LibreCCM
/
libreccm
3
0
Fork 0
Code Issues 10 Pull Requests Packages Releases Wiki Activity

CCM NG: ChallengeManager, provides services for email verification, account activation and password recovery. 

git-svn-id: https://svn.libreccm.org/ccm/ccm_ng@3970 8810af33-2d31-482b-a856-94f89814c4df
pull/2/head
jensp 2016-04-01 18:31:51 +00:00
parent b9397f01b7
commit b06a29d432
24 changed files with 1151 additions and 206 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

67
ccm-core/src/main/java/org/libreccm/security/ChallengeFailedException.java 100644
View File

@ -0,0 +1,67 @@
/*
* Copyright (C) 2016 LibreCCM Foundation.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
* MA 02110-1301 USA
*/
package org.libreccm.security;
/**
*
* @author <a href="mailto:jens.pelzetter@googlemail.com">Jens Pelzetter</a>
*/
public class ChallengeFailedException extends Exception {
private static final long serialVersionUID = 1L;
/**
* Creates a new instance of <code>ChallengeFailedException</code> without detail message.
*/
public ChallengeFailedException() {
super();
}
/**
* Constructs an instance of <code>ChallengeFailedException</code> with the specified detail message.
*
* @param msg The detail message.
*/
public ChallengeFailedException(final String msg) {
super(msg);
}
/**
* Constructs an instance of <code>ChallengeFailedException</code> which wraps the
* specified exception.
*
* @param exception The exception to wrap.
*/
public ChallengeFailedException(final Exception exception) {
super(exception);
}
/**
* Constructs an instance of <code>ChallengeFailedException</code> with the specified message which also wraps the
* specified exception.
*
* @param msg The detail message.
* @param exception The exception to wrap.
*/
public ChallengeFailedException(final String msg, final Exception exception) {
super(msg, exception);
}
}

233
ccm-core/src/main/java/org/libreccm/security/ChallengeManager.java
View File

@ -18,7 +18,23 @@
*/ */
package org.libreccm.security; package org.libreccm.security;
import com.arsdigita.kernel.KernelConfig;
import org.apache.commons.lang.text.StrSubstitutor;
import org.libreccm.configuration.ConfigurationManager;
import org.libreccm.configuration.LocalizedStringSetting;
import org.libreccm.l10n.GlobalizationHelper;
import org.libreccm.l10n.LocalizedString;
import java.util.HashMap;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.Objects;
import javax.enterprise.context.RequestScoped; import javax.enterprise.context.RequestScoped;
import javax.inject.Inject;
import javax.servlet.ServletContext;
/** /**
* *
@ -27,44 +43,217 @@ import javax.enterprise.context.RequestScoped;
@RequestScoped @RequestScoped
public class ChallengeManager { public class ChallengeManager {
@Inject
private GlobalizationHelper globalizationHelper;
@Inject
private ConfigurationManager configurationManager;
@Inject
private OneTimeAuthManager oneTimeAuthManager;
@Inject
private UserRepository userRepository;
@Inject
private UserManager userManager;
@Inject
private ServletContext servletContext;
public String createEmailVerification(final User user) { public String createEmailVerification(final User user) {
throw new UnsupportedOperationException(); if (user == null) {
throw new IllegalArgumentException(
"Can't create an email verification challenge for user null.");
}
return createMail(user, OneTimeAuthTokenPurpose.EMAIL_VERIFICATION);
} }
public void sendEmailVerification(final User user) { public void sendEmailVerification(final User user) {
throw new UnsupportedOperationException(); throw new UnsupportedOperationException();
} }
public void finishEmailVerification(final User user, public void finishEmailVerification(final User user,
final String submittedToken) { final String submittedToken)
throws ChallengeFailedException {
if (finishChallenge(user,
submittedToken,
OneTimeAuthTokenPurpose.EMAIL_VERIFICATION)) {
user.getPrimaryEmailAddress().setVerified(true);
userRepository.save(user);
} else {
//No matching token
throw new ChallengeFailedException(
"Submitted token does not match any active email verification "
+ "challenges.");
}
}
public String createAccountActivation(final User user) {
if (user == null) {
throw new IllegalArgumentException(
"Can't create an user activation challenge for user null.");
}
return createMail(user, OneTimeAuthTokenPurpose.ACCOUNT_ACTIVATION);
}
public void sendAccountActivation(final User user) {
throw new UnsupportedOperationException(); throw new UnsupportedOperationException();
} }
public String createEmailActivation(final User user) { public void finishAccountActivation(final User user,
throw new UnsupportedOperationException(); final String submittedToken)
} throws ChallengeFailedException {
public void sendUserActivation(final User user) { if (finishChallenge(user,
throw new UnsupportedOperationException(); submittedToken,
OneTimeAuthTokenPurpose.ACCOUNT_ACTIVATION)) {
user.setBanned(false);
userRepository.save(user);
} else {
//Not matching token
throw new ChallengeFailedException(
"Submitted token does not match any active account activation "
+ "challenges.");
}
} }
public void finishUserActivation(final User user, public String createPasswordRecover(final User user) {
final String submittedToken) { if (user == null) {
throw new UnsupportedOperationException(); throw new IllegalArgumentException(
"Can't create a password recover challenge for user null.");
}
return createMail(user, OneTimeAuthTokenPurpose.RECOVER_PASSWORD);
} }
public void sendPasswordRecover(final User user) { public void sendPasswordRecover(final User user) {
throw new UnsupportedOperationException();
} }
public void sendPasswordRevover(final User user) { public void finishPasswordRecover(final User user,
throw new UnsupportedOperationException();
}
public void finishPasswordRecover(final User user,
final String submittedToken, final String submittedToken,
final String newPassword) { final String newPassword)
throw new UnsupportedOperationException(); throws ChallengeFailedException {
if (newPassword == null || newPassword.isEmpty()) {
throw new IllegalArgumentException("New password can't be empty");
}
if (finishChallenge(user,
submittedToken,
OneTimeAuthTokenPurpose.RECOVER_PASSWORD)) {
userManager.updatePassword(user, newPassword);
} else {
//Not matching token
throw new ChallengeFailedException(
"Submitted token does not match any active password recover "
+ "challenges.");
}
}
private String createMail(final User user,
final OneTimeAuthTokenPurpose purpose) {
final OneTimeAuthToken token = oneTimeAuthManager.createForUser(
user, purpose);
final String template = retrieveEmailTemplate(purpose);
final Map<String, String> values = new HashMap<>();
values.put("expires_date", token.getValidUntil().toString());
final String path;
switch (purpose) {
case ACCOUNT_ACTIVATION:
path = "activate-account";
break;
case EMAIL_VERIFICATION:
path = "verify-email";
break;
case RECOVER_PASSWORD:
path = "recover-password";
break;
default:
throw new IllegalArgumentException(String.format(
"Unsupported value \"%s\" for purpose.",
purpose.toString()));
}
values.put("link",
String.format("%s/%s/register/%s",
servletContext.getVirtualServerName(),
servletContext.getContextPath(),
path));
final StrSubstitutor substitutor = new StrSubstitutor(values);
return substitutor.replace(template);
}
private String retrieveEmailTemplate(
final OneTimeAuthTokenPurpose purpose) {
final Locale locale = globalizationHelper.getNegotiatedLocale();
final EmailTemplates emailTemplates = configurationManager
.findConfiguration(EmailTemplates.class);
final LocalizedStringSetting setting;
switch (purpose) {
case ACCOUNT_ACTIVATION:
setting = emailTemplates.getAccountActivationMail();
break;
case EMAIL_VERIFICATION:
setting = emailTemplates.getEmailVerificationMail();
break;
case RECOVER_PASSWORD:
setting = emailTemplates.getPasswordRecoverMail();
break;
default:
throw new IllegalArgumentException(String.format(
"Unsupported value \"%s\" for purpose.",
purpose.toString()));
}
final LocalizedString localizedString = setting.getValue();
if (localizedString.hasValue(locale)) {
return localizedString.getValue(locale);
} else {
final KernelConfig kernelConfig = configurationManager
.findConfiguration(KernelConfig.class);
final Locale defaultLocale = new Locale(kernelConfig
.getDefaultLanguage());
return localizedString.getValue(defaultLocale);
}
}
private boolean finishChallenge(final User user,
final String submittedToken,
final OneTimeAuthTokenPurpose purpose)
throws ChallengeFailedException {
if (user == null || submittedToken == null) {
throw new IllegalArgumentException(
"User and/or submitted token can't be null.");
}
final List<OneTimeAuthToken> tokens = oneTimeAuthManager
.retrieveForUser(user, purpose);
if (tokens == null || tokens.isEmpty()) {
throw new ChallengeFailedException(String.format(
"No active %s challenge for user \"%s\".",
purpose.toString(),
Objects.toString(user)));
}
for (OneTimeAuthToken token : tokens) {
if (oneTimeAuthManager.isValid(token)) {
oneTimeAuthManager.invalidate(token);
return true;
} else {
oneTimeAuthManager.invalidate(token);
}
}
return false;
} }
} }

184
ccm-core/src/main/java/org/libreccm/security/EmailTemplates.java 100644
View File

@ -0,0 +1,184 @@
/*
* Copyright (C) 2016 LibreCCM Foundation.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
* MA 02110-1301 USA
*/
package org.libreccm.security;
import org.libreccm.configuration.Configuration;
import org.libreccm.configuration.LocalizedStringSetting;
import org.libreccm.configuration.Setting;
import org.libreccm.l10n.LocalizedString;
import java.util.Locale;
import java.util.Objects;
/**
* Provides several templates for emails send by CCM.
*
* @author <a href="mailto:jens.pelzetter@googlemail.com">Jens Pelzetter</a>
*/
@Configuration
public final class EmailTemplates {
@Setting
private LocalizedStringSetting emailVerificationMail;
@Setting
private LocalizedStringSetting passwordRecoverMail;
@Setting
private LocalizedStringSetting accountActivationMail;
public EmailTemplates() {
emailVerificationMail = new LocalizedStringSetting();
emailVerificationMail.setValue(new LocalizedString());
emailVerificationMail.getValue().addValue(
Locale.ENGLISH,
"Please follow the following link to finish the email verfication "
+ "process:\n"
+ "\n"
+ "${link}"
+ "\n\n"
+ "Please be aware that your verification token expires"
+ "at ${expires_date}.");
emailVerificationMail.getValue().addValue(
Locale.GERMAN,
"Bitte folgen Sie dem folgenden Link, um die Überprüfung ihrer E-"
+ "Mail-Adresse abzuschließen:\n"
+ "\n"
+ "${link}"
+ "\n\n"
+ "Bitte beachten Sie, dass Sie den Prozess bis zu folgendem "
+ "Zeitpunkt abschließen müssen: ${expires_date}");
passwordRecoverMail = new LocalizedStringSetting();
passwordRecoverMail.setValue(new LocalizedString());
passwordRecoverMail.getValue().addValue(
Locale.ENGLISH,
"Please follow the following link to complete the password recover "
+ "process:\n"
+ "\n"
+ "${link}"
+ "\n\n"
+ "Please be aware that you must complete the process until "
+ "${expires_date}");
passwordRecoverMail.getValue().addValue(
Locale.GERMAN,
"Bitte folgen Sie dem folgenden Link um ein neues Passwort "
+ "einzugeben:\n"
+ "\n"
+ "${link}"
+ "\n\n"
+ "Bitte beachten Sie, dass den den Prozess bis zu folgenden "
+ "Zeitpunkt abschließen müsssen: ${expires_date}");
accountActivationMail = new LocalizedStringSetting();
accountActivationMail.setValue(new LocalizedString());
accountActivationMail.getValue().addValue(
Locale.ENGLISH,
"Please follow the following link to enable your new account:\n"
+ "\n"
+ "${link}"
+ "\n\n"
+ "Please be aware that you must activate your account before "
+ "${expires_date}.");
accountActivationMail.getValue().addValue(
Locale.GERMAN,
"Bitte folgen Sie den folgendem Link, um ihr Benutzerkonto zu "
+ "aktivieren:\n"
+ "\n"
+ "${link}"
+ "\n\n"
+ "Bitte beachten Sie, dass Sie ihr Benutzerkonto spätestens"
+ "bis zu folgendem Zeitpunkt aktivieren müssen: ${expires_date}");
}
public LocalizedStringSetting getEmailVerificationMail() {
return emailVerificationMail;
}
public void setEmailVerificationMail(
LocalizedStringSetting emailVerificationMail) {
this.emailVerificationMail = emailVerificationMail;
}
public LocalizedStringSetting getPasswordRecoverMail() {
return passwordRecoverMail;
}
public void setPasswordRecoverMail(
LocalizedStringSetting passwordRecoverMail) {
this.passwordRecoverMail = passwordRecoverMail;
}
public LocalizedStringSetting getAccountActivationMail() {
return accountActivationMail;
}
public void setAccountActivationMail(
LocalizedStringSetting accountActivationMail) {
this.accountActivationMail = accountActivationMail;
}
@Override
public int hashCode() {
int hash = 5;
hash = 53 * hash + Objects.hashCode(emailVerificationMail);
hash = 53 * hash + Objects.hashCode(passwordRecoverMail);
hash = 53 * hash + Objects.hashCode(accountActivationMail);
return hash;
}
@Override
public boolean equals(final Object obj) {
if (this == obj) {
return true;
}
if (obj == null) {
return false;
}
if (!(obj instanceof EmailTemplates)) {
return false;
}
final EmailTemplates other = (EmailTemplates) obj;
if (!Objects.equals(emailVerificationMail,
other.getEmailVerificationMail())) {
return false;
}
if (!Objects.equals(passwordRecoverMail,
other.getPasswordRecoverMail())) {
return false;
}
return Objects.equals(accountActivationMail,
other.getAccountActivationMail());
}
@Override
public String toString() {
return String.format("%s{ "
+ "emailVerificationMail = { %s }, "
+ "passwordRecoverMail = { %s }, "
+ "accountActivationMail = { %s }"
+ " }",
super.toString(),
Objects.toString(emailVerificationMail),
Objects.toString(passwordRecoverMail),
Objects.toString(accountActivationMail));
}
}

81
ccm-core/src/main/java/org/libreccm/security/OneTimeAuthManager.java
View File

@ -51,28 +51,28 @@ public class OneTimeAuthManager {
* *
* This method generates the token <em>and</em> saves it in the database. * This method generates the token <em>and</em> saves it in the database.
* *
* @param user The user for which the one time auth token is generated. * @param user The user for which the one time auth token is generated.
* @param purpose The purpose for which the token is generated. * @param purpose The purpose for which the token is generated.
* *
* @return The one time auth token. * @return The one time auth token.
*/ */
public OneTimeAuthToken createForUser( public OneTimeAuthToken createForUser(
final User user, final OneTimeAuthTokenPurpose purpose) { final User user, final OneTimeAuthTokenPurpose purpose) {
if (user == null || purpose == null) { if (user == null || purpose == null) {
throw new IllegalArgumentException( throw new IllegalArgumentException(
"user and purpose and mandatory for creating a one " "user and purpose and mandatory for creating a one "
+ "time auth token."); + "time auth token.");
} }
final OneTimeAuthConfig config = configurationManager.findConfiguration( final OneTimeAuthConfig config = configurationManager.findConfiguration(
OneTimeAuthConfig.class); OneTimeAuthConfig.class);
final OneTimeAuthToken token = new OneTimeAuthToken(); final OneTimeAuthToken token = new OneTimeAuthToken();
token.setUser(user); token.setUser(user);
token.setPurpose(purpose); token.setPurpose(purpose);
final String tokenStr = RandomStringUtils.randomAscii(config. final String tokenStr = RandomStringUtils.randomAscii(config.
getTokenLength()); getTokenLength());
token.setToken(tokenStr); token.setToken(tokenStr);
final LocalDateTime now = LocalDateTime.now(ZoneOffset.UTC); final LocalDateTime now = LocalDateTime.now(ZoneOffset.UTC);
@ -90,64 +90,67 @@ public class OneTimeAuthManager {
* Retrieves the one time auth token for the provided user and purpose. This * Retrieves the one time auth token for the provided user and purpose. This
* method does <strong>not</strong> not check of the token is still valid! * method does <strong>not</strong> not check of the token is still valid!
* *
* @param user The user for which the token is retrieved. * @param user The user for which the token is retrieved.
* @param purpose The purpose of the token to retrieve. * @param purpose The purpose of the token to retrieve.
* *
* @return The one time auth token for the provided user and purpose or * @return The one time auth token for the provided user and purpose or
* {@code null} if there is no such token. * {@code null} if there is no such token.
*/ */
public Optional<OneTimeAuthToken> retrieveForUser( public List<OneTimeAuthToken> retrieveForUser(
final User user, final OneTimeAuthTokenPurpose purpose) { final User user, final OneTimeAuthTokenPurpose purpose) {
if (user == null || purpose == null) { if (user == null || purpose == null) {
throw new IllegalArgumentException( throw new IllegalArgumentException(
"user and purpose and mandatory for retrieving a one " "user and purpose and mandatory for retrieving a one "
+ "time auth token."); + "time auth token.");
} }
final TypedQuery query = entityManager.createNamedQuery( final TypedQuery<OneTimeAuthToken> query = entityManager
"OneTimeAuthToken.findByUserAndPurpose", OneTimeAuthToken.class); .createNamedQuery("OneTimeAuthToken.findByUserAndPurpose",
OneTimeAuthToken.class);
query.setParameter("user", user); query.setParameter("user", user);
query.setParameter("purpose", purpose); query.setParameter("purpose", purpose);
final List<OneTimeAuthToken> queryResult = query.getResultList(); return query.getResultList();
if (queryResult.isEmpty()) {
return Optional.empty();
} else {
return Optional.of(queryResult.get(0));
}
} }
/** /**
* Checks of there is a valid one time auth token for the provided user and * Checks of there is a {@link OneTimeAuthToken} which has not been expired
* purpose. * for the provided user and purpose.
* *
* @param user The user. * @param user The user.
* @param purpose The purpose of the token. * @param purpose The purpose of the token.
* *
* @return {@code true} if there is a valid token for the provided user and * @return {@code true} if there is a valid token for the provided user and
* purpose, {@code false} if not. * purpose, {@code false} if not.
*/ */
public boolean validTokenExistsForUser( public boolean validTokenExistsForUser(
final User user, final OneTimeAuthTokenPurpose purpose) { final User user, final OneTimeAuthTokenPurpose purpose) {
if (user == null || purpose == null) { if (user == null || purpose == null) {
throw new IllegalArgumentException( throw new IllegalArgumentException(
"user and purpose and mandatory for validiting a one time " "user and purpose and mandatory for validiting a one time "
+ "auth token."); + "auth token.");
} }
final Optional<OneTimeAuthToken> token = retrieveForUser(user, purpose); final List<OneTimeAuthToken> tokens = retrieveForUser(user, purpose);
if (token.isPresent()) { if (tokens == null || tokens.isEmpty()) {
return isValid(token.get());
} else {
return false; return false;
} else {
boolean result = false;
for(OneTimeAuthToken token : tokens) {
if (isValid(token)) {
result = true;
break;
}
}
return result;
} }
} }
/** /**
* Validates a {@link OneTimeAuthToken}. * Checks of the provided @link OneTimeAuthToken} is not expired.
* *
* @param token The token to valid. * @param token The token to validate.
* *
* @return {@code true} if the token is valid, {@code false} if not. * @return {@code true} if the token is valid, {@code false} if not.
*/ */
public boolean isValid(final OneTimeAuthToken token) { public boolean isValid(final OneTimeAuthToken token) {
@ -156,22 +159,22 @@ public class OneTimeAuthManager {
} }
final LocalDateTime validUntil = LocalDateTime. final LocalDateTime validUntil = LocalDateTime.
ofInstant(token.getValidUntil().toInstant(), ofInstant(token.getValidUntil().toInstant(),
ZoneOffset.UTC); ZoneOffset.UTC);
final LocalDateTime now = LocalDateTime.now(ZoneOffset.UTC); final LocalDateTime now = LocalDateTime.now(ZoneOffset.UTC);
return validUntil.isAfter(now); return validUntil.isAfter(now);
} }
/** /**
* Invalides (deletes) a {@link OneTimeAuthToken}. * Invalides (deletes) a {@link OneTimeAuthToken}.
* *
* @param token The token to invalidate. * @param token The token to invalidate.
*/ */
public void invalidate(final OneTimeAuthToken token) { public void invalidate(final OneTimeAuthToken token) {
if (token == null) { if (token == null) {
throw new IllegalArgumentException("Can't invalidate a token null"); throw new IllegalArgumentException("Can't invalidate a token null");
} }
entityManager.remove(token); entityManager.remove(token);
} }

5
ccm-core/src/test/java/org/libreccm/security/DatasetsXmlTest.java
View File

@ -41,6 +41,11 @@ public class DatasetsXmlTest extends DatasetsVerifier {
@Parameterized.Parameters(name = "Dataset {0}") @Parameterized.Parameters(name = "Dataset {0}")
public static Collection<String> data() { public static Collection<String> data() {
return Arrays.asList(new String[]{ return Arrays.asList(new String[]{
"/datasets/org/libreccm/security/ChallengeManagerTest/data.xml",
"/datasets/org/libreccm/security/ChallengeManagerTest/after-create-email-verification.xml",
"/datasets/org/libreccm/security/ChallengeManagerTest/after-create-account-activation.xml",
"/datasets/org/libreccm/security/ChallengeManagerTest/after-create-password-recovery.xml",
"/datasets/org/libreccm/security/OneTimeAuthManagerTest/data.xml", "/datasets/org/libreccm/security/OneTimeAuthManagerTest/data.xml",
"/datasets/org/libreccm/security/OneTimeAuthManagerTest/after-create.xml", "/datasets/org/libreccm/security/OneTimeAuthManagerTest/after-create.xml",
"/datasets/org/libreccm/security/OneTimeAuthManagerTest/after-invalidate.xml",}); "/datasets/org/libreccm/security/OneTimeAuthManagerTest/after-invalidate.xml",});

16
ccm-core/src/test/java/org/libreccm/security/GroupManagerTest.java
View File

@ -18,18 +18,11 @@
*/ */
package org.libreccm.security; package org.libreccm.security;
import com.arsdigita.kernel.security.SecurityConfig;
import com.arsdigita.util.UncheckedWrapperException;
import com.arsdigita.util.parameter.AbstractParameterContext;
import com.arsdigita.web.CCMApplicationContextListener;
import com.arsdigita.xml.XML;
import com.arsdigita.xml.formatters.DateTimeFormatter;
import java.io.File; import java.io.File;
import javax.inject.Inject; import javax.inject.Inject;
import nl.jqno.equalsverifier.EqualsVerifier;
import org.jboss.arquillian.container.test.api.Deployment; import org.jboss.arquillian.container.test.api.Deployment;
import org.jboss.arquillian.container.test.api.ShouldThrowException; import org.jboss.arquillian.container.test.api.ShouldThrowException;
import org.jboss.arquillian.junit.Arquillian; import org.jboss.arquillian.junit.Arquillian;
@ -52,14 +45,7 @@ import org.junit.BeforeClass;
import org.junit.Test; import org.junit.Test;
import org.junit.experimental.categories.Category; import org.junit.experimental.categories.Category;
import org.junit.runner.RunWith; import org.junit.runner.RunWith;
import org.libreccm.categorization.Categorization;
import org.libreccm.core.CcmObject;
import org.libreccm.jpa.EntityManagerProducer;
import org.libreccm.jpa.utils.MimeTypeConverter;
import org.libreccm.l10n.LocalizedString;
import org.libreccm.tests.categories.IntegrationTest; import org.libreccm.tests.categories.IntegrationTest;
import org.libreccm.web.CcmApplication;
import org.libreccm.workflow.Workflow;
import static org.hamcrest.Matchers.*; import static org.hamcrest.Matchers.*;
import static org.junit.Assert.*; import static org.junit.Assert.*;
@ -122,6 +108,8 @@ public class GroupManagerTest {
"LibreCCM-org.libreccm.security.GroupManagerTest.war") "LibreCCM-org.libreccm.security.GroupManagerTest.war")
.addPackage(org.libreccm.categorization.Categorization.class .addPackage(org.libreccm.categorization.Categorization.class
.getPackage()) .getPackage())
.addPackage(org.libreccm.configuration.ConfigurationManager.class
.getPackage())
.addPackage(org.libreccm.core.CcmObject.class.getPackage()) .addPackage(org.libreccm.core.CcmObject.class.getPackage())
.addPackage(org.libreccm.jpa.EntityManagerProducer.class .addPackage(org.libreccm.jpa.EntityManagerProducer.class
.getPackage()) .getPackage())

34
ccm-core/src/test/java/org/libreccm/security/GroupRepositoryTest.java
View File

@ -52,15 +52,7 @@ import org.junit.BeforeClass;
import org.junit.Test; import org.junit.Test;
import org.junit.experimental.categories.Category; import org.junit.experimental.categories.Category;
import org.junit.runner.RunWith; import org.junit.runner.RunWith;
import org.libreccm.categorization.Categorization;
import org.libreccm.core.CcmObject;
import org.libreccm.jpa.EntityManagerProducer;
import org.libreccm.jpa.utils.MimeTypeConverter;
import org.libreccm.l10n.LocalizedString;
import org.libreccm.tests.categories.IntegrationTest; import org.libreccm.tests.categories.IntegrationTest;
import org.libreccm.testutils.EqualsVerifier;
import org.libreccm.web.CcmApplication;
import org.libreccm.workflow.Workflow;
/** /**
* *
@ -121,16 +113,22 @@ public class GroupRepositoryTest {
return ShrinkWrap return ShrinkWrap
.create(WebArchive.class, .create(WebArchive.class,
"LibreCCM-org.libreccm.security.UserRepositoryTest.war") "LibreCCM-org.libreccm.security.UserRepositoryTest.war")
.addPackage(User.class.getPackage()) .addPackage(org.libreccm.security.User.class.getPackage())
.addPackage(CcmObject.class.getPackage()) .addPackage(org.libreccm.core.CcmObject.class.getPackage())
.addPackage(Categorization.class.getPackage()) .addPackage(org.libreccm.categorization.Categorization.class
.addPackage(LocalizedString.class.getPackage()) .getPackage())
.addPackage(CcmApplication.class.getPackage()) .addPackage(org.libreccm.configuration.ConfigurationManager.class
.addPackage(Workflow.class.getPackage()) .getPackage())
.addPackage(EntityManagerProducer.class.getPackage()) .addPackage(org.libreccm.l10n.LocalizedString.class.getPackage())
.addPackage(MimeTypeConverter.class.getPackage()) .addPackage(org.libreccm.web.CcmApplication.class.getPackage())
.addPackage(EqualsVerifier.class.getPackage()) .addPackage(org.libreccm.workflow.Workflow.class.getPackage())
.addPackage(IntegrationTest.class.getPackage()) .addPackage(org.libreccm.jpa.EntityManagerProducer.class
.getPackage())
.addPackage(org.libreccm.jpa.utils.MimeTypeConverter.class
.getPackage())
.addPackage(org.libreccm.testutils.EqualsVerifier.class.getPackage())
.addPackage(org.libreccm.tests.categories.IntegrationTest.class
.getPackage())
.addAsLibraries(libs) .addAsLibraries(libs)
.addAsResource("test-persistence.xml", .addAsResource("test-persistence.xml",
"META-INF/persistence.xml") "META-INF/persistence.xml")

44
ccm-core/src/test/java/org/libreccm/security/OneTimeAuthManagerTest.java
View File

@ -24,8 +24,10 @@ import java.time.ZoneOffset;
import java.time.temporal.ChronoUnit; import java.time.temporal.ChronoUnit;
import java.util.Date; import java.util.Date;
import java.util.Optional; import java.util.Optional;
import javax.inject.Inject; import javax.inject.Inject;
import javax.persistence.EntityManager; import javax.persistence.EntityManager;
import org.jboss.arquillian.container.test.api.Deployment; import org.jboss.arquillian.container.test.api.Deployment;
import org.jboss.arquillian.container.test.api.ShouldThrowException; import org.jboss.arquillian.container.test.api.ShouldThrowException;
import org.jboss.arquillian.junit.Arquillian; import org.jboss.arquillian.junit.Arquillian;
@ -48,15 +50,9 @@ import org.junit.BeforeClass;
import org.junit.Test; import org.junit.Test;
import org.junit.experimental.categories.Category; import org.junit.experimental.categories.Category;
import org.junit.runner.RunWith; import org.junit.runner.RunWith;
import org.libreccm.categorization.Categorization;
import org.libreccm.core.CcmObject;
import org.libreccm.jpa.EntityManagerProducer;
import org.libreccm.jpa.utils.MimeTypeConverter;
import org.libreccm.l10n.LocalizedString;
import org.libreccm.tests.categories.IntegrationTest; import org.libreccm.tests.categories.IntegrationTest;
import org.libreccm.testutils.EqualsVerifier;
import org.libreccm.web.CcmApplication; import java.util.List;
import org.libreccm.workflow.Workflow;
import static org.hamcrest.Matchers.*; import static org.hamcrest.Matchers.*;
import static org.junit.Assert.*; import static org.junit.Assert.*;
@ -78,9 +74,6 @@ public class OneTimeAuthManagerTest {
@Inject @Inject
private UserRepository userRepository; private UserRepository userRepository;
@Inject
private EntityManager entityManager;
public OneTimeAuthManagerTest() { public OneTimeAuthManagerTest() {
} }
@ -206,13 +199,14 @@ public class OneTimeAuthManagerTest {
public void retrieveTokenForUser() { public void retrieveTokenForUser() {
final User jdoe = userRepository.findByName("jdoe"); final User jdoe = userRepository.findByName("jdoe");
final Optional<OneTimeAuthToken> result = oneTimeAuthManager. final List<OneTimeAuthToken> result = oneTimeAuthManager.
retrieveForUser( retrieveForUser(
jdoe, OneTimeAuthTokenPurpose.EMAIL_VERIFICATION); jdoe, OneTimeAuthTokenPurpose.EMAIL_VERIFICATION);
assertThat(result.isPresent(), is(true)); assertThat(result, is(not(nullValue())));
assertThat(result, is(not(empty())));
final OneTimeAuthToken token = result.get(); final OneTimeAuthToken token = result.get(0);
assertThat(token.getUser(), is(not(nullValue()))); assertThat(token.getUser(), is(not(nullValue())));
assertThat(token.getUser().getName(), is(equalTo("jdoe"))); assertThat(token.getUser().getName(), is(equalTo("jdoe")));
assertThat(token.getToken(), is(equalTo( assertThat(token.getToken(), is(equalTo(
@ -226,11 +220,11 @@ public class OneTimeAuthManagerTest {
public void retrieveNotExistingTokenForUser() { public void retrieveNotExistingTokenForUser() {
final User mmuster = userRepository.findByName("mmuster"); final User mmuster = userRepository.findByName("mmuster");
final Optional<OneTimeAuthToken> result = oneTimeAuthManager. final List<OneTimeAuthToken> result = oneTimeAuthManager.
retrieveForUser( retrieveForUser(
mmuster, OneTimeAuthTokenPurpose.EMAIL_VERIFICATION); mmuster, OneTimeAuthTokenPurpose.EMAIL_VERIFICATION);
assertThat(result.isPresent(), is(false)); assertThat(result, is(empty()));
} }
@Test(expected = IllegalArgumentException.class) @Test(expected = IllegalArgumentException.class)
@ -308,12 +302,12 @@ public class OneTimeAuthManagerTest {
public void isValid() { public void isValid() {
final User jdoe = userRepository.findByName("jdoe"); final User jdoe = userRepository.findByName("jdoe");
final Optional<OneTimeAuthToken> result = oneTimeAuthManager. final List<OneTimeAuthToken> result = oneTimeAuthManager.
retrieveForUser( retrieveForUser(
jdoe, OneTimeAuthTokenPurpose.EMAIL_VERIFICATION); jdoe, OneTimeAuthTokenPurpose.EMAIL_VERIFICATION);
assertThat(result.isPresent(), is(true)); assertThat(result, is(not(empty())));
assertThat(oneTimeAuthManager.isValid(result.get()), is(true)); assertThat(oneTimeAuthManager.isValid(result.get(0)), is(true));
} }
@Test @Test
@ -323,12 +317,12 @@ public class OneTimeAuthManagerTest {
public void isInvalid() { public void isInvalid() {
final User jdoe = userRepository.findByName("jdoe"); final User jdoe = userRepository.findByName("jdoe");
final Optional<OneTimeAuthToken> result = oneTimeAuthManager. final List<OneTimeAuthToken> result = oneTimeAuthManager.
retrieveForUser( retrieveForUser(
jdoe, OneTimeAuthTokenPurpose.EMAIL_VERIFICATION); jdoe, OneTimeAuthTokenPurpose.EMAIL_VERIFICATION);
assertThat(result.isPresent(), is(true)); assertThat(result, is(not(empty())));
final OneTimeAuthToken token = result.get(); final OneTimeAuthToken token = result.get(0);
final LocalDateTime date = LocalDateTime final LocalDateTime date = LocalDateTime
.now(ZoneOffset.UTC).minus(1800, ChronoUnit.SECONDS); .now(ZoneOffset.UTC).minus(1800, ChronoUnit.SECONDS);
@ -357,12 +351,12 @@ public class OneTimeAuthManagerTest {
public void invalidateToken() { public void invalidateToken() {
final User jdoe = userRepository.findByName("jdoe"); final User jdoe = userRepository.findByName("jdoe");
final Optional<OneTimeAuthToken> result = oneTimeAuthManager. final List<OneTimeAuthToken> result = oneTimeAuthManager.
retrieveForUser( retrieveForUser(
jdoe, OneTimeAuthTokenPurpose.EMAIL_VERIFICATION); jdoe, OneTimeAuthTokenPurpose.EMAIL_VERIFICATION);
assertThat(result.isPresent(), is(true)); assertThat(result, is(not(empty())));
oneTimeAuthManager.invalidate(result.get()); oneTimeAuthManager.invalidate(result.get(0));
} }
@Test(expected = IllegalArgumentException.class) @Test(expected = IllegalArgumentException.class)

34
ccm-core/src/test/java/org/libreccm/security/PartyRepositoryTest.java
View File

@ -42,16 +42,8 @@ import org.junit.BeforeClass;
import org.junit.Test; import org.junit.Test;
import org.junit.experimental.categories.Category; import org.junit.experimental.categories.Category;
import org.junit.runner.RunWith; import org.junit.runner.RunWith;
import org.libreccm.categorization.Categorization;
import org.libreccm.core.CcmObject;
import org.libreccm.core.EmailAddress; import org.libreccm.core.EmailAddress;
import org.libreccm.jpa.EntityManagerProducer;
import org.libreccm.jpa.utils.MimeTypeConverter;
import org.libreccm.l10n.LocalizedString;
import org.libreccm.tests.categories.IntegrationTest; import org.libreccm.tests.categories.IntegrationTest;
import org.libreccm.testutils.EqualsVerifier;
import org.libreccm.web.CcmApplication;
import org.libreccm.workflow.Workflow;
import java.io.File; import java.io.File;
import java.util.List; import java.util.List;
@ -120,16 +112,22 @@ public class PartyRepositoryTest {
return ShrinkWrap return ShrinkWrap
.create(WebArchive.class, .create(WebArchive.class,
"LibreCCM-org.libreccm.security.UserRepositoryTest.war") "LibreCCM-org.libreccm.security.UserRepositoryTest.war")
.addPackage(User.class.getPackage()) .addPackage(org.libreccm.security.User.class.getPackage())
.addPackage(CcmObject.class.getPackage()) .addPackage(org.libreccm.core.CcmObject.class.getPackage())
.addPackage(Categorization.class.getPackage()) .addPackage(org.libreccm.categorization.Categorization.class
.addPackage(LocalizedString.class.getPackage()) .getPackage())
.addPackage(CcmApplication.class.getPackage()) .addPackage(org.libreccm.configuration.ConfigurationManager.class
.addPackage(Workflow.class.getPackage()) .getPackage())
.addPackage(EntityManagerProducer.class.getPackage()) .addPackage(org.libreccm.l10n.LocalizedString.class.getPackage())
.addPackage(MimeTypeConverter.class.getPackage()) .addPackage(org.libreccm.web.CcmApplication.class.getPackage())
.addPackage(EqualsVerifier.class.getPackage()) .addPackage(org.libreccm.workflow.Workflow.class.getPackage())
.addPackage(IntegrationTest.class.getPackage()) .addPackage(org.libreccm.jpa.EntityManagerProducer.class
.getPackage())
.addPackage(org.libreccm.jpa.utils.MimeTypeConverter.class
.getPackage())
.addPackage(org.libreccm.testutils.EqualsVerifier.class.getPackage())
.addPackage(org.libreccm.tests.categories.IntegrationTest.class
.getPackage())
.addAsLibraries(libs) .addAsLibraries(libs)
.addAsResource("test-persistence.xml", .addAsResource("test-persistence.xml",
"META-INF/persistence.xml") "META-INF/persistence.xml")

34
ccm-core/src/test/java/org/libreccm/security/RoleRepositoryTest.java
View File

@ -40,15 +40,7 @@ import org.junit.BeforeClass;
import org.junit.Test; import org.junit.Test;
import org.junit.experimental.categories.Category; import org.junit.experimental.categories.Category;
import org.junit.runner.RunWith; import org.junit.runner.RunWith;
import org.libreccm.categorization.Categorization;
import org.libreccm.core.CcmObject;
import org.libreccm.jpa.EntityManagerProducer;
import org.libreccm.jpa.utils.MimeTypeConverter;
import org.libreccm.l10n.LocalizedString;
import org.libreccm.tests.categories.IntegrationTest; import org.libreccm.tests.categories.IntegrationTest;
import org.libreccm.testutils.EqualsVerifier;
import org.libreccm.web.CcmApplication;
import org.libreccm.workflow.Workflow;
import java.io.File; import java.io.File;
import java.util.List; import java.util.List;
@ -117,16 +109,22 @@ public class RoleRepositoryTest {
return ShrinkWrap return ShrinkWrap
.create(WebArchive.class, .create(WebArchive.class,
"LibreCCM-org.libreccm.security.RoleRepositoryTest.war") "LibreCCM-org.libreccm.security.RoleRepositoryTest.war")
.addPackage(User.class.getPackage()) .addPackage(org.libreccm.security.User.class.getPackage())
.addPackage(CcmObject.class.getPackage()) .addPackage(org.libreccm.core.CcmObject.class.getPackage())
.addPackage(Categorization.class.getPackage()) .addPackage(org.libreccm.categorization.Categorization.class
.addPackage(LocalizedString.class.getPackage()) .getPackage())
.addPackage(CcmApplication.class.getPackage()) .addPackage(org.libreccm.configuration.ConfigurationManager.class
.addPackage(Workflow.class.getPackage()) .getPackage())
.addPackage(EntityManagerProducer.class.getPackage()) .addPackage(org.libreccm.l10n.LocalizedString.class.getPackage())
.addPackage(MimeTypeConverter.class.getPackage()) .addPackage(org.libreccm.web.CcmApplication.class.getPackage())
.addPackage(EqualsVerifier.class.getPackage()) .addPackage(org.libreccm.workflow.Workflow.class.getPackage())
.addPackage(IntegrationTest.class.getPackage()) .addPackage(org.libreccm.jpa.EntityManagerProducer.class
.getPackage())
.addPackage(org.libreccm.jpa.utils.MimeTypeConverter.class
.getPackage())
.addPackage(org.libreccm.testutils.EqualsVerifier.class.getPackage())
.addPackage(org.libreccm.tests.categories.IntegrationTest.class
.getPackage())
.addAsLibraries(libs) .addAsLibraries(libs)
.addAsResource("test-persistence.xml", .addAsResource("test-persistence.xml",
"META-INF/persistence.xml") "META-INF/persistence.xml")

15
ccm-core/src/test/java/org/libreccm/security/SecuredCollectionTest.java
View File

@ -18,12 +18,6 @@
*/ */
package org.libreccm.security; package org.libreccm.security;
import com.arsdigita.kernel.security.SecurityConfig;
import com.arsdigita.util.UncheckedWrapperException;
import com.arsdigita.util.parameter.AbstractParameterContext;
import com.arsdigita.web.CCMApplicationContextListener;
import com.arsdigita.xml.XML;
import com.arsdigita.xml.formatters.DateTimeFormatter;
import java.io.File; import java.io.File;
import java.util.ArrayList; import java.util.ArrayList;
@ -54,19 +48,10 @@ import org.junit.BeforeClass;
import org.junit.Test; import org.junit.Test;
import org.junit.experimental.categories.Category; import org.junit.experimental.categories.Category;
import org.junit.runner.RunWith; import org.junit.runner.RunWith;
import org.libreccm.categorization.Categorization;
import org.libreccm.cdi.utils.CdiUtil;
import org.libreccm.core.CcmObject; import org.libreccm.core.CcmObject;
import org.libreccm.core.CcmObjectRepository; import org.libreccm.core.CcmObjectRepository;
import org.libreccm.jpa.EntityManagerProducer;
import org.libreccm.jpa.utils.MimeTypeConverter;
import org.libreccm.l10n.LocalizedString;
import org.libreccm.tests.categories.IntegrationTest; import org.libreccm.tests.categories.IntegrationTest;
import org.libreccm.testutils.EqualsVerifier;
import org.libreccm.web.CcmApplication;
import org.libreccm.workflow.Workflow;
import static org.hamcrest.Matchers.*; import static org.hamcrest.Matchers.*;
import static org.junit.Assert.*; import static org.junit.Assert.*;

14
ccm-core/src/test/java/org/libreccm/security/UserManagerTest.java
View File

@ -18,18 +18,11 @@
*/ */
package org.libreccm.security; package org.libreccm.security;
import com.arsdigita.kernel.security.SecurityConfig;
import com.arsdigita.util.UncheckedWrapperException;
import com.arsdigita.util.parameter.AbstractParameterContext;
import com.arsdigita.web.CCMApplicationContextListener;
import com.arsdigita.xml.XML;
import com.arsdigita.xml.formatters.DateTimeFormatter;
import java.io.File; import java.io.File;
import javax.inject.Inject; import javax.inject.Inject;
import nl.jqno.equalsverifier.EqualsVerifier;
import org.hibernate.exception.ConstraintViolationException; import org.hibernate.exception.ConstraintViolationException;
import static org.hamcrest.Matchers.*; import static org.hamcrest.Matchers.*;
@ -57,14 +50,7 @@ import org.junit.BeforeClass;
import org.junit.Test; import org.junit.Test;
import org.junit.experimental.categories.Category; import org.junit.experimental.categories.Category;
import org.junit.runner.RunWith; import org.junit.runner.RunWith;
import org.libreccm.categorization.Categorization;
import org.libreccm.core.CcmObject;
import org.libreccm.jpa.EntityManagerProducer;
import org.libreccm.jpa.utils.MimeTypeConverter;
import org.libreccm.l10n.LocalizedString;
import org.libreccm.tests.categories.IntegrationTest; import org.libreccm.tests.categories.IntegrationTest;
import org.libreccm.web.CcmApplication;
import org.libreccm.workflow.Workflow;
import static org.junit.Assert.*; import static org.junit.Assert.*;

34
ccm-core/src/test/java/org/libreccm/security/UserRepositoryTest.java
View File

@ -46,16 +46,8 @@ import org.junit.Before;
import org.junit.BeforeClass; import org.junit.BeforeClass;
import org.junit.experimental.categories.Category; import org.junit.experimental.categories.Category;
import org.junit.runner.RunWith; import org.junit.runner.RunWith;
import org.libreccm.categorization.Categorization;
import org.libreccm.core.CcmObject;
import org.libreccm.core.EmailAddress; import org.libreccm.core.EmailAddress;
import org.libreccm.jpa.EntityManagerProducer;
import org.libreccm.jpa.utils.MimeTypeConverter;
import org.libreccm.l10n.LocalizedString;
import org.libreccm.tests.categories.IntegrationTest; import org.libreccm.tests.categories.IntegrationTest;
import org.libreccm.testutils.EqualsVerifier;
import org.libreccm.web.CcmApplication;
import org.libreccm.workflow.Workflow;
import java.io.File; import java.io.File;
import java.util.List; import java.util.List;
@ -122,16 +114,22 @@ public class UserRepositoryTest {
return ShrinkWrap return ShrinkWrap
.create(WebArchive.class, .create(WebArchive.class,
"LibreCCM-org.libreccm.security.UserRepositoryTest.war") "LibreCCM-org.libreccm.security.UserRepositoryTest.war")
.addPackage(User.class.getPackage()) .addPackage(org.libreccm.security.User.class.getPackage())
.addPackage(CcmObject.class.getPackage()) .addPackage(org.libreccm.core.CcmObject.class.getPackage())
.addPackage(Categorization.class.getPackage()) .addPackage(org.libreccm.categorization.Categorization.class
.addPackage(LocalizedString.class.getPackage()) .getPackage())
.addPackage(CcmApplication.class.getPackage()) .addPackage(org.libreccm.configuration.Configuration.class
.addPackage(Workflow.class.getPackage()) .getPackage())
.addPackage(EntityManagerProducer.class.getPackage()) .addPackage(org.libreccm.l10n.LocalizedString.class.getPackage())
.addPackage(MimeTypeConverter.class.getPackage()) .addPackage(org.libreccm.web.CcmApplication.class.getPackage())
.addPackage(EqualsVerifier.class.getPackage()) .addPackage(org.libreccm.workflow.Workflow.class.getPackage())
.addPackage(IntegrationTest.class.getPackage()) .addPackage(org.libreccm.jpa.EntityManagerProducer.class
.getPackage())
.addPackage(org.libreccm.jpa.utils.MimeTypeConverter.class
.getPackage())
.addPackage(org.libreccm.testutils.EqualsVerifier.class.getPackage())
.addPackage(org.libreccm.tests.categories.IntegrationTest.class
.getPackage())
.addAsLibraries(libs) .addAsLibraries(libs)
.addAsResource("test-persistence.xml", .addAsResource("test-persistence.xml",
"META-INF/persistence.xml") "META-INF/persistence.xml")

56
ccm-core/src/test/resources/datasets/org/libreccm/security/ChallengeManagerTest/after-create-account-activation.xml 100644
View File

@ -0,0 +1,56 @@
<?xml version="1.0" encoding="utf-8"?>
<dataset>
<ccm_core.ccm_objects object_id="-1000"
display_name="registry"
uuid="f815d6f8-f915-4399-b16c-2e2dd76f4128"/>
<ccm_core.ccm_objects object_id="-2000"
display_name="registry_root"
uuid="1e5b1732-0a15-49b8-b4a6-8aae1a003147"/>
<ccm_core.categories object_id="-2000"
unique_id="bb93a964-bf66-424c-a22d-074d001db3b8"
name="registry-root"
enabled="true"
visible="true"
abstract_category="false"
category_order="0"/>
<ccm_core.category_domains object_id="-1000"
domain_key="registry"
root_category_id="-2000"
version="1.0"/>
<ccm_core.parties party_id="-10"
name="jdoe"/>
<ccm_core.parties party_id="-20"
name="mmuster"/>
<ccm_core.users party_id="-10"
family_name="Doe"
given_name="John"
email_address="john.doe@example.com"
password="$shiro1$SHA-512$500000$7xkDcZUN0/whJInHIvGsDw==$WhelBVmJU/cLV7lAkMOrE5B/mqCW0bUuid1WX+xBwzzAaekC5bYn9eeOFGJWhiDgmaC50ZCUmM96/iGsRoc4uA=="
bouncing="false"
banned="false"
password_reset_required="false"
verified="true"/>
<ccm_core.users party_id="-20"
family_name="Mustermann"
given_name="Max"
email_address="max.muster@example.org"
password="$shiro1$SHA-512$500000$Y7CnccN1h25sR7KCElMOXg==$CVLWBhetodaEzzhDfGjRcCFZtSW02xOnjH7xhBx0lbxO66grKIt6LWmXoUhLEydce1JZ7cbzNLYOxIwwTeqi5Q=="
bouncing="false"
banned="false"
password_reset_required="false"
verified="true"/>
<ccm_core.one_time_auth_tokens
token_id="-100"
user_id="-20"
token="biXOpuxIPXuRgx9jhk1PzZVIeKGaTmg2qTKoTQ4tl9iiweQ0e5mfmdFI1KjDwjPi"
valid_until="2032-04-01 12:00:00"
purpose="ACCOUNT_ACTIVATION"/>
</dataset>

55
ccm-core/src/test/resources/datasets/org/libreccm/security/ChallengeManagerTest/after-create-email-verification.xml 100644
View File

@ -0,0 +1,55 @@
<?xml version="1.0" encoding="utf-8"?>
<dataset>
<ccm_core.ccm_objects object_id="-1000"
display_name="registry"
uuid="f815d6f8-f915-4399-b16c-2e2dd76f4128"/>
<ccm_core.ccm_objects object_id="-2000"
display_name="registry_root"
uuid="1e5b1732-0a15-49b8-b4a6-8aae1a003147"/>
<ccm_core.categories object_id="-2000"
unique_id="bb93a964-bf66-424c-a22d-074d001db3b8"
name="registry-root"
enabled="true"
visible="true"
abstract_category="false"
category_order="0"/>
<ccm_core.category_domains object_id="-1000"
domain_key="registry"
root_category_id="-2000"
version="1.0"/>
<ccm_core.parties party_id="-10"
name="jdoe"/>
<ccm_core.parties party_id="-20"
name="mmuster"/>
<ccm_core.users party_id="-10"
family_name="Doe"
given_name="John"
email_address="john.doe@example.com"
password="$shiro1$SHA-512$500000$7xkDcZUN0/whJInHIvGsDw==$WhelBVmJU/cLV7lAkMOrE5B/mqCW0bUuid1WX+xBwzzAaekC5bYn9eeOFGJWhiDgmaC50ZCUmM96/iGsRoc4uA=="
bouncing="false"
banned="false"
password_reset_required="false"
verified="true"/>
<ccm_core.users party_id="-20"
family_name="Mustermann"
given_name="Max"
email_address="max.muster@example.org"
password="$shiro1$SHA-512$500000$Y7CnccN1h25sR7KCElMOXg==$CVLWBhetodaEzzhDfGjRcCFZtSW02xOnjH7xhBx0lbxO66grKIt6LWmXoUhLEydce1JZ7cbzNLYOxIwwTeqi5Q=="
bouncing="false"
banned="false"
password_reset_required="false"
verified="true"/>
<ccm_core.one_time_auth_tokens
token_id="-100"
user_id="-20"
token="biXOpuxIPXuRgx9jhk1PzZVIeKGaTmg2qTKoTQ4tl9iiweQ0e5mfmdFI1KjDwjPi"
valid_until="2032-04-01 12:00:00"
purpose="EMAIL_VERIFICATION"/>
</dataset>

57
ccm-core/src/test/resources/datasets/org/libreccm/security/ChallengeManagerTest/after-create-password-recover.xml 100644
View File

@ -0,0 +1,57 @@
<?xml version="1.0" encoding="utf-8"?>
<dataset>
<ccm_core.ccm_objects object_id="-1000"
display_name="registry"
uuid="f815d6f8-f915-4399-b16c-2e2dd76f4128"/>
<ccm_core.ccm_objects object_id="-2000"
display_name="registry_root"
uuid="1e5b1732-0a15-49b8-b4a6-8aae1a003147"/>
<ccm_core.categories object_id="-2000"
unique_id="bb93a964-bf66-424c-a22d-074d001db3b8"
name="registry-root"
enabled="true"
visible="true"
abstract_category="false"
category_order="0"/>
<ccm_core.category_domains object_id="-1000"
domain_key="registry"
root_category_id="-2000"
version="1.0"/>
<ccm_core.parties party_id="-10"
name="jdoe"/>
<ccm_core.parties party_id="-20"
name="mmuster"/>
<ccm_core.users party_id="-10"
family_name="Doe"
given_name="John"
email_address="john.doe@example.com"
password="$shiro1$SHA-512$500000$7xkDcZUN0/whJInHIvGsDw==$WhelBVmJU/cLV7lAkMOrE5B/mqCW0bUuid1WX+xBwzzAaekC5bYn9eeOFGJWhiDgmaC50ZCUmM96/iGsRoc4uA=="
bouncing="false"
banned="false"
password_reset_required="false"
verified="true"/>
<ccm_core.users party_id="-20"
family_name="Mustermann"
given_name="Max"
email_address="max.muster@example.org"
password="$shiro1$SHA-512$500000$Y7CnccN1h25sR7KCElMOXg==$CVLWBhetodaEzzhDfGjRcCFZtSW02xOnjH7xhBx0lbxO66grKIt6LWmXoUhLEydce1JZ7cbzNLYOxIwwTeqi5Q=="
bouncing="false"
banned="false"
password_reset_required="false"
verified="true"/>
<ccm_core.one_time_auth_tokens
token_id="-100"
user_id="-20"
token="biXOpuxIPXuRgx9jhk1PzZVIeKGaTmg2qTKoTQ4tl9iiweQ0e5mfmdFI1KjDwjPi"
valid_until="2032-04-01 12:00:00"
purpose="RECOVER_PASSWORD"/>
</dataset>

53
ccm-core/src/test/resources/datasets/org/libreccm/security/ChallengeManagerTest/after-finish-account-activation.xml 100644
View File

@ -0,0 +1,53 @@
<?xml version="1.0" encoding="utf-8"?>
<dataset>
<ccm_core.ccm_objects object_id="-1000"
display_name="registry"
uuid="f815d6f8-f915-4399-b16c-2e2dd76f4128"/>
<ccm_core.ccm_objects object_id="-2000"
display_name="registry_root"
uuid="1e5b1732-0a15-49b8-b4a6-8aae1a003147"/>
<ccm_core.categories object_id="-2000"
unique_id="bb93a964-bf66-424c-a22d-074d001db3b8"
name="registry-root"
enabled="true"
visible="true"
abstract_category="false"
category_order="0"/>
<ccm_core.category_domains object_id="-1000"
domain_key="registry"
root_category_id="-2000"
version="1.0"/>
<ccm_core.parties party_id="-10"
name="jdoe"/>
<ccm_core.parties party_id="-20"
name="mmuster"/>
<ccm_core.users party_id="-10"
family_name="Doe"
given_name="John"
email_address="john.doe@example.com"
password="$shiro1$SHA-512$500000$7xkDcZUN0/whJInHIvGsDw==$WhelBVmJU/cLV7lAkMOrE5B/mqCW0bUuid1WX+xBwzzAaekC5bYn9eeOFGJWhiDgmaC50ZCUmM96/iGsRoc4uA=="
bouncing="false"
banned="false"
password_reset_required="false"
verified="false"/>
<ccm_core.users party_id="-20"
family_name="Mustermann"
given_name="Max"
email_address="max.muster@example.org"
password="$shiro1$SHA-512$500000$Y7CnccN1h25sR7KCElMOXg==$CVLWBhetodaEzzhDfGjRcCFZtSW02xOnjH7xhBx0lbxO66grKIt6LWmXoUhLEydce1JZ7cbzNLYOxIwwTeqi5Q=="
bouncing="false"
banned="false"
password_reset_required="false"
verified="false"/>
</dataset>

52
ccm-core/src/test/resources/datasets/org/libreccm/security/ChallengeManagerTest/after-finish-email-verification.xml 100644
View File

@ -0,0 +1,52 @@
<?xml version="1.0" encoding="utf-8"?>
<dataset>
<ccm_core.ccm_objects object_id="-1000"
display_name="registry"
uuid="f815d6f8-f915-4399-b16c-2e2dd76f4128"/>
<ccm_core.ccm_objects object_id="-2000"
display_name="registry_root"
uuid="1e5b1732-0a15-49b8-b4a6-8aae1a003147"/>
<ccm_core.categories object_id="-2000"
unique_id="bb93a964-bf66-424c-a22d-074d001db3b8"
name="registry-root"
enabled="true"
visible="true"
abstract_category="false"
category_order="0"/>
<ccm_core.category_domains object_id="-1000"
domain_key="registry"
root_category_id="-2000"
version="1.0"/>
<ccm_core.parties party_id="-10"
name="jdoe"/>
<ccm_core.parties party_id="-20"
name="mmuster"/>
<ccm_core.users party_id="-10"
family_name="Doe"
given_name="John"
email_address="john.doe@example.com"
password="$shiro1$SHA-512$500000$7xkDcZUN0/whJInHIvGsDw==$WhelBVmJU/cLV7lAkMOrE5B/mqCW0bUuid1WX+xBwzzAaekC5bYn9eeOFGJWhiDgmaC50ZCUmM96/iGsRoc4uA=="
bouncing="false"
banned="false"
password_reset_required="false"
verified="false"/>
<ccm_core.users party_id="-20"
family_name="Mustermann"
given_name="Max"
email_address="max.muster@example.org"
password="$shiro1$SHA-512$500000$Y7CnccN1h25sR7KCElMOXg==$CVLWBhetodaEzzhDfGjRcCFZtSW02xOnjH7xhBx0lbxO66grKIt6LWmXoUhLEydce1JZ7cbzNLYOxIwwTeqi5Q=="
bouncing="false"
banned="false"
password_reset_required="false"
verified="true"/>
</dataset>

53
ccm-core/src/test/resources/datasets/org/libreccm/security/ChallengeManagerTest/after-finish-password-recover.xml 100644
View File

@ -0,0 +1,53 @@
<?xml version="1.0" encoding="utf-8"?>
<dataset>
<ccm_core.ccm_objects object_id="-1000"
display_name="registry"
uuid="f815d6f8-f915-4399-b16c-2e2dd76f4128"/>
<ccm_core.ccm_objects object_id="-2000"
display_name="registry_root"
uuid="1e5b1732-0a15-49b8-b4a6-8aae1a003147"/>
<ccm_core.categories object_id="-2000"
unique_id="bb93a964-bf66-424c-a22d-074d001db3b8"
name="registry-root"
enabled="true"
visible="true"
abstract_category="false"
category_order="0"/>
<ccm_core.category_domains object_id="-1000"
domain_key="registry"
root_category_id="-2000"
version="1.0"/>
<ccm_core.parties party_id="-10"
name="jdoe"/>
<ccm_core.parties party_id="-20"
name="mmuster"/>
<ccm_core.users party_id="-10"
family_name="Doe"
given_name="John"
email_address="john.doe@example.com"
password="$shiro1$SHA-512$500000$7xkDcZUN0/whJInHIvGsDw==$WhelBVmJU/cLV7lAkMOrE5B/mqCW0bUuid1WX+xBwzzAaekC5bYn9eeOFGJWhiDgmaC50ZCUmM96/iGsRoc4uA=="
bouncing="false"
banned="false"
password_reset_required="false"
verified="false"/>
<ccm_core.users party_id="-20"
family_name="Mustermann"
given_name="Max"
email_address="max.muster@example.org"
password="$shiro1$SHA-512$500000$Y7CnccN1h25sR7KCElMOXg==$CVLWBhetodaEzzhDfGjRcCFZtSW02xOnjH7xhBx0lbxO66grKIt6LWmXoUhLEydce1JZ7cbzNLYOxIwwTeqi5Q=="
bouncing="false"
banned="true"
password_reset_required="false"
verified="false"/>
</dataset>

48
ccm-core/src/test/resources/datasets/org/libreccm/security/ChallengeManagerTest/data.xml 100644
View File

@ -0,0 +1,48 @@
<?xml version="1.0" encoding="utf-8"?>
<dataset>
<ccm_core.ccm_objects object_id="-1000"
display_name="registry"
uuid="f815d6f8-f915-4399-b16c-2e2dd76f4128"/>
<ccm_core.ccm_objects object_id="-2000"
display_name="registry_root"
uuid="1e5b1732-0a15-49b8-b4a6-8aae1a003147"/>
<ccm_core.categories object_id="-2000"
unique_id="bb93a964-bf66-424c-a22d-074d001db3b8"
name="registry-root"
enabled="true"
visible="true"
abstract_category="false"
category_order="0"/>
<ccm_core.category_domains object_id="-1000"
domain_key="registry"
root_category_id="-2000"
version="1.0"/>
<ccm_core.parties party_id="-10"
name="jdoe"/>
<ccm_core.parties party_id="-20"
name="mmuster"/>
<ccm_core.users party_id="-10"
family_name="Doe"
given_name="John"
email_address="john.doe@example.com"
password="$shiro1$SHA-512$500000$7xkDcZUN0/whJInHIvGsDw==$WhelBVmJU/cLV7lAkMOrE5B/mqCW0bUuid1WX+xBwzzAaekC5bYn9eeOFGJWhiDgmaC50ZCUmM96/iGsRoc4uA=="
bouncing="false"
banned="false"
password_reset_required="false"
verified="true"/>
<ccm_core.users party_id="-20"
family_name="Mustermann"
given_name="Max"
email_address="max.muster@example.org"
password="$shiro1$SHA-512$500000$Y7CnccN1h25sR7KCElMOXg==$CVLWBhetodaEzzhDfGjRcCFZtSW02xOnjH7xhBx0lbxO66grKIt6LWmXoUhLEydce1JZ7cbzNLYOxIwwTeqi5Q=="
bouncing="false"
banned="false"
password_reset_required="false"
verified="true"/>
</dataset>

59
ccm-core/src/test/resources/datasets/org/libreccm/security/ChallengeManagerTest/finish-account-activation.xml 100644
View File

@ -0,0 +1,59 @@
<?xml version="1.0" encoding="utf-8"?>
<dataset>
<ccm_core.ccm_objects object_id="-1000"
display_name="registry"
uuid="f815d6f8-f915-4399-b16c-2e2dd76f4128"/>
<ccm_core.ccm_objects object_id="-2000"
display_name="registry_root"
uuid="1e5b1732-0a15-49b8-b4a6-8aae1a003147"/>
<ccm_core.categories object_id="-2000"
unique_id="bb93a964-bf66-424c-a22d-074d001db3b8"
name="registry-root"
enabled="true"
visible="true"
abstract_category="false"
category_order="0"/>
<ccm_core.category_domains object_id="-1000"
domain_key="registry"
root_category_id="-2000"
version="1.0"/>
<ccm_core.parties party_id="-10"
name="jdoe"/>
<ccm_core.parties party_id="-20"
name="mmuster"/>
<ccm_core.users party_id="-10"
family_name="Doe"
given_name="John"
email_address="john.doe@example.com"
password="$shiro1$SHA-512$500000$7xkDcZUN0/whJInHIvGsDw==$WhelBVmJU/cLV7lAkMOrE5B/mqCW0bUuid1WX+xBwzzAaekC5bYn9eeOFGJWhiDgmaC50ZCUmM96/iGsRoc4uA=="
bouncing="false"
banned="false"
password_reset_required="false"
verified="false"/>
<ccm_core.users party_id="-20"
family_name="Mustermann"
given_name="Max"
email_address="max.muster@example.org"
password="$shiro1$SHA-512$500000$Y7CnccN1h25sR7KCElMOXg==$CVLWBhetodaEzzhDfGjRcCFZtSW02xOnjH7xhBx0lbxO66grKIt6LWmXoUhLEydce1JZ7cbzNLYOxIwwTeqi5Q=="
bouncing="false"
banned="true"
password_reset_required="false"
verified="false"/>
<ccm_core.one_time_auth_tokens
token_id="-100"
user_id="-20"
token="biXOpuxIPXuRgx9jhk1PzZVIeKGaTmg2qTKoTQ4tl9iiweQ0e5mfmdFI1KjDwjPi"
valid_until="2032-04-01 12:00:00"
purpose="ACCOUNT_ACTIVATION"/>
</dataset>

58
ccm-core/src/test/resources/datasets/org/libreccm/security/ChallengeManagerTest/finish-email-verification.xml 100644
View File

@ -0,0 +1,58 @@
<?xml version="1.0" encoding="utf-8"?>
<dataset>
<ccm_core.ccm_objects object_id="-1000"
display_name="registry"
uuid="f815d6f8-f915-4399-b16c-2e2dd76f4128"/>
<ccm_core.ccm_objects object_id="-2000"
display_name="registry_root"
uuid="1e5b1732-0a15-49b8-b4a6-8aae1a003147"/>
<ccm_core.categories object_id="-2000"
unique_id="bb93a964-bf66-424c-a22d-074d001db3b8"
name="registry-root"
enabled="true"
visible="true"
abstract_category="false"
category_order="0"/>
<ccm_core.category_domains object_id="-1000"
domain_key="registry"
root_category_id="-2000"
version="1.0"/>
<ccm_core.parties party_id="-10"
name="jdoe"/>
<ccm_core.parties party_id="-20"
name="mmuster"/>
<ccm_core.users party_id="-10"
family_name="Doe"
given_name="John"
email_address="john.doe@example.com"
password="$shiro1$SHA-512$500000$7xkDcZUN0/whJInHIvGsDw==$WhelBVmJU/cLV7lAkMOrE5B/mqCW0bUuid1WX+xBwzzAaekC5bYn9eeOFGJWhiDgmaC50ZCUmM96/iGsRoc4uA=="
bouncing="false"
banned="false"
password_reset_required="false"
verified="false"/>
<ccm_core.users party_id="-20"
family_name="Mustermann"
given_name="Max"
email_address="max.muster@example.org"
password="$shiro1$SHA-512$500000$Y7CnccN1h25sR7KCElMOXg==$CVLWBhetodaEzzhDfGjRcCFZtSW02xOnjH7xhBx0lbxO66grKIt6LWmXoUhLEydce1JZ7cbzNLYOxIwwTeqi5Q=="
bouncing="false"
banned="false"
password_reset_required="false"
verified="false"/>
<ccm_core.one_time_auth_tokens
token_id="-100"
user_id="-20"
token="biXOpuxIPXuRgx9jhk1PzZVIeKGaTmg2qTKoTQ4tl9iiweQ0e5mfmdFI1KjDwjPi"
valid_until="2032-04-01 12:00:00"
purpose="EMAIL_VERIFICATION"/>
</dataset>

60
ccm-core/src/test/resources/datasets/org/libreccm/security/ChallengeManagerTest/finish-password-recover.xml 100644
View File

@ -0,0 +1,60 @@
<?xml version="1.0" encoding="utf-8"?>
<dataset>
<ccm_core.ccm_objects object_id="-1000"
display_name="registry"
uuid="f815d6f8-f915-4399-b16c-2e2dd76f4128"/>
<ccm_core.ccm_objects object_id="-2000"
display_name="registry_root"
uuid="1e5b1732-0a15-49b8-b4a6-8aae1a003147"/>
<ccm_core.categories object_id="-2000"
unique_id="bb93a964-bf66-424c-a22d-074d001db3b8"
name="registry-root"
enabled="true"
visible="true"
abstract_category="false"
category_order="0"/>
<ccm_core.category_domains object_id="-1000"
domain_key="registry"
root_category_id="-2000"
version="1.0"/>
<ccm_core.parties party_id="-10"
name="jdoe"/>
<ccm_core.parties party_id="-20"
name="mmuster"/>
<ccm_core.users party_id="-10"
family_name="Doe"
given_name="John"
email_address="john.doe@example.com"
password="$shiro1$SHA-512$500000$7xkDcZUN0/whJInHIvGsDw==$WhelBVmJU/cLV7lAkMOrE5B/mqCW0bUuid1WX+xBwzzAaekC5bYn9eeOFGJWhiDgmaC50ZCUmM96/iGsRoc4uA=="
bouncing="false"
banned="false"
password_reset_required="false"
verified="false"/>
<ccm_core.users party_id="-20"
family_name="Mustermann"
given_name="Max"
email_address="max.muster@example.org"
password="$shiro1$SHA-512$500000$Y7CnccN1h25sR7KCElMOXg==$CVLWBhetodaEzzhDfGjRcCFZtSW02xOnjH7xhBx0lbxO66grKIt6LWmXoUhLEydce1JZ7cbzNLYOxIwwTeqi5Q=="
bouncing="false"
banned="true"
password_reset_required="false"
verified="false"/>
<ccm_core.one_time_auth_tokens
token_id="-100"
user_id="-20"
token="biXOpuxIPXuRgx9jhk1PzZVIeKGaTmg2qTKoTQ4tl9iiweQ0e5mfmdFI1KjDwjPi"
valid_until="2032-04-01 12:00:00"
purpose="RECOVER_PASSWORD"/>
</dataset>

11
ccm-core/src/test/resources/datasets/org/libreccm/security/OneTimeAuthManagerTest/data.xml
View File

@ -45,9 +45,10 @@
password_reset_required="false" password_reset_required="false"
verified="true"/> verified="true"/>
<ccm_core.one_time_auth_tokens token_id="-100" <ccm_core.one_time_auth_tokens
user_id="-10" token_id="-100"
token="biXOpuxIPXuRgx9jhk1PzZVIeKGaTmg2qTKoTQ4tl9iiweQ0e5mfmdFI1KjDwjPi" user_id="-10"
valid_until="2032-04-01 12:00:00" token="biXOpuxIPXuRgx9jhk1PzZVIeKGaTmg2qTKoTQ4tl9iiweQ0e5mfmdFI1KjDwjPi"
purpose="EMAIL_VERIFICATION"/> valid_until="2032-04-01 12:00:00"
purpose="EMAIL_VERIFICATION"/>
</dataset> </dataset>