private void refreshCode(HttpServletRequest request, ExpiringCode expiringCode) { ExpiringCode newCode = expiringCodeStore.generateCode(expiringCode.getData(), new Timestamp(System.currentTimeMillis() + 1000 * 60 * 10), expiringCode.getIntent(), IdentityZoneHolder.get().getId()); request.setAttribute("code", newCode.getCode()); }
@Test public void testGenerateCode() { String data = "{}"; Timestamp expiresAt = new Timestamp(currentTime.get() + 60000); ExpiringCode expiringCode = new ExpiringCode(null, expiresAt, data, null); ExpiringCode result = codeStoreEndpoints.generateCode(expiringCode); assertNotNull(result); assertNotNull(result.getCode()); assertTrue(result.getCode().trim().length() == 10); assertEquals(expiresAt, result.getExpiresAt()); assertEquals(data, result.getData()); }
@Test public void testIsExpired() throws Exception { ExpiringCode expiringCode = new ExpiringCode(); assertFalse(expiringCode.isExpired()); expiringCode.setExpiresAt(new Timestamp(System.currentTimeMillis() - 1000)); assertTrue(expiringCode.isExpired()); expiringCode.setExpiresAt(new Timestamp(System.currentTimeMillis() + 1000)); assertFalse(expiringCode.isExpired()); } }
private ExpiringCode checkIfUserExists(ExpiringCode code) { if (code==null) { logger.debug("reset_password ExpiringCode object is null. Aborting."); return null; } if (!hasText(code.getData())) { logger.debug("reset_password ExpiringCode["+code.getCode()+"] data string is null or empty. Aborting."); return null; } Map<String,String> data = JsonUtils.readValue(code.getData(), new TypeReference<Map<String,String>>() {}); if (!hasText(data.get("user_id"))) { logger.debug("reset_password ExpiringCode["+code.getCode()+"] user_id string is null or empty. Aborting."); return null; } String userId = data.get("user_id"); try { userDatabase.retrieveUserById(userId); } catch (UsernameNotFoundException e) { logger.debug("reset_password ExpiringCode["+code.getCode()+"] user_id is invalid. Aborting."); return null; } return code; }
/** * Returns a verification URL that may be sent to a user. * * @param expiringCode * the expiring code to include on the URL, may be null * @return * the verification URL */ public static URL getVerificationURL(ExpiringCode expiringCode) { String url = ""; try { url = UaaUrlUtils.getUaaUrl("/verify_user", true); if (expiringCode != null) { url += "?code=" + expiringCode.getCode(); } return new URL(url); } catch (MalformedURLException mfue) { logger.error(String.format("Unexpected error creating user verification URL from %s", url), mfue); } throw new IllegalStateException(); }
@Test void verification_link() throws Exception { ScimUser joel = setUpScimUser(); MockHttpServletRequestBuilder get = setUpVerificationLinkRequest(joel, scimCreateToken); MvcResult result = mockMvc.perform(get) .andExpect(status().isOk()) .andReturn(); VerificationResponse verificationResponse = JsonUtils.readValue(result.getResponse().getContentAsString(), VerificationResponse.class); assertThat(verificationResponse.getVerifyLink().toString(), startsWith("http://localhost/verify_user")); String query = verificationResponse.getVerifyLink().getQuery(); String code = getQueryStringParam(query, "code"); assertThat(code, is(notNullValue())); ExpiringCode expiringCode = codeStore.retrieveCode(code, IdentityZoneHolder.get().getId()); assertThat(expiringCode.getExpiresAt().getTime(), is(greaterThan(System.currentTimeMillis()))); assertThat(expiringCode.getIntent(), is(REGISTRATION.name())); Map<String, String> data = JsonUtils.readValue(expiringCode.getData(), new TypeReference<Map<String, String>>() { }); assertThat(data.get(InvitationConstants.USER_ID), is(notNullValue())); assertThat(data.get(CLIENT_ID), is(clientDetails.getClientId())); assertThat(data.get(REDIRECT_URI), is(HTTP_REDIRECT_EXAMPLE_COM)); }
@Override public ExpiringCode mapRow(ResultSet rs, int rowNum) throws SQLException { String code = rs.getString("code"); Timestamp expiresAt = new Timestamp(rs.getLong("expiresat")); String intent = rs.getString("intent"); String data = rs.getString("data"); return new ExpiringCode(code, expiresAt, data, intent); }
@Test public void testStoreLargeData() { char[] oneMb = new char[1024 * 1024]; Arrays.fill(oneMb, 'a'); String data = new String(oneMb); Timestamp expiresAt = new Timestamp(currentTime.get() + 60000); ExpiringCode expiringCode = new ExpiringCode(null, expiresAt, data, null); ExpiringCode generatedCode = codeStoreEndpoints.generateCode(expiringCode); String code = generatedCode.getCode(); ExpiringCode actualCode = codeStoreEndpoints.retrieveCode(code); assertEquals(generatedCode, actualCode); }
@Override public AccountCreationResponse completeActivation(String code) throws IOException { ExpiringCode expiringCode = codeStore.retrieveCode(code, IdentityZoneHolder.get().getId()); if ((null == expiringCode) || ((null != expiringCode.getIntent()) && !REGISTRATION.name().equals(expiringCode.getIntent()))) { throw new HttpClientErrorException(BAD_REQUEST); } Map<String, String> data = JsonUtils.readValue(expiringCode.getData(), new TypeReference<Map<String, String>>() {}); ScimUser user = scimUserProvisioning.retrieve(data.get("user_id"), IdentityZoneHolder.get().getId()); user = scimUserProvisioning.verifyUser(user.getId(), user.getVersion(), IdentityZoneHolder.get().getId()); String clientId = data.get("client_id"); String redirectUri = data.get("redirect_uri") != null ? data.get("redirect_uri") : ""; String redirectLocation = getRedirect(clientId, redirectUri); return new AccountCreationResponse(user.getId(), user.getUserName(), user.getUserName(), redirectLocation); }
@Test public void testGenerateCode() throws Exception { String data = "{}"; Timestamp expiresAt = new Timestamp(System.currentTimeMillis() + 60000); ExpiringCode expiringCode = expiringCodeStore.generateCode(data, expiresAt, null, IdentityZoneHolder.get().getId()); Assert.assertNotNull(expiringCode); Assert.assertNotNull(expiringCode.getCode()); Assert.assertTrue(expiringCode.getCode().trim().length() > 0); Assert.assertEquals(expiresAt, expiringCode.getExpiresAt()); Assert.assertEquals(data, expiringCode.getData()); }
@RequestMapping(value = { "/Codes" }, method = RequestMethod.POST) @ResponseStatus(HttpStatus.CREATED) @ResponseBody public ExpiringCode generateCode(@RequestBody ExpiringCode expiringCode) { try { return expiringCodeStore.generateCode(expiringCode.getData(), expiringCode.getExpiresAt(), null, IdentityZoneHolder.get().getId()); } catch (NullPointerException e) { throw new CodeStoreException("data and expiresAt are required.", HttpStatus.BAD_REQUEST); } catch (IllegalArgumentException e) { throw new CodeStoreException("expiresAt must be in the future.", HttpStatus.BAD_REQUEST); } catch (DataIntegrityViolationException e) { throw new CodeStoreException("Duplicate code generated.", HttpStatus.INTERNAL_SERVER_ERROR); } }
private boolean isExpired(ExpiringCode expiringCode) { return expiringCode.getExpiresAt().getTime() < timeService.getCurrentTimeMillis(); }
private String generateExpiringCode(String userId, String newEmail, String clientId, String redirectUri) { Map<String, String> codeData = new HashMap<>(); codeData.put("user_id", userId); codeData.put("client_id", clientId); codeData.put("redirect_uri", redirectUri); codeData.put("email", newEmail); return codeStore.generateCode(JsonUtils.writeValueAsString(codeData), new Timestamp(System.currentTimeMillis() + EMAIL_CHANGE_LIFETIME), EMAIL.name(), IdentityZoneHolder.get().getId()).getCode(); }
assertThat(expiringCode.getExpiresAt().getTime(), is(greaterThan(System.currentTimeMillis()))); assertThat(expiringCode.getIntent(), is(ExpiringCodeType.INVITATION.name())); Map<String, String> data = readValue(expiringCode.getData(), new TypeReference<Map<String, String>>() {}); assertThat(data.get(InvitationConstants.USER_ID), is(notNullValue())); assertThat(data.get(InvitationConstants.EMAIL), is(emails[i]));
@Override public ExpiringCode generateCode(String data, Timestamp expiresAt, String intent, String zoneId) { if (data == null || expiresAt == null) { throw new NullPointerException(); } if (expiresAt.getTime() < timeService.getCurrentTimeMillis()) { throw new IllegalArgumentException(); } String code = generator.generate(); ExpiringCode expiringCode = new ExpiringCode(code, expiresAt, data, intent); ExpiringCode duplicate = store.putIfAbsent(code + IdentityZoneHolder.get().getId(), expiringCode); if (duplicate != null) { throw new DataIntegrityViolationException("Duplicate code: " + code); } return expiringCode; }
@Test public void testRetrieveCodeWithExpiredCode() { String data = "{}"; int expiresIn = 1000; Timestamp expiresAt = new Timestamp(currentTime.get() + expiresIn); ExpiringCode expiringCode = new ExpiringCode(null, expiresAt, data, null); ExpiringCode generatedCode = codeStoreEndpoints.generateCode(expiringCode); currentTime.addAndGet(expiresIn + 1); try { codeStoreEndpoints.retrieveCode(generatedCode.getCode()); fail("code is expired, should throw CodeStoreException."); } catch (CodeStoreException e) { assertEquals(e.getStatus(), HttpStatus.NOT_FOUND); } } }
throw new InvalidCodeException("expired_code", "Expired code", 422); codeData = JsonUtils.readValue(expiringCode.getData(), new TypeReference<Map<String,String>>() {}); if(!isAutologinCode(expiringCode.getIntent(), codeData.get("action"))) { logger.debug("Code is not meant for autologin"); throw new InvalidCodeException("invalid_code", "Not an autologin code", 422);
String redirectUri = null; try { PasswordChange change = JsonUtils.readValue(expiringCode.getData(), PasswordChange.class); userId = change.getUserId(); userName = change.getUsername(); redirectUri = change.getRedirectUri(); } catch (JsonUtils.JsonUtilException x) { userId = expiringCode.getData(); if (isUserModified(user, expiringCode.getExpiresAt(), userName, passwordLastModified)) { throw new UaaException("Invalid password reset request.");