use of org.keycloak.credential.CredentialModel in project keycloak by keycloak.
the class CredentialModelBackwardsCompatibilityTest method testCredentialModelLegacyGetterSetters.
@Test
public void testCredentialModelLegacyGetterSetters() {
CredentialModel credential = new CredentialModel();
// Assert null can be read
Assert.assertNull(credential.getValue());
Assert.assertNull(credential.getDevice());
Assert.assertNull(credential.getAlgorithm());
Assert.assertNull(credential.getSalt());
Assert.assertEquals(0, credential.getCounter());
Assert.assertEquals(0, credential.getHashIterations());
Assert.assertEquals(0, credential.getDigits());
Assert.assertEquals(0, credential.getPeriod());
credential.setValue("foo");
credential.setDevice("foo-device");
credential.setAlgorithm("foo-algorithm");
credential.setSalt(new byte[] { 1, 2, 3 });
credential.setCounter(15);
credential.setHashIterations(20);
credential.setDigits(25);
credential.setPeriod(30);
Assert.assertEquals("foo", credential.getValue());
Assert.assertEquals("foo-device", credential.getDevice());
Assert.assertTrue(Arrays.areEqual(new byte[] { 1, 2, 3 }, credential.getSalt()));
Assert.assertEquals(15, credential.getCounter());
Assert.assertEquals(20, credential.getHashIterations());
Assert.assertEquals(25, credential.getDigits());
Assert.assertEquals(30, credential.getPeriod());
// Set null to some values
credential.setValue(null);
credential.setSalt(null);
credential.setAlgorithm(null);
Assert.assertNull(credential.getValue());
Assert.assertNull(credential.getAlgorithm());
Assert.assertNull(credential.getSalt());
Assert.assertEquals("foo-device", credential.getDevice());
}
use of org.keycloak.credential.CredentialModel in project keycloak by keycloak.
the class CredentialModelBackwardsCompatibilityTest method testCredentialModelPassword.
@Test
public void testCredentialModelPassword() {
byte[] salt = { 1, 2, 3 };
CredentialModel password = PasswordCredentialModel.createFromValues("foo", salt, 1000, "pass");
Assert.assertEquals("pass", password.getValue());
Assert.assertTrue(Arrays.areEqual(salt, password.getSalt()));
Assert.assertEquals(1000, password.getHashIterations());
Assert.assertEquals("foo", password.getAlgorithm());
// Change something and assert it is changed
password.setValue("789789");
Assert.assertEquals("789789", password.getValue());
// Test clone
PasswordCredentialModel cloned = PasswordCredentialModel.createFromCredentialModel(password);
Assert.assertEquals("789789", cloned.getPasswordSecretData().getValue());
Assert.assertEquals(1000, cloned.getPasswordCredentialData().getHashIterations());
Assert.assertEquals(1000, cloned.getPasswordCredentialData().getHashIterations());
Assert.assertEquals("foo", cloned.getPasswordCredentialData().getAlgorithm());
}
use of org.keycloak.credential.CredentialModel in project keycloak by keycloak.
the class JpaUserFederatedStorageProvider method getStoredCredentialById.
@Override
public CredentialModel getStoredCredentialById(RealmModel realm, String userId, String id) {
FederatedUserCredentialEntity entity = em.find(FederatedUserCredentialEntity.class, id);
if (!checkCredentialEntity(entity, userId))
return null;
CredentialModel model = toModel(entity);
return model;
}
use of org.keycloak.credential.CredentialModel in project keycloak by keycloak.
the class UpdatePassword method evaluateTriggers.
@Override
public void evaluateTriggers(RequiredActionContext context) {
int daysToExpirePassword = context.getRealm().getPasswordPolicy().getDaysToExpirePassword();
if (daysToExpirePassword != -1) {
PasswordCredentialProvider passwordProvider = (PasswordCredentialProvider) context.getSession().getProvider(CredentialProvider.class, PasswordCredentialProviderFactory.PROVIDER_ID);
CredentialModel password = passwordProvider.getPassword(context.getRealm(), context.getUser());
if (password != null) {
if (password.getCreatedDate() == null) {
context.getUser().addRequiredAction(UserModel.RequiredAction.UPDATE_PASSWORD);
logger.debug("User is required to update password");
} else {
long timeElapsed = Time.toMillis(Time.currentTime()) - password.getCreatedDate();
long timeToExpire = TimeUnit.DAYS.toMillis(daysToExpirePassword);
if (timeElapsed > timeToExpire) {
context.getUser().addRequiredAction(UserModel.RequiredAction.UPDATE_PASSWORD);
logger.debug("User is required to update password");
}
}
}
}
}
use of org.keycloak.credential.CredentialModel in project keycloak by keycloak.
the class RunHelpers method fetchCredentials.
public static FetchOnServerWrapper<CredentialModel> fetchCredentials(String username) {
return new FetchOnServerWrapper() {
@Override
public FetchOnServer getRunOnServer() {
return (FetchOnServer) session -> {
RealmModel realm = session.getContext().getRealm();
UserModel user = session.users().getUserByUsername(realm, username);
List<CredentialModel> storedCredentialsByType = session.userCredentialManager().getStoredCredentialsByTypeStream(realm, user, CredentialRepresentation.PASSWORD).collect(Collectors.toList());
System.out.println(storedCredentialsByType.size());
return storedCredentialsByType.get(0);
};
}
@Override
public Class getResultClass() {
return CredentialModel.class;
}
};
}
Aggregations