@Test
public void testUpdateUserPasswordDoesntChange() throws Exception {
String username = "******" + new RandomValueStringGenerator().generate() + "@test.org";
ScimUser scimUser = new ScimUser(null, username, "User", "Example");
ScimUser.Email email = new ScimUser.Email();
email.setValue(username);
scimUser.setEmails(Arrays.asList(email));
scimUser.setSalt("salt");
scimUser = db.createUser(scimUser, "password");
assertNotNull(scimUser);
assertEquals("salt", scimUser.getSalt());
scimUser.setSalt("newsalt");
String passwordHash =
jdbcTemplate.queryForObject(
"select password from users where id=?", new Object[] {scimUser.getId()}, String.class);
assertNotNull(passwordHash);
db.changePassword(scimUser.getId(), null, "password");
assertEquals(
passwordHash,
jdbcTemplate.queryForObject(
"select password from users where id=?",
new Object[] {scimUser.getId()},
String.class));
db.changePassword(scimUser.getId(), "password", "password");
assertEquals(
passwordHash,
jdbcTemplate.queryForObject(
"select password from users where id=?",
new Object[] {scimUser.getId()},
String.class));
}
@Test
public void testCreateUserCheckSalt() throws Exception {
ScimUser scimUser = new ScimUser("user-id-3", "*****@*****.**", "User", "Example");
ScimUser.Email email = new ScimUser.Email();
email.setValue("*****@*****.**");
scimUser.setEmails(Arrays.asList(email));
scimUser.setPassword("password");
scimUser.setSalt("salt");
scimUser = db.create(scimUser);
assertNotNull(scimUser);
assertEquals("salt", scimUser.getSalt());
scimUser.setSalt("newsalt");
scimUser = db.update(scimUser.getId(), scimUser);
assertNotNull(scimUser);
assertEquals("newsalt", scimUser.getSalt());
}
@Test
public void updateModifiesExpectedData() {
ScimUser jo = new ScimUser(null, "josephine", "Jo", "NewUser");
jo.addEmail("*****@*****.**");
jo.setUserType(UaaAuthority.UAA_ADMIN.getUserType());
jo.setSalt("salt");
ScimUser joe = db.update(JOE_ID, jo);
// Can change username
assertEquals("josephine", joe.getUserName());
assertEquals("*****@*****.**", joe.getPrimaryEmail());
assertEquals("Jo", joe.getGivenName());
assertEquals("NewUser", joe.getFamilyName());
assertEquals(1, joe.getVersion());
assertEquals(JOE_ID, joe.getId());
assertNull(joe.getGroups());
assertEquals("salt", joe.getSalt());
}
@Override
public ScimUser mapRow(ResultSet rs, int rowNum) throws SQLException {
String id = rs.getString(1);
int version = rs.getInt(2);
Date created = rs.getTimestamp(3);
Date lastModified = rs.getTimestamp(4);
String userName = rs.getString(5);
String email = rs.getString(6);
String givenName = rs.getString(7);
String familyName = rs.getString(8);
boolean active = rs.getBoolean(9);
String phoneNumber = rs.getString(10);
boolean verified = rs.getBoolean(11);
String origin = rs.getString(12);
String externalId = rs.getString(13);
String zoneId = rs.getString(14);
String salt = rs.getString(15);
Date passwordLastModified = rs.getTimestamp(16);
ScimUser user = new ScimUser();
user.setId(id);
ScimMeta meta = new ScimMeta();
meta.setVersion(version);
meta.setCreated(created);
meta.setLastModified(lastModified);
user.setMeta(meta);
user.setUserName(userName);
user.addEmail(email);
if (phoneNumber != null) {
user.addPhoneNumber(phoneNumber);
}
Name name = new Name();
name.setGivenName(givenName);
name.setFamilyName(familyName);
user.setName(name);
user.setActive(active);
user.setVerified(verified);
user.setOrigin(origin);
user.setExternalId(externalId);
user.setZoneId(zoneId);
user.setSalt(salt);
user.setPasswordLastModified(passwordLastModified);
return user;
}