Search in sources :

Example 6 with ModelException

use of org.keycloak.models.ModelException in project keycloak by keycloak.

the class PasswordPolicyTest method testRegexPatterns.

@Test
public void testRegexPatterns() {
    testingClient.server("passwordPolicy").run(session -> {
        RealmModel realmModel = session.getContext().getRealm();
        PasswordPolicyManagerProvider policyManager = session.getProvider(PasswordPolicyManagerProvider.class);
        PasswordPolicy policy = null;
        try {
            realmModel.setPasswordPolicy(PasswordPolicy.parse(session, "regexPattern"));
            fail("Expected NullPointerException: Regex Pattern cannot be null.");
        } catch (ModelException e) {
            assertEquals("Invalid config for regexPattern: Config required", e.getMessage());
        }
        try {
            realmModel.setPasswordPolicy(PasswordPolicy.parse(session, "regexPattern(*)"));
            fail("Expected PatternSyntaxException: Regex Pattern cannot be null.");
        } catch (ModelException e) {
            assertEquals("Invalid config for regexPattern: Not a valid regular expression", e.getMessage());
        }
        try {
            realmModel.setPasswordPolicy(PasswordPolicy.parse(session, "regexPattern(*,**)"));
            fail("Expected PatternSyntaxException: Regex Pattern cannot be null.");
        } catch (ModelException e) {
            assertEquals("Invalid config for regexPattern: Not a valid regular expression", e.getMessage());
        }
        // Fails to match one of the regex pattern
        realmModel.setPasswordPolicy(PasswordPolicy.parse(session, "regexPattern(jdoe) and regexPattern(j*d)"));
        Assert.assertEquals("invalidPasswordRegexPatternMessage", policyManager.validate("jdoe", "jdoe").getMessage());
        // //Fails to match all of the regex patterns
        realmModel.setPasswordPolicy(PasswordPolicy.parse(session, "regexPattern(j*p) and regexPattern(j*d) and regexPattern(adoe)"));
        Assert.assertEquals("invalidPasswordRegexPatternMessage", policyManager.validate("jdoe", "jdoe").getMessage());
        realmModel.setPasswordPolicy(PasswordPolicy.parse(session, "regexPattern([a-z][a-z][a-z][a-z][0-9])"));
        Assert.assertEquals("invalidPasswordRegexPatternMessage", policyManager.validate("jdoe", "jdoe").getMessage());
        realmModel.setPasswordPolicy(PasswordPolicy.parse(session, "regexPattern(jdoe)"));
        assertNull(policyManager.validate("jdoe", "jdoe"));
        realmModel.setPasswordPolicy(PasswordPolicy.parse(session, "regexPattern([a-z][a-z][a-z][a-z][0-9])"));
        assertNull(policyManager.validate("jdoe", "jdoe0"));
    });
}
Also used : RealmModel(org.keycloak.models.RealmModel) ModelException(org.keycloak.models.ModelException) PasswordPolicyManagerProvider(org.keycloak.policy.PasswordPolicyManagerProvider) PasswordPolicy(org.keycloak.models.PasswordPolicy) Test(org.junit.Test) AbstractKeycloakTest(org.keycloak.testsuite.AbstractKeycloakTest)

Example 7 with ModelException

use of org.keycloak.models.ModelException in project keycloak by keycloak.

the class RoleLDAPStorageMapper method getTargetRoleContainer.

protected RoleContainerModel getTargetRoleContainer(RealmModel realm) {
    boolean realmRolesMapping = config.isRealmRolesMapping();
    if (realmRolesMapping) {
        return realm;
    } else {
        String clientId = config.getClientId();
        if (clientId == null) {
            throw new ModelException("Using client roles mapping is requested, but parameter client.id not found!");
        }
        ClientModel client = realm.getClientByClientId(clientId);
        if (client == null) {
            throw new ModelException("Can't found requested client with clientId: " + clientId);
        }
        return client;
    }
}
Also used : ClientModel(org.keycloak.models.ClientModel) ModelException(org.keycloak.models.ModelException)

Example 8 with ModelException

use of org.keycloak.models.ModelException in project keycloak by keycloak.

the class MSADUserAccountControlStorageMapper method processFailedPasswordUpdateException.

protected ModelException processFailedPasswordUpdateException(ModelException e) {
    if (e.getCause() == null || e.getCause().getMessage() == null) {
        return e;
    }
    String exceptionMessage = e.getCause().getMessage().replace('\n', ' ');
    logger.debugf("Failed to update password in Active Directory. Exception message: %s", exceptionMessage);
    exceptionMessage = exceptionMessage.toUpperCase();
    Matcher m = AUTH_INVALID_NEW_PASSWORD.matcher(exceptionMessage);
    if (m.matches()) {
        String errorCode = m.group(1);
        String errorCode2 = m.group(2);
        // 52D corresponds to ERROR_PASSWORD_RESTRICTION. See https://msdn.microsoft.com/en-us/library/windows/desktop/ms681385(v=vs.85).aspx
        if ((errorCode.equals("53")) && errorCode2.endsWith("52D")) {
            ModelException me = new ModelException("invalidPasswordGenericMessage", e);
            return me;
        }
    }
    return e;
}
Also used : ModelException(org.keycloak.models.ModelException) Matcher(java.util.regex.Matcher)

Example 9 with ModelException

use of org.keycloak.models.ModelException in project keycloak by keycloak.

the class MSADLDSUserAccountControlStorageMapper method processFailedPasswordUpdateException.

protected ModelException processFailedPasswordUpdateException(ModelException e) {
    if (e.getCause() == null || e.getCause().getMessage() == null) {
        return e;
    }
    String exceptionMessage = e.getCause().getMessage();
    Matcher m = AUTH_INVALID_NEW_PASSWORD.matcher(exceptionMessage);
    if (m.matches()) {
        ModelException me = new ModelException("invalidPasswordRegexPatternMessage", e);
        me.setParameters(new Object[] { "passwordConstraintViolation" });
        return me;
    }
    return e;
}
Also used : ModelException(org.keycloak.models.ModelException) Matcher(java.util.regex.Matcher)

Example 10 with ModelException

use of org.keycloak.models.ModelException in project keycloak by keycloak.

the class JpaRealmProvider method createGroup.

@Override
public GroupModel createGroup(RealmModel realm, String id, String name, GroupModel toParent) {
    if (id == null) {
        id = KeycloakModelUtils.generateId();
    } else if (GroupEntity.TOP_PARENT_ID.equals(id)) {
        // maybe it's impossible but better ensure this doesn't happen
        throw new ModelException("The ID of the new group is equals to the tag used for top level groups");
    }
    GroupEntity groupEntity = new GroupEntity();
    groupEntity.setId(id);
    groupEntity.setName(name);
    groupEntity.setRealm(realm.getId());
    groupEntity.setParentId(toParent == null ? GroupEntity.TOP_PARENT_ID : toParent.getId());
    em.persist(groupEntity);
    em.flush();
    return new GroupAdapter(realm, em, groupEntity);
}
Also used : ModelException(org.keycloak.models.ModelException) GroupEntity(org.keycloak.models.jpa.entities.GroupEntity)

Aggregations

ModelException (org.keycloak.models.ModelException)74 RealmModel (org.keycloak.models.RealmModel)20 NamingException (javax.naming.NamingException)13 UserModel (org.keycloak.models.UserModel)13 ClientModel (org.keycloak.models.ClientModel)11 ComponentModel (org.keycloak.component.ComponentModel)10 LDAPObject (org.keycloak.storage.ldap.idm.model.LDAPObject)10 IOException (java.io.IOException)9 Consumes (javax.ws.rs.Consumes)9 NotFoundException (javax.ws.rs.NotFoundException)8 BasicAttribute (javax.naming.directory.BasicAttribute)7 KeycloakSession (org.keycloak.models.KeycloakSession)7 RoleModel (org.keycloak.models.RoleModel)7 ErrorResponseException (org.keycloak.services.ErrorResponseException)7 ReadOnlyException (org.keycloak.storage.ReadOnlyException)7 POST (javax.ws.rs.POST)6 Path (javax.ws.rs.Path)6 Test (org.junit.Test)6 ArrayList (java.util.ArrayList)5 AttributeInUseException (javax.naming.directory.AttributeInUseException)5