Example 26 with CredentialModel
use of org.keycloak.credential.CredentialModel in project keycloak by keycloak.
the class CredentialModelBackwardsCompatibilityTest method testCredentialModelLegacyGetterSetters.
@Test
public void testCredentialModelLegacyGetterSetters() {
CredentialModel credential = new CredentialModel();
// Assert null can be read
Assert.assertNull(credential.getValue());
Assert.assertNull(credential.getDevice());
Assert.assertNull(credential.getAlgorithm());
Assert.assertNull(credential.getSalt());
Assert.assertEquals(0, credential.getCounter());
Assert.assertEquals(0, credential.getHashIterations());
Assert.assertEquals(0, credential.getDigits());
Assert.assertEquals(0, credential.getPeriod());
credential.setValue("foo");
credential.setDevice("foo-device");
credential.setAlgorithm("foo-algorithm");
credential.setSalt(new byte[] { 1, 2, 3 });
credential.setCounter(15);
credential.setHashIterations(20);
credential.setDigits(25);
credential.setPeriod(30);
Assert.assertEquals("foo", credential.getValue());
Assert.assertEquals("foo-device", credential.getDevice());
Assert.assertTrue(Arrays.areEqual(new byte[] { 1, 2, 3 }, credential.getSalt()));
Assert.assertEquals(15, credential.getCounter());
Assert.assertEquals(20, credential.getHashIterations());
Assert.assertEquals(25, credential.getDigits());
Assert.assertEquals(30, credential.getPeriod());
// Set null to some values
credential.setValue(null);
credential.setSalt(null);
credential.setAlgorithm(null);
Assert.assertNull(credential.getValue());
Assert.assertNull(credential.getAlgorithm());
Assert.assertNull(credential.getSalt());
Assert.assertEquals("foo-device", credential.getDevice());
}
Also used :
CredentialModel(org.keycloak.credential.CredentialModel)
PasswordCredentialModel(org.keycloak.models.credential.PasswordCredentialModel)
OTPCredentialModel(org.keycloak.models.credential.OTPCredentialModel)
Test(org.junit.Test)
Example 27 with CredentialModel
use of org.keycloak.credential.CredentialModel in project keycloak by keycloak.
the class CredentialModelBackwardsCompatibilityTest method testCredentialModelPassword.
@Test
public void testCredentialModelPassword() {
byte[] salt = { 1, 2, 3 };
CredentialModel password = PasswordCredentialModel.createFromValues("foo", salt, 1000, "pass");
Assert.assertEquals("pass", password.getValue());
Assert.assertTrue(Arrays.areEqual(salt, password.getSalt()));
Assert.assertEquals(1000, password.getHashIterations());
Assert.assertEquals("foo", password.getAlgorithm());
// Change something and assert it is changed
password.setValue("789789");
Assert.assertEquals("789789", password.getValue());
// Test clone
PasswordCredentialModel cloned = PasswordCredentialModel.createFromCredentialModel(password);
Assert.assertEquals("789789", cloned.getPasswordSecretData().getValue());
Assert.assertEquals(1000, cloned.getPasswordCredentialData().getHashIterations());
Assert.assertEquals(1000, cloned.getPasswordCredentialData().getHashIterations());
Assert.assertEquals("foo", cloned.getPasswordCredentialData().getAlgorithm());
}
Also used :
CredentialModel(org.keycloak.credential.CredentialModel)
PasswordCredentialModel(org.keycloak.models.credential.PasswordCredentialModel)
OTPCredentialModel(org.keycloak.models.credential.OTPCredentialModel)
PasswordCredentialModel(org.keycloak.models.credential.PasswordCredentialModel)
Test(org.junit.Test)
Example 28 with CredentialModel
use of org.keycloak.credential.CredentialModel in project keycloak by keycloak.
the class JpaUserFederatedStorageProvider method getStoredCredentialById.
@Override
public CredentialModel getStoredCredentialById(RealmModel realm, String userId, String id) {
FederatedUserCredentialEntity entity = em.find(FederatedUserCredentialEntity.class, id);
if (!checkCredentialEntity(entity, userId))
return null;
CredentialModel model = toModel(entity);
return model;
}
Also used :
CredentialModel(org.keycloak.credential.CredentialModel)
FederatedUserCredentialEntity(org.keycloak.storage.jpa.entity.FederatedUserCredentialEntity)
Example 29 with CredentialModel
use of org.keycloak.credential.CredentialModel in project keycloak by keycloak.
the class UpdatePassword method evaluateTriggers.
@Override
public void evaluateTriggers(RequiredActionContext context) {
int daysToExpirePassword = context.getRealm().getPasswordPolicy().getDaysToExpirePassword();
if (daysToExpirePassword != -1) {
PasswordCredentialProvider passwordProvider = (PasswordCredentialProvider) context.getSession().getProvider(CredentialProvider.class, PasswordCredentialProviderFactory.PROVIDER_ID);
CredentialModel password = passwordProvider.getPassword(context.getRealm(), context.getUser());
if (password != null) {
if (password.getCreatedDate() == null) {
context.getUser().addRequiredAction(UserModel.RequiredAction.UPDATE_PASSWORD);
logger.debug("User is required to update password");
} else {
long timeElapsed = Time.toMillis(Time.currentTime()) - password.getCreatedDate();
long timeToExpire = TimeUnit.DAYS.toMillis(daysToExpirePassword);
if (timeElapsed > timeToExpire) {
context.getUser().addRequiredAction(UserModel.RequiredAction.UPDATE_PASSWORD);
logger.debug("User is required to update password");
}
}
}
}
}
Also used :
UserCredentialModel(org.keycloak.models.UserCredentialModel)
CredentialModel(org.keycloak.credential.CredentialModel)
CredentialProvider(org.keycloak.credential.CredentialProvider)
PasswordCredentialProvider(org.keycloak.credential.PasswordCredentialProvider)
PasswordCredentialProvider(org.keycloak.credential.PasswordCredentialProvider)
Example 30 with CredentialModel
use of org.keycloak.credential.CredentialModel in project keycloak by keycloak.
the class RunHelpers method fetchCredentials.
public static FetchOnServerWrapper<CredentialModel> fetchCredentials(String username) {
return new FetchOnServerWrapper() {
@Override
public FetchOnServer getRunOnServer() {
return (FetchOnServer) session -> {
RealmModel realm = session.getContext().getRealm();
UserModel user = session.users().getUserByUsername(realm, username);
List<CredentialModel> storedCredentialsByType = session.userCredentialManager().getStoredCredentialsByTypeStream(realm, user, CredentialRepresentation.PASSWORD).collect(Collectors.toList());
System.out.println(storedCredentialsByType.size());
return storedCredentialsByType.get(0);
};
}
@Override
public Class getResultClass() {
return CredentialModel.class;
}
};
}
Also used :
RealmModel(org.keycloak.models.RealmModel)
UserModel(org.keycloak.models.UserModel)
CredentialModel(org.keycloak.credential.CredentialModel)
Aggregations
CredentialModel (org.keycloak.credential.CredentialModel)36
Test (org.junit.Test)14
OTPCredentialModel (org.keycloak.models.credential.OTPCredentialModel)14
PasswordCredentialModel (org.keycloak.models.credential.PasswordCredentialModel)14
UserCredentialModel (org.keycloak.models.UserCredentialModel)10
RealmModel (org.keycloak.models.RealmModel)8
UserModel (org.keycloak.models.UserModel)7
NotFoundException (javax.ws.rs.NotFoundException)6
Path (javax.ws.rs.Path)5
AbstractAuthTest (org.keycloak.testsuite.AbstractAuthTest)5
CredentialRepresentation (org.keycloak.representations.idm.CredentialRepresentation)4
NoCache (org.jboss.resteasy.annotations.cache.NoCache)3
CredentialProvider (org.keycloak.credential.CredentialProvider)3
CachedUserModel (org.keycloak.models.cache.CachedUserModel)3
UserRepresentation (org.keycloak.representations.idm.UserRepresentation)3
ModelTest (org.keycloak.testsuite.arquillian.annotation.ModelTest)3
LinkedList (java.util.LinkedList)2
AtomicReference (java.util.concurrent.atomic.AtomicReference)2
Consumes (javax.ws.rs.Consumes)2
DELETE (javax.ws.rs.DELETE)2
