Skip to content

Commit

Permalink
feat(jans-config-api): removed encrypttion and decryption of user pas…
Browse files Browse the repository at this point in the history
…sword
  • Loading branch information
pujavs committed May 18, 2022
1 parent f27b30a commit 7f50ad0
Showing 1 changed file with 10 additions and 42 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,6 @@
import io.jans.configapi.util.ApiConstants;
import io.jans.orm.model.PagedResult;
import io.jans.util.StringHelper;
import io.jans.util.security.StringEncrypter.EncryptionException;

import java.io.IOException;
import java.lang.reflect.InvocationTargetException;
Expand Down Expand Up @@ -66,7 +65,7 @@ public Response getUsers(
@DefaultValue(ApiConstants.DEFAULT_LIST_START_INDEX) @QueryParam(value = ApiConstants.START_INDEX) int startIndex,
@QueryParam(value = ApiConstants.SORT_BY) String sortBy,
@QueryParam(value = ApiConstants.SORT_ORDER) String sortOrder)
throws EncryptionException, IllegalAccessException, InvocationTargetException {
throws IllegalAccessException, InvocationTargetException {
if (logger.isDebugEnabled()) {
logger.debug("User search param - limit:{}, pattern:{}, startIndex:{}, sortBy:{}, sortOrder:{}",
escapeLog(limit), escapeLog(pattern), escapeLog(startIndex), escapeLog(sortBy),
Expand All @@ -85,7 +84,7 @@ public Response getUsers(
@ProtectedApi(scopes = { ApiAccessConstants.USER_READ_ACCESS })
@Path(ApiConstants.INUM_PATH)
public Response getUserByInum(@PathParam(ApiConstants.INUM) @NotNull String inum)
throws EncryptionException, IllegalAccessException, InvocationTargetException {
throws IllegalAccessException, InvocationTargetException {
if (logger.isDebugEnabled()) {
logger.debug("User search by inum:{}", escapeLog(inum));
}
Expand All @@ -95,22 +94,19 @@ public Response getUserByInum(@PathParam(ApiConstants.INUM) @NotNull String inum

// excludedAttributes
user = excludeUserAttributes(user);

// decryptUserPassword
decryptUserPassword(user);
logger.debug("user:{}", user);

// get custom user
CustomUser customUser = getCustomUser(user);
logger.debug("customUser:{}", customUser);

return Response.ok(decryptUserPassword(customUser)).build();
return Response.ok(customUser).build();
}

@POST
@ProtectedApi(scopes = { ApiAccessConstants.USER_WRITE_ACCESS })
public Response createUser(@Valid CustomUser customUser)
throws EncryptionException, NoSuchMethodException, IllegalAccessException, InvocationTargetException {
throws NoSuchMethodException, IllegalAccessException, InvocationTargetException {
if (logger.isDebugEnabled()) {
logger.debug("User details to be added - customUser:{}", escapeLog(customUser));
}
Expand All @@ -122,7 +118,7 @@ public Response createUser(@Valid CustomUser customUser)
// checking mandatory attributes
checkMissingAttributes(user);

user = userSrv.addUser(encryptUserPassword(user), true);
user = userSrv.addUser(user, true);
logger.debug("User created {}", user);

// excludedAttributes
Expand All @@ -138,7 +134,7 @@ public Response createUser(@Valid CustomUser customUser)
@PUT
@ProtectedApi(scopes = { ApiAccessConstants.USER_WRITE_ACCESS })
public Response updateUser(@Valid CustomUser customUser)
throws EncryptionException, NoSuchMethodException, IllegalAccessException, InvocationTargetException {
throws NoSuchMethodException, IllegalAccessException, InvocationTargetException {
if (logger.isDebugEnabled()) {
logger.debug("User details to be updated - customUser:{}", escapeLog(customUser));
}
Expand All @@ -150,7 +146,7 @@ public Response updateUser(@Valid CustomUser customUser)
// checking mandatory attributes
checkMissingAttributes(user);

user = userSrv.updateUser(encryptUserPassword(user));
user = userSrv.updateUser(user);
logger.debug("Updated user:{}", user);

// excludedAttributes
Expand All @@ -167,7 +163,7 @@ public Response updateUser(@Valid CustomUser customUser)
@ProtectedApi(scopes = { ApiAccessConstants.USER_WRITE_ACCESS })
@Path(ApiConstants.INUM_PATH)
public Response patchUser(@PathParam(ApiConstants.INUM) @NotNull String inum,
@NotNull UserPatchRequest userPatchRequest) throws EncryptionException, IllegalAccessException,
@NotNull UserPatchRequest userPatchRequest) throws IllegalAccessException,
InvocationTargetException, JsonPatchException, IOException {
if (logger.isDebugEnabled()) {
logger.debug("User:{} to be patched with :{} ", escapeLog(inum), escapeLog(userPatchRequest));
Expand All @@ -187,7 +183,7 @@ public Response patchUser(@PathParam(ApiConstants.INUM) @NotNull String inum,
CustomUser customUser = getCustomUser(existingUser);
logger.debug("patched customUser:{}", customUser);

return Response.ok(decryptUserPassword(customUser)).build();
return Response.ok(customUser).build();
}

@DELETE
Expand All @@ -204,7 +200,7 @@ public Response deleteUser(@PathParam(ApiConstants.INUM) @NotNull String inum) {
}

private List<CustomUser> doSearch(SearchRequest searchReq)
throws EncryptionException, IllegalAccessException, InvocationTargetException {
throws IllegalAccessException, InvocationTargetException {
if (logger.isDebugEnabled()) {
logger.debug("User search params - searchReq:{} ", escapeLog(searchReq));
}
Expand All @@ -225,9 +221,6 @@ private List<CustomUser> doSearch(SearchRequest searchReq)

// excludedAttributes
users = userSrv.excludeAttributes(users, searchReq.getExcludedAttributesStr());

// decryptUserPassword
getUsers(users);
logger.debug("Users fetched - users:{}", users);

// get customUser()
Expand All @@ -250,31 +243,6 @@ private void checkMissingAttributes(User user)
throwMissingAttributeError(missingAttributes);
}

private List<User> getUsers(List<User> users) throws EncryptionException {
if (users != null && !users.isEmpty()) {
for (User user : users) {
if (StringHelper.isNotEmpty(user.getAttribute(USER_PWD))) {
decryptUserPassword(user);
}
}
}
return users;
}

private User encryptUserPassword(User user) throws EncryptionException {
if (StringHelper.isNotEmpty(user.getAttribute(USER_PWD))) {
user.setAttribute(USER_PWD, encryptionService.encrypt(user.getAttribute(USER_PWD)), false);
}
return user;
}

private User decryptUserPassword(User user) throws EncryptionException {
if (StringHelper.isNotEmpty(user.getAttribute(USER_PWD))) {
user.setAttribute(USER_PWD, encryptionService.decrypt(user.getAttribute(USER_PWD)), false);
}
return user;
}

private List<CustomUser> getCustomUserList(List<User> users) {
List<CustomUser> customUserList = new ArrayList<>();
if (users == null || users.isEmpty()) {
Expand Down

0 comments on commit 7f50ad0

Please sign in to comment.