added password policy and caught exception

2023-08-21 09:06:20 +02:00 · 2023-08-21 09:06:20 +02:00 · c904e5947c
commit c904e5947c
parent a79165bb09
4 changed files with 19 additions and 6 deletions
--- a/build.gradle.kts
+++ b/build.gradle.kts
@ -88,6 +88,7 @@ dependencies {
    implementation("com.google.guava:guava:31.1-jre")
    implementation("org.liquibase:liquibase-core:4.17.2")
    implementation("org.keycloak:keycloak-admin-client:21.0.1")
+    implementation("org.keycloak:keycloak-model-jpa:21.0.1")
    implementation("org.springframework.boot:spring-boot-starter-amqp")
    implementation("org.springframework.boot:spring-boot-starter-validation")
    implementation("org.springframework.retry:spring-retry")
--- a/src/main/java/com/knecon/fforesight/tenantusermanagement/service/TenantManagementService.java
+++ b/src/main/java/com/knecon/fforesight/tenantusermanagement/service/TenantManagementService.java
@ -14,6 +14,7 @@ import java.util.stream.Collectors;

 import javax.sql.DataSource;

+import org.keycloak.policy.PasswordPolicyNotMetException;
 import org.keycloak.representations.idm.ClientRepresentation;
 import org.keycloak.representations.idm.CredentialRepresentation;
 import org.keycloak.representations.idm.RealmRepresentation;
@ -192,6 +193,8 @@ public class TenantManagementService implements TenantProvider {
        if (!realmReady) {
            throw new ResponseStatusException(HttpStatus.INTERNAL_SERVER_ERROR, "Failed to create KC realm");
        }
+        keycloak.getAdminClient().realms();
+        System.out.println(keycloak.getAdminClient().realm("test-tenant-fforesight").toRepresentation());

        generalConfigurationService.initGeneralConfiguration(tenantRequest.getTenantId());
        keyCloakRoleManagerService.updateRoles(tenantRequest.getTenantId());
@ -297,9 +300,12 @@ public class TenantManagementService implements TenantProvider {

        realm.setUsers(users.stream().map(this::toUserRepresentation).collect(Collectors.toList()));

-        var policyString = "digits and length and lowerCase and notEmail and notUsername and specialChars and upperCase";
-//        PasswordPolicy passwordPolicy = PasswordPolicy.parse(session, policyString);
-        realm.setPasswordPolicy(policyString);
+        try {
+            realm.setPasswordPolicy("digits(1) and length(12) and lowerCase(1) and notEmail and notUsername and specialChars(1) and upperCase(1)");
+        } catch (PasswordPolicyNotMetException e) {
+            throw new ResponseStatusException(HttpStatus.BAD_REQUEST, e.getMessage(), e);
+        }
+

        keycloak.getAdminClient().realms().create(realm);
    }
@ -449,6 +455,7 @@ public class TenantManagementService implements TenantProvider {
        return tenantRepository.findAll().stream().map(this::convert).collect(Collectors.toList());
    }

+
    public TenantResponse removePasswords(TenantResponse tenantResponse) {

        if (tenantResponse.getDatabaseConnection() != null) {
@ -463,7 +470,7 @@ public class TenantManagementService implements TenantProvider {
            tenantResponse.getAzureStorageConnection().setConnectionString(PASSWORD);
        }

-        if (tenantResponse.getS3StorageConnection() != null){
+        if (tenantResponse.getS3StorageConnection() != null) {
            tenantResponse.getS3StorageConnection().setSecret(PASSWORD);
        }

--- a/src/test/java/com/knecon/fforesight/tests/TenantsTest.java
+++ b/src/test/java/com/knecon/fforesight/tests/TenantsTest.java
@ -21,6 +21,7 @@ import com.knecon.fforesight.tenantusermanagement.model.TenantRequest;
 import com.knecon.fforesight.utils.TestTenantService;

 import feign.FeignException;
+import lombok.SneakyThrows;

 public class TenantsTest extends AbstractTenantUserManagementIntegrationTest {

@ -37,10 +38,13 @@ public class TenantsTest extends AbstractTenantUserManagementIntegrationTest {


    @Test
+    @SneakyThrows
    public void testCreateNewTenant() {

        testTenantService.createTestTenantIfNotExists("new_tenant", minioPort);

+        Thread.sleep(100000);
+
        TenantContext.setTenantId("new_tenant");

        var deploymentKey = tenantsClient.getDeploymentKey("new_tenant");
@ -52,6 +56,7 @@ public class TenantsTest extends AbstractTenantUserManagementIntegrationTest {
        assertThat(tenantsClient.getTenants().stream().anyMatch(t -> t.getTenantId().equals("new_tenant"))).isTrue();

        TenantContext.clear();
+
    }

    @Test
--- a/src/test/java/com/knecon/fforesight/utils/TestTenantService.java
+++ b/src/test/java/com/knecon/fforesight/utils/TestTenantService.java
@ -60,7 +60,7 @@ public class TestTenantService {
                .tenantId(testTenantId)
                .displayName(testTenantId)
                .guid(UUID.randomUUID().toString())
-                .defaultUsers(List.of(TenantUser.builder().roles(Set.of("SUPER_USER")).username("test@fforesight.com").password("secret").email("test@fforesight.com").build()))
+                .defaultUsers(List.of(TenantUser.builder().roles(Set.of("SUPER_USER")).username("test@fforesight.com").password("secret1234!OH").email("test@fforesight.com").build()))
                .databaseConnection(DatabaseConnection.builder()
                        .driver("postgresql")
                        .host(SpringPostgreSQLTestContainer.getInstance().getHost())
@ -84,7 +84,7 @@ public class TestTenantService {
        assertThat(response.getGuid()).isNotBlank();

        TenantContext.setTenantId(testTenantId);
-        tokenService.setUser("test@fforesight.com", "secret");
+        tokenService.setUser("test@fforesight.com", "secret1234!OH");

        var tenant = tenantsClient.getTenant(testTenantId);
        assertThat(tenant.getGuid()).isNotBlank();