Ejemplo n.º 1
0
  @Test
  public void testUpdateUserPasswordDoesntChange() throws Exception {
    String username = "******" + new RandomValueStringGenerator().generate() + "@test.org";
    ScimUser scimUser = new ScimUser(null, username, "User", "Example");
    ScimUser.Email email = new ScimUser.Email();
    email.setValue(username);
    scimUser.setEmails(Arrays.asList(email));
    scimUser.setSalt("salt");
    scimUser = db.createUser(scimUser, "password");
    assertNotNull(scimUser);
    assertEquals("salt", scimUser.getSalt());
    scimUser.setSalt("newsalt");

    String passwordHash =
        jdbcTemplate.queryForObject(
            "select password from users where id=?", new Object[] {scimUser.getId()}, String.class);
    assertNotNull(passwordHash);

    db.changePassword(scimUser.getId(), null, "password");
    assertEquals(
        passwordHash,
        jdbcTemplate.queryForObject(
            "select password from users where id=?",
            new Object[] {scimUser.getId()},
            String.class));

    db.changePassword(scimUser.getId(), "password", "password");
    assertEquals(
        passwordHash,
        jdbcTemplate.queryForObject(
            "select password from users where id=?",
            new Object[] {scimUser.getId()},
            String.class));
  }
Ejemplo n.º 2
0
 @Test
 public void canChangePasswordWithCorrectOldPassword() throws Exception {
   db.changePassword(JOE_ID, "joespassword", "koala123$marissa");
   String storedPassword =
       template.queryForObject("SELECT password from users where ID=?", String.class, JOE_ID);
   assertTrue(BCrypt.checkpw("koala123$marissa", storedPassword));
 }
Ejemplo n.º 3
0
  @Test
  public void canModifyPassword() throws Exception {
    ScimUser user = new ScimUser(null, generator.generate() + "@foo.com", "Jo", "User");
    user.addEmail(user.getUserName());
    ScimUser created = db.createUser(user, "j7hyqpassX");
    assertNull(user.getPasswordLastModified());
    assertNotNull(created.getPasswordLastModified());
    assertEquals(
        (created.getMeta().getCreated().getTime() / 1000l) * 1000l,
        created.getPasswordLastModified().getTime());
    Thread.sleep(10);
    db.changePassword(created.getId(), "j7hyqpassX", "j7hyqpassXXX");

    user = db.retrieve(created.getId());
    assertNotNull(user.getPasswordLastModified());
    assertEquals(
        (user.getMeta().getLastModified().getTime() / 1000l) * 1000l,
        user.getPasswordLastModified().getTime());
  }
Ejemplo n.º 4
0
 @Test(expected = InvalidPasswordException.class)
 public void cannotChangePasswordToNewInvalidPassword() {
   db.changePassword(JOE_ID, "joespassword", "koala123$");
 }
Ejemplo n.º 5
0
 @Test(expected = ScimResourceNotFoundException.class)
 public void cannotChangePasswordIfOldPasswordDoesntMatch() {
   db.changePassword("9999", null, "newpassword");
 }
Ejemplo n.º 6
0
 @Test(expected = BadCredentialsException.class)
 public void cannotChangePasswordNonexistentUser() {
   db.changePassword(JOE_ID, "notjoespassword", "newpassword");
 }