use of org.cloudfoundry.identity.uaa.scim.exception.InvalidPasswordException in project uaa by cloudfoundry.
the class ScimUserEndpointsTests method createUser_whenPasswordIsInvalid_throwsException.
@Test
void createUser_whenPasswordIsInvalid_throwsException() {
doThrow(new InvalidPasswordException("whaddup")).when(mockPasswordValidator).validate(anyString());
ScimUserProvisioning mockScimUserProvisioning = mock(ScimUserProvisioning.class);
ReflectionTestUtils.setField(scimUserEndpoints, "scimUserProvisioning", mockScimUserProvisioning);
String zoneId = identityZone.getId();
when(mockScimUserProvisioning.createUser(any(ScimUser.class), anyString(), eq(zoneId))).thenReturn(new ScimUser());
String userName = "user@example.com";
ScimUser user = new ScimUser("user1", userName, null, null);
user.addEmail(userName);
user.setOrigin(OriginKeys.UAA);
user.setPassword("some bad password");
InvalidPasswordException invalidPasswordException = assertThrowsWithMessageThat(InvalidPasswordException.class, () -> scimUserEndpoints.createUser(user, new MockHttpServletRequest(), new MockHttpServletResponse()), containsString("whaddup"));
assertEquals(invalidPasswordException.getStatus(), HttpStatus.BAD_REQUEST);
verify(mockPasswordValidator).validate("some bad password");
ReflectionTestUtils.setField(scimUserEndpoints, "scimUserProvisioning", jdbcScimUserProvisioning);
}
use of org.cloudfoundry.identity.uaa.scim.exception.InvalidPasswordException in project uaa by cloudfoundry.
the class InvitationsControllerTest method testAcceptInviteWithContraveningPassword.
@Test
public void testAcceptInviteWithContraveningPassword() throws Exception {
doThrow(new InvalidPasswordException(Arrays.asList("Msg 2c", "Msg 1c"))).when(passwordValidator).validate("a");
MockHttpServletRequestBuilder post = startAcceptInviteFlow("a", "a");
Map<String, String> codeData = getInvitationsCode(OriginKeys.UAA);
String codeDataString = JsonUtils.writeValueAsString(codeData);
when(expiringCodeStore.retrieveCode("thecode", IdentityZoneHolder.get().getId())).thenReturn(new ExpiringCode("thecode", new Timestamp(1), codeDataString, INVITATION.name()), null);
when(expiringCodeStore.retrieveCode("thenewcode", IdentityZoneHolder.get().getId())).thenReturn(new ExpiringCode("thenewcode", new Timestamp(1), codeDataString, INVITATION.name()), null);
when(expiringCodeStore.generateCode(eq(codeDataString), any(), eq(INVITATION.name()), eq(IdentityZoneHolder.get().getId()))).thenReturn(new ExpiringCode("thenewcode", new Timestamp(1), codeDataString, INVITATION.name()), new ExpiringCode("thenewcode2", new Timestamp(1), codeDataString, INVITATION.name()));
IdentityProvider identityProvider = new IdentityProvider();
identityProvider.setType(OriginKeys.UAA);
when(providerProvisioning.retrieveByOrigin("uaa", "uaa")).thenReturn(identityProvider);
mockMvc.perform(post).andExpect(status().isFound()).andExpect(model().attribute("error_message", "Msg 1c Msg 2c")).andExpect(model().attribute("code", "thenewcode2")).andExpect(view().name("redirect:accept"));
verify(expiringCodeStore).retrieveCode("thecode", IdentityZoneHolder.get().getId());
verify(expiringCodeStore, times(2)).generateCode(anyString(), any(), anyString(), eq(IdentityZoneHolder.get().getId()));
verify(invitationsService, never()).acceptInvitation(anyString(), anyString());
}
use of org.cloudfoundry.identity.uaa.scim.exception.InvalidPasswordException in project uaa by cloudfoundry.
the class PasswordResetEndpoint method changePassword.
@RequestMapping(value = "/password_change", method = RequestMethod.POST)
public ResponseEntity<LostPasswordChangeResponse> changePassword(@RequestBody LostPasswordChangeRequest passwordChangeRequest) {
ResponseEntity<LostPasswordChangeResponse> responseEntity;
if (passwordChangeRequest.getChangeCode() != null) {
try {
ExpiringCode expiringCode = getExpiringCode(passwordChangeRequest.getChangeCode());
ResetPasswordService.ResetPasswordResponse reset = resetPasswordService.resetPassword(expiringCode, passwordChangeRequest.getNewPassword());
ScimUser user = reset.getUser();
ExpiringCode loginCode = getCode(user.getId(), user.getUserName(), reset.getClientId());
LostPasswordChangeResponse response = new LostPasswordChangeResponse();
response.setUserId(user.getId());
response.setUsername(user.getUserName());
response.setEmail(user.getPrimaryEmail());
response.setLoginCode(loginCode.getCode());
return new ResponseEntity<>(response, OK);
} catch (BadCredentialsException e) {
return new ResponseEntity<>(UNAUTHORIZED);
} catch (ScimResourceNotFoundException e) {
return new ResponseEntity<>(NOT_FOUND);
} catch (InvalidPasswordException | InvalidCodeException e) {
throw e;
} catch (Exception e) {
return new ResponseEntity<>(INTERNAL_SERVER_ERROR);
}
} else {
responseEntity = new ResponseEntity<>(BAD_REQUEST);
}
return responseEntity;
}
use of org.cloudfoundry.identity.uaa.scim.exception.InvalidPasswordException in project uaa by cloudfoundry.
the class ResetPasswordAuthenticationEntryPoint method commence.
@Override
public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException {
Throwable cause = authException.getCause();
response.setStatus(HttpStatus.UNPROCESSABLE_ENTITY.value());
HttpServletRequestWrapper wrapper = new HttpServletRequestWrapper(request) {
@Override
public String getMethod() {
return "GET";
}
@Override
public String getParameter(String name) {
if (name.equals("code")) {
return (String) getAttribute(name);
}
return super.getParameter(name);
}
@Override
public Map<String, String[]> getParameterMap() {
Map<String, String[]> map = super.getParameterMap();
if (map.containsKey("code")) {
Map<String, String[]> newMap = new HashMap<>(map);
newMap.put("code", new String[] { (String) getAttribute("code") });
map = newMap;
}
return map;
}
@Override
public String[] getParameterValues(String name) {
return getParameterMap().get(name);
}
};
if (cause instanceof PasswordConfirmationException) {
PasswordConfirmationException passwordConfirmationException = (PasswordConfirmationException) cause;
request.setAttribute("message_code", passwordConfirmationException.getMessageCode());
request.getRequestDispatcher("/reset_password").forward(wrapper, response);
return;
} else {
if (cause instanceof InvalidPasswordException) {
InvalidPasswordException exception = (InvalidPasswordException) cause;
request.setAttribute("message", exception.getMessagesAsOneString());
request.getRequestDispatcher("/reset_password").forward(wrapper, response);
} else {
request.setAttribute("message_code", "bad_code");
request.getRequestDispatcher("/forgot_password").forward(wrapper, response);
}
}
}
use of org.cloudfoundry.identity.uaa.scim.exception.InvalidPasswordException in project uaa by cloudfoundry.
the class ResetPasswordAuthenticationFilter method doFilterInternal.
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
String email = request.getParameter("email");
String code = request.getParameter("code");
String password = request.getParameter("password");
String passwordConfirmation = request.getParameter("password_confirmation");
PasswordConfirmationValidation validation = new PasswordConfirmationValidation(email, password, passwordConfirmation);
ExpiringCode expiringCode = null;
try {
expiringCode = expiringCodeStore.retrieveCode(code, IdentityZoneHolder.get().getId());
validation.throwIfNotValid();
if (expiringCode == null) {
throw new InvalidCodeException("invalid_code", "Sorry, your reset password link is no longer valid. Please request a new one", 422);
}
ResetPasswordService.ResetPasswordResponse resetPasswordResponse = service.resetPassword(expiringCode, password);
String redirectUri = resetPasswordResponse.getRedirectUri();
if (!StringUtils.hasText(redirectUri) || redirectUri.equals("home")) {
response.sendRedirect(request.getContextPath() + "/login?success=password_reset");
} else {
response.sendRedirect(request.getContextPath() + "/login?success=password_reset&form_redirect_uri=" + redirectUri);
}
} catch (InvalidPasswordException e) {
refreshCode(request, expiringCode);
entryPoint.commence(request, response, new BadCredentialsException(e.getMessagesAsOneString(), e));
} catch (UaaException e) {
entryPoint.commence(request, response, new InternalAuthenticationServiceException(e.getMessage(), e));
} catch (PasswordConfirmationException pe) {
refreshCode(request, expiringCode);
entryPoint.commence(request, response, new BadCredentialsException("Password did not pass validation.", pe));
}
return;
}
Aggregations