Example 46 with LoginDto
use of eu.bcvsolutions.idm.core.security.api.dto.LoginDto in project CzechIdMng by bcvsolutions.
the class RoleAccountByRoleEvaluatorIntegrationTest method testRoleWithoutEvaluator.
@Test
public void testRoleWithoutEvaluator() {
IdmIdentityDto identity = createIdentityWithRole(false);
try {
loginService.login(new LoginDto(identity.getUsername(), identity.getPassword()));
IdmRoleDto role = roleService.get(TEST_ROLE_ID, IdmBasePermission.READ);
assertEquals(TEST_ROLE_ID, role.getId());
assertEquals(1, roleService.find(null, IdmBasePermission.READ).getTotalElements());
assertEquals(0, authorizationPolicyService.find(null, IdmBasePermission.READ).getTotalElements());
} finally {
logout();
}
}
Also used :
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
LoginDto(eu.bcvsolutions.idm.core.security.api.dto.LoginDto)
Test(org.junit.Test)
AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)
Example 47 with LoginDto
use of eu.bcvsolutions.idm.core.security.api.dto.LoginDto in project CzechIdMng by bcvsolutions.
the class DefaultAccAccountServiceTest method getConnectorObjectTest.
@Test
public void getConnectorObjectTest() {
String userOneName = "UserOne";
String eavAttributeName = "EAV_ATTRIBUTE";
SysSystemDto system = initData();
Assert.assertNotNull(system);
IdmIdentityDto identity = helper.createIdentity();
// Create role with evaluator
IdmRoleDto role = helper.createRole();
IdmAuthorizationPolicyDto policyAccount = new IdmAuthorizationPolicyDto();
policyAccount.setRole(role.getId());
policyAccount.setGroupPermission(AccGroupPermission.ACCOUNT.getName());
policyAccount.setAuthorizableType(AccAccount.class.getCanonicalName());
policyAccount.setEvaluator(ReadAccountByIdentityEvaluator.class);
authorizationPolicyService.save(policyAccount);
// Change resources (set state on exclude) .. must be call in transaction
this.getBean().persistResource(createResource(userOneName, new LocalDateTime()));
AccAccountDto account = new AccAccountDto();
account.setEntityType(SystemEntityType.IDENTITY);
account.setSystem(system.getId());
account.setAccountType(AccountType.PERSONAL);
account.setUid(userOneName);
account = accountService.save(account);
AccIdentityAccountDto accountIdentityOne = new AccIdentityAccountDto();
accountIdentityOne.setIdentity(identity.getId());
accountIdentityOne.setOwnership(true);
accountIdentityOne.setAccount(account.getId());
accountIdentityOne = identityAccountService.save(accountIdentityOne);
// Assign role with evaluator
helper.createIdentityRole(identity, role);
logout();
loginService.login(new LoginDto(identity.getUsername(), identity.getPassword()));
IcConnectorObject connectorObject = accountService.getConnectorObject(account, IdmBasePermission.READ);
Assert.assertNotNull(connectorObject);
Assert.assertEquals(userOneName, connectorObject.getUidValue());
Assert.assertNotNull(connectorObject.getAttributeByName(eavAttributeName));
Assert.assertEquals(userOneName, connectorObject.getAttributeByName(eavAttributeName).getValue());
}
Also used :
LocalDateTime(org.joda.time.LocalDateTime)
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
AccAccount(eu.bcvsolutions.idm.acc.entity.AccAccount)
IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject)
IdmAuthorizationPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto)
AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
LoginDto(eu.bcvsolutions.idm.core.security.api.dto.LoginDto)
AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)
SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto)
AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)
Test(org.junit.Test)
Example 48 with LoginDto
use of eu.bcvsolutions.idm.core.security.api.dto.LoginDto in project CzechIdMng by bcvsolutions.
the class DefaultIdmPasswordServiceIntegrationTest method testSuccessfulLoginTimestamp.
@Test
@Transactional
public void testSuccessfulLoginTimestamp() {
IdmIdentityDto identity = testHelper.createIdentity();
identity.setPassword(new GuardedString("SomePasswd"));
identity = identityService.save(identity);
// first login
LoginDto loginDto = new LoginDto();
loginDto.setUsername(identity.getUsername());
loginDto.setPassword(new GuardedString("SomePasswd"));
loginController.login(loginDto);
DateTime timestamp = passwordService.findOneByIdentity(identity.getUsername()).getLastSuccessfulLogin();
assertNotNull(passwordService.findOneByIdentity(identity.getUsername()).getLastSuccessfulLogin());
// second login
loginDto = new LoginDto();
loginDto.setUsername(identity.getUsername());
loginDto.setPassword(new GuardedString("SomePasswd"));
loginController.login(loginDto);
DateTime timestamp2 = passwordService.findOneByIdentity(identity.getUsername()).getLastSuccessfulLogin();
assertTrue(timestamp2.isAfter(timestamp));
}
Also used :
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
LoginDto(eu.bcvsolutions.idm.core.security.api.dto.LoginDto)
DateTime(org.joda.time.DateTime)
AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)
Test(org.junit.Test)
Transactional(org.springframework.transaction.annotation.Transactional)
Example 49 with LoginDto
use of eu.bcvsolutions.idm.core.security.api.dto.LoginDto in project CzechIdMng by bcvsolutions.
the class DefaultAuthenticationManager method validate.
@Override
public boolean validate(String username, GuardedString password) {
LoginDto loginDto = new LoginDto();
loginDto.setUsername(username);
loginDto.setPassword(password);
try {
this.authenticate(loginDto);
} catch (RuntimeException e) {
return false;
}
return true;
}
Also used :
LoginDto(eu.bcvsolutions.idm.core.security.api.dto.LoginDto)
Example 50 with LoginDto
use of eu.bcvsolutions.idm.core.security.api.dto.LoginDto in project CzechIdMng by bcvsolutions.
the class DefaultAuthenticationManager method authenticateOverAuthenticator.
/**
* Authenticate {@link LoginDto} over all found {@link Authenticator}
*
* @param loginDto
*/
private LoginDto authenticateOverAuthenticator(LoginDto loginDto) {
Assert.notNull(authenticators);
//
List<LoginDto> resultsList = new LinkedList<>();
RuntimeException firstFailture = null;
//
for (Authenticator authenticator : getEnabledAuthenticators()) {
LOG.debug("AuthenticationManager call authenticate by [{}].", authenticator.getName());
try {
LoginDto result = authenticator.authenticate(cloneLoginDto(loginDto));
if (result == null) {
// continue, authenticator is not implemented or etc.
continue;
}
if (authenticator.getExceptedResult() == AuthenticationResponseEnum.SUFFICIENT) {
passwordService.setLastSuccessfulLogin(loginDto.getUsername());
return result;
}
// if otherwise add result too list and continue
resultsList.add(result);
} catch (RuntimeException e) {
// if excepted response is REQUISITE exit immediately with error
if (authenticator.getExceptedResult() == AuthenticationResponseEnum.REQUISITE) {
throw e;
}
// if otherwise save first failure into exception
if (firstFailture == null) {
firstFailture = e;
}
}
}
// authenticator is sorted by implement ordered, return first success authenticate authenticator, if don't exist any otherwise throw first failure
if (resultsList.isEmpty()) {
passwordService.increaseUnsuccessfulAttempts(loginDto.getUsername());
throw firstFailture;
}
passwordService.setLastSuccessfulLogin(loginDto.getUsername());
return resultsList.get(0);
}
Also used :
LoginDto(eu.bcvsolutions.idm.core.security.api.dto.LoginDto)
LinkedList(java.util.LinkedList)
Authenticator(eu.bcvsolutions.idm.core.security.api.authentication.Authenticator)
Aggregations
LoginDto (eu.bcvsolutions.idm.core.security.api.dto.LoginDto)74
Test (org.junit.Test)63
IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)59
AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)59
GuardedString (eu.bcvsolutions.idm.core.security.api.domain.GuardedString)40
IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)32
SysSystemDto (eu.bcvsolutions.idm.acc.dto.SysSystemDto)15
IdmAuthorizationPolicyDto (eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto)14
PasswordChangeDto (eu.bcvsolutions.idm.core.api.dto.PasswordChangeDto)9
VsRequestDto (eu.bcvsolutions.idm.vs.dto.VsRequestDto)9
VsRequestFilter (eu.bcvsolutions.idm.vs.dto.filter.VsRequestFilter)9
IdmRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)7
VsAccountDto (eu.bcvsolutions.idm.vs.dto.VsAccountDto)7
AccAccountDto (eu.bcvsolutions.idm.acc.dto.AccAccountDto)6
AccIdentityAccountDto (eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)6
IcConnectorObject (eu.bcvsolutions.idm.ic.api.IcConnectorObject)6
AccAccount (eu.bcvsolutions.idm.acc.entity.AccAccount)5
IdmRole (eu.bcvsolutions.idm.core.model.entity.IdmRole)4
IdmAuthenticationException (eu.bcvsolutions.idm.core.security.exception.IdmAuthenticationException)4
AbstractRestTest (eu.bcvsolutions.idm.test.api.AbstractRestTest)4
