Java Code Examples for org.camunda.bpm.engine.identity.User#setPassword()

The following examples show how to use org.camunda.bpm.engine.identity.User#setPassword() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: UserResourceImpl.java    From camunda-bpm-platform with Apache License 2.0 6 votes vote down vote up
public void updateCredentials(UserCredentialsDto account) {
  ensureNotReadOnly();

  Authentication currentAuthentication = identityService.getCurrentAuthentication();
  if(currentAuthentication != null && currentAuthentication.getUserId() != null) {
    if(!identityService.checkPassword(currentAuthentication.getUserId(), account.getAuthenticatedUserPassword())) {
      throw new InvalidRequestException(Status.BAD_REQUEST, "The given authenticated user password is not valid.");
    }
  }

  User dbUser = findUserObject();
  if(dbUser == null) {
    throw new InvalidRequestException(Status.NOT_FOUND, "User with id " + resourceId + " does not exist");
  }

  dbUser.setPassword(account.getPassword());

  identityService.saveUser(dbUser);
}
 
Example 2
Source File: IdentityServiceTest.java    From camunda-bpm-platform with Apache License 2.0 6 votes vote down vote up
@Test
@WatchLogger(loggerNames = {INDENTITY_LOGGER}, level = "INFO")
public void testUnsuccessfulLoginAfterFailureWithoutDelay() {
  // given
  User user = identityService.newUser("johndoe");
  user.setPassword("xxx");
  identityService.saveUser(user);

  Date now = ClockUtil.getCurrentTime();
  ClockUtil.setCurrentTime(now);
  assertFalse(identityService.checkPassword("johndoe", "invalid pwd"));

  ClockUtil.setCurrentTime(DateUtils.addSeconds(now, 1));
  Date expectedLockExpitation = DateUtils.addSeconds(now, 3);

  // when try again before exprTime
  assertFalse(identityService.checkPassword("johndoe", "invalid pwd"));

  // then
  assertThat(loggingRule.getFilteredLog(INDENTITY_LOGGER, "The lock will expire at " + expectedLockExpitation).size()).isEqualTo(1);
}
 
Example 3
Source File: LoginAttemptsTest.java    From camunda-bpm-platform with Apache License 2.0 6 votes vote down vote up
@Test
public void testUsuccessfulAttemptsResultInLockedUser() throws ParseException {
  // given
  User user = identityService.newUser("johndoe");
  user.setPassword("xxx");
  identityService.saveUser(user);

  Date now = sdf.parse("2000-01-24T13:00:00");
  ClockUtil.setCurrentTime(now);
  // when
  for (int i = 0; i <= 6; i++) {
    assertThat(identityService.checkPassword("johndoe", "invalid pwd")).isFalse();
    now = DateUtils.addSeconds(now, 5);
    ClockUtil.setCurrentTime(now);
  }

  // then
  assertThat(loggingRule.getFilteredLog(INDENTITY_LOGGER, "The user with id 'johndoe' is permanently locked.").size()).isEqualTo(1);
}
 
Example 4
Source File: IdentityServiceTest.java    From camunda-bpm-platform with Apache License 2.0 6 votes vote down vote up
@Test
@WatchLogger(loggerNames = {INDENTITY_LOGGER}, level = "INFO")
public void testUsuccessfulAttemptsResultInBlockedUser() throws ParseException {
  // given
  User user = identityService.newUser("johndoe");
  user.setPassword("xxx");
  identityService.saveUser(user);

  Date now = sdf.parse("2000-01-24T13:00:00");
  ClockUtil.setCurrentTime(now);

  // when
  for (int i = 0; i < 11; i++) {
    assertFalse(identityService.checkPassword("johndoe", "invalid pwd"));
    now = DateUtils.addMinutes(now, 1);
    ClockUtil.setCurrentTime(now);
  }

  // then
  assertThat(loggingRule.getFilteredLog(INDENTITY_LOGGER, "The user with id 'johndoe' is permanently locked.").size()).isEqualTo(1);
}
 
Example 5
Source File: UserRestServiceImpl.java    From camunda-bpm-platform with Apache License 2.0 6 votes vote down vote up
public void createUser(UserDto userDto) {
  final IdentityService identityService = getIdentityService();

  if(identityService.isReadOnly()) {
    throw new InvalidRequestException(Status.FORBIDDEN, "Identity service implementation is read-only.");
  }

  UserProfileDto profile = userDto.getProfile();
  if(profile == null || profile.getId() == null) {
    throw new InvalidRequestException(Status.BAD_REQUEST, "request object must provide profile information with valid id.");
  }

  User newUser = identityService.newUser(profile.getId());
  profile.update(newUser);

  if(userDto.getCredentials() != null) {
    newUser.setPassword(userDto.getCredentials().getPassword());
  }

  identityService.saveUser(newUser);

}
 
Example 6
Source File: PasswordHashingTest.java    From camunda-bpm-platform with Apache License 2.0 6 votes vote down vote up
@Test
public void ensurePasswordIsCorrectlyHashedWithSHA512() {
  // given
  processEngineConfiguration.setSaltGenerator(new MyConstantSaltGenerator("12345678910"));
  User user = identityService.newUser(USER_NAME);
  user.setPassword(PASSWORD);
  identityService.saveUser(user);

  // when
  user = identityService.createUserQuery().userId(USER_NAME).singleResult();

  // then
  // obtain the expected value on the command line like so: echo -n password12345678910 | openssl dgst -binary -sha512 | openssl base64
  assertThat(user.getPassword(), is("{SHA-512}sM1U4nCzoDbdUugvJ7dJ6rLc7t1ZPPsnAbUpTqi5nXCYp7PTZCHExuzjoxLLYoUK" +
    "Gd637jKqT8d9tpsZs3K5+g=="));
}
 
Example 7
Source File: PasswordHashingTest.java    From camunda-bpm-platform with Apache License 2.0 6 votes vote down vote up
@Test
public void ensurePasswordIsCorrectlyHashedWithSHA1() {
  // given
  setDefaultEncryptor(new ShaHashDigest());
  processEngineConfiguration.setSaltGenerator(new MyConstantSaltGenerator("12345678910"));
  User user = identityService.newUser(USER_NAME);
  user.setPassword(PASSWORD);
  identityService.saveUser(user);

  // when
  user = identityService.createUserQuery().userId(USER_NAME).singleResult();

  // then
  // obtain the expected value on the command line like so: echo -n password12345678910 | openssl dgst -binary -sha1 | openssl base64
  assertThat(user.getPassword(), is("{SHA}n3fE9/7XOmgD3BkeJlC+JLyb/Qg="));
}
 
Example 8
Source File: DeployUserWithoutSaltForPasswordHashingScenario.java    From camunda-bpm-platform with Apache License 2.0 6 votes vote down vote up
@DescribesScenario("initUser")
@Times(1)
public static ScenarioSetup initUser() {
  return new ScenarioSetup() {
    public void execute(ProcessEngine engine, String scenarioName) {
      // given
      IdentityService identityService = engine.getIdentityService();
      User user = identityService.newUser(USER_NAME);
      user.setPassword(USER_PWD);

      // when
      identityService.saveUser(user);

    }
  };
}
 
Example 9
Source File: PasswordHashingTest.java    From camunda-bpm-platform with Apache License 2.0 5 votes vote down vote up
@Test
public void enteringTheSamePasswordShouldProduceTwoDifferentEncryptedPassword() {
  // given
  User user1 = identityService.newUser(USER_NAME);
  user1.setPassword(PASSWORD);
  identityService.saveUser(user1);

  // when
  User user2 = identityService.newUser("kermit");
  user2.setPassword(PASSWORD);
  identityService.saveUser(user2);

  // then
  assertThat(user1.getPassword(), is(not(user2.getPassword())));
}
 
Example 10
Source File: PasswordHashingTest.java    From camunda-bpm-platform with Apache License 2.0 5 votes vote down vote up
@Test
public void saltHashingOnHashedPasswordWithoutSaltThrowsNoError() {
  // given
  processEngineConfiguration.setSaltGenerator(new MyConstantSaltGenerator(null));
  User user = identityService.newUser(USER_NAME);
  user.setPassword(PASSWORD);

  // when
  identityService.saveUser(user);

  // then
  assertThat(identityService.checkPassword(USER_NAME, PASSWORD), is(true));
}
 
Example 11
Source File: PasswordHashingTest.java    From camunda-bpm-platform with Apache License 2.0 5 votes vote down vote up
@Test
public void plugInCustomPasswordEncryptor() {
  // given
  setEncryptors(new MyCustomPasswordEncryptor(PASSWORD, ALGORITHM_NAME), Collections.<PasswordEncryptor>emptyList());
  User user = identityService.newUser(USER_NAME);
  user.setPassword(PASSWORD);
  identityService.saveUser(user);

  // when
  user = identityService.createUserQuery().userId(USER_NAME).singleResult();

  // then
  assertThat(user.getPassword(), is("{" + ALGORITHM_NAME + "}xxx"));
}
 
Example 12
Source File: CustomPasswordPolicyTest.java    From camunda-bpm-platform with Apache License 2.0 5 votes vote down vote up
@Test
public void testCustomPasswordPolicyWithNonCompliantPassword() {
  thrown.expect(ProcessEngineException.class);
  User user = identityService.newUser("user");
  user.setPassword("weakpassword");
  identityService.saveUser(user);
  thrown.expectMessage("Password does not match policy");
  assertThat(identityService.createUserQuery().userId(user.getId()).count(), is(0L));
}
 
Example 13
Source File: DefaultPasswordPolicyTest.java    From camunda-bpm-platform with Apache License 2.0 5 votes vote down vote up
@Test
public void shouldUpdateUserDetailsWithoutPolicyCheck() {
  // given
  // first, create a new user
  User user = identityService.newUser("johndoe");
  user.setFirstName("John");
  user.setLastName("Doe");
  user.setEmail("[email protected]");
  user.setPassword("Passw0rds!");
  identityService.saveUser(user);

  // when
  // fetch and update the user
  user = identityService.createUserQuery().userId("johndoe").singleResult();
  user.setEmail("[email protected]");
  user.setFirstName("Jane");
  user.setLastName("Donnel");
  identityService.saveUser(user);

  // then
  user = identityService.createUserQuery().userId("johndoe").singleResult();
  assertThat(user.getFirstName(), is("Jane"));
  assertThat(user.getLastName(), is("Donnel"));
  assertThat(user.getEmail(), is("[email protected]"));
  assertThat(identityService.checkPassword("johndoe", "Passw0rds!"), is(true));

  identityService.deleteUser(user.getId());
}
 
Example 14
Source File: IdentityServiceTest.java    From camunda-bpm-platform with Apache License 2.0 5 votes vote down vote up
@Test
public void testCheckPassword() {

  // store user with password
  User user = identityService.newUser("secureUser");
  user.setPassword("s3cret");
  identityService.saveUser(user);

  assertTrue(identityService.checkPassword(user.getId(), "s3cret"));
  assertFalse(identityService.checkPassword(user.getId(), "wrong"));

  identityService.deleteUser(user.getId());

}
 
Example 15
Source File: IdentityServiceTest.java    From camunda-bpm-platform with Apache License 2.0 5 votes vote down vote up
@Test
public void testAuthentication() {
  User user = identityService.newUser("johndoe");
  user.setPassword("xxx");
  identityService.saveUser(user);

  assertTrue(identityService.checkPassword("johndoe", "xxx"));
  assertFalse(identityService.checkPassword("johndoe", "invalid pwd"));

  identityService.deleteUser("johndoe");
}
 
Example 16
Source File: UserLockExpTimeScenario.java    From camunda-bpm-platform with Apache License 2.0 5 votes vote down vote up
@DescribesScenario("initUserLockExpirationTime")
@Times(1)
public static ScenarioSetup initUserLockExpirationTime() {
  return new ScenarioSetup() {
    @Override
    public void execute(ProcessEngine processEngine, String s) {

      final IdentityService identityService = processEngine.getIdentityService();

      User user = identityService.newUser(USER_ID);
      user.setPassword(PASSWORD);
      identityService.saveUser(user);

      ((ProcessEngineConfigurationImpl) processEngine.getProcessEngineConfiguration()).getCommandExecutorTxRequired().execute(new Command<Void>() {
        @Override
        public Void execute(CommandContext context) {
          IdentityInfoManager identityInfoManager = Context.getCommandContext()
            .getSession(IdentityInfoManager.class);

          UserEntity userEntity = (UserEntity) identityService.createUserQuery()
            .userId(USER_ID)
            .singleResult();

          identityInfoManager.updateUserLock(userEntity, 10, TIMESTAMP);
          return null;
        }
      });
    }
  };
}
 
Example 17
Source File: DemoDataGenerator.java    From camunda-bpm-elasticsearch with Apache License 2.0 5 votes vote down vote up
public void afterPropertiesSet() throws Exception {

    System.out.println("Generating demo data");

    scheduleInstanceStart();

    // ensure admin user exists
    IdentityService identityService = processEngine.getIdentityService();
    User user = identityService.createUserQuery().userId("demo").singleResult();
    if(user == null) {
      User newUser = identityService.newUser("demo");
      newUser.setPassword("demo");
      identityService.saveUser(newUser);
      System.out.println("Created used 'demo', password 'demo'");
      AuthorizationService authorizationService = processEngine.getAuthorizationService();

      // create group
      if(identityService.createGroupQuery().groupId(Groups.CAMUNDA_ADMIN).count() == 0) {
        Group camundaAdminGroup = identityService.newGroup(Groups.CAMUNDA_ADMIN);
        camundaAdminGroup.setName("camunda BPM Administrators");
        camundaAdminGroup.setType(Groups.GROUP_TYPE_SYSTEM);
        identityService.saveGroup(camundaAdminGroup);
      }

      // create ADMIN authorizations on all built-in resources
      for (Resource resource : Resources.values()) {
        if(authorizationService.createAuthorizationQuery().groupIdIn(Groups.CAMUNDA_ADMIN).resourceType(resource).resourceId(ANY).count() == 0) {
          AuthorizationEntity userAdminAuth = new AuthorizationEntity(AUTH_TYPE_GRANT);
          userAdminAuth.setGroupId(Groups.CAMUNDA_ADMIN);
          userAdminAuth.setResource(resource);
          userAdminAuth.setResourceId(ANY);
          userAdminAuth.addPermission(ALL);
          authorizationService.saveAuthorization(userAdminAuth);
        }
      }

      processEngine.getIdentityService()
      .createMembership("demo", Groups.CAMUNDA_ADMIN);
    }
  }
 
Example 18
Source File: DefaultUserLifecycleBean.java    From Showcase with Apache License 2.0 5 votes vote down vote up
private User createDefaultUser(String username, String password) {
    User user = identityService.newUser(username);
    user.setPassword(password);
    user.setFirstName("Educama");
    user.setLastName("User");
    identityService.saveUser(user);

    return user;
}
 
Example 19
Source File: Application.java    From camunda-spring-boot-amqp-microservice-cloud-example with Apache License 2.0 4 votes vote down vote up
public static void createDefaultUser(ProcessEngine engine) {
  // and add default user to Camunda to be ready-to-go
  if (engine.getIdentityService().createUserQuery().userId("demo").count() == 0) {
    User user = engine.getIdentityService().newUser("demo");
    user.setFirstName("Demo");
    user.setLastName("Demo");
    user.setPassword("demo");
    user.setEmail("[email protected]");
    engine.getIdentityService().saveUser(user);

    Group group = engine.getIdentityService().newGroup(Groups.CAMUNDA_ADMIN);
    group.setName("Administrators");
    group.setType(Groups.GROUP_TYPE_SYSTEM);
    engine.getIdentityService().saveGroup(group);

    for (Resource resource : Resources.values()) {
      Authorization auth = engine.getAuthorizationService().createNewAuthorization(AUTH_TYPE_GRANT);
      auth.setGroupId(Groups.CAMUNDA_ADMIN);
      auth.addPermission(ALL);
      auth.setResourceId(ANY);
      auth.setResource(resource);
      engine.getAuthorizationService().saveAuthorization(auth);
    }

    engine.getIdentityService().createMembership("demo", Groups.CAMUNDA_ADMIN);
  }

  // create default "all tasks" filter
  if (engine.getFilterService().createFilterQuery().filterName("Alle").count() == 0) {

    Map<String, Object> filterProperties = new HashMap<String, Object>();
    filterProperties.put("description", "Alle Aufgaben");
    filterProperties.put("priority", 10);

    Filter filter = engine.getFilterService().newTaskFilter() //
        .setName("Alle") //
        .setProperties(filterProperties)//
        .setOwner("demo")//
        .setQuery(engine.getTaskService().createTaskQuery());
    engine.getFilterService().saveFilter(filter);

    // and authorize demo user for it
    if (engine.getAuthorizationService().createAuthorizationQuery().resourceType(FILTER).resourceId(filter.getId()) //
        .userIdIn("demo").count() == 0) {
      Authorization managementGroupFilterRead = engine.getAuthorizationService().createNewAuthorization(Authorization.AUTH_TYPE_GRANT);
      managementGroupFilterRead.setResource(FILTER);
      managementGroupFilterRead.setResourceId(filter.getId());
      managementGroupFilterRead.addPermission(ALL);
      managementGroupFilterRead.setUserId("demo");
      engine.getAuthorizationService().saveAuthorization(managementGroupFilterRead);
    }

  }
}
 
Example 20
Source File: IdentityServiceTest.java    From camunda-bpm-platform with Apache License 2.0 4 votes vote down vote up
@Test
public void testUpdatePassword() {

  // store user with password
  User user = identityService.newUser("secureUser");
  user.setPassword("s3cret");
  identityService.saveUser(user);

  assertTrue(identityService.checkPassword(user.getId(), "s3cret"));

  user.setPassword("new-password");
  identityService.saveUser(user);

  assertTrue(identityService.checkPassword(user.getId(), "new-password"));

  identityService.deleteUser(user.getId());

}