HttpServletRequest request) { PasswordConfirmationValidation validation = new PasswordConfirmationValidation(newPassword, confirmPassword); if (!validation.valid()) { model.addAttribute("message_code", validation.getMessageCode());
@RequestMapping(value="/force_password_change", method = POST) public String handleForcePasswordChange(Model model, @RequestParam("password") String password, @RequestParam("password_confirmation") String passwordConfirmation, HttpServletResponse response) throws IOException { UaaAuthentication authentication = ((UaaAuthentication)SecurityContextHolder.getContext().getAuthentication()); UaaPrincipal principal = authentication.getPrincipal(); String email = principal.getEmail(); PasswordConfirmationValidation validation = new PasswordConfirmationValidation(email, password, passwordConfirmation); if(!validation.valid()) { return handleUnprocessableEntity(model, response, email, resourcePropertySource.getProperty("force_password_change.form_error").toString()); } logger.debug("Processing handleForcePasswordChange for user: "+ email); try { resetPasswordService.resetUserPassword(principal.getId(), password); } catch(InvalidPasswordException exception) { return handleUnprocessableEntity(model, response, email, exception.getMessagesAsOneString()); } logger.debug(String.format("Successful password change for username:%s in zone:%s ",principal.getName(), IdentityZoneHolder.get().getId())); authentication.setRequiresPasswordChange(false); authentication.setAuthenticatedTime(System.currentTimeMillis()); return "redirect:/force_password_change_completed"; }
String passwordConfirmation = request.getParameter("password_confirmation"); PasswordConfirmationValidation validation = new PasswordConfirmationValidation(email, password, passwordConfirmation); ExpiringCode expiringCode = null; try {
@Test public void testInvalidWithMismatchedPasswords() throws Exception { PasswordConfirmationValidation validation = new PasswordConfirmationValidation("secret", "mecret"); Assert.assertFalse(validation.valid()); }
return handleUnprocessableEntity(model, response, "error_message_code", "other_idp"); PasswordConfirmationValidation validation = new PasswordConfirmationValidation(password, passwordConfirmation); if (!validation.valid()) { return handleUnprocessableEntity(model, response, "error_message_code", validation.getMessageCode());
@Test public void testInvalidWithEmptyPassword() throws Exception { PasswordConfirmationValidation validation = new PasswordConfirmationValidation("", ""); Assert.assertFalse(validation.valid()); } }
@Test public void testValidWithMatchingPasswords() throws Exception { PasswordConfirmationValidation validation = new PasswordConfirmationValidation("secret", "secret"); Assert.assertTrue(validation.valid()); }
HttpServletResponse response) throws IOException { PasswordConfirmationValidation validation = new PasswordConfirmationValidation(password, passwordConfirmation);