Skip to content

Commit

Permalink
Merge remote-tracking branch 'refs/remotes/origin/master'
Browse files Browse the repository at this point in the history
  • Loading branch information
@skublik
skublik committed May 19, 2023
2 parents 221f6ec + 526e7c3 commit aed7f0b
Show file tree
Hide file tree
Showing 8 changed files with 30 additions and 61 deletions.
13 changes: 4 additions & 9 deletions ...ui/src/main/java/com/evolveum/midpoint/gui/impl/page/login/PageAttributeVerification.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -123,18 +123,13 @@ private AttributeVerificationAuthenticationModuleType getModuleByIdentifier(Stri
return null;
}
UserType user = userModel.getObject();
if (user == null) {
getSession().error(getString("User not found"));
throw new RestartResponseException(PageError.class);
}
SecurityPolicyType securityPolicy = resolveSecurityPolicy(user.asPrismObject());
if (securityPolicy == null || securityPolicy.getAuthentication() == null) {
getSession().error(getString("Security policy not found"));
throw new RestartResponseException(PageError.class);
SecurityPolicyType securityPolicy = resolveUserSecurityPolicy(user);
if (securityPolicy.getAuthentication() == null || securityPolicy.getAuthentication().getModules() == null) {
return null;
}
return securityPolicy.getAuthentication().getModules().getAttributeVerification()
.stream()
.filter(m -> moduleIdentifier.equals(m.getIdentifier()) || moduleIdentifier.equals(m.getName()))
.filter(m -> moduleIdentifier.equals(m.getIdentifier()))
.findFirst()
.orElse(null);
}
Expand Down
15 changes: 15 additions & 0 deletions ...n-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/login/PageAuthenticationBase.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,8 @@
import com.evolveum.midpoint.model.api.authentication.GuiProfiledPrincipal;
import com.evolveum.midpoint.web.component.util.VisibleBehaviour;

import com.evolveum.midpoint.web.page.error.PageError;

import org.apache.wicket.RestartResponseException;
import org.apache.wicket.ajax.AjaxRequestTarget;
import org.apache.wicket.markup.html.WebMarkupContainer;
Expand Down Expand Up @@ -236,4 +238,17 @@ protected ObjectQuery createDynamicFormQuery() {
}

protected abstract DynamicFormPanel<UserType> getDynamicForm();

protected SecurityPolicyType resolveUserSecurityPolicy(UserType user) {
if (user == null) {
getSession().error(getString("User not found"));
throw new RestartResponseException(PageError.class);
}
SecurityPolicyType securityPolicy = resolveSecurityPolicy(user.asPrismObject());
if (securityPolicy == null) {
getSession().error(getString("Security policy not found"));
throw new RestartResponseException(PageError.class);
}
return securityPolicy;
}
}
14 changes: 5 additions & 9 deletions ...-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/login/PageFocusIdentification.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@
import com.evolveum.midpoint.gui.api.util.WebComponentUtil;
import com.evolveum.midpoint.prism.ItemDefinition;
import com.evolveum.midpoint.prism.query.ObjectQuery;
import com.evolveum.midpoint.schema.util.SecurityPolicyUtil;
import com.evolveum.midpoint.web.component.form.MidpointForm;
import com.evolveum.midpoint.web.component.prism.DynamicFormPanel;
import com.evolveum.midpoint.web.page.error.PageError;
Expand Down Expand Up @@ -117,18 +118,13 @@ private FocusIdentificationAuthenticationModuleType getModuleByIdentifier(String
return null;
}
UserType user = userModel.getObject();
if (user == null) {
getSession().error(getString("User not found"));
throw new RestartResponseException(PageError.class);
}
SecurityPolicyType securityPolicy = resolveSecurityPolicy(user.asPrismObject());
if (securityPolicy == null || securityPolicy.getAuthentication() == null) {
getSession().error(getString("Security policy not found"));
throw new RestartResponseException(PageError.class);
SecurityPolicyType securityPolicy = resolveUserSecurityPolicy(user);
if (securityPolicy.getAuthentication() == null || securityPolicy.getAuthentication().getModules() == null) {
return null;
}
return securityPolicy.getAuthentication().getModules().getFocusIdentification()
.stream()
.filter(m -> moduleIdentifier.equals(m.getIdentifier()) || moduleIdentifier.equals(m.getName()))
.filter(m -> moduleIdentifier.equals(m.getIdentifier()))
.findFirst()
.orElse(null);
}
Expand Down
2 changes: 1 addition & 1 deletion infra/schema/src/main/java/com/evolveum/midpoint/schema/util/SecurityPolicyUtil.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -106,7 +106,7 @@ public static AuthenticationsPolicyType createDefaultAuthenticationPolicy(
new AuthenticationsPolicyType()
.beginModules()
.beginLoginForm()
.name(DEFAULT_MODULE_IDENTIFIER)
.identifier(DEFAULT_MODULE_IDENTIFIER)
.<AuthenticationModulesType>end()
.<AuthenticationsPolicyType>end()
.sequence(createDefaultSequence());
Expand Down
6 changes: 1 addition & 5 deletions ...evolveum/midpoint/authentication/impl/factory/module/AbstractCredentialModuleFactory.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -103,7 +103,7 @@ protected AuthenticationProvider getProvider(
}

if (!usedPolicy.getClass().equals(supportedClass())) {
String moduleIdentifier = StringUtils.isNotEmpty(moduleType.getIdentifier()) ? moduleType.getIdentifier() : moduleType.getName();
String moduleIdentifier = moduleType.getIdentifier();
String message = "Module " + moduleIdentifier + "support only " + supportedClass() + " type of credential";
IllegalArgumentException e = new IllegalArgumentException(message);
LOGGER.error(message);
Expand All @@ -113,10 +113,6 @@ protected AuthenticationProvider getProvider(
return getObjectObjectPostProcessor().postProcess(createProvider(usedPolicy));
}

private String getCredentialAuthModuleIdentifier(AbstractCredentialAuthenticationModuleType module) {
return StringUtils.isNotEmpty(module.getIdentifier()) ? module.getIdentifier() : module.getName();
}

protected abstract ModuleAuthenticationImpl createEmptyModuleAuthentication(
AbstractAuthenticationModuleType moduleType, C configuration, AuthenticationSequenceModuleType sequenceModule);

Expand Down
2 changes: 1 addition & 1 deletion ...midpoint/authentication/impl/module/configuration/ModuleWebSecurityConfigurationImpl.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -98,7 +98,7 @@ protected static <T extends ModuleWebSecurityConfiguration> T build(T configurat
}

protected static String getAuthenticationModuleIdentifier(AbstractAuthenticationModuleType module) {
return StringUtils.isNotEmpty(module.getIdentifier()) ? module.getIdentifier() : module.getName();
return module.getIdentifier();
}


Expand Down
34 changes: 1 addition & 33 deletions ...n-impl/src/main/java/com/evolveum/midpoint/authentication/impl/util/AuthSequenceUtil.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -346,38 +346,6 @@ private static List<AuthModule> getSpecificModuleFilter(AuthModuleRegistryImpl a
return null;
}

/**
* starting from 4.7 identifier should be used instead of name
* leaving this method just to support old config working (until deprecated name attribute is removed at all)
* @param name
* @param authenticationModulesType
* @return
*/
private static AbstractAuthenticationModuleType getModuleByName(
String name, AuthenticationModulesType authenticationModulesType) {
PrismContainerValue<?> modulesContainerValue = authenticationModulesType.asPrismContainerValue();
List<AbstractAuthenticationModuleType> modules = new ArrayList<>();
modulesContainerValue.accept(v -> {
if (!(v instanceof PrismContainer)) {
return;
}

PrismContainer<?> c = (PrismContainer<?>) v;
if (!(AbstractAuthenticationModuleType.class.isAssignableFrom(Objects.requireNonNull(c.getCompileTimeClass())))) {
return;
}

c.getValues().forEach(x -> modules.add((AbstractAuthenticationModuleType) ((PrismContainerValue<?>) x).asContainerable()));
});

for (AbstractAuthenticationModuleType module : modules) {
if (module.getName() != null && module.getName().equals(name)) {
return module;
}
}
return null;
}

private static AbstractAuthenticationModuleType getModuleByIdentifier(String identifier, AuthenticationModulesType authenticationModulesType) {
PrismContainerValue<?> modulesContainerValue = authenticationModulesType.asPrismContainerValue();
List<AbstractAuthenticationModuleType> modules = new ArrayList<>();
Expand All @@ -395,7 +363,7 @@ private static AbstractAuthenticationModuleType getModuleByIdentifier(String ide
});

for (AbstractAuthenticationModuleType module : modules) {
String moduleIdentifier = StringUtils.isNotEmpty(module.getIdentifier()) ? module.getIdentifier() : module.getName();
String moduleIdentifier = module.getIdentifier();
if (moduleIdentifier != null && StringUtils.equals(moduleIdentifier, identifier)) {
return module;
}
Expand Down
5 changes: 2 additions & 3 deletions model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/security/SecurityHelper.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -348,9 +348,8 @@ private <AM extends AbstractAuthenticationModuleType> void mergeAuthenticationMo
listToProcess.forEach(itemToProcess -> {
boolean exist = false;
for (AM item : mergedList) {
String itemIdentifier = StringUtils.isNotEmpty(item.getIdentifier()) ? item.getIdentifier() : item.getName();
String itemToProcessIdentifier = StringUtils.isNotEmpty(itemToProcess.getIdentifier()) ?
itemToProcess.getIdentifier() : itemToProcess.getName();
String itemIdentifier = item.getIdentifier();
String itemToProcessIdentifier = itemToProcess.getIdentifier();
if (itemIdentifier != null && StringUtils.equals(itemIdentifier, itemToProcessIdentifier)) {
exist = true;
break;
Expand Down

0 comments on commit aed7f0b

Please sign in to comment.