use of eu.bcvsolutions.idm.core.security.api.domain.GuardedString in project CzechIdMng by bcvsolutions.
the class BasicIdmAuthenticationFilter method createLoginDto.
private LoginDto createLoginDto(String[] creds) {
Assert.notNull(creds);
Assert.isTrue(creds.length == 2);
//
LoginDto ldto = new LoginDto();
ldto.setUsername(creds[0]);
ldto.setPassword(new GuardedString(creds[1]));
ldto.setSkipMustChange(true);
return ldto;
}
use of eu.bcvsolutions.idm.core.security.api.domain.GuardedString in project CzechIdMng by bcvsolutions.
the class PasswordChangeController method validate.
/**
* Pre validation of password (shows hint of password policy rules)
*
* @param identityId
* @param passwordChangeDto
* @return
*/
@ResponseBody
@ResponseStatus(code = HttpStatus.OK)
@RequestMapping(value = BaseController.BASE_PATH + "/public/identities/prevalidate", method = RequestMethod.PUT)
@ApiOperation(value = "Validation of password before applying", nickname = "validationOfPasswordBeforeApplying", tags = { PasswordChangeController.TAG })
public ResponseEntity<?> validate(@RequestBody PasswordChangeDto passwordChangeDto) {
passwordChangeDto.setNewPassword(new GuardedString());
identityService.validatePassword(passwordChangeDto);
return new ResponseEntity<Object>(HttpStatus.NO_CONTENT);
}
use of eu.bcvsolutions.idm.core.security.api.domain.GuardedString in project CzechIdMng by bcvsolutions.
the class DefaultAccAuthenticatorTest method loginAgainstTwoAccount.
@Test
public void loginAgainstTwoAccount() {
IdmIdentityDto identity = identityService.getByUsername(USERNAME);
AccIdentityAccountFilter filter = new AccIdentityAccountFilter();
filter.setIdentityId(identity.getId());
List<AccIdentityAccountDto> identityAccounts = identityAccountService.find(filter, null).getContent();
// get account distinct for identityAccounts
List<String> accountIds = new ArrayList<>();
for (AccIdentityAccountDto identityAccount : identityAccounts) {
if (!accountIds.contains(identityAccount.getAccount().toString())) {
accountIds.add(identityAccount.getAccount().toString());
}
}
assertEquals(1, accountIds.size());
assertEquals(1, identityAccounts.size());
IdmRoleDto role2 = roleService.getByCode(ROLE_NAME + "2");
IdmIdentityRoleDto irdto = new IdmIdentityRoleDto();
irdto.setIdentityContract(identityContractService.findAllByIdentity(identity.getId()).get(0).getId());
irdto.setRole(role2.getId());
irdto = identityRoleService.save(irdto);
identityAccounts = identityAccountService.find(filter, null).getContent();
// get account distinct for identityAccounts
accountIds = new ArrayList<>();
for (AccIdentityAccountDto identityAccount : identityAccounts) {
if (!accountIds.contains(identityAccount.getAccount().toString())) {
accountIds.add(identityAccount.getAccount().toString());
}
}
assertEquals(2, accountIds.size());
assertEquals(2, identityAccounts.size());
PasswordChangeDto passwordChangeDto = new PasswordChangeDto();
List<String> accs = new ArrayList<>();
accs.add(accountIds.get(0));
passwordChangeDto.setAccounts(accs);
passwordChangeDto.setAll(false);
passwordChangeDto.setNewPassword(new GuardedString("1234"));
// change password for system
provisioningService.changePassword(identity, passwordChangeDto);
passwordChangeDto = new PasswordChangeDto();
accs = new ArrayList<>();
accs.add(accountIds.get(1));
passwordChangeDto.setAccounts(accs);
passwordChangeDto.setAll(false);
passwordChangeDto.setNewPassword(new GuardedString("4321"));
// change password for system
provisioningService.changePassword(identity, passwordChangeDto);
// bough password are right
LoginDto loginDto1 = new LoginDto();
loginDto1.setUsername(USERNAME);
loginDto1.setPassword(new GuardedString("1234"));
loginDto1 = authenticationManager.authenticate(loginDto1);
LoginDto loginDto2 = new LoginDto();
loginDto2.setUsername(USERNAME);
loginDto2.setPassword(new GuardedString("4321"));
loginDto2 = authenticationManager.authenticate(loginDto2);
assertNotNull(loginDto2);
assertNotNull(loginDto2.getAuthentication());
assertEquals("acc", loginDto2.getAuthenticationModule());
assertNotNull(loginDto1);
assertNotNull(loginDto1.getAuthentication());
assertEquals("acc", loginDto1.getAuthenticationModule());
}
use of eu.bcvsolutions.idm.core.security.api.domain.GuardedString in project CzechIdMng by bcvsolutions.
the class DefaultAccAuthenticatorTest method A_loginAgainstSystem.
@Test
public void A_loginAgainstSystem() {
initData();
IdmIdentityDto identity = identityService.getByUsername(USERNAME);
IdmRoleDto role = roleService.getByCode(ROLE_NAME);
IdmIdentityRoleDto irdto = new IdmIdentityRoleDto();
irdto.setIdentityContract(identityContractService.findAllByIdentity(identity.getId()).get(0).getId());
irdto.setRole(role.getId());
// This evokes IdentityRole SAVE event. On this event will be start
// account management and provisioning
irdto = identityRoleService.save(irdto);
//
AccIdentityAccountFilter filter = new AccIdentityAccountFilter();
filter.setIdentityId(identity.getId());
List<AccIdentityAccountDto> accounts = identityAccountService.find(filter, null).getContent();
assertEquals(1, accounts.size());
List<String> accs = new ArrayList<>();
accs.add(accounts.get(0).getId().toString());
PasswordChangeDto passwordChangeDto = new PasswordChangeDto();
passwordChangeDto.setAccounts(accs);
passwordChangeDto.setAll(true);
passwordChangeDto.setNewPassword(new GuardedString("test"));
// change password for system
provisioningService.changePassword(identity, passwordChangeDto);
LoginDto loginDto = new LoginDto();
loginDto.setUsername(USERNAME);
loginDto.setPassword(new GuardedString("test"));
loginDto = authenticationManager.authenticate(loginDto);
//
assertNotNull(loginDto);
assertNotNull(loginDto.getAuthentication());
assertEquals("acc", loginDto.getAuthenticationModule());
}
use of eu.bcvsolutions.idm.core.security.api.domain.GuardedString in project CzechIdMng by bcvsolutions.
the class DefaultAccAuthenticatorTest method loginAgainstIdm.
@Test
public void loginAgainstIdm() {
IdmIdentityDto identity = new IdmIdentityDto();
identity.setUsername("test_login_1");
identity.setLastName("test_login_1");
identity.setPassword(new GuardedString("test1234"));
identity = identityService.save(identity);
LoginDto loginDto = new LoginDto();
loginDto.setPassword(new GuardedString("test1234"));
loginDto.setUsername("test_login_1");
loginDto = authenticationManager.authenticate(loginDto);
assertNotNull(loginDto);
assertNotNull(loginDto.getAuthentication());
assertEquals("core", loginDto.getAuthenticationModule());
}
Aggregations