diff --git a/gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/api/component/password/PasswordPanel.java b/gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/api/component/password/PasswordPanel.java index 66a5035dadc..1bf2b11cb00 100644 --- a/gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/api/component/password/PasswordPanel.java +++ b/gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/api/component/password/PasswordPanel.java @@ -18,17 +18,17 @@ import java.util.ArrayList; import java.util.List; +import java.util.Objects; import com.evolveum.midpoint.gui.api.page.PageBase; -import com.evolveum.midpoint.prism.path.ItemPath; -import com.evolveum.midpoint.web.component.prism.ContainerStatus; -import com.evolveum.midpoint.web.component.prism.ValueStatus; +import com.evolveum.midpoint.prism.crypto.EncryptionException; +import com.evolveum.midpoint.prism.crypto.Protector; +import com.evolveum.midpoint.util.exception.SystemException; import com.evolveum.midpoint.web.page.admin.users.PageUser; import com.evolveum.midpoint.web.page.self.PageSelfProfile; -import com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsType; -import com.evolveum.midpoint.xml.ns._public.common.common_3.UserType; +import com.evolveum.midpoint.web.security.MidPointApplication; import org.apache.commons.lang.StringUtils; -import org.apache.commons.lang.Validate; +import org.apache.wicket.Application; import org.apache.wicket.ajax.AjaxRequestTarget; import org.apache.wicket.ajax.form.AjaxFormComponentUpdatingBehavior; import org.apache.wicket.ajax.markup.html.AjaxLink; @@ -48,6 +48,7 @@ import com.evolveum.midpoint.web.component.prism.InputPanel; import com.evolveum.midpoint.web.component.util.VisibleEnableBehaviour; import com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType; +import org.jetbrains.annotations.NotNull; /** * @author lazyman @@ -96,16 +97,14 @@ public boolean isVisible() { inputContainer.setOutputMarkupId(true); add(inputContainer); - final PasswordTextField password1 = new PasswordTextField(ID_PASSWORD_ONE, new PasswordModel(model)); + final PasswordTextField password1 = new PasswordTextField(ID_PASSWORD_ONE, new PasswordModel(model)); password1.setRequired(false); - password1.setResetPassword(false); password1.setOutputMarkupId(true); password1.add(new EmptyOnBlurAjaxFormUpdatingBehaviour()); inputContainer.add(password1); - final PasswordTextField password2 = new PasswordTextField(ID_PASSWORD_TWO, new Model()); + final PasswordTextField password2 = new PasswordTextField(ID_PASSWORD_TWO, new PasswordModel(Model.of(new ProtectedStringType()))); password2.setRequired(false); - password2.setResetPassword(false); password2.setOutputMarkupId(true); password2.add(new EmptyOnBlurAjaxFormUpdatingBehaviour()); inputContainer.add(password2); @@ -224,24 +223,21 @@ private static class PasswordValidator implements IValidator { private PasswordTextField p1; private PasswordTextField p2; - private PasswordValidator(PasswordTextField p1, PasswordTextField p2) { - Validate.notNull(p1, "Password field one must not be null."); - Validate.notNull(p2, "Password field two must not be null."); + private PasswordValidator(@NotNull PasswordTextField p1, @NotNull PasswordTextField p2) { this.p1 = p1; this.p2 = p2; } @Override public void validate(IValidatable validatable) { - String s1 = p1.getValue(); - String s2 = p2.getValue(); + String s1 = p1.getModelObject(); + String s2 = p2.getModelObject(); if (StringUtils.isEmpty(s1) && StringUtils.isEmpty(s2)) { return; } - boolean equal = s1 != null ? s1.equals(s2) : s2 == null; - if (!equal) { + if (!Objects.equals(s1, s2)) { validatable = p1.newValidatable(); ValidationError err = new ValidationError(); err.addKey("passwordPanel.error"); @@ -265,21 +261,30 @@ private class PasswordModel implements IModel { IModel psModel; - PasswordModel(IModel psModel) { + PasswordModel(IModel psModel) { this.psModel = psModel; - } + } @Override public void detach() { // Nothing to do } + private Protector getProtector() { + return ((MidPointApplication) Application.get()).getProtector(); + } + @Override public String getObject() { - if (psModel.getObject() == null) { + ProtectedStringType ps = psModel.getObject(); + if (ps == null) { return null; } else { - return psModel.getObject().getClearValue(); + try { + return getProtector().decryptString(ps); + } catch (EncryptionException e) { + throw new SystemException(e.getMessage(), e); // todo handle somewhat better + } } } @@ -294,8 +299,12 @@ public void setObject(String object) { psModel.getObject().clear(); } psModel.getObject().setClearValue(object); + try { + getProtector().encrypt(psModel.getObject()); + } catch (EncryptionException e) { + throw new SystemException(e.getMessage(), e); // todo handle somewhat better + } } } - } } diff --git a/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/self/component/ChangePasswordPanel.java b/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/self/component/ChangePasswordPanel.java index 8e2083ee863..a127caed7b0 100644 --- a/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/self/component/ChangePasswordPanel.java +++ b/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/self/component/ChangePasswordPanel.java @@ -105,7 +105,6 @@ public boolean isVisible() { PasswordTextField oldPasswordField = new PasswordTextField(ID_OLD_PASSWORD_FIELD, new PropertyModel(model, MyPasswordsDto.F_OLD_PASSWORD)); oldPasswordField.setRequired(false); - oldPasswordField.setResetPassword(false); add(oldPasswordField); oldPasswordField.add(new VisibleEnableBehaviour() {