private void throwIfPasswordChangeNotPermitted(String userId, String oldPassword, String zoneId) { if (securityContextAccessor.isClient()) { // Trusted client (not acting on behalf of user) } else if (securityContextAccessor.isAdmin()) { if (userId.equals(currentUser()) && !StringUtils.hasText(oldPassword)) { throw new InvalidPasswordException("Previous password is required even for admin"); } } else { if (!userId.equals(currentUser())) { logger.warn("User with id " + currentUser() + " attempting to change password for user " + userId); throw new InvalidPasswordException("Not permitted to change another user's password"); } if (!StringUtils.hasText(oldPassword)) { throw new InvalidPasswordException("Previous password is required"); } if (!dao.checkPasswordMatches(userId, oldPassword, zoneId)) { throw new BadCredentialsException("Old password is incorrect"); } } }
@ExceptionHandler(ScimException.class) public View handleException(ScimException e) { // No need to log the underlying exception (it will be logged by the // caller) return makeConvertingExceptionView(new BadCredentialsException("Invalid password change request"), e.getStatus()); }
@RequestMapping(value = "/Users/{userId}/password", method = RequestMethod.PUT) @ResponseBody public ActionResult changePassword(@PathVariable String userId, @RequestBody PasswordChangeRequest change) { String zoneId = IdentityZoneHolder.get().getId(); String oldPassword = change.getOldPassword(); String newPassword = change.getPassword(); throwIfPasswordChangeNotPermitted(userId, oldPassword, zoneId); if (dao.checkPasswordMatches(userId, newPassword, zoneId)) { throw new InvalidPasswordException("Your new password cannot be the same as the old password.", UNPROCESSABLE_ENTITY); } passwordValidator.validate(newPassword); dao.changePassword(userId, oldPassword, newPassword, zoneId); return new ActionResult("ok", "password updated"); }
@Test public void adminCanChangeAnotherUsersPassword() { SecurityContextAccessor sca = mockSecurityContext(dale); when(sca.isAdmin()).thenReturn(true); endpoints.setSecurityContextAccessor(sca); PasswordChangeRequest change = new PasswordChangeRequest(); change.setPassword("newpassword"); endpoints.changePassword(joel.getId(), change); }
@Test public void passwordIsValidated() throws Exception { endpoints.setSecurityContextAccessor(mockSecurityContext(joel)); PasswordValidator mockPasswordValidator = mock(PasswordValidator.class); endpoints.setPasswordValidator(mockPasswordValidator); PasswordChangeRequest change = new PasswordChangeRequest(); change.setOldPassword("password"); change.setPassword("newpassword"); endpoints.changePassword(joel.getId(), change); verify(mockPasswordValidator).validate("newpassword"); }
@Before public void setup() { JdbcTemplate jdbcTemplate = new JdbcTemplate(database); JdbcScimUserProvisioning dao = new JdbcScimUserProvisioning(jdbcTemplate, new JdbcPagingListFactory(jdbcTemplate, LimitSqlAdapterFactory.getLimitSqlAdapter())); dao.setPasswordEncoder(NoOpPasswordEncoder.getInstance()); endpoints = new PasswordChangeEndpoint(); endpoints.setScimUserProvisioning(dao); joel = new ScimUser(null, "jdsa", "Joel", "D'sa"); joel.addEmail("jdsa@vmware.com"); dale = new ScimUser(null, "olds", "Dale", "Olds"); dale.addEmail("olds@vmware.com"); joel = dao.createUser(joel, "password", IdentityZoneHolder.get().getId()); dale = dao.createUser(dale, "password", IdentityZoneHolder.get().getId()); }
@Test public void clientCanChangeUserPasswordWithoutCurrentPassword() { SecurityContextAccessor sca = mockSecurityContext(joel); when(sca.isClient()).thenReturn(true); endpoints.setSecurityContextAccessor(sca); PasswordChangeRequest change = new PasswordChangeRequest(); change.setPassword("newpassword"); endpoints.changePassword(joel.getId(), change); }
@Test(expected = ScimException.class) public void changePasswordRequestFailsForAdminWithoutOwnCurrentPassword() { endpoints.setSecurityContextAccessor(mockSecurityContext(joel)); PasswordChangeRequest change = new PasswordChangeRequest(); change.setPassword("newpassword"); endpoints.changePassword(joel.getId(), change); }
@ExceptionHandler(InvalidPasswordException.class) public View handleException(InvalidPasswordException t) throws ScimException { return makeConvertingExceptionView(t, t.getStatus()); }
@Test(expected = ScimException.class) public void changePasswordRequestFailsForUserWithoutCurrentPassword() { endpoints.setSecurityContextAccessor(mockSecurityContext(joel)); PasswordChangeRequest change = new PasswordChangeRequest(); change.setPassword("newpassword"); endpoints.changePassword(joel.getId(), change); }
@Test(expected = BadCredentialsException.class) public void changePasswordFailsForUserIfTheySupplyWrongCurrentPassword() { endpoints.setSecurityContextAccessor(mockSecurityContext(joel)); PasswordChangeRequest change = new PasswordChangeRequest(); change.setPassword("newpassword"); change.setOldPassword("wrongpassword"); endpoints.changePassword(joel.getId(), change); }
@Test(expected = ScimException.class) public void userCantChangeAnotherUsersPassword() { endpoints.setSecurityContextAccessor(mockSecurityContext(joel)); PasswordChangeRequest change = new PasswordChangeRequest(); change.setOldPassword("password"); change.setPassword("newpassword"); endpoints.changePassword(dale.getId(), change); }
@Test public void userCanChangeTheirOwnPasswordIfTheySupplyCorrectCurrentPassword() { endpoints.setSecurityContextAccessor(mockSecurityContext(joel)); PasswordChangeRequest change = new PasswordChangeRequest(); change.setOldPassword("password"); change.setPassword("newpassword"); endpoints.changePassword(joel.getId(), change); }
@Test public void changePasswordFailsForNewPasswordIsSameAsCurrentPassword() { endpoints.setSecurityContextAccessor(mockSecurityContext(joel)); PasswordChangeRequest change = new PasswordChangeRequest(); change.setPassword("password"); change.setOldPassword("password"); try { endpoints.changePassword(joel.getId(), change); fail(); } catch (InvalidPasswordException e) { assertEquals("Your new password cannot be the same as the old password.", e.getLocalizedMessage()); } }