View Javadoc
1   /*
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements.  See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership.  The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License.  You may obtain a copy of the License at
9    *
10   *   http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied.  See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  package org.apache.syncope.fit.core.reference;
20  
21  import org.apache.syncope.common.lib.policy.PasswordRuleConf;
22  import org.apache.syncope.core.persistence.api.entity.user.LinkedAccount;
23  import org.apache.syncope.core.persistence.api.entity.user.User;
24  import org.apache.syncope.core.provisioning.api.rules.PasswordRule;
25  import org.apache.syncope.core.provisioning.api.rules.PasswordRuleConfClass;
26  import org.apache.syncope.core.spring.policy.PasswordPolicyException;
27  import org.apache.syncope.core.spring.security.Encryptor;
28  import org.slf4j.Logger;
29  import org.slf4j.LoggerFactory;
30  import org.springframework.transaction.annotation.Transactional;
31  
32  @PasswordRuleConfClass(TestPasswordRuleConf.class)
33  public class TestPasswordRule implements PasswordRule {
34  
35      protected static final Logger LOG = LoggerFactory.getLogger(TestPasswordRule.class);
36  
37      private static final Encryptor ENCRYPTOR = Encryptor.getInstance();
38  
39      private TestPasswordRuleConf conf;
40  
41      @Override
42      public TestPasswordRuleConf getConf() {
43          return conf;
44      }
45  
46      @Override
47      public void setConf(final PasswordRuleConf conf) {
48          if (conf instanceof TestPasswordRuleConf) {
49              this.conf = TestPasswordRuleConf.class.cast(conf);
50          } else {
51              throw new IllegalArgumentException(
52                      PasswordRuleConf.class.getName() + " expected, got " + conf.getClass().getName());
53          }
54      }
55  
56      @Override
57      public void enforce(final String username, final String clearPassword) {
58          if (clearPassword != null && !clearPassword.endsWith(conf.getMustEndWith())) {
59              throw new PasswordPolicyException("Password not ending with " + conf.getMustEndWith());
60          }
61      }
62  
63      @Transactional(readOnly = true)
64      @Override
65      public void enforce(final User user, final String clearPassword) {
66          if (clearPassword != null && !clearPassword.endsWith(conf.getMustEndWith())) {
67              throw new PasswordPolicyException("Password not ending with " + conf.getMustEndWith());
68          }
69      }
70  
71      @Transactional(readOnly = true)
72      @Override
73      public void enforce(final LinkedAccount account) {
74          if (account.getPassword() != null) {
75              String clear = null;
76              if (account.canDecodeSecrets()) {
77                  try {
78                      clear = ENCRYPTOR.decode(account.getPassword(), account.getCipherAlgorithm());
79                  } catch (Exception e) {
80                      LOG.error("Could not decode password for {}", account, e);
81                  }
82              }
83  
84              if (clear != null && !clear.endsWith(conf.getMustEndWith())) {
85                  throw new PasswordPolicyException("Password not ending with " + conf.getMustEndWith());
86              }
87          }
88      }
89  }