From d70c30416674fd09b832b76742d6e3355f7613a6 Mon Sep 17 00:00:00 2001
From: OZGCloud <ozgcloud@mgm-tp.com>
Date: Thu, 4 Jan 2024 14:36:44 +0100
Subject: [PATCH] OZG-4453 set password as encoded data
---
.../keycloak/user/UserSecretBuilder.java | 10 ++++++--
.../keycloak/user/UserSecretBuilderTest.java | 24 +++++++++++++++----
2 files changed, 27 insertions(+), 7 deletions(-)
diff --git a/ozgcloud-keycloak-operator/src/main/java/de/ozgcloud/operator/keycloak/user/UserSecretBuilder.java b/ozgcloud-keycloak-operator/src/main/java/de/ozgcloud/operator/keycloak/user/UserSecretBuilder.java
index e72f995..070fdbf 100644
--- a/ozgcloud-keycloak-operator/src/main/java/de/ozgcloud/operator/keycloak/user/UserSecretBuilder.java
+++ b/ozgcloud-keycloak-operator/src/main/java/de/ozgcloud/operator/keycloak/user/UserSecretBuilder.java
@@ -1,5 +1,7 @@
package de.ozgcloud.operator.keycloak.user;
+import java.util.Base64;
+
import org.apache.commons.lang3.RandomStringUtils;
import org.springframework.stereotype.Component;
@@ -20,14 +22,18 @@ class UserSecretBuilder {
.withType(SECRET_TYPE)
.withMetadata(createMetaData(name, namespace))
.addToStringData(SECRET_NAME_FIELD, userSpec.getUsername())
- .addToStringData(SECRET_PASSWORD_FIELD, generatePassword())
+ .addToData(SECRET_PASSWORD_FIELD, generatePassword())
.build();
}
String generatePassword() {
var upperCaseCharacter = RandomStringUtils.randomAlphabetic(1).toUpperCase();
var randomString = RandomStringUtils.randomAlphanumeric(7);
- return upperCaseCharacter + randomString;
+ return encode(upperCaseCharacter + randomString);
+ }
+
+ String encode(String strValue) {
+ return new String(Base64.getEncoder().encode(strValue.getBytes()));
}
private ObjectMeta createMetaData(String name, String namespace) {
diff --git a/ozgcloud-keycloak-operator/src/test/java/de/ozgcloud/operator/keycloak/user/UserSecretBuilderTest.java b/ozgcloud-keycloak-operator/src/test/java/de/ozgcloud/operator/keycloak/user/UserSecretBuilderTest.java
index 7cfbbf8..0cc1d43 100644
--- a/ozgcloud-keycloak-operator/src/test/java/de/ozgcloud/operator/keycloak/user/UserSecretBuilderTest.java
+++ b/ozgcloud-keycloak-operator/src/test/java/de/ozgcloud/operator/keycloak/user/UserSecretBuilderTest.java
@@ -1,8 +1,11 @@
package de.ozgcloud.operator.keycloak.user;
import static org.assertj.core.api.Assertions.*;
+import static org.mockito.ArgumentMatchers.*;
import static org.mockito.Mockito.*;
+import java.util.Base64;
+
import org.apache.commons.lang3.StringUtils;
import org.junit.jupiter.api.DisplayName;
import org.junit.jupiter.api.Nested;
@@ -11,7 +14,7 @@ import org.mockito.Spy;
import de.ozgcloud.operator.keycloak.user.OzgCloudKeycloakUserSpec.KeycloakUserSpecUser;
-public class UserSecretBuilderTest {
+class UserSecretBuilderTest {
private final static String NAME = "dummyName";
private final static String NAMESPACE = "dummyNamespace";
@@ -52,7 +55,7 @@ public class UserSecretBuilderTest {
var secret = builder.build(NAME, userSpec, NAMESPACE);
- assertThat(secret.getStringData()).containsEntry(UserSecretBuilder.SECRET_PASSWORD_FIELD, SecretTestFactory.PASSWORD);
+ assertThat(secret.getData()).containsEntry(UserSecretBuilder.SECRET_PASSWORD_FIELD, SecretTestFactory.PASSWORD);
}
@DisplayName("metadata")
@@ -80,24 +83,35 @@ public class UserSecretBuilderTest {
@Test
void shouldHaveSize() {
- var password = builder.generatePassword();
+ var password = decode(builder.generatePassword());
assertThat(password).hasSize(8);
}
@Test
void shouldHaveUpperCaseLetterAtFirst() {
- var password = builder.generatePassword();
+ var password = decode(builder.generatePassword());
assertThat(StringUtils.substring(password, 0, 1)).isUpperCase();
}
@Test
void shouldContainsAlphanumericOnly() {
- var password = builder.generatePassword();
+ var password = decode(builder.generatePassword());
assertThat(password).isAlphanumeric();
}
+
+ @Test
+ void shouldEncode() {
+ builder.generatePassword();
+
+ verify(builder).encode(any());
+ }
+
+ private String decode(String strValue) {
+ return new String(Base64.getDecoder().decode(strValue.getBytes()));
+ }
}
}
}
--
GitLab