Examples with InvalidPasswordException org.cloudfoundry.identity.uaa.scim.exception.InvalidPasswordException used on opensource projects

Example 11 with InvalidPasswordException

use of org.cloudfoundry.identity.uaa.scim.exception.InvalidPasswordException in project uaa by cloudfoundry.

the class ForcePasswordChangeController method handleForcePasswordChange.

@RequestMapping(value = "/force_password_change", method = POST)
public String handleForcePasswordChange(Model model, @RequestParam("password") String password, @RequestParam("password_confirmation") String passwordConfirmation, HttpServletRequest request, HttpServletResponse response, HttpSession httpSession) {
    SecurityContext securityContext = SecurityContextHolder.getContext();
    UaaAuthentication authentication = ((UaaAuthentication) securityContext.getAuthentication());
    UaaPrincipal principal = authentication.getPrincipal();
    String email = principal.getEmail();
    PasswordConfirmationValidation validation = new PasswordConfirmationValidation(email, password, passwordConfirmation);
    if (!validation.valid()) {
        return handleUnprocessableEntity(model, response, email, resourcePropertySource.getProperty("force_password_change.form_error").toString());
    }
    logger.debug("Processing handleForcePasswordChange for user: " + email);
    try {
        resetPasswordService.resetUserPassword(principal.getId(), password);
    } catch (InvalidPasswordException exception) {
        return handleUnprocessableEntity(model, response, email, exception.getMessagesAsOneString());
    }
    logger.debug(String.format("Successful password change for username:%s in zone:%s ", principal.getName(), IdentityZoneHolder.get().getId()));
    SessionUtils.setPasswordChangeRequired(httpSession, false);
    authentication.setAuthenticatedTime(System.currentTimeMillis());
    SessionUtils.setSecurityContext(request.getSession(), SecurityContextHolder.getContext());
    return "redirect:/force_password_change_completed";
}

Example 12 with InvalidPasswordException

use of org.cloudfoundry.identity.uaa.scim.exception.InvalidPasswordException in project uaa by cloudfoundry.

the class AccountsControllerTest method invalidPassword.

@Test
void invalidPassword() throws Exception {
    doThrow(new InvalidPasswordException(Arrays.asList("Msg 2", "Msg 1"))).when(accountCreationService).beginActivation("user1@example.com", "password", "app", null);
    MockHttpServletRequestBuilder post = post("/create_account.do").param("email", "user1@example.com").param("password", "password").param("password_confirmation", "password").param("client_id", "app");
    mockMvc.perform(post).andExpect(status().isUnprocessableEntity()).andExpect(view().name("accounts/new_activation_email")).andExpect(model().attribute("error_message", "Msg 1 Msg 2"));
}

Example 13 with InvalidPasswordException

use of org.cloudfoundry.identity.uaa.scim.exception.InvalidPasswordException in project uaa by cloudfoundry.

the class UaaResetPasswordServiceTests method resetPassword_validatesNewPassword.

@Test
void resetPassword_validatesNewPassword() {
    doThrow(new InvalidPasswordException("foo")).when(passwordValidator).validate("new_secret");
    ExpiringCode code1 = new ExpiringCode("secret_code", new Timestamp(System.currentTimeMillis() + 1000 * 60 * 10), "{}", null);
    assertThrows(InvalidPasswordException.class, () -> uaaResetPasswordService.resetPassword(code1, "new_secret"));
}

Example 14 with InvalidPasswordException

use of org.cloudfoundry.identity.uaa.scim.exception.InvalidPasswordException in project uaa by cloudfoundry.

the class UaaResetPasswordServiceTests method resetPassword_InvalidPasswordException_NewPasswordSameAsOld.

@Test
void resetPassword_InvalidPasswordException_NewPasswordSameAsOld() {
    ScimUser user = new ScimUser("user-id", "username", "firstname", "lastname");
    user.setMeta(new ScimMeta(new Date(), new Date(), 0));
    user.setPrimaryEmail("foo@example.com");
    ExpiringCode expiringCode = new ExpiringCode("good_code", new Timestamp(System.currentTimeMillis() + UaaResetPasswordService.PASSWORD_RESET_LIFETIME), "{\"user_id\":\"user-id\",\"username\":\"username\",\"passwordModifiedTime\":null,\"client_id\":\"\",\"redirect_uri\":\"\"}", null);
    when(codeStore.retrieveCode("good_code", currentZoneId)).thenReturn(expiringCode);
    when(scimUserProvisioning.retrieve("user-id", currentZoneId)).thenReturn(user);
    when(scimUserProvisioning.checkPasswordMatches("user-id", "Passwo3dAsOld", currentZoneId)).thenThrow(new InvalidPasswordException("Your new password cannot be the same as the old password.", UNPROCESSABLE_ENTITY));
    SecurityContext securityContext = mock(SecurityContext.class);
    when(securityContext.getAuthentication()).thenReturn(new MockAuthentication());
    SecurityContextHolder.setContext(securityContext);
    try {
        uaaResetPasswordService.resetPassword(expiringCode, "Passwo3dAsOld");
        fail();
    } catch (InvalidPasswordException e) {
        assertEquals("Your new password cannot be the same as the old password.", e.getMessage());
        assertEquals(UNPROCESSABLE_ENTITY, e.getStatus());
    }
}

Example 15 with InvalidPasswordException

use of org.cloudfoundry.identity.uaa.scim.exception.InvalidPasswordException in project uaa by cloudfoundry.

the class ChangePasswordControllerTest method changePassword_PasswordNoveltyViolationReported_NewPasswordSameAsCurrentPassword.

@Test
void changePassword_PasswordNoveltyViolationReported_NewPasswordSameAsCurrentPassword() throws Exception {
    doThrow(new InvalidPasswordException("Your new password cannot be the same as the old password.")).when(changePasswordService).changePassword("bob", "secret", "new secret");
    MockHttpServletRequestBuilder post = createRequest("secret", "new secret", "new secret");
    mockMvc.perform(post).andExpect(status().isUnprocessableEntity()).andExpect(view().name("change_password")).andExpect(model().attribute("message", "Your new password cannot be the same as the old password."));
}