@Test public void mustChangePassword() { // PRE: reset vivaldi's password UserPatch userPatch = new UserPatch(); userPatch.setKey("b3cbc78d-32e6-4bd4-92e0-bbe07566a2ee"); userPatch.setPassword(new PasswordPatch.Builder().value("password321").build()); userService.update(userPatch); // 0. access as vivaldi -> succeed SyncopeClient vivaldiClient = clientFactory.create("vivaldi", "password321"); Pair<Map<String, Set<String>>, UserTO> self = vivaldiClient.self(); assertFalse(self.getRight().isMustChangePassword()); // 1. update user vivaldi (3) requirig password update userPatch = new UserPatch(); userPatch.setKey("b3cbc78d-32e6-4bd4-92e0-bbe07566a2ee"); userPatch.setMustChangePassword(new BooleanReplacePatchItem.Builder().value(true).build()); UserTO vivaldi = updateUser(userPatch).getEntity(); assertTrue(vivaldi.isMustChangePassword()); // 2. attempt to access -> fail try { vivaldiClient.getService(ResourceService.class).list(); fail(); } catch (AccessControlException e) { assertNotNull(e); assertEquals("Please change your password first", e.getMessage()); } // 3. change password vivaldiClient.getService(UserSelfService.class).changePassword("password123"); // 4. verify it worked self = clientFactory.create("vivaldi", "password123").self(); assertFalse(self.getRight().isMustChangePassword()); }