use of org.keycloak.models.ModelException in project keycloak by keycloak.
the class PasswordPolicyTest method testRegexPatterns.
@Test
public void testRegexPatterns() {
testingClient.server("passwordPolicy").run(session -> {
RealmModel realmModel = session.getContext().getRealm();
PasswordPolicyManagerProvider policyManager = session.getProvider(PasswordPolicyManagerProvider.class);
PasswordPolicy policy = null;
try {
realmModel.setPasswordPolicy(PasswordPolicy.parse(session, "regexPattern"));
fail("Expected NullPointerException: Regex Pattern cannot be null.");
} catch (ModelException e) {
assertEquals("Invalid config for regexPattern: Config required", e.getMessage());
}
try {
realmModel.setPasswordPolicy(PasswordPolicy.parse(session, "regexPattern(*)"));
fail("Expected PatternSyntaxException: Regex Pattern cannot be null.");
} catch (ModelException e) {
assertEquals("Invalid config for regexPattern: Not a valid regular expression", e.getMessage());
}
try {
realmModel.setPasswordPolicy(PasswordPolicy.parse(session, "regexPattern(*,**)"));
fail("Expected PatternSyntaxException: Regex Pattern cannot be null.");
} catch (ModelException e) {
assertEquals("Invalid config for regexPattern: Not a valid regular expression", e.getMessage());
}
// Fails to match one of the regex pattern
realmModel.setPasswordPolicy(PasswordPolicy.parse(session, "regexPattern(jdoe) and regexPattern(j*d)"));
Assert.assertEquals("invalidPasswordRegexPatternMessage", policyManager.validate("jdoe", "jdoe").getMessage());
// //Fails to match all of the regex patterns
realmModel.setPasswordPolicy(PasswordPolicy.parse(session, "regexPattern(j*p) and regexPattern(j*d) and regexPattern(adoe)"));
Assert.assertEquals("invalidPasswordRegexPatternMessage", policyManager.validate("jdoe", "jdoe").getMessage());
realmModel.setPasswordPolicy(PasswordPolicy.parse(session, "regexPattern([a-z][a-z][a-z][a-z][0-9])"));
Assert.assertEquals("invalidPasswordRegexPatternMessage", policyManager.validate("jdoe", "jdoe").getMessage());
realmModel.setPasswordPolicy(PasswordPolicy.parse(session, "regexPattern(jdoe)"));
assertNull(policyManager.validate("jdoe", "jdoe"));
realmModel.setPasswordPolicy(PasswordPolicy.parse(session, "regexPattern([a-z][a-z][a-z][a-z][0-9])"));
assertNull(policyManager.validate("jdoe", "jdoe0"));
});
}
use of org.keycloak.models.ModelException in project keycloak by keycloak.
the class RoleLDAPStorageMapper method getTargetRoleContainer.
protected RoleContainerModel getTargetRoleContainer(RealmModel realm) {
boolean realmRolesMapping = config.isRealmRolesMapping();
if (realmRolesMapping) {
return realm;
} else {
String clientId = config.getClientId();
if (clientId == null) {
throw new ModelException("Using client roles mapping is requested, but parameter client.id not found!");
}
ClientModel client = realm.getClientByClientId(clientId);
if (client == null) {
throw new ModelException("Can't found requested client with clientId: " + clientId);
}
return client;
}
}
use of org.keycloak.models.ModelException in project keycloak by keycloak.
the class MSADUserAccountControlStorageMapper method processFailedPasswordUpdateException.
protected ModelException processFailedPasswordUpdateException(ModelException e) {
if (e.getCause() == null || e.getCause().getMessage() == null) {
return e;
}
String exceptionMessage = e.getCause().getMessage().replace('\n', ' ');
logger.debugf("Failed to update password in Active Directory. Exception message: %s", exceptionMessage);
exceptionMessage = exceptionMessage.toUpperCase();
Matcher m = AUTH_INVALID_NEW_PASSWORD.matcher(exceptionMessage);
if (m.matches()) {
String errorCode = m.group(1);
String errorCode2 = m.group(2);
// 52D corresponds to ERROR_PASSWORD_RESTRICTION. See https://msdn.microsoft.com/en-us/library/windows/desktop/ms681385(v=vs.85).aspx
if ((errorCode.equals("53")) && errorCode2.endsWith("52D")) {
ModelException me = new ModelException("invalidPasswordGenericMessage", e);
return me;
}
}
return e;
}
use of org.keycloak.models.ModelException in project keycloak by keycloak.
the class MSADLDSUserAccountControlStorageMapper method processFailedPasswordUpdateException.
protected ModelException processFailedPasswordUpdateException(ModelException e) {
if (e.getCause() == null || e.getCause().getMessage() == null) {
return e;
}
String exceptionMessage = e.getCause().getMessage();
Matcher m = AUTH_INVALID_NEW_PASSWORD.matcher(exceptionMessage);
if (m.matches()) {
ModelException me = new ModelException("invalidPasswordRegexPatternMessage", e);
me.setParameters(new Object[] { "passwordConstraintViolation" });
return me;
}
return e;
}
use of org.keycloak.models.ModelException in project keycloak by keycloak.
the class JpaRealmProvider method createGroup.
@Override
public GroupModel createGroup(RealmModel realm, String id, String name, GroupModel toParent) {
if (id == null) {
id = KeycloakModelUtils.generateId();
} else if (GroupEntity.TOP_PARENT_ID.equals(id)) {
// maybe it's impossible but better ensure this doesn't happen
throw new ModelException("The ID of the new group is equals to the tag used for top level groups");
}
GroupEntity groupEntity = new GroupEntity();
groupEntity.setId(id);
groupEntity.setName(name);
groupEntity.setRealm(realm.getId());
groupEntity.setParentId(toParent == null ? GroupEntity.TOP_PARENT_ID : toParent.getId());
em.persist(groupEntity);
em.flush();
return new GroupAdapter(realm, em, groupEntity);
}
Aggregations