RED-7292: added check, if KC password policy exists
This commit is contained in:
parent
c0b897112a
commit
98c6f27190
@ -85,7 +85,7 @@ public class TenantManagementService implements TenantProvider {
|
||||
@SneakyThrows
|
||||
public TenantResponse createTenant(TenantRequest tenantRequest) {
|
||||
|
||||
log.info("Tenants are: {}", tenantRepository.findAll().stream().map(TenantEntity::getTenantId).collect(Collectors.toList()));
|
||||
log.info("Tenants are: {}", tenantRepository.findAll().stream().map(TenantEntity::getTenantId).toList());
|
||||
log.info("Requested to create tenant for: {}", tenantRequest.getTenantId());
|
||||
|
||||
try {
|
||||
@ -297,7 +297,7 @@ public class TenantManagementService implements TenantProvider {
|
||||
rolesRepresentation.setRealm(roles);
|
||||
realm.setRoles(rolesRepresentation);
|
||||
|
||||
realm.setUsers(users.stream().map(this::toUserRepresentation).collect(Collectors.toList()));
|
||||
realm.setUsers(users.stream().map(tenantUser -> toUserRepresentation(tenantId, tenantUser)).toList());
|
||||
|
||||
realm.setPasswordPolicy("digits(1) and length(12) and lowerCase(1) and notEmail and notUsername and specialChars(1) and upperCase(1)");
|
||||
|
||||
@ -315,11 +315,11 @@ public class TenantManagementService implements TenantProvider {
|
||||
}
|
||||
|
||||
|
||||
private UserRepresentation toUserRepresentation(TenantUser redUser) {
|
||||
private UserRepresentation toUserRepresentation(String tenantId, TenantUser redUser) {
|
||||
|
||||
var credentialRepresentation = new CredentialRepresentation();
|
||||
credentialRepresentation.setType("password");
|
||||
validatePasswordWithPolicy(redUser.getPassword(), redUser.getUsername(), redUser.getEmail());
|
||||
credentialRepresentation.setType(CredentialRepresentation.PASSWORD);
|
||||
validatePasswordWithPolicy(tenantId, redUser.getPassword(), redUser.getUsername(), redUser.getEmail());
|
||||
credentialRepresentation.setValue(redUser.getPassword());
|
||||
|
||||
var user = new UserRepresentation();
|
||||
@ -346,10 +346,14 @@ public class TenantManagementService implements TenantProvider {
|
||||
}
|
||||
|
||||
|
||||
private void validatePasswordWithPolicy(String password, String username, String email) {
|
||||
private void validatePasswordWithPolicy(String tenantId, String password, String username, String email) {
|
||||
|
||||
if (password.equals(username) || !validateEmailIsNotPassword(email, password) || !checkStringContainsUpperCaseAndLowerCaseAndDigitsAndSpecialCharsAndHasLength(password)) {
|
||||
throw new ResponseStatusException(HttpStatus.BAD_REQUEST, "Password does not match password policy.");
|
||||
var realmPasswordPolicy = realmService.realm(tenantId).toRepresentation().getPasswordPolicy();
|
||||
if(realmPasswordPolicy == null || realmPasswordPolicy.isEmpty()) {
|
||||
// KC has no policy set, thus we validate it manually
|
||||
if (password.equals(username) || !validateEmailIsNotPassword(email, password) || !checkStringContainsUpperCaseAndLowerCaseAndDigitsAndSpecialCharsAndHasLength(password)) {
|
||||
throw new ResponseStatusException(HttpStatus.BAD_REQUEST, "Password does not match password policy.");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -481,7 +485,7 @@ public class TenantManagementService implements TenantProvider {
|
||||
|
||||
public List<TenantResponse> getTenants() {
|
||||
|
||||
return tenantRepository.findAll().stream().map(this::convert).collect(Collectors.toList());
|
||||
return tenantRepository.findAll().stream().map(this::convert).toList();
|
||||
}
|
||||
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user