From 7f50ad064a68412ec67145f1b0866f136804761b Mon Sep 17 00:00:00 2001 From: Puja Sharma Date: Wed, 18 May 2022 23:08:13 +0530 Subject: [PATCH] feat(jans-config-api): removed encrypttion and decryption of user password --- .../plugin/mgt/rest/UserResource.java | 52 ++++--------------- 1 file changed, 10 insertions(+), 42 deletions(-) diff --git a/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/rest/UserResource.java b/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/rest/UserResource.java index ab3ea6d55e2..3d9fbc36552 100644 --- a/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/rest/UserResource.java +++ b/jans-config-api/plugins/user-mgt-plugin/src/main/java/io/jans/configapi/plugin/mgt/rest/UserResource.java @@ -17,7 +17,6 @@ import io.jans.configapi.util.ApiConstants; import io.jans.orm.model.PagedResult; import io.jans.util.StringHelper; -import io.jans.util.security.StringEncrypter.EncryptionException; import java.io.IOException; import java.lang.reflect.InvocationTargetException; @@ -66,7 +65,7 @@ public Response getUsers( @DefaultValue(ApiConstants.DEFAULT_LIST_START_INDEX) @QueryParam(value = ApiConstants.START_INDEX) int startIndex, @QueryParam(value = ApiConstants.SORT_BY) String sortBy, @QueryParam(value = ApiConstants.SORT_ORDER) String sortOrder) - throws EncryptionException, IllegalAccessException, InvocationTargetException { + throws IllegalAccessException, InvocationTargetException { if (logger.isDebugEnabled()) { logger.debug("User search param - limit:{}, pattern:{}, startIndex:{}, sortBy:{}, sortOrder:{}", escapeLog(limit), escapeLog(pattern), escapeLog(startIndex), escapeLog(sortBy), @@ -85,7 +84,7 @@ public Response getUsers( @ProtectedApi(scopes = { ApiAccessConstants.USER_READ_ACCESS }) @Path(ApiConstants.INUM_PATH) public Response getUserByInum(@PathParam(ApiConstants.INUM) @NotNull String inum) - throws EncryptionException, IllegalAccessException, InvocationTargetException { + throws IllegalAccessException, InvocationTargetException { if (logger.isDebugEnabled()) { logger.debug("User search by inum:{}", escapeLog(inum)); } @@ -95,22 +94,19 @@ public Response getUserByInum(@PathParam(ApiConstants.INUM) @NotNull String inum // excludedAttributes user = excludeUserAttributes(user); - - // decryptUserPassword - decryptUserPassword(user); logger.debug("user:{}", user); // get custom user CustomUser customUser = getCustomUser(user); logger.debug("customUser:{}", customUser); - return Response.ok(decryptUserPassword(customUser)).build(); + return Response.ok(customUser).build(); } @POST @ProtectedApi(scopes = { ApiAccessConstants.USER_WRITE_ACCESS }) public Response createUser(@Valid CustomUser customUser) - throws EncryptionException, NoSuchMethodException, IllegalAccessException, InvocationTargetException { + throws NoSuchMethodException, IllegalAccessException, InvocationTargetException { if (logger.isDebugEnabled()) { logger.debug("User details to be added - customUser:{}", escapeLog(customUser)); } @@ -122,7 +118,7 @@ public Response createUser(@Valid CustomUser customUser) // checking mandatory attributes checkMissingAttributes(user); - user = userSrv.addUser(encryptUserPassword(user), true); + user = userSrv.addUser(user, true); logger.debug("User created {}", user); // excludedAttributes @@ -138,7 +134,7 @@ public Response createUser(@Valid CustomUser customUser) @PUT @ProtectedApi(scopes = { ApiAccessConstants.USER_WRITE_ACCESS }) public Response updateUser(@Valid CustomUser customUser) - throws EncryptionException, NoSuchMethodException, IllegalAccessException, InvocationTargetException { + throws NoSuchMethodException, IllegalAccessException, InvocationTargetException { if (logger.isDebugEnabled()) { logger.debug("User details to be updated - customUser:{}", escapeLog(customUser)); } @@ -150,7 +146,7 @@ public Response updateUser(@Valid CustomUser customUser) // checking mandatory attributes checkMissingAttributes(user); - user = userSrv.updateUser(encryptUserPassword(user)); + user = userSrv.updateUser(user); logger.debug("Updated user:{}", user); // excludedAttributes @@ -167,7 +163,7 @@ public Response updateUser(@Valid CustomUser customUser) @ProtectedApi(scopes = { ApiAccessConstants.USER_WRITE_ACCESS }) @Path(ApiConstants.INUM_PATH) public Response patchUser(@PathParam(ApiConstants.INUM) @NotNull String inum, - @NotNull UserPatchRequest userPatchRequest) throws EncryptionException, IllegalAccessException, + @NotNull UserPatchRequest userPatchRequest) throws IllegalAccessException, InvocationTargetException, JsonPatchException, IOException { if (logger.isDebugEnabled()) { logger.debug("User:{} to be patched with :{} ", escapeLog(inum), escapeLog(userPatchRequest)); @@ -187,7 +183,7 @@ public Response patchUser(@PathParam(ApiConstants.INUM) @NotNull String inum, CustomUser customUser = getCustomUser(existingUser); logger.debug("patched customUser:{}", customUser); - return Response.ok(decryptUserPassword(customUser)).build(); + return Response.ok(customUser).build(); } @DELETE @@ -204,7 +200,7 @@ public Response deleteUser(@PathParam(ApiConstants.INUM) @NotNull String inum) { } private List doSearch(SearchRequest searchReq) - throws EncryptionException, IllegalAccessException, InvocationTargetException { + throws IllegalAccessException, InvocationTargetException { if (logger.isDebugEnabled()) { logger.debug("User search params - searchReq:{} ", escapeLog(searchReq)); } @@ -225,9 +221,6 @@ private List doSearch(SearchRequest searchReq) // excludedAttributes users = userSrv.excludeAttributes(users, searchReq.getExcludedAttributesStr()); - - // decryptUserPassword - getUsers(users); logger.debug("Users fetched - users:{}", users); // get customUser() @@ -250,31 +243,6 @@ private void checkMissingAttributes(User user) throwMissingAttributeError(missingAttributes); } - private List getUsers(List users) throws EncryptionException { - if (users != null && !users.isEmpty()) { - for (User user : users) { - if (StringHelper.isNotEmpty(user.getAttribute(USER_PWD))) { - decryptUserPassword(user); - } - } - } - return users; - } - - private User encryptUserPassword(User user) throws EncryptionException { - if (StringHelper.isNotEmpty(user.getAttribute(USER_PWD))) { - user.setAttribute(USER_PWD, encryptionService.encrypt(user.getAttribute(USER_PWD)), false); - } - return user; - } - - private User decryptUserPassword(User user) throws EncryptionException { - if (StringHelper.isNotEmpty(user.getAttribute(USER_PWD))) { - user.setAttribute(USER_PWD, encryptionService.decrypt(user.getAttribute(USER_PWD)), false); - } - return user; - } - private List getCustomUserList(List users) { List customUserList = new ArrayList<>(); if (users == null || users.isEmpty()) {