Examples with GuardedString eu.bcvsolutions.idm.core.security.api.domain.GuardedString used on opensource projects

Search in sources :

Example 66 with GuardedString

use of eu.bcvsolutions.idm.core.security.api.domain.GuardedString in project CzechIdMng by bcvsolutions.

the class DefaultSysProvisioningOperationServiceUnitTest method testReplaceSingleGuardedStringsInAccountObject.

@Test
public void testReplaceSingleGuardedStringsInAccountObject() {
    ProvisioningContext context = new ProvisioningContext();
    Map<ProvisioningAttributeDto, Object> accoutObject = new HashMap<>();
    context.setAccountObject(accoutObject);
    // 
    // fill properties
    ProvisioningAttributeDto normal = new ProvisioningAttributeDto("normal", AttributeMappingStrategyType.SET);
    String normalValue = "one";
    accoutObject.put(normal, normalValue);
    ProvisioningAttributeDto guarded = new ProvisioningAttributeDto("guarded", AttributeMappingStrategyType.SET);
    GuardedString guardedValue = new GuardedString("one");
    accoutObject.put(guarded, guardedValue);
    // 
    // run
    Map<String, Serializable> confidentiaValues = service.replaceGuardedStrings(context);
    // 
    // check
    assertEquals(1, confidentiaValues.size());
    assertEquals(guardedValue.asString(), confidentiaValues.get(service.createAccountObjectPropertyKey(guarded.getKey(), 0)));
    assertEquals(normalValue, accoutObject.get(normal));
    assertNotEquals(guardedValue, accoutObject.get(guardedValue));
}
Also used : ProvisioningContext(eu.bcvsolutions.idm.acc.domain.ProvisioningContext) Serializable(java.io.Serializable) HashMap(java.util.HashMap) ProvisioningAttributeDto(eu.bcvsolutions.idm.acc.dto.ProvisioningAttributeDto) ConfidentialString(eu.bcvsolutions.idm.core.security.api.domain.ConfidentialString) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) AbstractVerifiableUnitTest(eu.bcvsolutions.idm.test.api.AbstractVerifiableUnitTest) Test(org.junit.Test)

Example 67 with GuardedString

use of eu.bcvsolutions.idm.core.security.api.domain.GuardedString in project CzechIdMng by bcvsolutions.

the class DefaultSysProvisioningOperationServiceUnitTest method testReplaceCollectionGuardedStringsInAccountObject.

@Test
public void testReplaceCollectionGuardedStringsInAccountObject() {
    ProvisioningContext context = new ProvisioningContext();
    Map<ProvisioningAttributeDto, Object> accoutObject = new HashMap<>();
    context.setAccountObject(accoutObject);
    // 
    // fill properties
    ProvisioningAttributeDto guarded = new ProvisioningAttributeDto("guarded", AttributeMappingStrategyType.SET);
    GuardedString guardedOne = new GuardedString("one");
    GuardedString guardedTwo = new GuardedString("two");
    accoutObject.put(guarded, Lists.newArrayList(guardedOne, guardedTwo));
    // 
    // run
    Map<String, Serializable> confidentiaValues = service.replaceGuardedStrings(context);
    // 
    // check
    assertEquals(2, confidentiaValues.size());
    assertEquals(guardedOne.asString(), confidentiaValues.get(service.createAccountObjectPropertyKey(guarded.getKey(), 0)));
    assertEquals(guardedTwo.asString(), confidentiaValues.get(service.createAccountObjectPropertyKey(guarded.getKey(), 1)));
    assertEquals(2, ((List<?>) accoutObject.get(guarded)).size());
    assertEquals(service.createAccountObjectPropertyKey(guarded.getKey(), 0), ((ConfidentialString) ((List<?>) accoutObject.get(guarded)).get(0)).getKey());
    assertEquals(service.createAccountObjectPropertyKey(guarded.getKey(), 1), ((ConfidentialString) ((List<?>) accoutObject.get(guarded)).get(1)).getKey());
}
Also used : ProvisioningContext(eu.bcvsolutions.idm.acc.domain.ProvisioningContext) Serializable(java.io.Serializable) HashMap(java.util.HashMap) List(java.util.List) ProvisioningAttributeDto(eu.bcvsolutions.idm.acc.dto.ProvisioningAttributeDto) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) ConfidentialString(eu.bcvsolutions.idm.core.security.api.domain.ConfidentialString) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) AbstractVerifiableUnitTest(eu.bcvsolutions.idm.test.api.AbstractVerifiableUnitTest) Test(org.junit.Test)

Example 68 with GuardedString

use of eu.bcvsolutions.idm.core.security.api.domain.GuardedString in project CzechIdMng by bcvsolutions.

the class DefaultSysProvisioningServiceTest method doIdentityProvisioningChangePasswordUnsupportSystem.

@Test(expected = ProvisioningException.class)
public void doIdentityProvisioningChangePasswordUnsupportSystem() {
    IdmIdentityDto identity = idmIdentityService.getByUsername(IDENTITY_USERNAME);
    AccIdentityAccountFilter filter = new AccIdentityAccountFilter();
    filter.setIdentityId(identity.getId());
    AccIdentityAccountDto accountIdentityOne = identityAccoutnService.find(filter, null).getContent().get(0);
    SysSystemDto system = systemService.get(accountService.get(accountIdentityOne.getAccount()).getSystem());
    SysSystemDto clonedSystem = systemService.duplicate(system.getId());
    clonedSystem.setReadonly(false);
    clonedSystem.setDisabled(false);
    clonedSystem = systemService.save(clonedSystem);
    SysSystemAttributeMappingFilter attributeMappingFilter = new SysSystemAttributeMappingFilter();
    attributeMappingFilter.setSystemId(clonedSystem.getId());
    SysSystemAttributeMappingDto passwordAttribute = systemAttributeMappingService.find(attributeMappingFilter, null).getContent().stream().filter(attribute -> {
        return ProvisioningService.PASSWORD_SCHEMA_PROPERTY_NAME.equals(schemaAttributeService.get(attribute.getSchemaAttribute()).getName());
    }).findFirst().orElse(null);
    Assert.assertNotNull(passwordAttribute);
    SysSystemAttributeMappingDto uidAttribute = systemAttributeMappingService.find(attributeMappingFilter, null).getContent().stream().filter(attribute -> {
        return attribute.isUid();
    }).findFirst().orElse(null);
    Assert.assertNotNull(uidAttribute);
    uidAttribute.setTransformToResourceScript("if(attributeValue){return \"y\"+ attributeValue;}");
    uidAttribute = systemAttributeMappingService.save(uidAttribute);
    SysSystemEntityDto sysEntity = new SysSystemEntityDto("y" + IDENTITY_USERNAME, SystemEntityType.IDENTITY);
    sysEntity.setSystem(clonedSystem.getId());
    sysEntity = systemEntityService.save(sysEntity);
    AccAccountDto account = new AccAccountDto();
    account.setSystem(clonedSystem.getId());
    account.setUid("y" + IDENTITY_USERNAME);
    account.setAccountType(AccountType.PERSONAL);
    account.setEntityType(SystemEntityType.IDENTITY);
    account.setSystemEntity(sysEntity.getId());
    account = accountService.save(account);
    AccIdentityAccountDto accountIdentity = new AccIdentityAccountDto();
    accountIdentity.setIdentity(identity.getId());
    accountIdentity.setOwnership(true);
    accountIdentity.setAccount(account.getId());
    accountIdentity = identityAccoutnService.save(accountIdentity);
    provisioningService.doProvisioning(account);
    TestResource createdAccount = entityManager.find(TestResource.class, accountService.get(accountIdentity.getAccount()).getUid());
    Assert.assertNotNull(createdAccount);
    Assert.assertEquals(identity.getFirstName(), createdAccount.getFirstname());
    String password = createdAccount.getPassword();
    AccAccountFilter accountFilter = new AccAccountFilter();
    accountFilter.setIdentityId(identity.getId());
    accountFilter.setOwnership(Boolean.TRUE);
    accountFilter.setSupportChangePassword(Boolean.TRUE);
    // Two accounts supported change password expects
    Assert.assertEquals(2, accountService.find(accountFilter, null).getContent().size());
    PasswordChangeDto passwordChange = new PasswordChangeDto();
    passwordChange.setNewPassword(new GuardedString("newPWD"));
    passwordChange.getAccounts().add(account.getId().toString());
    idmIdentityService.passwordChange(identity, passwordChange);
    createdAccount = entityManager.find(TestResource.class, accountService.get(accountIdentity.getAccount()).getUid());
    Assert.assertNotEquals(password, createdAccount.getPassword());
    // After success password change, we delete password attribute.
    systemAttributeMappingService.delete(passwordAttribute);
    // One account supported change password expects
    Assert.assertEquals(1, accountService.find(accountFilter, null).getContent().size());
    // Change password .. must end with exception
    passwordChange = new PasswordChangeDto();
    passwordChange.setNewPassword(new GuardedString("newPWDUnsupported"));
    passwordChange.getAccounts().add(account.getId().toString());
    idmIdentityService.passwordChange(identity, passwordChange);
    fail();
}
Also used : SysSystemAttributeMappingFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter) SysSystemAttributeMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto) PasswordChangeDto(eu.bcvsolutions.idm.core.api.dto.PasswordChangeDto) AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto) TestResource(eu.bcvsolutions.idm.acc.entity.TestResource) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) AccAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccAccountFilter) AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) SysSystemEntityDto(eu.bcvsolutions.idm.acc.dto.SysSystemEntityDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 69 with GuardedString

use of eu.bcvsolutions.idm.core.security.api.domain.GuardedString in project CzechIdMng by bcvsolutions.

the class InitTestData method init.

protected void init() {
    // we are reusing demo data in tests as well
    initDemoData.init();
    // 
    securityService.setSystemAuthentication();
    // 
    try {
        IdmRoleDto superAdminRole = this.roleService.getByCode(InitApplicationData.ADMIN_ROLE);
        IdmTreeNodeDto rootOrganization = treeNodeService.findRoots((UUID) null, new PageRequest(0, 1)).getContent().get(0);
        // 
        if (!configurationService.getBooleanValue(PARAMETER_TEST_DATA_CREATED, false)) {
            log.info("Creating test data ...");
            // 
            IdmRoleDto role1 = new IdmRoleDto();
            role1.setName(TEST_USER_ROLE);
            role1 = this.roleService.save(role1);
            log.info(MessageFormat.format("Test role created [id: {0}]", role1.getId()));
            // 
            IdmRoleDto role2 = new IdmRoleDto();
            role2.setName(TEST_CUSTOM_ROLE);
            List<IdmRoleCompositionDto> subRoles = new ArrayList<>();
            subRoles.add(new IdmRoleCompositionDto(role2.getId(), superAdminRole.getId()));
            role2.setSubRoles(subRoles);
            role2 = this.roleService.save(role2);
            log.info(MessageFormat.format("Test role created [id: {0}]", role2.getId()));
            // 
            // Users for JUnit testing
            IdmIdentityDto testUser1 = new IdmIdentityDto();
            testUser1.setUsername(TEST_USER_1);
            testUser1.setPassword(new GuardedString("heslo"));
            testUser1.setFirstName("Test");
            testUser1.setLastName("First User");
            testUser1.setEmail("test1@bscsolutions.eu");
            testUser1 = this.identityService.save(testUser1);
            log.info(MessageFormat.format("Identity created [id: {0}]", testUser1.getId()));
            IdmIdentityDto testUser2 = new IdmIdentityDto();
            testUser2.setUsername(TEST_USER_2);
            testUser2.setPassword(new GuardedString("heslo"));
            testUser2.setFirstName("Test");
            testUser2.setLastName("Second User");
            testUser2.setEmail("test2@bscsolutions.eu");
            testUser2 = this.identityService.save(testUser2);
            log.info(MessageFormat.format("Identity created [id: {0}]", testUser2.getId()));
            IdmTreeTypeDto type = this.treeTypeService.get(rootOrganization.getTreeType());
            IdmTreeNodeDto organization = new IdmTreeNodeDto();
            organization.setCode("test");
            organization.setName("Organization Test");
            organization.setCreator("ja");
            organization.setParent(rootOrganization.getId());
            organization.setTreeType(type.getId());
            organization = this.treeNodeService.save(organization);
            IdmIdentityContractDto identityWorkPosition2 = new IdmIdentityContractDto();
            identityWorkPosition2.setIdentity(testUser1.getId());
            identityWorkPosition2.setWorkPosition(organization.getId());
            identityWorkPosition2 = identityContractService.save(identityWorkPosition2);
            IdmContractGuaranteeDto contractGuarantee = new IdmContractGuaranteeDto();
            contractGuarantee.setIdentityContract(identityWorkPosition2.getId());
            contractGuarantee.setGuarantee(testUser2.getId());
            contractGuaranteeService.save(contractGuarantee);
            // 
            log.info("Test data was created.");
            // 
            configurationService.setBooleanValue(PARAMETER_TEST_DATA_CREATED, true);
        }
    // 
    } finally {
        SecurityContextHolder.clearContext();
    }
}
Also used : IdmTreeTypeDto(eu.bcvsolutions.idm.core.api.dto.IdmTreeTypeDto) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) PageRequest(org.springframework.data.domain.PageRequest) IdmContractGuaranteeDto(eu.bcvsolutions.idm.core.api.dto.IdmContractGuaranteeDto) IdmRoleCompositionDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto) ArrayList(java.util.ArrayList) IdmTreeNodeDto(eu.bcvsolutions.idm.core.api.dto.IdmTreeNodeDto) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)

Example 70 with GuardedString

use of eu.bcvsolutions.idm.core.security.api.domain.GuardedString in project CzechIdMng by bcvsolutions.

the class IdentityCreatePasswordValidateProcessor method process.

@Override
public EventResult<IdmIdentityDto> process(EntityEvent<IdmIdentityDto> event) {
    GuardedString password = event.getContent().getPassword();
    IdmIdentityDto identity = event.getContent();
    // when create identity password can be null
    if (password != null) {
        IdmPasswordValidationDto passwordValidationDto = new IdmPasswordValidationDto();
        passwordValidationDto.setPassword(password);
        passwordValidationDto.setIdentity(identity);
        // validate create new password by default password policy
        this.passwordPolicyService.validate(passwordValidationDto);
    }
    return new DefaultEventResult<>(event, this);
}
Also used : IdmPasswordValidationDto(eu.bcvsolutions.idm.core.api.dto.IdmPasswordValidationDto) DefaultEventResult(eu.bcvsolutions.idm.core.api.event.DefaultEventResult) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)

Aggregations

GuardedString (eu.bcvsolutions.idm.core.security.api.domain.GuardedString)97 Test (org.junit.Test)61 IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)59 AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)49 LoginDto (eu.bcvsolutions.idm.core.security.api.dto.LoginDto)40 IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)30 SysSystemDto (eu.bcvsolutions.idm.acc.dto.SysSystemDto)26 PasswordChangeDto (eu.bcvsolutions.idm.core.api.dto.PasswordChangeDto)20 ArrayList (java.util.ArrayList)13 IdmAuthorizationPolicyDto (eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto)11 IcConnectorObject (eu.bcvsolutions.idm.ic.api.IcConnectorObject)11 AccIdentityAccountDto (eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)10 AccIdentityAccountFilter (eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter)9 HashMap (java.util.HashMap)9 IdmIdentityContractDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)8 Transactional (org.springframework.transaction.annotation.Transactional)8 ProvisioningAttributeDto (eu.bcvsolutions.idm.acc.dto.ProvisioningAttributeDto)7 SysSystemAttributeMappingDto (eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto)7 IdmRole (eu.bcvsolutions.idm.core.model.entity.IdmRole)7 List (java.util.List)7
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial