From 40611364661e3a6ff1a837e77c69badc88441907 Mon Sep 17 00:00:00 2001
From: OZGCloud <ozgcloud@mgm-tp.com>
Date: Wed, 23 Aug 2023 08:18:42 +0200
Subject: [PATCH] OZG-3961 clarify username for secret

---
 .../user/KeycloakUserRemoteService.java       | 10 ++++++++-
 .../user/KubernetesRemoteService.java         |  2 +-
 .../user/KeycloakUserRemoteServiceTest.java   | 22 +++++++++++++++++++
 3 files changed, 32 insertions(+), 2 deletions(-)

diff --git a/src/main/java/de/ozgcloud/operator/keycloak/user/KeycloakUserRemoteService.java b/src/main/java/de/ozgcloud/operator/keycloak/user/KeycloakUserRemoteService.java
index 82eb005..a6c56c1 100644
--- a/src/main/java/de/ozgcloud/operator/keycloak/user/KeycloakUserRemoteService.java
+++ b/src/main/java/de/ozgcloud/operator/keycloak/user/KeycloakUserRemoteService.java
@@ -58,6 +58,8 @@ class KeycloakUserRemoteService {
 	static final String SECRET_PASSWORD_FIELD = "password";
 	static final String SECRET_NAME_FIELD = "name";
 
+	private static final String USER_NAME_VALIDITY_REGEX = "[^a-zA-Z0-9]";
+
 	@Autowired
 	private Keycloak keycloak;
 	@Autowired
@@ -153,8 +155,10 @@ class KeycloakUserRemoteService {
 	}
 
 	private String generateRandomPasswordForKeycloak() {
+		log.log(Level.INFO, "Generate password...");
 		var upperCaseCharacter = RandomStringUtils.random(1).toUpperCase();
 		var randomString = RandomStringUtils.random(7);
+		log.log(Level.INFO, "Password generated: " + (upperCaseCharacter + randomString));
 		return upperCaseCharacter + randomString;
 	}
 
@@ -169,7 +173,11 @@ class KeycloakUserRemoteService {
 	}
 
 	private String buildCredentialSecretName(KeycloakUserSpecUser userSpec) {
-		return userSpec.getUsername().toLowerCase() + "-credentials";
+		return clarifyName(userSpec.getUsername().toLowerCase()) + "-credentials";
+	}
+
+	String clarifyName(String userName) {
+		return userName.replaceAll(USER_NAME_VALIDITY_REGEX, StringUtils.EMPTY);
 	}
 
 	private String getPasswordFromSecret(Resource<Secret> secret) {
diff --git a/src/main/java/de/ozgcloud/operator/keycloak/user/KubernetesRemoteService.java b/src/main/java/de/ozgcloud/operator/keycloak/user/KubernetesRemoteService.java
index 16809d1..2515278 100644
--- a/src/main/java/de/ozgcloud/operator/keycloak/user/KubernetesRemoteService.java
+++ b/src/main/java/de/ozgcloud/operator/keycloak/user/KubernetesRemoteService.java
@@ -18,7 +18,7 @@ class KubernetesRemoteService {
 	private KubernetesClient kubernetesClient;
 
 	public Resource<Secret> getSecret(String namespace, String name) {
-		log.log(Level.INFO, "Get " + name + "secret from " + namespace + " namespace.");
+		log.log(Level.INFO, "Get " + name + " secret from " + namespace + " namespace.");
 		return kubernetesClient.secrets().inNamespace(namespace).withName(name);
 	}
 
diff --git a/src/test/java/de/ozgcloud/operator/keycloak/user/KeycloakUserRemoteServiceTest.java b/src/test/java/de/ozgcloud/operator/keycloak/user/KeycloakUserRemoteServiceTest.java
index c7979cd..12b7fce 100644
--- a/src/test/java/de/ozgcloud/operator/keycloak/user/KeycloakUserRemoteServiceTest.java
+++ b/src/test/java/de/ozgcloud/operator/keycloak/user/KeycloakUserRemoteServiceTest.java
@@ -40,6 +40,8 @@ import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.DisplayName;
 import org.junit.jupiter.api.Nested;
 import org.junit.jupiter.api.Test;
+import org.junit.jupiter.params.ParameterizedTest;
+import org.junit.jupiter.params.provider.ValueSource;
 import org.keycloak.admin.client.Keycloak;
 import org.keycloak.admin.client.resource.ClientsResource;
 import org.keycloak.admin.client.resource.RealmResource;
@@ -468,5 +470,25 @@ class KeycloakUserRemoteServiceTest {
 
 			verify(kubernetesRemoteService).getSecret(NAMESPACE, KeycloakUserSpecUserTestFactory.USERNAME + "-credentials");
 		}
+
+		@Test
+		void shouldClarifyUserName() {
+			userRemoteService.getUserSecret(OzgKeycloakUserSpecTestFactory.create(), NAMESPACE);
+
+			verify(userRemoteService).clarifyName(OzgKeycloakUserSpecTestFactory.KEYCLOAK_USER.getUsername().toLowerCase());
+		}
+	}
+
+	@DisplayName("Clarify name")
+	@Nested
+	class TestClarifyName {
+
+		@ValueSource(strings = { "_user_name_", ".user.name.", "-user-name-" })
+		@ParameterizedTest
+		void shouldReplaceForbiddenCharacter(String userName) {
+			var clarifiedName = userRemoteService.clarifyName(userName);
+
+			assertThat(clarifiedName).isEqualTo("username");
+		}
 	}
 }
\ No newline at end of file
-- 
GitLab