add: password reset after certificate login
authorINOPIAE <m.maengel@inopiae.de>
Sun, 15 Sep 2019 09:40:01 +0000 (11:40 +0200)
committerINOPIAE <m.maengel@inopiae.de>
Mon, 30 Sep 2019 03:50:07 +0000 (05:50 +0200)
fixes issue #173

Change-Id: If92565d0747ea2b10fa64066ca8ce7be79e46f27

src/club/wpia/gigi/dbObjects/User.java
src/club/wpia/gigi/pages/account/ChangeForm.java
src/club/wpia/gigi/pages/account/ChangePasswordForm.templ
tests/club/wpia/gigi/pages/account/TestChangePassword.java

index e3beaf8..4612d03 100644 (file)
@@ -209,7 +209,7 @@ public class User extends CertificateOwner {
         setPassword(newPass);
     }
 
-    private void setPassword(String newPass) throws GigiApiException {
+    public void setPassword(String newPass) throws GigiApiException {
         Name[] names = getNames();
         TreeSet<String> nameParts = new TreeSet<>();
         for (int i = 0; i < names.length; i++) {
index de2a182..590597b 100644 (file)
@@ -11,20 +11,28 @@ import club.wpia.gigi.localisation.Language;
 import club.wpia.gigi.output.template.Form;
 import club.wpia.gigi.output.template.Template;
 import club.wpia.gigi.output.template.TranslateCommand;
+import club.wpia.gigi.pages.LoginPage;
+import club.wpia.gigi.util.AuthorizationContext;
 
 public class ChangeForm extends Form {
 
     private User target;
 
+    private AuthorizationContext c;
+
     public ChangeForm(HttpServletRequest hsr, User target) {
         super(hsr);
         this.target = target;
+        c = LoginPage.getAuthorizationContext(hsr);
     }
 
     private static final Template t = new Template(ChangePasswordPage.class.getResource("ChangePasswordForm.templ"));
 
     @Override
     public void outputContent(PrintWriter out, Language l, Map<String, Object> vars) {
+        if ( !c.isStronglyAuthenticated()) {
+            vars.put("currentLoginMethod", "pw");
+        }
         t.output(out, l, vars);
     }
 
@@ -34,14 +42,18 @@ public class ChangeForm extends Form {
         String p1 = req.getParameter("pword1");
         String p2 = req.getParameter("pword2");
         GigiApiException error = new GigiApiException();
-        if (oldpassword == null || p1 == null || p2 == null) {
+        if ((oldpassword == null && !c.isStronglyAuthenticated()) || p1 == null || p2 == null) {
             throw new GigiApiException("All fields are required.");
         }
         if ( !p1.equals(p2)) {
             throw new GigiApiException("New passwords do not match.");
         }
         try {
-            target.changePassword(oldpassword, p1);
+            if (c.isStronglyAuthenticated()) {
+                target.setPassword(p1);
+            } else {
+                target.changePassword(oldpassword, p1);
+            }
             target.writeUserLog(target, "User triggered password reset");
         } catch (GigiApiException e) {
             error.mergeInto(e);
index 4c350c5..8725dc3 100644 (file)
@@ -5,10 +5,12 @@
   </tr>
   </thead>
   <tbody>
+  <? if($currentLoginMethod){ ?>
   <tr>
     <td><?=_Old Password?>: </td>
     <td><input class="form-control" type="password" name="oldpassword" required></td>
   </tr>
+  <? } ?>
   <tr>
     <td><?=_New Password?><span class="formMandatory">*</span>: </td>
     <td><input class="form-control" type="password" name="pword1" required></td>
index e18ec02..73d23c5 100644 (file)
@@ -107,4 +107,19 @@ public class TestChangePassword extends ClientTest {
 
     }
 
+    @Test
+    public void testChangePasswordCertLogin() throws IOException, GigiApiException {
+        // no cert login
+        String np = URLEncoder.encode(TEST_PASSWORD + "v1", "UTF-8");
+        String error = executeBasicWebInteraction(cookie, path, "pword1=" + np + "&pword2=" + np);
+        assertNotNull(error);
+
+        // cert login
+        cookie = cookieWithCertificateLogin(u);
+        error = executeBasicWebInteraction(cookie, path, "pword1=" + np + "&pword2=" + np);
+        assertNull(error);
+
+        cookie = login(u.getEmail(), TEST_PASSWORD);
+        loginCertificate = null;
+    }
 }