Examples with LoginDto eu.bcvsolutions.idm.core.security.api.dto.LoginDto used on opensource projects

Example 41 with LoginDto

use of eu.bcvsolutions.idm.core.security.api.dto.LoginDto in project CzechIdMng by bcvsolutions.

the class PasswordChangeController method passwordChange.

/**
 * Changes identity password. Could be public, because previous password is required.
 *
 * @param identityId
 * @param passwordChangeDto
 * @return
 */
@ResponseBody
@ResponseStatus(code = HttpStatus.OK)
@RequestMapping(value = BaseController.BASE_PATH + "/public/identities/{backendId}/password-change", method = RequestMethod.PUT)
@ApiOperation(value = "Change identity's password", nickname = "passwordChange", response = PasswordChangeDto.class, tags = { PasswordChangeController.TAG })
public List<OperationResult> passwordChange(@ApiParam(value = "Identity's uuid identifier or username.", required = true) @PathVariable String backendId, @RequestBody @Valid PasswordChangeDto passwordChangeDto) {
    IdmIdentityDto identity = (IdmIdentityDto) entityLookupService.lookupDto(IdmIdentityDto.class, backendId);
    if (identity == null) {
        // we don't result not found by security reasons, it public endpoint
        throw new ResultCodeException(CoreResultCode.PASSWORD_CHANGE_CURRENT_FAILED_IDM);
    }
    // we need to login as identity, if no one is logged in
    try {
        if (!securityService.isAuthenticated()) {
            LoginDto loginDto = new LoginDto();
            loginDto.setSkipMustChange(true);
            loginDto.setUsername(identity.getUsername());
            loginDto.setPassword(passwordChangeDto.getOldPassword());
            loginDto = authenticationManager.authenticate(loginDto);
            // 
            // public password change password for all system including idm
            passwordChangeDto.setAll(true);
            // check if is allowed change password trough IdM, otherwise leave value as it is
            passwordChangeDto.setIdm(identityConfiguration.isAllowedPublicChangePasswordForIdm());
        }
    } catch (IdmAuthenticationException ex) {
        throw new ResultCodeException(CoreResultCode.PASSWORD_CHANGE_CURRENT_FAILED_IDM, ex);
    }
    // 
    // check permission for password change
    identityService.checkAccess(identity, IdentityBasePermission.PASSWORDCHANGE);
    // 
    return identityService.passwordChange(identity, passwordChangeDto);
}

Example 42 with LoginDto

use of eu.bcvsolutions.idm.core.security.api.dto.LoginDto in project CzechIdMng by bcvsolutions.

the class DefaultAccAuthenticatorTest method loginAgainstTwoAccount.

@Test
public void loginAgainstTwoAccount() {
    IdmIdentityDto identity = identityService.getByUsername(USERNAME);
    AccIdentityAccountFilter filter = new AccIdentityAccountFilter();
    filter.setIdentityId(identity.getId());
    List<AccIdentityAccountDto> identityAccounts = identityAccountService.find(filter, null).getContent();
    // get account distinct for identityAccounts
    List<String> accountIds = new ArrayList<>();
    for (AccIdentityAccountDto identityAccount : identityAccounts) {
        if (!accountIds.contains(identityAccount.getAccount().toString())) {
            accountIds.add(identityAccount.getAccount().toString());
        }
    }
    assertEquals(1, accountIds.size());
    assertEquals(1, identityAccounts.size());
    IdmRoleDto role2 = roleService.getByCode(ROLE_NAME + "2");
    IdmIdentityRoleDto irdto = new IdmIdentityRoleDto();
    irdto.setIdentityContract(identityContractService.findAllByIdentity(identity.getId()).get(0).getId());
    irdto.setRole(role2.getId());
    irdto = identityRoleService.save(irdto);
    identityAccounts = identityAccountService.find(filter, null).getContent();
    // get account distinct for identityAccounts
    accountIds = new ArrayList<>();
    for (AccIdentityAccountDto identityAccount : identityAccounts) {
        if (!accountIds.contains(identityAccount.getAccount().toString())) {
            accountIds.add(identityAccount.getAccount().toString());
        }
    }
    assertEquals(2, accountIds.size());
    assertEquals(2, identityAccounts.size());
    PasswordChangeDto passwordChangeDto = new PasswordChangeDto();
    List<String> accs = new ArrayList<>();
    accs.add(accountIds.get(0));
    passwordChangeDto.setAccounts(accs);
    passwordChangeDto.setAll(false);
    passwordChangeDto.setNewPassword(new GuardedString("1234"));
    // change password for system
    provisioningService.changePassword(identity, passwordChangeDto);
    passwordChangeDto = new PasswordChangeDto();
    accs = new ArrayList<>();
    accs.add(accountIds.get(1));
    passwordChangeDto.setAccounts(accs);
    passwordChangeDto.setAll(false);
    passwordChangeDto.setNewPassword(new GuardedString("4321"));
    // change password for system
    provisioningService.changePassword(identity, passwordChangeDto);
    // bough password are right
    LoginDto loginDto1 = new LoginDto();
    loginDto1.setUsername(USERNAME);
    loginDto1.setPassword(new GuardedString("1234"));
    loginDto1 = authenticationManager.authenticate(loginDto1);
    LoginDto loginDto2 = new LoginDto();
    loginDto2.setUsername(USERNAME);
    loginDto2.setPassword(new GuardedString("4321"));
    loginDto2 = authenticationManager.authenticate(loginDto2);
    assertNotNull(loginDto2);
    assertNotNull(loginDto2.getAuthentication());
    assertEquals("acc", loginDto2.getAuthenticationModule());
    assertNotNull(loginDto1);
    assertNotNull(loginDto1.getAuthentication());
    assertEquals("acc", loginDto1.getAuthenticationModule());
}

Example 43 with LoginDto

use of eu.bcvsolutions.idm.core.security.api.dto.LoginDto in project CzechIdMng by bcvsolutions.

the class DefaultAccAuthenticatorTest method A_loginAgainstSystem.

@Test
public void A_loginAgainstSystem() {
    initData();
    IdmIdentityDto identity = identityService.getByUsername(USERNAME);
    IdmRoleDto role = roleService.getByCode(ROLE_NAME);
    IdmIdentityRoleDto irdto = new IdmIdentityRoleDto();
    irdto.setIdentityContract(identityContractService.findAllByIdentity(identity.getId()).get(0).getId());
    irdto.setRole(role.getId());
    // This evokes IdentityRole SAVE event. On this event will be start
    // account management and provisioning
    irdto = identityRoleService.save(irdto);
    // 
    AccIdentityAccountFilter filter = new AccIdentityAccountFilter();
    filter.setIdentityId(identity.getId());
    List<AccIdentityAccountDto> accounts = identityAccountService.find(filter, null).getContent();
    assertEquals(1, accounts.size());
    List<String> accs = new ArrayList<>();
    accs.add(accounts.get(0).getId().toString());
    PasswordChangeDto passwordChangeDto = new PasswordChangeDto();
    passwordChangeDto.setAccounts(accs);
    passwordChangeDto.setAll(true);
    passwordChangeDto.setNewPassword(new GuardedString("test"));
    // change password for system
    provisioningService.changePassword(identity, passwordChangeDto);
    LoginDto loginDto = new LoginDto();
    loginDto.setUsername(USERNAME);
    loginDto.setPassword(new GuardedString("test"));
    loginDto = authenticationManager.authenticate(loginDto);
    // 
    assertNotNull(loginDto);
    assertNotNull(loginDto.getAuthentication());
    assertEquals("acc", loginDto.getAuthenticationModule());
}

Example 44 with LoginDto

use of eu.bcvsolutions.idm.core.security.api.dto.LoginDto in project CzechIdMng by bcvsolutions.

the class DefaultAccAuthenticatorTest method loginAgainstIdm.

@Test
public void loginAgainstIdm() {
    IdmIdentityDto identity = new IdmIdentityDto();
    identity.setUsername("test_login_1");
    identity.setLastName("test_login_1");
    identity.setPassword(new GuardedString("test1234"));
    identity = identityService.save(identity);
    LoginDto loginDto = new LoginDto();
    loginDto.setPassword(new GuardedString("test1234"));
    loginDto.setUsername("test_login_1");
    loginDto = authenticationManager.authenticate(loginDto);
    assertNotNull(loginDto);
    assertNotNull(loginDto.getAuthentication());
    assertEquals("core", loginDto.getAuthenticationModule());
}

Example 45 with LoginDto

use of eu.bcvsolutions.idm.core.security.api.dto.LoginDto in project CzechIdMng by bcvsolutions.

the class IdentityAccountByRoleEvaluatorIntegrationTest method testCannotReadIdentityAccount.

@Test(expected = ForbiddenEntityException.class)
public void testCannotReadIdentityAccount() {
    IdmIdentityDto identity;
    AccIdentityAccountDto accountIdentityOne;
    try {
        loginAsAdmin(InitApplicationData.ADMIN_USERNAME);
        // 
        identity = helper.createIdentity();
        SysSystemDto system = helper.createTestResourceSystem(true);
        AccAccountDto accountOne = new AccAccountDto();
        accountOne.setSystem(system.getId());
        accountOne.setUid(identity.getUsername());
        accountOne.setAccountType(AccountType.PERSONAL);
        accountOne = accountService.save(accountOne);
        accountIdentityOne = new AccIdentityAccountDto();
        accountIdentityOne.setIdentity(identity.getId());
        accountIdentityOne.setOwnership(true);
        accountIdentityOne.setAccount(accountOne.getId());
        accountIdentityOne = identityAccountService.save(accountIdentityOne);
    } finally {
        logout();
    }
    // check
    try {
        loginService.login(new LoginDto(identity.getUsername(), identity.getPassword()));
        identityAccountService.get(accountIdentityOne.getId(), IdmBasePermission.READ);
    } finally {
        logout();
    }
}