Search in sources :

Example 1 with PasswordConfirmationValidation

use of org.cloudfoundry.identity.uaa.account.PasswordConfirmationValidation in project uaa by cloudfoundry.

the class PasswordConfirmationValidationTest method testValidWithMatchingPasswords.

@Test
public void testValidWithMatchingPasswords() {
    PasswordConfirmationValidation validation = new PasswordConfirmationValidation("secret", "secret");
    Assert.assertTrue(validation.valid());
}
Also used : PasswordConfirmationValidation(org.cloudfoundry.identity.uaa.account.PasswordConfirmationValidation) Test(org.junit.Test)

Example 2 with PasswordConfirmationValidation

use of org.cloudfoundry.identity.uaa.account.PasswordConfirmationValidation in project uaa by cloudfoundry.

the class PasswordConfirmationValidationTest method testInvalidWithMismatchedPasswords.

@Test
public void testInvalidWithMismatchedPasswords() {
    PasswordConfirmationValidation validation = new PasswordConfirmationValidation("secret", "mecret");
    Assert.assertFalse(validation.valid());
}
Also used : PasswordConfirmationValidation(org.cloudfoundry.identity.uaa.account.PasswordConfirmationValidation) Test(org.junit.Test)

Example 3 with PasswordConfirmationValidation

use of org.cloudfoundry.identity.uaa.account.PasswordConfirmationValidation in project uaa by cloudfoundry.

the class InvitationsController method acceptInvitation.

@RequestMapping(value = "/accept.do", method = POST)
public String acceptInvitation(@RequestParam("password") String password, @RequestParam("password_confirmation") String passwordConfirmation, @RequestParam("code") String code, @RequestParam(value = "does_user_consent", required = false) boolean doesUserConsent, Model model, HttpServletResponse response) {
    PasswordConfirmationValidation validation = new PasswordConfirmationValidation(password, passwordConfirmation);
    UaaPrincipal principal = (UaaPrincipal) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
    final ExpiringCode expiringCode = expiringCodeStore.retrieveCode(code, IdentityZoneHolder.get().getId());
    if (expiringCode == null || expiringCode.getData() == null) {
        logger.debug("Failing invitation. Code not found.");
        SecurityContextHolder.clearContext();
        return handleUnprocessableEntity(model, response, "error_message_code", "code_expired", "invitations/accept_invite");
    }
    Map<String, String> data = JsonUtils.readValue(expiringCode.getData(), new TypeReference<>() {
    });
    if (principal == null || data.get("user_id") == null || !data.get("user_id").equals(principal.getId())) {
        logger.debug("Failing invitation. Code and user ID mismatch.");
        SecurityContextHolder.clearContext();
        return handleUnprocessableEntity(model, response, "error_message_code", "code_expired", "invitations/accept_invite");
    }
    final String newCode = expiringCodeStore.generateCode(expiringCode.getData(), new Timestamp(System.currentTimeMillis() + (10 * 60 * 1000)), expiringCode.getIntent(), IdentityZoneHolder.get().getId()).getCode();
    BrandingInformation zoneBranding = IdentityZoneHolder.get().getConfig().getBranding();
    if (zoneBranding != null && zoneBranding.getConsent() != null && !doesUserConsent) {
        return processErrorReload(newCode, model, principal.getEmail(), response, "error_message_code", "missing_consent");
    }
    if (!validation.valid()) {
        return processErrorReload(newCode, model, principal.getEmail(), response, "error_message_code", validation.getMessageCode());
    }
    try {
        passwordValidator.validate(password);
    } catch (InvalidPasswordException e) {
        return processErrorReload(newCode, model, principal.getEmail(), response, "error_message", e.getMessagesAsOneString());
    }
    AcceptedInvitation invitation;
    try {
        invitation = invitationsService.acceptInvitation(newCode, password);
    } catch (HttpClientErrorException e) {
        return handleUnprocessableEntity(model, response, "error_message_code", "code_expired", "invitations/accept_invite");
    }
    String res = "redirect:/login?success=invite_accepted";
    if (!invitation.getRedirectUri().equals("/home")) {
        res += "&" + FORM_REDIRECT_PARAMETER + "=" + invitation.getRedirectUri();
    }
    return res;
}
Also used : BrandingInformation(org.cloudfoundry.identity.uaa.zone.BrandingInformation) UaaPrincipal(org.cloudfoundry.identity.uaa.authentication.UaaPrincipal) HttpClientErrorException(org.springframework.web.client.HttpClientErrorException) ExpiringCode(org.cloudfoundry.identity.uaa.codestore.ExpiringCode) PasswordConfirmationValidation(org.cloudfoundry.identity.uaa.account.PasswordConfirmationValidation) InvalidPasswordException(org.cloudfoundry.identity.uaa.scim.exception.InvalidPasswordException) Timestamp(java.sql.Timestamp) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 4 with PasswordConfirmationValidation

use of org.cloudfoundry.identity.uaa.account.PasswordConfirmationValidation in project uaa by cloudfoundry.

the class ForcePasswordChangeController method handleForcePasswordChange.

@RequestMapping(value = "/force_password_change", method = POST)
public String handleForcePasswordChange(Model model, @RequestParam("password") String password, @RequestParam("password_confirmation") String passwordConfirmation, HttpServletRequest request, HttpServletResponse response, HttpSession httpSession) {
    SecurityContext securityContext = SecurityContextHolder.getContext();
    UaaAuthentication authentication = ((UaaAuthentication) securityContext.getAuthentication());
    UaaPrincipal principal = authentication.getPrincipal();
    String email = principal.getEmail();
    PasswordConfirmationValidation validation = new PasswordConfirmationValidation(email, password, passwordConfirmation);
    if (!validation.valid()) {
        return handleUnprocessableEntity(model, response, email, resourcePropertySource.getProperty("force_password_change.form_error").toString());
    }
    logger.debug("Processing handleForcePasswordChange for user: " + email);
    try {
        resetPasswordService.resetUserPassword(principal.getId(), password);
    } catch (InvalidPasswordException exception) {
        return handleUnprocessableEntity(model, response, email, exception.getMessagesAsOneString());
    }
    logger.debug(String.format("Successful password change for username:%s in zone:%s ", principal.getName(), IdentityZoneHolder.get().getId()));
    SessionUtils.setPasswordChangeRequired(httpSession, false);
    authentication.setAuthenticatedTime(System.currentTimeMillis());
    SessionUtils.setSecurityContext(request.getSession(), SecurityContextHolder.getContext());
    return "redirect:/force_password_change_completed";
}
Also used : UaaAuthentication(org.cloudfoundry.identity.uaa.authentication.UaaAuthentication) UaaPrincipal(org.cloudfoundry.identity.uaa.authentication.UaaPrincipal) PasswordConfirmationValidation(org.cloudfoundry.identity.uaa.account.PasswordConfirmationValidation) SecurityContext(org.springframework.security.core.context.SecurityContext) InvalidPasswordException(org.cloudfoundry.identity.uaa.scim.exception.InvalidPasswordException) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 5 with PasswordConfirmationValidation

use of org.cloudfoundry.identity.uaa.account.PasswordConfirmationValidation in project uaa by cloudfoundry.

the class PasswordConfirmationValidationTest method testInvalidWithEmptyPassword.

@Test
public void testInvalidWithEmptyPassword() {
    PasswordConfirmationValidation validation = new PasswordConfirmationValidation("", "");
    Assert.assertFalse(validation.valid());
}
Also used : PasswordConfirmationValidation(org.cloudfoundry.identity.uaa.account.PasswordConfirmationValidation) Test(org.junit.Test)

Aggregations

PasswordConfirmationValidation (org.cloudfoundry.identity.uaa.account.PasswordConfirmationValidation)5 Test (org.junit.Test)3 UaaPrincipal (org.cloudfoundry.identity.uaa.authentication.UaaPrincipal)2 InvalidPasswordException (org.cloudfoundry.identity.uaa.scim.exception.InvalidPasswordException)2 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)2 Timestamp (java.sql.Timestamp)1 UaaAuthentication (org.cloudfoundry.identity.uaa.authentication.UaaAuthentication)1 ExpiringCode (org.cloudfoundry.identity.uaa.codestore.ExpiringCode)1 BrandingInformation (org.cloudfoundry.identity.uaa.zone.BrandingInformation)1 SecurityContext (org.springframework.security.core.context.SecurityContext)1 HttpClientErrorException (org.springframework.web.client.HttpClientErrorException)1