Skip to content

Commit

Permalink
feat: 🎸 Remove password from our API (#923)
Browse files Browse the repository at this point in the history 
* feat: 🎸 Remove password from our API

We only rely on keycloak for password so we don't need it locally anymor

* refactor(tenant): 💡 Remove unused imports
  • Loading branch information
@mattboll
mattboll authored Dec 3, 2024
1 parent 3f4b35e commit e4116d8
Show file tree
Hide file tree
Showing 13 changed files with 15 additions and 161 deletions.
3 changes: 0 additions & 3 deletions ...rc/main/java/fr/dossierfacile/api/dossierfacileapiowner/register/RegisterServiceImpl.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -67,8 +67,6 @@ public OwnerModel register(AccountForm accountForm) {
String email = accountForm.getEmail();
Owner owner = ownerRepository.findByEmailAndEnabledFalse(email)
.orElse(Owner.builder().email(email).build());
// TODO : useless ?
owner.setPassword(bCryptPasswordEncoder.encode(accountForm.getPassword()));
owner.setKeycloakId(keycloakService.createKeycloakUserAccountCreation(accountForm, owner));
owner.setFranceConnect(false);
ownerRepository.save(owner);
Expand Down Expand Up @@ -99,7 +97,6 @@ public OwnerModel createPassword(String token, String password) {
.orElseThrow(() -> new PasswordRecoveryTokenNotFoundException(token));
User user = passwordRecoveryToken.getUser();
user.setEnabled(true);
user.setPassword(bCryptPasswordEncoder.encode(password));
if (user.getKeycloakId() == null || user.getKeycloakId().isBlank()) {
var keycloakId = keycloakService.getKeycloakId(user.getEmail());
if (keycloakId == null) {
Expand Down
7 changes: 0 additions & 7 deletions ...le-api-tenant/src/main/java/fr/dossierfacile/api/front/controller/RegisterController.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,13 +32,6 @@ public class RegisterController {
private final AuthenticationFacade authenticationFacade;
private final LogService logService;

@PostMapping(value = "/account", consumes = MediaType.APPLICATION_JSON_VALUE, produces = MediaType.APPLICATION_JSON_VALUE)
public ResponseEntity<TenantModel> account(@Validated(Dossier.class) @RequestBody AccountForm accountForm) {
TenantModel tenantModel = tenantService.saveStepRegister(null, accountForm, StepRegister.ACCOUNT);
logService.saveLog(LogType.ACCOUNT_CREATED, tenantModel.getId());
return ok(tenantModel);
}

@PreAuthorize("hasPermissionOnTenant(#namesForm.tenantId)")
@PostMapping(value = "/names", consumes = MediaType.APPLICATION_JSON_VALUE, produces = MediaType.APPLICATION_JSON_VALUE)
public ResponseEntity<TenantModel> names(@Validated(Dossier.class) @RequestBody NamesForm namesForm) {
Expand Down
1 change: 0 additions & 1 deletion dossierfacile-api-tenant/src/main/java/fr/dossierfacile/api/front/mapper/TenantMapper.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,6 @@ public void setCategoriesMapper(CategoriesMapper categoriesMapper) {
this.categoriesMapper = categoriesMapper;
}

@Mapping(target = "passwordEnabled", expression = "java(tenant.getPassword() != null)")
public abstract TenantModel toTenantModel(Tenant tenant, @Context UserApi userApi);

@Mapping(target = "name", expression = "java((document.getWatermarkFile() != null )? applicationBaseUrl + \"/" + PATH + "/\" + document.getName() : null)")
Expand Down
1 change: 0 additions & 1 deletion ...rfacile-api-tenant/src/main/java/fr/dossierfacile/api/front/model/tenant/TenantModel.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,5 @@ public class TenantModel {
private List<DocumentModel> documents;
private List<GuarantorModel> guarantors;
private boolean franceConnect;
private boolean passwordEnabled;
private String warningMessage;
}
2 changes: 0 additions & 2 deletions ...cile-api-tenant/src/main/java/fr/dossierfacile/api/front/register/enums/StepRegister.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,6 @@
import fr.dossierfacile.api.front.register.guarantor.natural_person.NameGuarantorNaturalPerson;
import fr.dossierfacile.api.front.register.guarantor.organism.DocumentGuaranteeProviderCertificate;
import fr.dossierfacile.api.front.register.guarantor.organism.DocumentIdentificationGuarantorOrganism;
import fr.dossierfacile.api.front.register.tenant.Account;
import fr.dossierfacile.api.front.register.tenant.AccountApiPartner;
import fr.dossierfacile.api.front.register.tenant.Application;
import fr.dossierfacile.api.front.register.tenant.DocumentFinancial;
Expand All @@ -29,7 +28,6 @@
@Getter
public enum StepRegister {
ACCOUNT_PARTNER_API(AccountApiPartner.class),
ACCOUNT(Account.class),
NAMES(Names.class),
APPLICATION(Application.class),
HONOR_DECLARATION(HonorDeclaration.class),
Expand Down
4 changes: 0 additions & 4 deletions ...api-tenant/src/main/java/fr/dossierfacile/api/front/register/form/tenant/AccountForm.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,6 @@
import fr.dossierfacile.api.front.validator.annotation.tenant.account.UniqueEmailActiveAccount;
import fr.dossierfacile.common.deserializer.EmailDeserializer;
import jakarta.validation.constraints.Email;
import jakarta.validation.constraints.NotBlank;
import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.NoArgsConstructor;
Expand All @@ -19,9 +18,6 @@ public class AccountForm {
@UniqueEmailActiveAccount
private String email;

@NotBlank
private String password;

private String source;

private String firstName;
Expand Down
90 changes: 0 additions & 90 deletions ...erfacile-api-tenant/src/main/java/fr/dossierfacile/api/front/register/tenant/Account.java
View file

This file was deleted.

33 changes: 0 additions & 33 deletions ...cile-api-tenant/src/main/java/fr/dossierfacile/api/front/service/KeycloakServiceImpl.java
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,7 @@
package fr.dossierfacile.api.front.service;

import fr.dossierfacile.api.front.register.form.tenant.AccountForm;
import fr.dossierfacile.api.front.service.interfaces.KeycloakService;
import fr.dossierfacile.common.entity.Tenant;
import fr.dossierfacile.common.entity.User;
import fr.dossierfacile.common.entity.UserApi;
import fr.dossierfacile.common.service.interfaces.KeycloakCommonService;
import jakarta.ws.rs.NotFoundException;
Expand All @@ -17,7 +15,6 @@
import org.springframework.stereotype.Service;

import java.util.Collections;
import java.util.List;
import java.util.Optional;

@Service
Expand All @@ -39,37 +36,12 @@ public UserRepresentation getKeyCloakUser(String keycloakId) {
}
}

@Override
public String createKeycloakUserAccountCreation(AccountForm accountForm, Tenant tenant) {
if (tenant.getKeycloakId() != null) {
realmResource.users().delete(tenant.getKeycloakId());
}
var email = accountForm.getEmail().toLowerCase();
var userRepresentation = createUser(email);
createCredential(userRepresentation, accountForm.getPassword());
return createUserAndReturnId(userRepresentation);
}

@Override
public String createKeycloakUser(String email) {
var userRepresentation = createUser(email);
return createUserAndReturnId(userRepresentation);
}

@Override
public void deleteKeycloakUsers(List<User> users) {
keycloakCommonService.deleteKeycloakUsers(users);
}

@Override
public void confirmKeycloakUser(String keycloakId) {
UserResource userResource = realmResource.users().get(keycloakId);
var userRepresentation = userResource.toRepresentation();
userRepresentation.setEmailVerified(true);
userRepresentation.setEnabled(true);
userResource.update(userRepresentation);
}

@Override
public void createKeyCloakPassword(String keycloakId, String password) {
var userRepresentation = realmResource.users().get(keycloakId).toRepresentation();
Expand All @@ -79,11 +51,6 @@ public void createKeyCloakPassword(String keycloakId, String password) {
realmResource.users().get(keycloakId).update(userRepresentation);
}

@Override
public void deleteKeycloakUser(Tenant tenant) {
keycloakCommonService.deleteKeycloakUser(tenant);
}

@Override
public void deleteKeycloakUserById(String keycloakId) {
keycloakCommonService.deleteKeycloakUserById(keycloakId);
Expand Down
12 changes: 0 additions & 12 deletions ...i-tenant/src/main/java/fr/dossierfacile/api/front/service/interfaces/KeycloakService.java
View file
Original file line number Diff line number Diff line change
@@ -1,32 +1,20 @@
package fr.dossierfacile.api.front.service.interfaces;

import fr.dossierfacile.api.front.register.form.tenant.AccountForm;
import fr.dossierfacile.common.entity.Tenant;
import fr.dossierfacile.common.entity.User;
import fr.dossierfacile.common.entity.UserApi;
import org.keycloak.representations.idm.UserRepresentation;

import java.util.List;

public interface KeycloakService {

UserRepresentation getKeyCloakUser(String keycloakId);

String createKeycloakUserAccountCreation(AccountForm accountForm, Tenant tenant);

/**
* @return created user's keycloakId
*/
String createKeycloakUser(String email);

void deleteKeycloakUsers(List<User> users);

void confirmKeycloakUser(String keycloakId);

void createKeyCloakPassword(String keycloakId, String password);

void deleteKeycloakUser(Tenant tenant);

void deleteKeycloakUserById(String keycloakId);

String getKeycloakId(String email);
Expand Down
7 changes: 2 additions & 5 deletions dossierfacile-bo/src/main/java/fr/gouv/bo/security/UserPrincipal.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,14 +12,12 @@
public class UserPrincipal implements OAuth2User, UserDetails {
private final Long id;
private final String email;
private final String password;
private final Collection<? extends GrantedAuthority> authorities;
private transient Map<String, Object> attributes;

public UserPrincipal(Long id, String email, String password, Collection<? extends GrantedAuthority> authorities) {
public UserPrincipal(Long id, String email, Collection<? extends GrantedAuthority> authorities) {
this.id = id;
this.email = email;
this.password = password;
this.authorities = authorities;
}

Expand All @@ -28,7 +26,6 @@ public static UserPrincipal create(User user, Set<GrantedAuthority> authorities)
return new UserPrincipal(
user.getId(),
user.getEmail(),
user.getPassword(),
authorities
);
}
Expand All @@ -49,7 +46,7 @@ public String getEmail() {

@Override
public String getPassword() {
return password;
return "";
}

@Override
Expand Down
3 changes: 0 additions & 3 deletions dossierfacile-common-library/src/main/java/fr/dossierfacile/common/entity/User.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -62,9 +62,6 @@ public abstract class User implements Serializable {
@Column
private String email;

@Column
private String password;

@Builder.Default
@OneToMany(mappedBy = "user", fetch = FetchType.LAZY, cascade = CascadeType.REMOVE)
private Set<UserRole> userRoles = new HashSet<>();
Expand Down
1 change: 1 addition & 0 deletions dossierfacile-common-library/src/main/resources/db/changelog/databaseChangeLog.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -159,5 +159,6 @@
<include file="db/migration/202410181600-add-column-dpe-not-required.xml"/>
<include file="db/migration/202411190000-add-column-abroad-residency.xml"/>
<include file="db/migration/202411290000-drop-column-prevalidation-activated-tenant.xml"/>
<include file="db/migration/202412030000-drop-column-password.xml"/>

</databaseChangeLog>
12 changes: 12 additions & 0 deletions ...cile-common-library/src/main/resources/db/migration/202412030000-drop-column-password.xml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
<?xml version="1.0" encoding="UTF-8"?>
<databaseChangeLog
xmlns="http://www.liquibase.org/xml/ns/dbchangelog"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog
http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.10.xsd">
<changeSet id="202412030000" author="Matthieu">
<dropColumn tableName="user_account">
<column name="password"/>
</dropColumn>
</changeSet>
</databaseChangeLog>

0 comments on commit e4116d8

Please sign in to comment.