private void hashPasswordPcvs(Collection<PrismContainerValue<PasswordType>> values, CredentialsStorageMethodType storageMethod) throws SchemaException, EncryptionException { if (values == null) { return; } for (PrismContainerValue<PasswordType> pval: values) { PasswordType password = pval.getValue(); if (password != null && password.getValue() != null) { if (!password.getValue().isHashed()) { protector.hash(password.getValue()); } } } }
public static PasswordType createPasswordType(String password) { PasswordType passwordType = new PasswordType(); passwordType.setValue(createProtectedString(password)); return passwordType; }
private void transplantPasswordMetadata(ShadowType repoShadowType, ShadowType resultAccountShadow) { CredentialsType repoCreds = repoShadowType.getCredentials(); if (repoCreds == null) { return; } PasswordType repoPassword = repoCreds.getPassword(); if (repoPassword == null) { return; } MetadataType repoMetadata = repoPassword.getMetadata(); if (repoMetadata == null) { return; } CredentialsType resultCreds = resultAccountShadow.getCredentials(); if (resultCreds == null) { resultCreds = new CredentialsType(); resultAccountShadow.setCredentials(resultCreds); } PasswordType resultPassword = resultCreds.getPassword(); if (resultPassword == null) { resultPassword = new PasswordType(); resultCreds.setPassword(resultPassword); } MetadataType resultMetadata = resultPassword.getMetadata(); if (resultMetadata == null) { resultMetadata = repoMetadata.clone(); resultPassword.setMetadata(resultMetadata); } }
public PasswordType clone() { PasswordType object = new PasswordType(); PrismContainerValue value = asPrismContainerValue().clone(); object.setupContainerValue(value); return object; }
public List<PasswordHistoryEntryType> createHistoryEntryList() { PrismForJAXBUtil.createContainer(asPrismContainerValue(), F_HISTORY_ENTRY); return getHistoryEntry(); }
@Override protected void assertShadowPassword(ShadowType provisioningShadow) { CredentialsType credentials = provisioningShadow.getCredentials(); if (credentials == null) { return; } PasswordType passwordType = credentials.getPassword(); if (passwordType == null) { return; } ProtectedStringType passwordValue = passwordType.getValue(); assertNull("Unexpected password value in "+provisioningShadow+": "+passwordValue, passwordValue); PrismContainerValue<PasswordType> passwordContainer = passwordType.asPrismContainerValue(); PrismProperty<ProtectedStringType> valueProp = passwordContainer.findProperty(PasswordType.F_VALUE); assertTrue("Incomplete flag is NOT set for password value in "+provisioningShadow, valueProp.isIncomplete()); } }
/** * MID-4593 */ @Test public void test924AddPassword() throws Exception { final String TEST_NAME = "test924AddPassword"; displayTestTitle(TEST_NAME); // GIVEN Task task = createTask(TEST_NAME); OperationResult result = task.getResult(); prepareTest(); setPasswordMinOccurs(0, task, result); UserType user = new UserType(prismContext).name("charlie"); addObject(user.asPrismObject(), task, result); PrismObject<UserType> userReloaded = getUser(user.getOid()); assertNull("user has credentials", userReloaded.asObjectable().getCredentials()); // WHEN ProtectedStringType value = new ProtectedStringType(); value.setClearValue(PASSWORD_HELLO_WORLD); PasswordType password = new PasswordType(prismContext).value(value); ObjectDelta<UserType> objectDelta = prismContext.deltaFor(UserType.class) .item(UserType.F_CREDENTIALS, CredentialsType.F_PASSWORD).add(password) .asObjectDeltaCast(user.getOid()); executeChanges(objectDelta, null, task, result); // THEN PrismObject<UserType> userAfter = getUser(user.getOid()); display("user after operation", userAfter); assertUserPassword(userAfter, PASSWORD_HELLO_WORLD); assertPasswordCreateMetadata(userAfter); }
/** * Create an instance of {@link PasswordType } * */ public PasswordType createPasswordType() { return new PasswordType(); }
checkPasswordValidityAndAge(connEnv, principal, passwordType.getValue(), passwordType.getMetadata(), passwordCredentialsPolicy); return getPassword(connEnv, principal, passwordType.getValue());
public static void setPasswordIncomplete(ShadowType shadowType) throws SchemaException { CredentialsType credentialsType = shadowType.getCredentials(); if (credentialsType == null) { credentialsType = new CredentialsType(); shadowType.setCredentials(credentialsType); } PasswordType passwordType = credentialsType.getPassword(); if (passwordType == null) { passwordType = new PasswordType(); credentialsType.setPassword(passwordType); } PrismContainerValue<PasswordType> passwordContainer = passwordType.asPrismContainerValue(); PrismProperty<ProtectedStringType> valueProperty = passwordContainer.findOrCreateProperty(PasswordType.F_VALUE); valueProperty.setIncomplete(true); }
public PasswordType value(ProtectedStringType value) { setValue(value); return this; }
@Override public boolean equals(Object object) { if (!(object instanceof PasswordType)) { return false; } PasswordType other = ((PasswordType) object); return asPrismContainerValue().equivalent(other.asPrismContainerValue()); }
protected void assertShadowPasswordMetadata(PrismObject<ShadowType> shadow, boolean passwordCreated, XMLGregorianCalendar startCal, XMLGregorianCalendar endCal, String actorOid, String channel) { CredentialsType creds = shadow.asObjectable().getCredentials(); assertNotNull("No credentials in shadow "+shadow, creds); PasswordType password = creds.getPassword(); assertNotNull("No password in shadow "+shadow, password); MetadataType metadata = password.getMetadata(); assertNotNull("No metadata in shadow "+shadow, metadata); assertMetadata("Password metadata in "+shadow, metadata, passwordCreated, false, startCal, endCal, actorOid, channel); }
public static void addPasswordMetadata(PasswordType p, XMLGregorianCalendar now, PrismObject<UserType> owner) { MetadataType metadata = p.getMetadata(); if (metadata != null) { return; } // Supply some metadata if they are not present. However the // normal thing is that those metadata are provided by model metadata = new MetadataType(); metadata.setCreateTimestamp(now); if (owner != null) { metadata.creatorRef(owner.getOid(), null); } p.setMetadata(metadata); }
public PasswordType historyEntry(PasswordHistoryEntryType value) { getHistoryEntry().add(value); return this; }
.beginCredentials() .beginPassword() .value(value.clone()) .beginMetadata() .requestorComment("hi") .<PasswordType>end() .<CredentialsType>end() .<UserType>end() .asPrismObject(); .beginCredentials() .beginPassword() .value(value.clone()) .beginMetadata() .<PasswordType>end() .<CredentialsType>end() .<UserType>end() .asPrismObject();
public ProtectedStringType beginValue() { ProtectedStringType value = new ProtectedStringType(); value(value); return value; }
newPasswordPs.setClearValue(clearValue); if (passwordEquals(newPasswordPs, currentPasswordType.getValue())) { LOGGER.trace("{} matched current value", shortDesc); appendHistoryViolationMessage(messages, result); currentPasswordType.asPrismContainerValue().findContainer(PasswordType.F_HISTORY_ENTRY), false); int i = 1; for (PasswordHistoryEntryType historyEntry: sortedHistoryList) {
/** * MID-4593 */ @Test public void test926ReplacePassword() throws Exception { final String TEST_NAME = "test926ReplacePassword"; displayTestTitle(TEST_NAME); // GIVEN Task task = createTask(TEST_NAME); OperationResult result = task.getResult(); prepareTest(); setPasswordMinOccurs(0, task, result); UserType user = new UserType(prismContext).name("david"); addObject(user.asPrismObject(), task, result); PrismObject<UserType> userReloaded = getUser(user.getOid()); assertNull("user has credentials", userReloaded.asObjectable().getCredentials()); // WHEN ProtectedStringType value = new ProtectedStringType(); value.setClearValue(PASSWORD_HELLO_WORLD); PasswordType password = new PasswordType(prismContext).value(value); ObjectDelta<UserType> objectDelta = prismContext.deltaFor(UserType.class) .item(UserType.F_CREDENTIALS, CredentialsType.F_PASSWORD).replace(password) .asObjectDeltaCast(user.getOid()); executeChanges(objectDelta, null, task, result); // THEN PrismObject<UserType> userAfter = getUser(user.getOid()); display("user after operation", userAfter); assertUserPassword(userAfter, PASSWORD_HELLO_WORLD); assertPasswordCreateMetadata(userAfter); }