diff --git a/build.gradle.kts b/build.gradle.kts index 1e244ab..07c114e 100644 --- a/build.gradle.kts +++ b/build.gradle.kts @@ -88,6 +88,7 @@ dependencies { implementation("com.google.guava:guava:31.1-jre") implementation("org.liquibase:liquibase-core:4.17.2") implementation("org.keycloak:keycloak-admin-client:21.0.1") + implementation("org.keycloak:keycloak-model-jpa:21.0.1") implementation("org.springframework.boot:spring-boot-starter-amqp") implementation("org.springframework.boot:spring-boot-starter-validation") implementation("org.springframework.retry:spring-retry") diff --git a/src/main/java/com/knecon/fforesight/tenantusermanagement/service/TenantManagementService.java b/src/main/java/com/knecon/fforesight/tenantusermanagement/service/TenantManagementService.java index b3c2933..d016aaa 100644 --- a/src/main/java/com/knecon/fforesight/tenantusermanagement/service/TenantManagementService.java +++ b/src/main/java/com/knecon/fforesight/tenantusermanagement/service/TenantManagementService.java @@ -14,6 +14,7 @@ import java.util.stream.Collectors; import javax.sql.DataSource; +import org.keycloak.policy.PasswordPolicyNotMetException; import org.keycloak.representations.idm.ClientRepresentation; import org.keycloak.representations.idm.CredentialRepresentation; import org.keycloak.representations.idm.RealmRepresentation; @@ -192,6 +193,8 @@ public class TenantManagementService implements TenantProvider { if (!realmReady) { throw new ResponseStatusException(HttpStatus.INTERNAL_SERVER_ERROR, "Failed to create KC realm"); } + keycloak.getAdminClient().realms(); + System.out.println(keycloak.getAdminClient().realm("test-tenant-fforesight").toRepresentation()); generalConfigurationService.initGeneralConfiguration(tenantRequest.getTenantId()); keyCloakRoleManagerService.updateRoles(tenantRequest.getTenantId()); @@ -297,9 +300,12 @@ public class TenantManagementService implements TenantProvider { realm.setUsers(users.stream().map(this::toUserRepresentation).collect(Collectors.toList())); - var policyString = "digits and length and lowerCase and notEmail and notUsername and specialChars and upperCase"; -// PasswordPolicy passwordPolicy = PasswordPolicy.parse(session, policyString); - realm.setPasswordPolicy(policyString); + try { + realm.setPasswordPolicy("digits(1) and length(12) and lowerCase(1) and notEmail and notUsername and specialChars(1) and upperCase(1)"); + } catch (PasswordPolicyNotMetException e) { + throw new ResponseStatusException(HttpStatus.BAD_REQUEST, e.getMessage(), e); + } + keycloak.getAdminClient().realms().create(realm); } @@ -449,6 +455,7 @@ public class TenantManagementService implements TenantProvider { return tenantRepository.findAll().stream().map(this::convert).collect(Collectors.toList()); } + public TenantResponse removePasswords(TenantResponse tenantResponse) { if (tenantResponse.getDatabaseConnection() != null) { @@ -463,7 +470,7 @@ public class TenantManagementService implements TenantProvider { tenantResponse.getAzureStorageConnection().setConnectionString(PASSWORD); } - if (tenantResponse.getS3StorageConnection() != null){ + if (tenantResponse.getS3StorageConnection() != null) { tenantResponse.getS3StorageConnection().setSecret(PASSWORD); } diff --git a/src/test/java/com/knecon/fforesight/tests/TenantsTest.java b/src/test/java/com/knecon/fforesight/tests/TenantsTest.java index 0e4195d..3fe7071 100644 --- a/src/test/java/com/knecon/fforesight/tests/TenantsTest.java +++ b/src/test/java/com/knecon/fforesight/tests/TenantsTest.java @@ -21,6 +21,7 @@ import com.knecon.fforesight.tenantusermanagement.model.TenantRequest; import com.knecon.fforesight.utils.TestTenantService; import feign.FeignException; +import lombok.SneakyThrows; public class TenantsTest extends AbstractTenantUserManagementIntegrationTest { @@ -37,10 +38,13 @@ public class TenantsTest extends AbstractTenantUserManagementIntegrationTest { @Test + @SneakyThrows public void testCreateNewTenant() { testTenantService.createTestTenantIfNotExists("new_tenant", minioPort); + Thread.sleep(100000); + TenantContext.setTenantId("new_tenant"); var deploymentKey = tenantsClient.getDeploymentKey("new_tenant"); @@ -52,6 +56,7 @@ public class TenantsTest extends AbstractTenantUserManagementIntegrationTest { assertThat(tenantsClient.getTenants().stream().anyMatch(t -> t.getTenantId().equals("new_tenant"))).isTrue(); TenantContext.clear(); + } @Test diff --git a/src/test/java/com/knecon/fforesight/utils/TestTenantService.java b/src/test/java/com/knecon/fforesight/utils/TestTenantService.java index 3f0e171..c1f2009 100644 --- a/src/test/java/com/knecon/fforesight/utils/TestTenantService.java +++ b/src/test/java/com/knecon/fforesight/utils/TestTenantService.java @@ -60,7 +60,7 @@ public class TestTenantService { .tenantId(testTenantId) .displayName(testTenantId) .guid(UUID.randomUUID().toString()) - .defaultUsers(List.of(TenantUser.builder().roles(Set.of("SUPER_USER")).username("test@fforesight.com").password("secret").email("test@fforesight.com").build())) + .defaultUsers(List.of(TenantUser.builder().roles(Set.of("SUPER_USER")).username("test@fforesight.com").password("secret1234!OH").email("test@fforesight.com").build())) .databaseConnection(DatabaseConnection.builder() .driver("postgresql") .host(SpringPostgreSQLTestContainer.getInstance().getHost()) @@ -84,7 +84,7 @@ public class TestTenantService { assertThat(response.getGuid()).isNotBlank(); TenantContext.setTenantId(testTenantId); - tokenService.setUser("test@fforesight.com", "secret"); + tokenService.setUser("test@fforesight.com", "secret1234!OH"); var tenant = tenantsClient.getTenant(testTenantId); assertThat(tenant.getGuid()).isNotBlank();