@Override public ForgotPasswordInfo forgotPassword(String username, String clientId, String redirectUri) { String jsonUsername = JsonUtils.writeValueAsString(username); List<ScimUser> results = scimUserProvisioning.query("userName eq " + jsonUsername + " and origin eq \"" + OriginKeys.UAA + "\"", IdentityZoneHolder.get().getId()); if (results.isEmpty()) { results = scimUserProvisioning.query("userName eq " + jsonUsername, IdentityZoneHolder.get().getId()); if (results.isEmpty()) { throw new NotFoundException(); } else { throw new ConflictException(results.get(0).getId(), results.get(0).getPrimaryEmail()); } } ScimUser scimUser = results.get(0); PasswordChange change = new PasswordChange(scimUser.getId(), scimUser.getUserName(), scimUser.getPasswordLastModified(), clientId, redirectUri); String intent = FORGOT_PASSWORD_INTENT_PREFIX+scimUser.getId(); expiringCodeStore.expireByIntent(intent, IdentityZoneHolder.get().getId()); ExpiringCode code = expiringCodeStore.generateCode(JsonUtils.writeValueAsString(change), new Timestamp(System.currentTimeMillis() + PASSWORD_RESET_LIFETIME), intent, IdentityZoneHolder.get().getId()); String email = scimUser.getPrimaryEmail(); if (email == null) { email = scimUser.getUserName(); } publish(new ResetPasswordRequestEvent(username, email, code.getCode(), SecurityContextHolder.getContext().getAuthentication())); return new ForgotPasswordInfo(scimUser.getId(), email, code); }
@Test public void forgotPassword_ResetCodeIsReturnedSuccessfully() throws Exception { ScimUser user = new ScimUser("user-id-001","exampleUser","firstName","lastName"); user.setPasswordLastModified(new Date(1234)); user.setPrimaryEmail("user@example.com"); String zoneID = IdentityZoneHolder.get().getId(); when(scimUserProvisioning.query(contains("origin"), eq(zoneID))).thenReturn(Arrays.asList(user)); Timestamp expiresAt = new Timestamp(System.currentTimeMillis()); ArgumentCaptor<String> captor = ArgumentCaptor.forClass(String.class); when(codeStore.generateCode(eq("{\"user_id\":\"user-id-001\",\"username\":\"exampleUser\",\"passwordModifiedTime\":1234,\"client_id\":\"example\",\"redirect_uri\":\"redirect.example.com\"}"), any(Timestamp.class), anyString(), anyString())).thenReturn(new ExpiringCode("code", expiresAt, "user-id-001", null)); ForgotPasswordInfo forgotPasswordInfo = uaaResetPasswordService.forgotPassword("exampleUser", "example", "redirect.example.com"); verify(codeStore).expireByIntent(captor.capture(), anyString()); assertEquals(UaaResetPasswordService.FORGOT_PASSWORD_INTENT_PREFIX+user.getId(), captor.getValue()); assertThat(forgotPasswordInfo.getUserId(), equalTo("user-id-001")); assertThat(forgotPasswordInfo.getEmail(), equalTo("user@example.com")); ExpiringCode resetPasswordCode = forgotPasswordInfo.getResetPasswordCode(); assertThat(resetPasswordCode.getCode(), equalTo("code")); assertThat(resetPasswordCode.getExpiresAt(), equalTo(expiresAt)); assertThat(resetPasswordCode.getData(), equalTo("user-id-001")); }
expiringCodeStore.expireByIntent(intent, IdentityZoneHolder.get().getId());
@Test public void testExpireCodeByIntent() throws Exception { ExpiringCode code = expiringCodeStore.generateCode("{}", new Timestamp(System.currentTimeMillis() + 60000), "Test Intent", IdentityZoneHolder.get().getId()); Assert.assertEquals(1, countCodes()); IdentityZoneHolder.set(MultitenancyFixture.identityZone("id","id")); expiringCodeStore.expireByIntent("Test Intent", IdentityZoneHolder.get().getId()); Assert.assertEquals(1, countCodes()); IdentityZoneHolder.clear(); expiringCodeStore.expireByIntent("Test Intent", IdentityZoneHolder.get().getId()); ExpiringCode retrievedCode = expiringCodeStore.retrieveCode(code.getCode(), IdentityZoneHolder.get().getId()); Assert.assertEquals(0, countCodes()); Assert.assertNull(retrievedCode); }