(p -> p.equals(IdmBasePermission.ADMIN.getName())));
//
// delete image
response = getMockMvc().perform(MockMvcRequestBuilders.delete(getDetailUrl(owner.getId()) + "/profile/image").with(authentication(getAdminAuthentication()))).andExpect(status().isOk()).andReturn().getResponse().getContentAsString();
createdProfile = (IdmProfileDto) getMapper().readValue(response, IdmProfileDto.class);
Assert.assertNull(createdProfile.getImage());
//
// get profile without image
getMockMvc().perform(MockMvcRequestBuilders.get(getDetailUrl(owner.getId()) + "/profile/image").with(authentication(getAdminAuthentication()))).andExpect(status().isNoContent());
//
identityService.delete(owner);
//
// profile is deleted
getMockMvc().perform(MockMvcRequestBuilders.get(getDetailUrl(owner.getId()) + "/profile/image").with(authentication(getAdminAuthentication()))).andExpect(status().isNoContent());
// attachment is deleted
Assert.assertNull(attachmentManager.get(image));
Assert.assertNull(profileService.get(createdProfile));
}
Aggregations