Add new user credential endpoint

rest-api/resources/src/main/java/org/eclipse/kapua/app/api/resources/v1/resources/UserCredential.java

@@ -0,0 +1,51 @@
+/*******************************************************************************
+ * Copyright (c) 2023, 2022 Eurotech and/or its affiliates and others
+ *
+ * This program and the accompanying materials are made
+ * available under the terms of the Eclipse Public License 2.0
+ * which is available at https://www.eclipse.org/legal/epl-2.0/
+ *
+ * SPDX-License-Identifier: EPL-2.0
+ *
+ * Contributors:
+ *     Eurotech - initial API and implementation
+ *******************************************************************************/
+package org.eclipse.kapua.app.api.resources.v1.resources;
+
+import org.eclipse.kapua.KapuaException;
+import org.eclipse.kapua.app.api.core.model.ScopeId;
+import org.eclipse.kapua.locator.KapuaLocator;
+import org.eclipse.kapua.service.KapuaService;
+import org.eclipse.kapua.service.authentication.credential.Credential;
+import org.eclipse.kapua.service.authentication.user.PasswordChangeRequest;
+import org.eclipse.kapua.service.authentication.user.UserCredentialService;
+
+import javax.ws.rs.Consumes;
+import javax.ws.rs.POST;
+import javax.ws.rs.Path;
+import javax.ws.rs.PathParam;
+import javax.ws.rs.Produces;
+import javax.ws.rs.core.MediaType;
+
+@Path("{scopeId}/user/credentials")
+public class UserCredential {
+    private final KapuaLocator locator = KapuaLocator.getInstance();
+    private final UserCredentialService userCredentialService = locator.getService(UserCredentialService.class);
+
+
+    /**
+     * Change the user password
+     *
+     * @param scopeId               The {@link ScopeId} to use in the request.
+     * @param passwordChangeRequest The {@link PasswordChangeRequest} represents the changing
+     * @return The updated {@link Credential}
+     * @throws KapuaException Whenever something bad happens. See specific {@link KapuaService} exceptions.
+     */
+    @Path("/password")
+    @POST
+    @Produces({MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML})
+    @Consumes({MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML})
+    public Credential newPassword(@PathParam("scopeId") ScopeId scopeId, PasswordChangeRequest passwordChangeRequest) throws KapuaException {
+        return userCredentialService.changePasswordRequest(passwordChangeRequest);
+    }
+}

rest-api/web/src/main/java/org/eclipse/kapua/app/api/web/JaxbContextResolver.java

@@ -99,6 +99,8 @@
 import org.eclipse.kapua.service.authentication.credential.mfa.ScratchCodeXmlRegistry;
 import org.eclipse.kapua.service.authentication.token.AccessToken;
 import org.eclipse.kapua.service.authentication.token.LoginInfo;
+import org.eclipse.kapua.service.authentication.user.PasswordChangeRequest;
+import org.eclipse.kapua.service.authentication.user.UserCredentialXmlRegistry;
 import org.eclipse.kapua.service.authorization.access.AccessInfo;
 import org.eclipse.kapua.service.authorization.access.AccessInfoCreator;
 import org.eclipse.kapua.service.authorization.access.AccessInfoListResult;
@@ -681,6 +683,10 @@ public JaxbContextResolver() {
                     UserQuery.class,
                     UserXmlRegistry.class,
 
+                    // User Credentials
+                    PasswordChangeRequest.class,
+                    UserCredentialXmlRegistry.class,
+
                     // KapuaEvent
                     ServiceEvent.class,
                     EventStoreRecordCreator.class,

rest-api/web/src/main/resources/shiro.ini

@@ -118,3 +118,8 @@ kapuaAuthcAccessToken = org.eclipse.kapua.app.api.core.auth.KapuaTokenAuthentica
 /v1/*/users.json                = kapuaAuthcAccessToken
 /v1/*/users.xml                 = kapuaAuthcAccessToken
 /v1/*/users/**                  = kapuaAuthcAccessToken
+
+# User Credentials
+/v1/*/user/credentials.json     = kapuaAuthcAccessToken
+/v1/*/user/credentials.xml      = kapuaAuthcAccessToken
+/v1/*/user/credentials/**       = kapuaAuthcAccessToken

service/security/authentication/api/src/main/java/org/eclipse/kapua/service/authentication/user/PasswordChangeRequest.java

@@ -12,27 +12,27 @@
  *******************************************************************************/
 package org.eclipse.kapua.service.authentication.user;
 
-public class PasswordChangeRequest {
-    private String oldPassword;
-    private String newPassword;
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlElement;
+import javax.xml.bind.annotation.XmlRootElement;
+import javax.xml.bind.annotation.XmlType;
 
+@XmlRootElement
+@XmlAccessorType(XmlAccessType.PROPERTY)
+@XmlType(factoryClass = UserCredentialXmlRegistry.class, factoryMethod = "newPasswordChangeRequest")
+public interface PasswordChangeRequest {
+    @XmlElement(name = "oldPassword")
+    String getOldPassword();
 
-    public String getOldPassword() {
-        return oldPassword;
-    }
 
+    void setOldPassword(String oldPassword);
 
-    public void setOldPassword(String oldPassword) {
-        this.oldPassword = oldPassword;
-    }
 
+    @XmlElement(name = "newPassword")
+    String getNewPassword();
 
-    public String getNewPassword() {
-        return newPassword;
-    }
 
+    void setNewPassword(String newPassword);
 
-    public void setNewPassword(String newPassword) {
-        this.newPassword = newPassword;
-    }
 }

service/security/authentication/api/src/main/java/org/eclipse/kapua/service/authentication/user/UserCredentialFactory.java

@@ -0,0 +1,19 @@
+/*******************************************************************************
+ * Copyright (c) 2023, 2022 Eurotech and/or its affiliates and others
+ *
+ * This program and the accompanying materials are made
+ * available under the terms of the Eclipse Public License 2.0
+ * which is available at https://www.eclipse.org/legal/epl-2.0/
+ *
+ * SPDX-License-Identifier: EPL-2.0
+ *
+ * Contributors:
+ *     Eurotech - initial API and implementation
+ *******************************************************************************/
+package org.eclipse.kapua.service.authentication.user;
+
+import org.eclipse.kapua.model.KapuaObjectFactory;
+
+public interface UserCredentialFactory extends KapuaObjectFactory {
+    PasswordChangeRequest newPasswordChangeRequest();
+}

service/security/authentication/api/src/main/java/org/eclipse/kapua/service/authentication/user/UserCredentialXmlRegistry.java

@@ -0,0 +1,35 @@
+/*******************************************************************************
+ * Copyright (c) 2016, 2022 Eurotech and/or its affiliates and others
+ *
+ * This program and the accompanying materials are made
+ * available under the terms of the Eclipse Public License 2.0
+ * which is available at https://www.eclipse.org/legal/epl-2.0/
+ *
+ * SPDX-License-Identifier: EPL-2.0
+ *
+ * Contributors:
+ *     Eurotech - initial API and implementation
+ *******************************************************************************/
+package org.eclipse.kapua.service.authentication.user;
+
+import org.eclipse.kapua.locator.KapuaLocator;
+
+import javax.xml.bind.annotation.XmlRegistry;
+
+@XmlRegistry
+public class UserCredentialXmlRegistry {
+
+    private static final KapuaLocator LOCATOR = KapuaLocator.getInstance();
+    private static final UserCredentialFactory USER_CREDENTIAL_FACTORY = LOCATOR.getFactory(UserCredentialFactory.class);
+
+
+    /**
+     * Creates a new credential instance
+     *
+     * @return
+     */
+    public PasswordChangeRequest newPasswordChangeRequest() {
+        return USER_CREDENTIAL_FACTORY.newPasswordChangeRequest();
+    }
+
+}

service/security/shiro/src/main/java/org/eclipse/kapua/service/authentication/user/shiro/PasswordChangeRequestImpl.java

@@ -0,0 +1,44 @@
+/*******************************************************************************
+ * Copyright (c) 2023, 2022 Eurotech and/or its affiliates and others
+ *
+ * This program and the accompanying materials are made
+ * available under the terms of the Eclipse Public License 2.0
+ * which is available at https://www.eclipse.org/legal/epl-2.0/
+ *
+ * SPDX-License-Identifier: EPL-2.0
+ *
+ * Contributors:
+ *     Eurotech - initial API and implementation
+ *******************************************************************************/
+package org.eclipse.kapua.service.authentication.user.shiro;
+
+import org.eclipse.kapua.service.authentication.user.PasswordChangeRequest;
+
+public class PasswordChangeRequestImpl implements PasswordChangeRequest {
+    private String newPassword;
+    private String oldPassword;
+
+
+    @Override
+    public String getOldPassword() {
+        return oldPassword;
+    }
+
+
+    @Override
+    public void setOldPassword(String oldPassword) {
+        this.oldPassword = oldPassword;
+    }
+
+
+    @Override
+    public String getNewPassword() {
+        return newPassword;
+    }
+
+
+    @Override
+    public void setNewPassword(String newPassword) {
+        this.newPassword = newPassword;
+    }
+}

service/security/shiro/src/main/java/org/eclipse/kapua/service/authentication/user/shiro/UserCredentialFactoryImpl.java

@@ -0,0 +1,26 @@
+/*******************************************************************************
+ * Copyright (c) 2023, 2022 Eurotech and/or its affiliates and others
+ *
+ * This program and the accompanying materials are made
+ * available under the terms of the Eclipse Public License 2.0
+ * which is available at https://www.eclipse.org/legal/epl-2.0/
+ *
+ * SPDX-License-Identifier: EPL-2.0
+ *
+ * Contributors:
+ *     Eurotech - initial API and implementation
+ *******************************************************************************/
+package org.eclipse.kapua.service.authentication.user.shiro;
+
+import org.eclipse.kapua.service.authentication.user.PasswordChangeRequest;
+import org.eclipse.kapua.service.authentication.user.UserCredentialFactory;
+
+import javax.inject.Singleton;
+
+@Singleton
+public class UserCredentialFactoryImpl implements UserCredentialFactory {
+    @Override
+    public PasswordChangeRequest newPasswordChangeRequest() {
+        return new PasswordChangeRequestImpl();
+    }
+}

service/security/shiro/src/main/java/org/eclipse/kapua/service/authentication/user/shiro/UserCredentialModule.java

@@ -14,6 +14,7 @@
 
 import com.google.inject.Module;
 import org.eclipse.kapua.commons.core.AbstractKapuaModule;
+import org.eclipse.kapua.service.authentication.user.UserCredentialFactory;
 import org.eclipse.kapua.service.authentication.user.UserCredentialService;
 
 /**
@@ -25,5 +26,6 @@ public class UserCredentialModule extends AbstractKapuaModule implements Module
     @Override
     protected void configureModule() {
         bind(UserCredentialService.class).to(UserCredentialServiceImpl.class);
+        bind(UserCredentialFactory.class).to(UserCredentialFactoryImpl.class);
     }
 }

service/security/shiro/src/main/java/org/eclipse/kapua/service/authentication/user/shiro/UserCredentialServiceImpl.java

@@ -70,7 +70,7 @@ public Credential changePasswordRequest(PasswordChangeRequest passwordChangeRequ
                                                        .findAny()
                                                        .orElseThrow(() -> new IllegalStateException("User does not have any credential of type password"));
 
-            String encryptedPass = AuthenticationUtils.cryptCredential(CryptAlgorithm.BCRYPT, passwordCredential.getCredentialKey());
+            String encryptedPass = AuthenticationUtils.cryptCredential(CryptAlgorithm.BCRYPT, passwordChangeRequest.getNewPassword());
             passwordCredential.setCredentialKey(encryptedPass);
 
             return credentialService.update(passwordCredential);