mirror of
https://github.com/AuthMe/AuthMeReloaded.git
synced 2024-10-31 07:39:42 +01:00
Merge branch '1347-change-password-api' of https://github.com/AuthMe/AuthMeReloaded
This commit is contained in:
commit
278146a206
@ -285,6 +285,16 @@ public class AuthMeApi {
|
||||
management.performUnregisterByAdmin(null, name, Bukkit.getPlayer(name));
|
||||
}
|
||||
|
||||
/**
|
||||
* Change a user's password
|
||||
*
|
||||
* @param name the user name
|
||||
* @param newPassword the new password
|
||||
*/
|
||||
public void changePassword(String name, String newPassword) {
|
||||
management.performPasswordChangeAsAdmin(null, name, newPassword);
|
||||
}
|
||||
|
||||
/**
|
||||
* Get all the registered names (lowercase)
|
||||
*
|
||||
|
@ -1,13 +1,7 @@
|
||||
package fr.xephi.authme.command.executable.authme;
|
||||
|
||||
import fr.xephi.authme.ConsoleLogger;
|
||||
import fr.xephi.authme.command.ExecutableCommand;
|
||||
import fr.xephi.authme.data.auth.PlayerCache;
|
||||
import fr.xephi.authme.datasource.DataSource;
|
||||
import fr.xephi.authme.message.MessageKey;
|
||||
import fr.xephi.authme.security.PasswordSecurity;
|
||||
import fr.xephi.authme.security.crypts.HashedPassword;
|
||||
import fr.xephi.authme.service.BukkitService;
|
||||
import fr.xephi.authme.process.Management;
|
||||
import fr.xephi.authme.service.CommonService;
|
||||
import fr.xephi.authme.service.ValidationService;
|
||||
import fr.xephi.authme.service.ValidationService.ValidationResult;
|
||||
@ -21,26 +15,17 @@ import java.util.List;
|
||||
*/
|
||||
public class ChangePasswordAdminCommand implements ExecutableCommand {
|
||||
|
||||
@Inject
|
||||
private PasswordSecurity passwordSecurity;
|
||||
|
||||
@Inject
|
||||
private PlayerCache playerCache;
|
||||
|
||||
@Inject
|
||||
private DataSource dataSource;
|
||||
|
||||
@Inject
|
||||
private BukkitService bukkitService;
|
||||
|
||||
@Inject
|
||||
private ValidationService validationService;
|
||||
|
||||
@Inject
|
||||
private CommonService commonService;
|
||||
|
||||
@Inject
|
||||
private Management management;
|
||||
|
||||
@Override
|
||||
public void executeCommand(final CommandSender sender, List<String> arguments) {
|
||||
public void executeCommand(CommandSender sender, List<String> arguments) {
|
||||
// Get the player and password
|
||||
final String playerName = arguments.get(0);
|
||||
final String playerPass = arguments.get(1);
|
||||
@ -49,36 +34,8 @@ public class ChangePasswordAdminCommand implements ExecutableCommand {
|
||||
ValidationResult validationResult = validationService.validatePassword(playerPass, playerName);
|
||||
if (validationResult.hasError()) {
|
||||
commonService.send(sender, validationResult.getMessageKey(), validationResult.getArgs());
|
||||
return;
|
||||
}
|
||||
|
||||
// Set the password
|
||||
bukkitService.runTaskOptionallyAsync(() -> changePassword(playerName.toLowerCase(), playerPass, sender));
|
||||
}
|
||||
|
||||
/**
|
||||
* Changes the password of the given player to the given password.
|
||||
*
|
||||
* @param nameLowercase the name of the player
|
||||
* @param password the password to set
|
||||
* @param sender the sender initiating the password change
|
||||
*/
|
||||
private void changePassword(String nameLowercase, String password, CommandSender sender) {
|
||||
if (!isNameRegistered(nameLowercase)) {
|
||||
commonService.send(sender, MessageKey.UNKNOWN_USER);
|
||||
return;
|
||||
}
|
||||
|
||||
HashedPassword hashedPassword = passwordSecurity.computeHash(password, nameLowercase);
|
||||
if (dataSource.updatePassword(nameLowercase, hashedPassword)) {
|
||||
commonService.send(sender, MessageKey.PASSWORD_CHANGED_SUCCESS);
|
||||
ConsoleLogger.info(sender.getName() + " changed password of " + nameLowercase);
|
||||
} else {
|
||||
commonService.send(sender, MessageKey.ERROR);
|
||||
management.performPasswordChangeAsAdmin(sender, playerName, playerPass);
|
||||
}
|
||||
}
|
||||
|
||||
private boolean isNameRegistered(String nameLowercase) {
|
||||
return playerCache.isAuthenticated(nameLowercase) || dataSource.isAuthAvailable(nameLowercase);
|
||||
}
|
||||
}
|
||||
|
@ -94,6 +94,10 @@ public class Management {
|
||||
runTask(() -> asyncChangePassword.changePassword(player, oldPassword, newPassword));
|
||||
}
|
||||
|
||||
public void performPasswordChangeAsAdmin(CommandSender sender, String playerName, String newPassword) {
|
||||
runTask(() -> asyncChangePassword.changePasswordAsAdmin(sender, playerName, newPassword));
|
||||
}
|
||||
|
||||
private void runTask(Runnable runnable) {
|
||||
bukkitService.runTaskOptionallyAsync(runnable);
|
||||
}
|
||||
|
@ -9,6 +9,7 @@ import fr.xephi.authme.process.AsynchronousProcess;
|
||||
import fr.xephi.authme.service.CommonService;
|
||||
import fr.xephi.authme.security.PasswordSecurity;
|
||||
import fr.xephi.authme.security.crypts.HashedPassword;
|
||||
import org.bukkit.command.CommandSender;
|
||||
import org.bukkit.entity.Player;
|
||||
|
||||
import javax.inject.Inject;
|
||||
@ -30,7 +31,13 @@ public class AsyncChangePassword implements AsynchronousProcess {
|
||||
AsyncChangePassword() {
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Change password for an online player
|
||||
*
|
||||
* @param player the player
|
||||
* @param oldPassword the old password used by the player
|
||||
* @param newPassword the new password chosen by the player
|
||||
*/
|
||||
public void changePassword(final Player player, String oldPassword, String newPassword) {
|
||||
final String name = player.getName().toLowerCase();
|
||||
PlayerAuth auth = playerCache.getAuth(name);
|
||||
@ -50,5 +57,38 @@ public class AsyncChangePassword implements AsynchronousProcess {
|
||||
commonService.send(player, MessageKey.WRONG_PASSWORD);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Change a user's password as an administrator, without asking for the previous one
|
||||
*
|
||||
* @param sender who is performing the operation, null if called by other plugins
|
||||
* @param playerName the player name
|
||||
* @param newPassword the new password chosen for the player
|
||||
*/
|
||||
public void changePasswordAsAdmin(CommandSender sender, final String playerName, String newPassword) {
|
||||
final String lowerCaseName = playerName.toLowerCase();
|
||||
if (!(playerCache.isAuthenticated(lowerCaseName) || dataSource.isAuthAvailable(lowerCaseName))) {
|
||||
if (sender == null) {
|
||||
ConsoleLogger.warning("Tried to change password for user " + lowerCaseName + " but it doesn't exist!");
|
||||
} else {
|
||||
commonService.send(sender, MessageKey.UNKNOWN_USER);
|
||||
}
|
||||
return;
|
||||
}
|
||||
|
||||
HashedPassword hashedPassword = passwordSecurity.computeHash(newPassword, lowerCaseName);
|
||||
if (dataSource.updatePassword(lowerCaseName, hashedPassword)) {
|
||||
if (sender != null) {
|
||||
commonService.send(sender, MessageKey.PASSWORD_CHANGED_SUCCESS);
|
||||
ConsoleLogger.info(sender.getName() + " changed password of " + lowerCaseName);
|
||||
} else {
|
||||
ConsoleLogger.info("Changed password of " + lowerCaseName);
|
||||
}
|
||||
} else {
|
||||
if (sender != null) {
|
||||
commonService.send(sender, MessageKey.ERROR);
|
||||
}
|
||||
ConsoleLogger.warning("An error occurred while changing password for user " + lowerCaseName + "!");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -280,6 +280,19 @@ public class AuthMeApiTest {
|
||||
verify(management).performUnregisterByAdmin(null, name, player);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void shouldChangePassword() {
|
||||
// given
|
||||
String name = "Bobby12";
|
||||
String password = "resetPw!";
|
||||
|
||||
// when
|
||||
api.changePassword(name, password);
|
||||
|
||||
// then
|
||||
verify(management).performPasswordChangeAsAdmin(null, name, password);
|
||||
}
|
||||
|
||||
private static Player mockPlayerWithName(String name) {
|
||||
Player player = mock(Player.class);
|
||||
given(player.getName()).willReturn(name);
|
||||
|
@ -1,18 +1,11 @@
|
||||
package fr.xephi.authme.command.executable.authme;
|
||||
|
||||
import fr.xephi.authme.TestHelper;
|
||||
import fr.xephi.authme.data.auth.PlayerAuth;
|
||||
import fr.xephi.authme.data.auth.PlayerCache;
|
||||
import fr.xephi.authme.datasource.DataSource;
|
||||
import fr.xephi.authme.message.MessageKey;
|
||||
import fr.xephi.authme.security.PasswordSecurity;
|
||||
import fr.xephi.authme.security.crypts.HashedPassword;
|
||||
import fr.xephi.authme.service.BukkitService;
|
||||
import fr.xephi.authme.process.Management;
|
||||
import fr.xephi.authme.service.CommonService;
|
||||
import fr.xephi.authme.service.ValidationService;
|
||||
import fr.xephi.authme.service.ValidationService.ValidationResult;
|
||||
import org.bukkit.command.CommandSender;
|
||||
import org.junit.BeforeClass;
|
||||
import org.junit.Test;
|
||||
import org.junit.runner.RunWith;
|
||||
import org.mockito.InjectMocks;
|
||||
@ -21,11 +14,8 @@ import org.mockito.junit.MockitoJUnitRunner;
|
||||
|
||||
import java.util.Arrays;
|
||||
|
||||
import static fr.xephi.authme.TestHelper.runOptionallyAsyncTask;
|
||||
import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.BDDMockito.given;
|
||||
import static org.mockito.Mockito.mock;
|
||||
import static org.mockito.Mockito.never;
|
||||
import static org.mockito.Mockito.verify;
|
||||
import static org.mockito.Mockito.verifyZeroInteractions;
|
||||
|
||||
@ -39,133 +29,45 @@ public class ChangePasswordAdminCommandTest {
|
||||
private ChangePasswordAdminCommand command;
|
||||
|
||||
@Mock
|
||||
private CommonService service;
|
||||
|
||||
@Mock
|
||||
private PasswordSecurity passwordSecurity;
|
||||
|
||||
@Mock
|
||||
private DataSource dataSource;
|
||||
|
||||
@Mock
|
||||
private PlayerCache playerCache;
|
||||
|
||||
@Mock
|
||||
private BukkitService bukkitService;
|
||||
private CommonService commonService;
|
||||
|
||||
@Mock
|
||||
private ValidationService validationService;
|
||||
|
||||
@BeforeClass
|
||||
public static void setUpLogger() {
|
||||
TestHelper.setupLogger();
|
||||
@Mock
|
||||
private Management management;
|
||||
|
||||
@Test
|
||||
public void shouldForwardRequestToManagement() {
|
||||
// given
|
||||
String name = "theUser";
|
||||
String pass = "newPassword";
|
||||
given(validationService.validatePassword(pass, name)).willReturn(new ValidationResult());
|
||||
CommandSender sender = mock(CommandSender.class);
|
||||
|
||||
// when
|
||||
command.executeCommand(sender, Arrays.asList(name, pass));
|
||||
|
||||
// then
|
||||
verify(validationService).validatePassword(pass, name);
|
||||
verify(management).performPasswordChangeAsAdmin(sender, name, pass);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void shouldRejectInvalidPassword() {
|
||||
public void shouldSendErrorToCommandSender() {
|
||||
// given
|
||||
String name = "theUser";
|
||||
String pass = "newPassword";
|
||||
given(validationService.validatePassword(pass, name)).willReturn(
|
||||
new ValidationResult(MessageKey.INVALID_PASSWORD_LENGTH, "7"));
|
||||
CommandSender sender = mock(CommandSender.class);
|
||||
given(validationService.validatePassword("Bobby", "bobby")).willReturn(
|
||||
new ValidationResult(MessageKey.PASSWORD_IS_USERNAME_ERROR));
|
||||
|
||||
// when
|
||||
command.executeCommand(sender, Arrays.asList("bobby", "Bobby"));
|
||||
command.executeCommand(sender, Arrays.asList(name, pass));
|
||||
|
||||
// then
|
||||
verify(validationService).validatePassword("Bobby", "bobby");
|
||||
verify(service).send(sender, MessageKey.PASSWORD_IS_USERNAME_ERROR, new String[0]);
|
||||
verifyZeroInteractions(dataSource);
|
||||
verify(validationService).validatePassword(pass, name);
|
||||
verify(commonService).send(sender, MessageKey.INVALID_PASSWORD_LENGTH, "7");
|
||||
verifyZeroInteractions(management);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void shouldRejectCommandForUnknownUser() {
|
||||
// given
|
||||
CommandSender sender = mock(CommandSender.class);
|
||||
String player = "player";
|
||||
String password = "password";
|
||||
given(playerCache.isAuthenticated(player)).willReturn(false);
|
||||
given(validationService.validatePassword(password, player)).willReturn(new ValidationResult());
|
||||
|
||||
// when
|
||||
command.executeCommand(sender, Arrays.asList(player, password));
|
||||
runOptionallyAsyncTask(bukkitService);
|
||||
|
||||
// then
|
||||
verify(service).send(sender, MessageKey.UNKNOWN_USER);
|
||||
verify(dataSource, never()).updatePassword(any(PlayerAuth.class));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void shouldUpdatePasswordOfLoggedInUser() {
|
||||
// given
|
||||
CommandSender sender = mock(CommandSender.class);
|
||||
String player = "my_user12";
|
||||
String password = "passPass";
|
||||
given(playerCache.isAuthenticated(player)).willReturn(true);
|
||||
|
||||
HashedPassword hashedPassword = mock(HashedPassword.class);
|
||||
given(passwordSecurity.computeHash(password, player)).willReturn(hashedPassword);
|
||||
given(dataSource.updatePassword(player, hashedPassword)).willReturn(true);
|
||||
given(validationService.validatePassword(password, player)).willReturn(new ValidationResult());
|
||||
|
||||
// when
|
||||
command.executeCommand(sender, Arrays.asList(player, password));
|
||||
runOptionallyAsyncTask(bukkitService);
|
||||
|
||||
// then
|
||||
verify(validationService).validatePassword(password, player);
|
||||
verify(service).send(sender, MessageKey.PASSWORD_CHANGED_SUCCESS);
|
||||
verify(passwordSecurity).computeHash(password, player);
|
||||
verify(dataSource).updatePassword(player, hashedPassword);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void shouldUpdatePasswordOfOfflineUser() {
|
||||
// given
|
||||
CommandSender sender = mock(CommandSender.class);
|
||||
String player = "my_user12";
|
||||
String password = "passPass";
|
||||
given(playerCache.isAuthenticated(player)).willReturn(false);
|
||||
given(dataSource.isAuthAvailable(player)).willReturn(true);
|
||||
given(validationService.validatePassword(password, player)).willReturn(new ValidationResult());
|
||||
|
||||
HashedPassword hashedPassword = mock(HashedPassword.class);
|
||||
given(passwordSecurity.computeHash(password, player)).willReturn(hashedPassword);
|
||||
given(dataSource.updatePassword(player, hashedPassword)).willReturn(true);
|
||||
|
||||
// when
|
||||
command.executeCommand(sender, Arrays.asList(player, password));
|
||||
runOptionallyAsyncTask(bukkitService);
|
||||
|
||||
// then
|
||||
verify(validationService).validatePassword(password, player);
|
||||
verify(service).send(sender, MessageKey.PASSWORD_CHANGED_SUCCESS);
|
||||
verify(passwordSecurity).computeHash(password, player);
|
||||
verify(dataSource).updatePassword(player, hashedPassword);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void shouldReportWhenSaveFailed() {
|
||||
// given
|
||||
CommandSender sender = mock(CommandSender.class);
|
||||
String player = "my_user12";
|
||||
String password = "passPass";
|
||||
given(playerCache.isAuthenticated(player)).willReturn(true);
|
||||
given(validationService.validatePassword(password, player)).willReturn(new ValidationResult());
|
||||
|
||||
HashedPassword hashedPassword = mock(HashedPassword.class);
|
||||
given(passwordSecurity.computeHash(password, player)).willReturn(hashedPassword);
|
||||
given(dataSource.updatePassword(player, hashedPassword)).willReturn(false);
|
||||
|
||||
// when
|
||||
command.executeCommand(sender, Arrays.asList(player, password));
|
||||
runOptionallyAsyncTask(bukkitService);
|
||||
|
||||
// then
|
||||
verify(validationService).validatePassword(password, player);
|
||||
verify(service).send(sender, MessageKey.ERROR);
|
||||
verify(passwordSecurity).computeHash(password, player);
|
||||
verify(dataSource).updatePassword(player, hashedPassword);
|
||||
}
|
||||
|
||||
}
|
||||
|
@ -0,0 +1,127 @@
|
||||
package fr.xephi.authme.process.changepassword;
|
||||
|
||||
import fr.xephi.authme.TestHelper;
|
||||
import fr.xephi.authme.data.auth.PlayerCache;
|
||||
import fr.xephi.authme.datasource.DataSource;
|
||||
import fr.xephi.authme.message.MessageKey;
|
||||
import fr.xephi.authme.security.PasswordSecurity;
|
||||
import fr.xephi.authme.security.crypts.HashedPassword;
|
||||
import fr.xephi.authme.service.CommonService;
|
||||
import org.bukkit.command.CommandSender;
|
||||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
import org.junit.runner.RunWith;
|
||||
import org.mockito.InjectMocks;
|
||||
import org.mockito.Mock;
|
||||
import org.mockito.junit.MockitoJUnitRunner;
|
||||
|
||||
import static org.mockito.BDDMockito.given;
|
||||
import static org.mockito.Mockito.mock;
|
||||
import static org.mockito.Mockito.only;
|
||||
import static org.mockito.Mockito.verify;
|
||||
|
||||
/**
|
||||
* Test for {@link AsyncChangePassword}.
|
||||
*/
|
||||
@RunWith(MockitoJUnitRunner.class)
|
||||
public class AsyncChangePasswordTest {
|
||||
|
||||
@InjectMocks
|
||||
private AsyncChangePassword asyncChangePassword;
|
||||
|
||||
@Mock
|
||||
private CommonService commonService;
|
||||
@Mock
|
||||
private DataSource dataSource;
|
||||
@Mock
|
||||
private PlayerCache playerCache;
|
||||
@Mock
|
||||
private PasswordSecurity passwordSecurity;
|
||||
|
||||
@Before
|
||||
public void setUpLogger() {
|
||||
TestHelper.setupLogger();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void shouldRejectCommandForUnknownUser() {
|
||||
// given
|
||||
CommandSender sender = mock(CommandSender.class);
|
||||
String player = "player";
|
||||
String password = "password";
|
||||
given(playerCache.isAuthenticated(player)).willReturn(false);
|
||||
given(dataSource.isAuthAvailable(player)).willReturn(false);
|
||||
|
||||
// when
|
||||
asyncChangePassword.changePasswordAsAdmin(sender, player, password);
|
||||
|
||||
// then
|
||||
verify(commonService).send(sender, MessageKey.UNKNOWN_USER);
|
||||
verify(dataSource, only()).isAuthAvailable(player);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void shouldUpdatePasswordOfLoggedInUser() {
|
||||
// given
|
||||
CommandSender sender = mock(CommandSender.class);
|
||||
String player = "my_user12";
|
||||
String password = "passPass";
|
||||
given(playerCache.isAuthenticated(player)).willReturn(true);
|
||||
|
||||
HashedPassword hashedPassword = mock(HashedPassword.class);
|
||||
given(passwordSecurity.computeHash(password, player)).willReturn(hashedPassword);
|
||||
given(dataSource.updatePassword(player, hashedPassword)).willReturn(true);
|
||||
|
||||
// when
|
||||
asyncChangePassword.changePasswordAsAdmin(sender, player, password);
|
||||
|
||||
// then
|
||||
verify(commonService).send(sender, MessageKey.PASSWORD_CHANGED_SUCCESS);
|
||||
verify(passwordSecurity).computeHash(password, player);
|
||||
verify(dataSource).updatePassword(player, hashedPassword);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void shouldUpdatePasswordOfOfflineUser() {
|
||||
// given
|
||||
CommandSender sender = mock(CommandSender.class);
|
||||
String player = "my_user12";
|
||||
String password = "passPass";
|
||||
given(playerCache.isAuthenticated(player)).willReturn(false);
|
||||
given(dataSource.isAuthAvailable(player)).willReturn(true);
|
||||
|
||||
HashedPassword hashedPassword = mock(HashedPassword.class);
|
||||
given(passwordSecurity.computeHash(password, player)).willReturn(hashedPassword);
|
||||
given(dataSource.updatePassword(player, hashedPassword)).willReturn(true);
|
||||
|
||||
// when
|
||||
asyncChangePassword.changePasswordAsAdmin(sender, player, password);
|
||||
|
||||
// then
|
||||
verify(commonService).send(sender, MessageKey.PASSWORD_CHANGED_SUCCESS);
|
||||
verify(passwordSecurity).computeHash(password, player);
|
||||
verify(dataSource).updatePassword(player, hashedPassword);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void shouldReportWhenSaveFailed() {
|
||||
// given
|
||||
CommandSender sender = mock(CommandSender.class);
|
||||
String player = "my_user12";
|
||||
String password = "passPass";
|
||||
given(playerCache.isAuthenticated(player)).willReturn(true);
|
||||
|
||||
HashedPassword hashedPassword = mock(HashedPassword.class);
|
||||
given(passwordSecurity.computeHash(password, player)).willReturn(hashedPassword);
|
||||
given(dataSource.updatePassword(player, hashedPassword)).willReturn(false);
|
||||
|
||||
// when
|
||||
asyncChangePassword.changePasswordAsAdmin(sender, player, password);
|
||||
|
||||
// then
|
||||
verify(commonService).send(sender, MessageKey.ERROR);
|
||||
verify(passwordSecurity).computeHash(password, player);
|
||||
verify(dataSource).updatePassword(player, hashedPassword);
|
||||
}
|
||||
|
||||
}
|
Loading…
Reference in New Issue
Block a user