repackaging

VAuthenticator · Oct 25, 2024 · 9dec67d · 9dec67d
1 parent a55b792
commit 9dec67d
Show file tree

Hide file tree

Showing 53 changed files with 306 additions and 252 deletions.
diff --git a/src/main/kotlin/com/vauthenticator/server/account/signup/SignUpEventConsumer.kt b/src/main/kotlin/com/vauthenticator/server/account/signup/SignUpEventConsumer.kt
@@ -3,8 +3,8 @@ package com.vauthenticator.server.account.signup
 import com.vauthenticator.server.events.EventConsumer
 import com.vauthenticator.server.events.SignUpEvent
 import com.vauthenticator.server.events.VAuthenticatorEvent
-import com.vauthenticator.server.password.Password
-import com.vauthenticator.server.password.PasswordHistoryRepository
+import com.vauthenticator.server.password.domain.Password
+import com.vauthenticator.server.password.domain.PasswordHistoryRepository
 import org.springframework.stereotype.Service
 
 @Service

diff --git a/src/main/kotlin/com/vauthenticator/server/account/signup/SignUpUse.kt b/src/main/kotlin/com/vauthenticator/server/account/signup/SignUpUse.kt
@@ -6,9 +6,9 @@ import com.vauthenticator.server.account.repository.AccountRepository
 import com.vauthenticator.server.events.SignUpEvent
 import com.vauthenticator.server.events.VAuthenticatorEventsDispatcher
 import com.vauthenticator.server.oauth2.clientapp.domain.ClientAppId
-import com.vauthenticator.server.password.Password
-import com.vauthenticator.server.password.PasswordPolicy
-import com.vauthenticator.server.password.VAuthenticatorPasswordEncoder
+import com.vauthenticator.server.password.domain.Password
+import com.vauthenticator.server.password.domain.PasswordPolicy
+import com.vauthenticator.server.password.domain.VAuthenticatorPasswordEncoder
 import com.vauthenticator.server.role.domain.Role
 import java.time.Instant
 

diff --git a/src/main/kotlin/com/vauthenticator/server/config/ChangePasswordConfig.kt b/src/main/kotlin/com/vauthenticator/server/config/ChangePasswordConfig.kt
@@ -2,9 +2,9 @@ package com.vauthenticator.server.config
 
 import com.vauthenticator.server.account.repository.AccountRepository
 import com.vauthenticator.server.events.VAuthenticatorEventsDispatcher
-import com.vauthenticator.server.password.PasswordPolicy
-import com.vauthenticator.server.password.VAuthenticatorPasswordEncoder
-import com.vauthenticator.server.password.changepassword.ChangePassword
+import com.vauthenticator.server.password.domain.PasswordPolicy
+import com.vauthenticator.server.password.domain.VAuthenticatorPasswordEncoder
+import com.vauthenticator.server.password.domain.changepassword.ChangePassword
 import org.springframework.context.annotation.Bean
 import org.springframework.context.annotation.Configuration
 

diff --git a/src/main/kotlin/com/vauthenticator/server/config/ClientApplicationConfig.kt b/src/main/kotlin/com/vauthenticator/server/config/ClientApplicationConfig.kt
@@ -9,7 +9,7 @@ import com.vauthenticator.server.oauth2.clientapp.adapter.dynamodb.DynamoDbClien
 import com.vauthenticator.server.oauth2.clientapp.domain.ClientApplicationRepository
 import com.vauthenticator.server.oauth2.clientapp.domain.ReadClientApplication
 import com.vauthenticator.server.oauth2.clientapp.domain.StoreClientApplication
-import com.vauthenticator.server.password.VAuthenticatorPasswordEncoder
+import com.vauthenticator.server.password.domain.VAuthenticatorPasswordEncoder
 import org.springframework.beans.factory.annotation.Value
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty
 import org.springframework.context.annotation.Bean

diff --git a/src/main/kotlin/com/vauthenticator/server/config/EventsConfig.kt b/src/main/kotlin/com/vauthenticator/server/config/EventsConfig.kt
@@ -4,8 +4,8 @@ import com.vauthenticator.server.account.emailverification.SendVerifyEMailChalle
 import com.vauthenticator.server.account.signup.SignUpEventConsumer
 import com.vauthenticator.server.account.welcome.SendWelcomeMailUponSignUpEventConsumer
 import com.vauthenticator.server.events.*
-import com.vauthenticator.server.password.changepassword.ChangePasswordEventConsumer
-import com.vauthenticator.server.password.resetpassword.ResetPasswordEventConsumer
+import com.vauthenticator.server.password.domain.changepassword.ChangePasswordEventConsumer
+import com.vauthenticator.server.password.domain.resetpassword.ResetPasswordEventConsumer
 import org.springframework.context.ApplicationEventPublisher
 import org.springframework.context.annotation.Bean
 import org.springframework.context.annotation.Configuration

diff --git a/src/main/kotlin/com/vauthenticator/server/config/PasswordGeneratorConfig.kt b/src/main/kotlin/com/vauthenticator/server/config/PasswordGeneratorConfig.kt
@@ -1,7 +1,7 @@
 package com.vauthenticator.server.config
 
-import com.vauthenticator.server.password.PasswordGenerator
-import com.vauthenticator.server.password.PasswordGeneratorCriteria
+import com.vauthenticator.server.password.domain.PasswordGenerator
+import com.vauthenticator.server.password.domain.PasswordGeneratorCriteria
 import org.springframework.boot.context.properties.EnableConfigurationProperties
 import org.springframework.context.annotation.Bean
 import org.springframework.context.annotation.Configuration

diff --git a/src/main/kotlin/com/vauthenticator/server/config/PasswordPolicyConfig.kt b/src/main/kotlin/com/vauthenticator/server/config/PasswordPolicyConfig.kt
@@ -1,7 +1,9 @@
 package com.vauthenticator.server.config
 
-import com.vauthenticator.server.password.*
+import com.vauthenticator.server.password.adapter.dynamodb.DynamoPasswordHistoryRepository
+import com.vauthenticator.server.password.domain.*
 import org.springframework.beans.factory.annotation.Value
+import org.springframework.boot.context.properties.ConfigurationProperties
 import org.springframework.boot.context.properties.EnableConfigurationProperties
 import org.springframework.context.annotation.Bean
 import org.springframework.context.annotation.Configuration
@@ -53,4 +55,12 @@ class PasswordPolicyConfig {
         dynamoPasswordHistoryTableName,
         dynamoDbClient
     )
-}
+}
+
+
+@ConfigurationProperties(prefix = "password.policy")
+data class PasswordPolicyConfigProp(
+    val minSize: Int,
+    val minSpecialSymbol: Int,
+    val enablePasswordReusePrevention: Boolean
+)
diff --git a/src/main/kotlin/com/vauthenticator/server/config/ResetPasswordConfig.kt b/src/main/kotlin/com/vauthenticator/server/config/ResetPasswordConfig.kt
@@ -11,10 +11,10 @@ import com.vauthenticator.server.communication.domain.EMailType
 import com.vauthenticator.server.communication.domain.SimpleEMailMessageFactory
 import com.vauthenticator.server.events.VAuthenticatorEventsDispatcher
 import com.vauthenticator.server.oauth2.clientapp.domain.ClientApplicationRepository
-import com.vauthenticator.server.password.PasswordPolicy
-import com.vauthenticator.server.password.VAuthenticatorPasswordEncoder
-import com.vauthenticator.server.password.resetpassword.ResetAccountPassword
-import com.vauthenticator.server.password.resetpassword.SendResetPasswordMailChallenge
+import com.vauthenticator.server.password.domain.PasswordPolicy
+import com.vauthenticator.server.password.domain.VAuthenticatorPasswordEncoder
+import com.vauthenticator.server.password.domain.resetpassword.ResetAccountPassword
+import com.vauthenticator.server.password.domain.resetpassword.SendResetPasswordMailChallenge
 import com.vauthenticator.server.ticket.domain.TicketCreator
 import com.vauthenticator.server.ticket.domain.TicketRepository
 import org.springframework.beans.factory.annotation.Value

diff --git a/src/main/kotlin/com/vauthenticator/server/config/SingUpConfig.kt b/src/main/kotlin/com/vauthenticator/server/config/SingUpConfig.kt
@@ -4,8 +4,8 @@ import com.vauthenticator.server.account.repository.AccountRepository
 import com.vauthenticator.server.account.signup.SignUpUse
 import com.vauthenticator.server.events.VAuthenticatorEventsDispatcher
 import com.vauthenticator.server.oauth2.clientapp.domain.ClientApplicationRepository
-import com.vauthenticator.server.password.PasswordPolicy
-import com.vauthenticator.server.password.VAuthenticatorPasswordEncoder
+import com.vauthenticator.server.password.domain.PasswordPolicy
+import com.vauthenticator.server.password.domain.VAuthenticatorPasswordEncoder
 import org.springframework.context.annotation.Bean
 import org.springframework.context.annotation.Configuration
 

diff --git a/src/main/kotlin/com/vauthenticator/server/config/WebSecurityConfig.kt b/src/main/kotlin/com/vauthenticator/server/config/WebSecurityConfig.kt
@@ -9,9 +9,9 @@ import com.vauthenticator.server.oauth2.clientapp.domain.ClientApplicationReposi
 import com.vauthenticator.server.oauth2.clientapp.domain.Scope
 import com.vauthenticator.server.oidc.logout.ClearSessionStateLogoutHandler
 import com.vauthenticator.server.oidc.sessionmanagement.SessionManagementFactory
-import com.vauthenticator.server.password.BcryptVAuthenticatorPasswordEncoder
-import com.vauthenticator.server.password.changepassword.CHANGE_PASSWORD_URL
-import com.vauthenticator.server.password.changepassword.ChangePasswordLoginWorkflowHandler
+import com.vauthenticator.server.password.adapter.spring.BcryptVAuthenticatorPasswordEncoder
+import com.vauthenticator.server.password.domain.changepassword.CHANGE_PASSWORD_URL
+import com.vauthenticator.server.password.domain.changepassword.ChangePasswordLoginWorkflowHandler
 import org.slf4j.Logger
 import org.slf4j.LoggerFactory
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty

diff --git a/src/main/kotlin/com/vauthenticator/server/events/Events.kt b/src/main/kotlin/com/vauthenticator/server/events/Events.kt
@@ -2,7 +2,7 @@ package com.vauthenticator.server.events
 
 import com.vauthenticator.server.account.Email
 import com.vauthenticator.server.oauth2.clientapp.domain.ClientAppId
-import com.vauthenticator.server.password.Password
+import com.vauthenticator.server.password.domain.Password
 import org.springframework.boot.context.properties.ConfigurationProperties
 import org.springframework.security.authentication.event.AbstractAuthenticationEvent
 import java.time.Instant
@@ -54,7 +54,8 @@ class SignUpEvent(
     userName: Email,
     clientAppId: ClientAppId,
     timeStamp: Instant,
-    password : Password) : VAuthenticatorEvent(userName, clientAppId, timeStamp, password) {
+    password : Password
+) : VAuthenticatorEvent(userName, clientAppId, timeStamp, password) {
     override fun equals(other: Any?): Boolean {
         if (this === other) return true
         if (javaClass != other?.javaClass) return false
@@ -70,7 +71,8 @@ class ChangePasswordEvent(
     userName: Email,
     clientAppId: ClientAppId,
     timeStamp: Instant,
-    password : Password) : VAuthenticatorEvent(userName, clientAppId, timeStamp, password) {
+    password : Password
+) : VAuthenticatorEvent(userName, clientAppId, timeStamp, password) {
     override fun equals(other: Any?): Boolean {
         if (this === other) return true
         if (javaClass != other?.javaClass) return false
@@ -86,7 +88,8 @@ class ResetPasswordEvent(
     userName: Email,
     clientAppId: ClientAppId,
     timeStamp: Instant,
-    password : Password) : VAuthenticatorEvent(userName, clientAppId, timeStamp, password) {
+    password : Password
+) : VAuthenticatorEvent(userName, clientAppId, timeStamp, password) {
     override fun equals(other: Any?): Boolean {
         if (this === other) return true
         if (javaClass != other?.javaClass) return false

diff --git a/...ain/kotlin/com/vauthenticator/server/oauth2/clientapp/domain/ClientApplicationUseCases.kt b/...ain/kotlin/com/vauthenticator/server/oauth2/clientapp/domain/ClientApplicationUseCases.kt
@@ -1,6 +1,6 @@
 package com.vauthenticator.server.oauth2.clientapp.domain
 
-import com.vauthenticator.server.password.VAuthenticatorPasswordEncoder
+import com.vauthenticator.server.password.domain.VAuthenticatorPasswordEncoder
 import java.util.*
 
 class StoreClientApplication(private val clientApplicationRepository: ClientApplicationRepository,

diff --git a/src/main/kotlin/com/vauthenticator/server/password/PasswordEncoder.kt b/src/main/kotlin/com/vauthenticator/server/password/PasswordEncoder.kt
diff --git a/...ver/password/PasswordHistoryRepository.kt → ...namodb/DynamoPasswordHistoryRepository.kt b/...ver/password/PasswordHistoryRepository.kt → ...namodb/DynamoPasswordHistoryRepository.kt
@@ -1,7 +1,9 @@
-package com.vauthenticator.server.password
+package com.vauthenticator.server.password.adapter.dynamodb
 
 import com.vauthenticator.server.extentions.asDynamoAttribute
 import com.vauthenticator.server.extentions.valueAsStringFor
+import com.vauthenticator.server.password.domain.Password
+import com.vauthenticator.server.password.domain.PasswordHistoryRepository
 import software.amazon.awssdk.services.dynamodb.DynamoDbClient
 import software.amazon.awssdk.services.dynamodb.model.AttributeValue
 import software.amazon.awssdk.services.dynamodb.model.DeleteItemRequest
@@ -11,13 +13,6 @@ import java.time.Clock
 import java.time.LocalDateTime
 import java.time.ZoneOffset
 
-interface PasswordHistoryRepository {
-
-    fun store(userName: String, password: Password)
-    fun load(userName: String): List<Password>
-
-}
-
 class DynamoPasswordHistoryRepository(
     private val historyEvaluationLimit: Int,
     private val maxHistoryAllowedSize: Int,
@@ -74,4 +69,4 @@ class DynamoPasswordHistoryRepository(
                 }
         }
     }
-}
+}
diff --git a/...ator/server/password/adapter/spring/Argon2PasswordEncoderVAuthenticatorPasswordEncoder.kt b/...ator/server/password/adapter/spring/Argon2PasswordEncoderVAuthenticatorPasswordEncoder.kt
@@ -0,0 +1,13 @@
+package com.vauthenticator.server.password.adapter.spring
+
+import com.vauthenticator.server.password.domain.VAuthenticatorPasswordEncoder
+import org.springframework.security.crypto.password.PasswordEncoder
+
+class Argon2PasswordEncoderVAuthenticatorPasswordEncoder(private val passwordEncoder: PasswordEncoder) :
+    VAuthenticatorPasswordEncoder {
+
+    override fun encode(password: String): String = passwordEncoder.encode(password)
+    override fun matches(password: String, encodedPassword: String): Boolean =
+        passwordEncoder.matches(password, encodedPassword)
+
+}
diff --git a/.../com/vauthenticator/server/password/adapter/spring/BcryptVAuthenticatorPasswordEncoder.kt b/.../com/vauthenticator/server/password/adapter/spring/BcryptVAuthenticatorPasswordEncoder.kt
@@ -0,0 +1,13 @@
+package com.vauthenticator.server.password.adapter.spring
+
+import com.vauthenticator.server.password.domain.VAuthenticatorPasswordEncoder
+import org.springframework.security.crypto.password.PasswordEncoder
+
+class BcryptVAuthenticatorPasswordEncoder(private val passwordEncoder: PasswordEncoder) :
+    VAuthenticatorPasswordEncoder {
+
+    override fun encode(password: String): String = passwordEncoder.encode(password)
+    override fun matches(password: String, encodedPassword: String): Boolean =
+        passwordEncoder.matches(password, encodedPassword)
+
+}
diff --git a/.../changepassword/ChangePasswordEndPoint.kt → ...er/password/api/ChangePasswordEndPoint.kt b/.../changepassword/ChangePasswordEndPoint.kt → ...er/password/api/ChangePasswordEndPoint.kt
@@ -1,7 +1,9 @@
-package com.vauthenticator.server.password.changepassword
+package com.vauthenticator.server.password.api
 
 import com.vauthenticator.server.account.AccountNotFoundException
-import com.vauthenticator.server.password.PasswordPolicyViolation
+import com.vauthenticator.server.password.domain.PasswordPolicyViolation
+import com.vauthenticator.server.password.domain.changepassword.ChangePassword
+import com.vauthenticator.server.password.domain.changepassword.ChangePasswordRequest
 import org.springframework.http.ResponseEntity
 import org.springframework.http.ResponseEntity.internalServerError
 import org.springframework.http.ResponseEntity.noContent

diff --git a/src/main/kotlin/com/vauthenticator/server/password/api/PasswordGeneratorEndPoint.kt b/src/main/kotlin/com/vauthenticator/server/password/api/PasswordGeneratorEndPoint.kt
@@ -0,0 +1,15 @@
+package com.vauthenticator.server.password.api
+
+import com.vauthenticator.server.password.domain.PasswordGenerator
+import org.springframework.http.ResponseEntity
+import org.springframework.web.bind.annotation.PostMapping
+import org.springframework.web.bind.annotation.RestController
+
+@RestController
+class PasswordGeneratorEndPoint(private val passwordGenerator: PasswordGenerator) {
+
+    @PostMapping("/api/password")
+    fun generate() = ResponseEntity.ok(GeneratedPasswordResponse(passwordGenerator.generate()))
+}
+
+data class GeneratedPasswordResponse(val pwd: String)
diff --git a/src/main/kotlin/com/vauthenticator/server/password/api/RestePasswordEndPoint.kt b/src/main/kotlin/com/vauthenticator/server/password/api/RestePasswordEndPoint.kt
@@ -0,0 +1,42 @@
+package com.vauthenticator.server.password.api
+
+import com.vauthenticator.server.oauth2.clientapp.domain.Scope
+import com.vauthenticator.server.oauth2.clientapp.domain.Scopes
+import com.vauthenticator.server.password.domain.resetpassword.ResetAccountPassword
+import com.vauthenticator.server.password.domain.resetpassword.SendResetPasswordMailChallenge
+import com.vauthenticator.server.role.domain.PermissionValidator
+import com.vauthenticator.server.ticket.domain.TicketId
+import jakarta.servlet.http.HttpSession
+import org.springframework.http.ResponseEntity
+import org.springframework.http.ResponseEntity.noContent
+import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken
+import org.springframework.web.bind.annotation.*
+
+@RestController
+@SessionAttributes("clientId")
+class ResetPasswordEndPoint(
+    private val permissionValidator: PermissionValidator,
+    private val sendResetPasswordMailChallenge: SendResetPasswordMailChallenge,
+    private val resetAccountPassword: ResetAccountPassword
+) {
+
+    @PutMapping("/api/reset-password-challenge")
+    fun sendVerifyMail(
+        @RequestBody request: Map<String, String>,
+        session: HttpSession,
+        principal: JwtAuthenticationToken?
+    ): ResponseEntity<Unit> {
+        permissionValidator.validate(principal, session, Scopes.from(Scope.RESET_PASSWORD))
+        sendResetPasswordMailChallenge.sendResetPasswordMailFor(request["email"]!!)
+        return noContent().build()
+    }
+
+    @PutMapping("/api/reset-password/{ticket}")
+    fun resetPassword(@PathVariable ticket: String, @RequestBody request: ResetPasswordRequest): ResponseEntity<Unit> {
+        resetAccountPassword.resetPasswordFromMailChallenge(TicketId(ticket), request)
+        return noContent().build()
+    }
+
+}
+
+data class ResetPasswordRequest(val newPassword: String)
diff --git a/...authenticator/server/password/Password.kt → ...icator/server/password/domain/Password.kt b/...authenticator/server/password/Password.kt → ...icator/server/password/domain/Password.kt
@@ -1,4 +1,4 @@
-package com.vauthenticator.server.password
+package com.vauthenticator.server.password.domain
 
 @JvmInline
 value class Password(val content: String)
diff --git a/src/main/kotlin/com/vauthenticator/server/password/domain/PasswordEncoder.kt b/src/main/kotlin/com/vauthenticator/server/password/domain/PasswordEncoder.kt
@@ -0,0 +1,8 @@
+package com.vauthenticator.server.password.domain
+
+interface VAuthenticatorPasswordEncoder {
+    fun encode(password: String): String
+
+    fun matches(password: String, encodedPassword: String): Boolean
+}
+
diff --git a/...ator/server/password/PasswordGenerator.kt → ...rver/password/domain/PasswordGenerator.kt b/...ator/server/password/PasswordGenerator.kt → ...rver/password/domain/PasswordGenerator.kt
@@ -1,9 +1,6 @@
-package com.vauthenticator.server.password
+package com.vauthenticator.server.password.domain
 
 import org.springframework.boot.context.properties.ConfigurationProperties
-import org.springframework.http.ResponseEntity
-import org.springframework.web.bind.annotation.PostMapping
-import org.springframework.web.bind.annotation.RestController
 import kotlin.random.Random
 
 @ConfigurationProperties(prefix = "password.generator-criteria")
@@ -53,14 +50,6 @@ class PasswordGenerator(private val passwordGeneratorCriteria: PasswordGenerator
     }
 }
 
-data class GeneratedPasswordResponse(val pwd: String)
-
-@RestController
-class PasswordGeneratorEndPoint(private val passwordGenerator: PasswordGenerator) {
-
-    @PostMapping("/api/password")
-    fun generate() = ResponseEntity.ok(GeneratedPasswordResponse(passwordGenerator.generate()))
-}
 
 val specialCharactersAlphabet = charArrayOf(
     '!',

diff --git a/src/main/kotlin/com/vauthenticator/server/password/domain/PasswordHistoryRepository.kt b/src/main/kotlin/com/vauthenticator/server/password/domain/PasswordHistoryRepository.kt
@@ -0,0 +1,9 @@
+package com.vauthenticator.server.password.domain
+
+interface PasswordHistoryRepository {
+
+    fun store(userName: String, password: Password)
+    fun load(userName: String): List<Password>
+
+}
+