use of eu.bcvsolutions.idm.core.security.api.dto.LoginDto in project CzechIdMng by bcvsolutions.
the class RoleAccountByRoleEvaluatorIntegrationTest method testRoleWithoutEvaluator.
@Test
public void testRoleWithoutEvaluator() {
IdmIdentityDto identity = createIdentityWithRole(false);
try {
loginService.login(new LoginDto(identity.getUsername(), identity.getPassword()));
IdmRoleDto role = roleService.get(TEST_ROLE_ID, IdmBasePermission.READ);
assertEquals(TEST_ROLE_ID, role.getId());
assertEquals(1, roleService.find(null, IdmBasePermission.READ).getTotalElements());
assertEquals(0, authorizationPolicyService.find(null, IdmBasePermission.READ).getTotalElements());
} finally {
logout();
}
}
use of eu.bcvsolutions.idm.core.security.api.dto.LoginDto in project CzechIdMng by bcvsolutions.
the class DefaultAccAccountServiceTest method getConnectorObjectTest.
@Test
public void getConnectorObjectTest() {
String userOneName = "UserOne";
String eavAttributeName = "EAV_ATTRIBUTE";
SysSystemDto system = initData();
Assert.assertNotNull(system);
IdmIdentityDto identity = helper.createIdentity();
// Create role with evaluator
IdmRoleDto role = helper.createRole();
IdmAuthorizationPolicyDto policyAccount = new IdmAuthorizationPolicyDto();
policyAccount.setRole(role.getId());
policyAccount.setGroupPermission(AccGroupPermission.ACCOUNT.getName());
policyAccount.setAuthorizableType(AccAccount.class.getCanonicalName());
policyAccount.setEvaluator(ReadAccountByIdentityEvaluator.class);
authorizationPolicyService.save(policyAccount);
// Change resources (set state on exclude) .. must be call in transaction
this.getBean().persistResource(createResource(userOneName, new LocalDateTime()));
AccAccountDto account = new AccAccountDto();
account.setEntityType(SystemEntityType.IDENTITY);
account.setSystem(system.getId());
account.setAccountType(AccountType.PERSONAL);
account.setUid(userOneName);
account = accountService.save(account);
AccIdentityAccountDto accountIdentityOne = new AccIdentityAccountDto();
accountIdentityOne.setIdentity(identity.getId());
accountIdentityOne.setOwnership(true);
accountIdentityOne.setAccount(account.getId());
accountIdentityOne = identityAccountService.save(accountIdentityOne);
// Assign role with evaluator
helper.createIdentityRole(identity, role);
logout();
loginService.login(new LoginDto(identity.getUsername(), identity.getPassword()));
IcConnectorObject connectorObject = accountService.getConnectorObject(account, IdmBasePermission.READ);
Assert.assertNotNull(connectorObject);
Assert.assertEquals(userOneName, connectorObject.getUidValue());
Assert.assertNotNull(connectorObject.getAttributeByName(eavAttributeName));
Assert.assertEquals(userOneName, connectorObject.getAttributeByName(eavAttributeName).getValue());
}
use of eu.bcvsolutions.idm.core.security.api.dto.LoginDto in project CzechIdMng by bcvsolutions.
the class DefaultIdmPasswordServiceIntegrationTest method testSuccessfulLoginTimestamp.
@Test
@Transactional
public void testSuccessfulLoginTimestamp() {
IdmIdentityDto identity = testHelper.createIdentity();
identity.setPassword(new GuardedString("SomePasswd"));
identity = identityService.save(identity);
// first login
LoginDto loginDto = new LoginDto();
loginDto.setUsername(identity.getUsername());
loginDto.setPassword(new GuardedString("SomePasswd"));
loginController.login(loginDto);
DateTime timestamp = passwordService.findOneByIdentity(identity.getUsername()).getLastSuccessfulLogin();
assertNotNull(passwordService.findOneByIdentity(identity.getUsername()).getLastSuccessfulLogin());
// second login
loginDto = new LoginDto();
loginDto.setUsername(identity.getUsername());
loginDto.setPassword(new GuardedString("SomePasswd"));
loginController.login(loginDto);
DateTime timestamp2 = passwordService.findOneByIdentity(identity.getUsername()).getLastSuccessfulLogin();
assertTrue(timestamp2.isAfter(timestamp));
}
use of eu.bcvsolutions.idm.core.security.api.dto.LoginDto in project CzechIdMng by bcvsolutions.
the class DefaultAuthenticationManager method validate.
@Override
public boolean validate(String username, GuardedString password) {
LoginDto loginDto = new LoginDto();
loginDto.setUsername(username);
loginDto.setPassword(password);
try {
this.authenticate(loginDto);
} catch (RuntimeException e) {
return false;
}
return true;
}
use of eu.bcvsolutions.idm.core.security.api.dto.LoginDto in project CzechIdMng by bcvsolutions.
the class DefaultAuthenticationManager method authenticateOverAuthenticator.
/**
* Authenticate {@link LoginDto} over all found {@link Authenticator}
*
* @param loginDto
*/
private LoginDto authenticateOverAuthenticator(LoginDto loginDto) {
Assert.notNull(authenticators);
//
List<LoginDto> resultsList = new LinkedList<>();
RuntimeException firstFailture = null;
//
for (Authenticator authenticator : getEnabledAuthenticators()) {
LOG.debug("AuthenticationManager call authenticate by [{}].", authenticator.getName());
try {
LoginDto result = authenticator.authenticate(cloneLoginDto(loginDto));
if (result == null) {
// continue, authenticator is not implemented or etc.
continue;
}
if (authenticator.getExceptedResult() == AuthenticationResponseEnum.SUFFICIENT) {
passwordService.setLastSuccessfulLogin(loginDto.getUsername());
return result;
}
// if otherwise add result too list and continue
resultsList.add(result);
} catch (RuntimeException e) {
// if excepted response is REQUISITE exit immediately with error
if (authenticator.getExceptedResult() == AuthenticationResponseEnum.REQUISITE) {
throw e;
}
// if otherwise save first failure into exception
if (firstFailture == null) {
firstFailture = e;
}
}
}
// authenticator is sorted by implement ordered, return first success authenticate authenticator, if don't exist any otherwise throw first failure
if (resultsList.isEmpty()) {
passwordService.increaseUnsuccessfulAttempts(loginDto.getUsername());
throw firstFailture;
}
passwordService.setLastSuccessfulLogin(loginDto.getUsername());
return resultsList.get(0);
}
Aggregations