This is an automated email from the ASF dual-hosted git repository.
ilgrosso pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/syncope.git
The following commit(s) were added to refs/heads/master by this push:
new 41d5d55ed0 [SYNCOPE-1937] fixes password history length management
(#1256)
41d5d55ed0 is described below
commit 41d5d55ed01257990f15ee4747f435258aaacdd6
Author: Andrea Patricelli <[email protected]>
AuthorDate: Sat Dec 6 07:20:56 2025 +0100
[SYNCOPE-1937] fixes password history length management (#1256)
---
.../core/persistence/jpa/entity/user/JPAUser.java | 3 +-
.../core/persistence/jpa/inner/UserTest.java | 39 ++++++++++++++++++++++
.../persistence/neo4j/entity/user/Neo4jUser.java | 3 +-
.../core/persistence/neo4j/inner/UserTest.java | 39 ++++++++++++++++++++++
4 files changed, 80 insertions(+), 4 deletions(-)
diff --git
a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/user/JPAUser.java
b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/user/JPAUser.java
index 177cb1920f..d6cd8419b4 100644
---
a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/user/JPAUser.java
+++
b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/user/JPAUser.java
@@ -334,8 +334,7 @@ public class JPAUser
@Override
public void removeOldestEntriesFromPasswordHistory(final int n) {
List<String> ph = getPasswordHistory();
- ph.subList(n, ph.size());
- passwordHistory = POJOHelper.serialize(ph);
+ passwordHistory = POJOHelper.serialize(ph.subList(Math.min(n,
ph.size()), ph.size()));
}
@Override
diff --git
a/core/persistence-jpa/src/test/java/org/apache/syncope/core/persistence/jpa/inner/UserTest.java
b/core/persistence-jpa/src/test/java/org/apache/syncope/core/persistence/jpa/inner/UserTest.java
index 85e43d1382..ad8a4ea977 100644
---
a/core/persistence-jpa/src/test/java/org/apache/syncope/core/persistence/jpa/inner/UserTest.java
+++
b/core/persistence-jpa/src/test/java/org/apache/syncope/core/persistence/jpa/inner/UserTest.java
@@ -24,6 +24,7 @@ import static org.junit.jupiter.api.Assertions.assertNotNull;
import static org.junit.jupiter.api.Assertions.assertNull;
import static org.junit.jupiter.api.Assertions.assertThrows;
import static org.junit.jupiter.api.Assertions.assertTrue;
+import static org.junit.jupiter.api.Assertions.fail;
import java.time.OffsetDateTime;
import java.util.List;
@@ -253,4 +254,42 @@ public class UserTest extends AbstractTest {
assertTrue(encryptorManager.getInstance().
verify(securityAnswer, CipherAlgorithm.SSHA256,
actual.getSecurityAnswer()));
}
+
+ @Test
+ public void issueSYNCOPE1937() throws Exception {
+ User user = entityFactory.newEntity(User.class);
+ user.setUsername("username");
+ user.setRealm(realmDAO.getRoot());
+ user.setCreator("admin");
+ user.setCreationDate(OffsetDateTime.now());
+
+ user.setCipherAlgorithm(CipherAlgorithm.SHA1);
+ user.setPassword("password123");
+
+ user = userDAO.save(user);
+ assertNotNull(user);
+
+ assertEquals(0, user.getPasswordHistory().size());
+
+ // add some other password to history
+
user.addToPasswordHistory(encryptorManager.getInstance().encode("Password123!",
CipherAlgorithm.SHA1));
+
user.addToPasswordHistory(encryptorManager.getInstance().encode("Password124!",
CipherAlgorithm.SHA1));
+
user.addToPasswordHistory(encryptorManager.getInstance().encode("Password125!",
CipherAlgorithm.SHA1));
+
user.addToPasswordHistory(encryptorManager.getInstance().encode("Password126!",
CipherAlgorithm.SHA1));
+
user.addToPasswordHistory(encryptorManager.getInstance().encode("Password127!",
CipherAlgorithm.SHA1));
+
+ assertEquals(5, user.getPasswordHistory().size());
+
+ // keep only the last three passwords into history
+ user.removeOldestEntriesFromPasswordHistory(2);
+
+ assertEquals(3, user.getPasswordHistory().size());
+
+ // try with an exceeding number
+ try {
+
user.removeOldestEntriesFromPasswordHistory(user.getPasswordHistory().size() +
5);
+ } catch (Exception e) {
+ fail(e);
+ }
+ }
}
diff --git
a/core/persistence-neo4j/src/main/java/org/apache/syncope/core/persistence/neo4j/entity/user/Neo4jUser.java
b/core/persistence-neo4j/src/main/java/org/apache/syncope/core/persistence/neo4j/entity/user/Neo4jUser.java
index e12319ba37..3b8dc2536c 100644
---
a/core/persistence-neo4j/src/main/java/org/apache/syncope/core/persistence/neo4j/entity/user/Neo4jUser.java
+++
b/core/persistence-neo4j/src/main/java/org/apache/syncope/core/persistence/neo4j/entity/user/Neo4jUser.java
@@ -291,8 +291,7 @@ public class Neo4jUser
@Override
public void removeOldestEntriesFromPasswordHistory(final int n) {
List<String> ph = getPasswordHistory();
- ph.subList(n, ph.size());
- passwordHistory = POJOHelper.serialize(ph);
+ passwordHistory = POJOHelper.serialize(ph.subList(Math.min(n,
ph.size()), ph.size()));
}
@Override
diff --git
a/core/persistence-neo4j/src/test/java/org/apache/syncope/core/persistence/neo4j/inner/UserTest.java
b/core/persistence-neo4j/src/test/java/org/apache/syncope/core/persistence/neo4j/inner/UserTest.java
index caf605158a..af058ee7b2 100644
---
a/core/persistence-neo4j/src/test/java/org/apache/syncope/core/persistence/neo4j/inner/UserTest.java
+++
b/core/persistence-neo4j/src/test/java/org/apache/syncope/core/persistence/neo4j/inner/UserTest.java
@@ -24,6 +24,7 @@ import static org.junit.jupiter.api.Assertions.assertNotNull;
import static org.junit.jupiter.api.Assertions.assertNull;
import static org.junit.jupiter.api.Assertions.assertThrows;
import static org.junit.jupiter.api.Assertions.assertTrue;
+import static org.junit.jupiter.api.Assertions.fail;
import java.time.OffsetDateTime;
import java.util.List;
@@ -253,4 +254,42 @@ public class UserTest extends AbstractTest {
assertTrue(encryptorManager.getInstance().
verify(securityAnswer, CipherAlgorithm.SSHA256,
actual.getSecurityAnswer()));
}
+
+ @Test
+ public void issueSYNCOPE1937() throws Exception {
+ User user = entityFactory.newEntity(User.class);
+ user.setUsername("username");
+ user.setRealm(realmDAO.getRoot());
+ user.setCreator("admin");
+ user.setCreationDate(OffsetDateTime.now());
+
+ user.setCipherAlgorithm(CipherAlgorithm.SHA1);
+ user.setPassword("password123");
+
+ user = userDAO.save(user);
+ assertNotNull(user);
+
+ assertEquals(0, user.getPasswordHistory().size());
+
+ // add some other password to history
+
user.addToPasswordHistory(encryptorManager.getInstance().encode("Password123!",
CipherAlgorithm.SHA1));
+
user.addToPasswordHistory(encryptorManager.getInstance().encode("Password124!",
CipherAlgorithm.SHA1));
+
user.addToPasswordHistory(encryptorManager.getInstance().encode("Password125!",
CipherAlgorithm.SHA1));
+
user.addToPasswordHistory(encryptorManager.getInstance().encode("Password126!",
CipherAlgorithm.SHA1));
+
user.addToPasswordHistory(encryptorManager.getInstance().encode("Password127!",
CipherAlgorithm.SHA1));
+
+ assertEquals(5, user.getPasswordHistory().size());
+
+ // keep only the last three passwords into history
+ user.removeOldestEntriesFromPasswordHistory(2);
+
+ assertEquals(3, user.getPasswordHistory().size());
+
+ // try with an exceeding number
+ try {
+
user.removeOldestEntriesFromPasswordHistory(user.getPasswordHistory().size() +
5);
+ } catch (Exception e) {
+ fail(e);
+ }
+ }
}
