OZG-3961 clarify username for secret

40611364 · OZGCloud · e6c1f0eb · 40611364 · 40611364 · 40611364
Commit 40611364 authored 1 year ago by OZGCloud
--- a/src/main/java/de/ozgcloud/operator/keycloak/user/KeycloakUserRemoteService.java
+++ b/src/main/java/de/ozgcloud/operator/keycloak/user/KeycloakUserRemoteService.java
@@ -58,6 +58,8 @@ class KeycloakUserRemoteService {
 	static final String SECRET_PASSWORD_FIELD = "password";
 	static final String SECRET_NAME_FIELD = "name";

+	private static final String USER_NAME_VALIDITY_REGEX = "[^a-zA-Z0-9]";
+
 	@Autowired
 	private Keycloak keycloak;
 	@Autowired
@@ -153,8 +155,10 @@ class KeycloakUserRemoteService {
 	}

 	private String generateRandomPasswordForKeycloak() {
+		log.log(Level.INFO, "Generate password...");
 		var upperCaseCharacter = RandomStringUtils.random(1).toUpperCase();
 		var randomString = RandomStringUtils.random(7);
+		log.log(Level.INFO, "Password generated: " + (upperCaseCharacter + randomString));
 		return upperCaseCharacter + randomString;
 	}

@@ -169,7 +173,11 @@ class KeycloakUserRemoteService {
 	}

 	private String buildCredentialSecretName(KeycloakUserSpecUser userSpec) {
-		return userSpec.getUsername().toLowerCase() + "-credentials";
+		return clarifyName(userSpec.getUsername().toLowerCase()) + "-credentials";
+	}
+
+	String clarifyName(String userName) {
+		return userName.replaceAll(USER_NAME_VALIDITY_REGEX, StringUtils.EMPTY);
 	}

 	private String getPasswordFromSecret(Resource<Secret> secret) {

--- a/src/main/java/de/ozgcloud/operator/keycloak/user/KubernetesRemoteService.java
+++ b/src/main/java/de/ozgcloud/operator/keycloak/user/KubernetesRemoteService.java
--- a/src/test/java/de/ozgcloud/operator/keycloak/user/KeycloakUserRemoteServiceTest.java
+++ b/src/test/java/de/ozgcloud/operator/keycloak/user/KeycloakUserRemoteServiceTest.java
@@ -40,6 +40,8 @@ import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.DisplayName;
 import org.junit.jupiter.api.Nested;
 import org.junit.jupiter.api.Test;
+import org.junit.jupiter.params.ParameterizedTest;
+import org.junit.jupiter.params.provider.ValueSource;
 import org.keycloak.admin.client.Keycloak;
 import org.keycloak.admin.client.resource.ClientsResource;
 import org.keycloak.admin.client.resource.RealmResource;
@@ -468,5 +470,25 @@ class KeycloakUserRemoteServiceTest {

 			verify(kubernetesRemoteService).getSecret(NAMESPACE, KeycloakUserSpecUserTestFactory.USERNAME + "-credentials");
 		}
+
+		@Test
+		void shouldClarifyUserName() {
+			userRemoteService.getUserSecret(OzgKeycloakUserSpecTestFactory.create(), NAMESPACE);
+
+			verify(userRemoteService).clarifyName(OzgKeycloakUserSpecTestFactory.KEYCLOAK_USER.getUsername().toLowerCase());
+		}
+	}
+
+	@DisplayName("Clarify name")
+	@Nested
+	class TestClarifyName {
+
+		@ValueSource(strings = { "_user_name_", ".user.name.", "-user-name-" })
+		@ParameterizedTest
+		void shouldReplaceForbiddenCharacter(String userName) {
+			var clarifiedName = userRemoteService.clarifyName(userName);
+
+			assertThat(clarifiedName).isEqualTo("username");
+		}
 	}
 }
\ No newline at end of file