//JAVA TO C# CONVERTER WARNING: Method 'throws' clauses are not available in C#:
//ORIGINAL LINE: public void setUserPassword(String username, byte[] password, boolean requirePasswordChange) throws java.io.IOException, org.neo4j.kernel.api.exceptions.InvalidArgumentsException
public override void SetUserPassword(string username, sbyte[] password, bool requirePasswordChange)
{
try
{
User existingUser = GetUser(username);
PasswordPolicy.validatePassword(password);
if (existingUser.Credentials().matchesPassword(password))
{
throw new InvalidArgumentsException("Old password and new password cannot be the same.");
}
try
{
User updatedUser = existingUser.Augment().withCredentials(LegacyCredential.forPassword(password)).withRequiredPasswordChange(requirePasswordChange).build();
UserRepository.update(existingUser, updatedUser);
}
catch (ConcurrentModificationException)
{
// try again
SetUserPassword(username, password, requirePasswordChange);
}
}
finally
{
// Clear password
if (password != null)
{
Arrays.fill(password, ( sbyte )0);
}
}
}
protected internal virtual string Serialize(LegacyCredential cred)
{
string encodedSalt = HexString.encodeHexString(cred.Salt());
string encodedPassword = HexString.encodeHexString(cred.PasswordHash());
return(string.join(CREDENTIAL_SEPARATOR, LegacyCredential.DIGEST_ALGO, encodedPassword, encodedSalt));
}
//JAVA TO C# CONVERTER TODO TASK: Most Java annotations will not have direct .NET equivalent attributes:
//ORIGINAL LINE: @Test public void shouldReturnFailureForInvalidAttempt()
public virtual void ShouldReturnFailureForInvalidAttempt()
{
// Given
FakeClock clock = FakeClock;
AuthenticationStrategy authStrategy = NewAuthStrategy(clock, 3);
User user = (new User.Builder("user", LegacyCredential.ForPassword("right"))).build();
// Then
assertThat(authStrategy.Authenticate(user, password("wrong")), equalTo(AuthenticationResult.FAILURE));
}
private void TestUnlimitedFailedAuthAttempts(int maxFailedAttempts)
{
FakeClock clock = FakeClock;
AuthenticationStrategy authStrategy = NewAuthStrategy(clock, maxFailedAttempts);
User user = (new User.Builder("user", LegacyCredential.ForPassword("right"))).build();
int attempts = ThreadLocalRandom.current().Next(5, 100);
for (int i = 0; i < attempts; i++)
{
assertEquals(AuthenticationResult.FAILURE, authStrategy.Authenticate(user, password("wrong")));
}
}
//JAVA TO C# CONVERTER TODO TASK: Most Java annotations will not have direct .NET equivalent attributes:
//ORIGINAL LINE: @Test public void shouldNotSlowRequestRateOnLessThanMaxFailedAttempts()
public virtual void ShouldNotSlowRequestRateOnLessThanMaxFailedAttempts()
{
// Given
FakeClock clock = FakeClock;
AuthenticationStrategy authStrategy = NewAuthStrategy(clock, 3);
User user = (new User.Builder("user", LegacyCredential.ForPassword("right"))).build();
// When we've failed two times
assertThat(authStrategy.Authenticate(user, password("wrong")), equalTo(AuthenticationResult.FAILURE));
assertThat(authStrategy.Authenticate(user, password("wrong")), equalTo(AuthenticationResult.FAILURE));
// Then
assertThat(authStrategy.Authenticate(user, password("right")), equalTo(AuthenticationResult.SUCCESS));
}
//JAVA TO C# CONVERTER TODO TASK: Most Java annotations will not have direct .NET equivalent attributes:
//ORIGINAL LINE: @Test public void shouldSerializeAndDeserialize() throws Exception
//JAVA TO C# CONVERTER WARNING: Method 'throws' clauses are not available in C#:
public virtual void ShouldSerializeAndDeserialize()
{
// Given
UserSerialization serialization = new UserSerialization();
IList <User> users = new IList <User> {
(new User.Builder("Mike", LegacyCredential.ForPassword("1234321"))).withFlag("not_as_nice").build(), (new User.Builder("Steve", LegacyCredential.ForPassword("1234321"))).build(), (new User.Builder("steve.stevesson@WINDOMAIN", LegacyCredential.ForPassword("1234321"))).build(), (new User.Builder("Bob", LegacyCredential.ForPassword("0987654"))).build()
};
// When
sbyte[] serialized = serialization.Serialize(users);
// Then
assertThat(serialization.DeserializeRecords(serialized), equalTo(users));
}
/// <summary>
/// <para>Equality to always check for both salt and password hash as a safeguard against timing attack.</para>
/// </summary>
public override bool Equals(object o)
{
if (this == o)
{
return(true);
}
if (o == null || this.GetType() != o.GetType())
{
return(false);
}
LegacyCredential that = ( LegacyCredential )o;
bool saltEquals = ByteEquals(this._salt, that._salt);
bool passwordEquals = ByteEquals(this._passwordHash, that._passwordHash);
return(saltEquals && passwordEquals);
}
//JAVA TO C# CONVERTER WARNING: Method 'throws' clauses are not available in C#:
//ORIGINAL LINE: public org.neo4j.kernel.impl.security.User newUser(String username, byte[] initialPassword, boolean requirePasswordChange) throws java.io.IOException, org.neo4j.kernel.api.exceptions.InvalidArgumentsException
public override User NewUser(string username, sbyte[] initialPassword, bool requirePasswordChange)
{
try
{
UserRepository.assertValidUsername(username);
PasswordPolicy.validatePassword(initialPassword);
User user = (new User.Builder()).withName(username).withCredentials(LegacyCredential.forPassword(initialPassword)).withRequiredPasswordChange(requirePasswordChange).build();
UserRepository.create(user);
return(user);
}
finally
{
// Clear password
if (initialPassword != null)
{
Arrays.fill(initialPassword, ( sbyte )0);
}
}
}
//JAVA TO C# CONVERTER TODO TASK: Most Java annotations will not have direct .NET equivalent attributes:
//ORIGINAL LINE: @Test public void shouldThrowIfExistingUserDoesNotMatch() throws Throwable
//JAVA TO C# CONVERTER WARNING: Method 'throws' clauses are not available in C#:
public virtual void ShouldThrowIfExistingUserDoesNotMatch()
{
// Given
FileUserRepository users = new FileUserRepository(_fs, _authFile, _logProvider);
User user = (new User.Builder("jake", LegacyCredential.Inaccessible)).withRequiredPasswordChange(true).build();
users.Create(user);
User modifiedUser = user.Augment().withCredentials(LegacyCredential.ForPassword("foo")).build();
// When
User updatedUser = user.Augment().withCredentials(LegacyCredential.ForPassword("bar")).build();
try
{
users.Update(modifiedUser, updatedUser);
fail("expected exception not thrown");
}
catch (ConcurrentModificationException)
{
// Then continue
}
}
//JAVA TO C# CONVERTER TODO TASK: Most Java annotations will not have direct .NET equivalent attributes:
//ORIGINAL LINE: @Test public void shouldLoadInitialUserIfNoneExistEvenWithSamePassword() throws Throwable
//JAVA TO C# CONVERTER WARNING: Method 'throws' clauses are not available in C#:
public virtual void ShouldLoadInitialUserIfNoneExistEvenWithSamePassword()
{
// Given
FileUserRepository initialUserRepository = CommunitySecurityModule.GetInitialUserRepository(Config, NullLogProvider.Instance, FsRule.get());
initialUserRepository.Start();
initialUserRepository.create(new User.Builder("neo4j", LegacyCredential.ForPassword("neo4j"))
.withRequiredPasswordChange(false).build());
initialUserRepository.Shutdown();
// When
AuthManager().start();
// Then
//JAVA TO C# CONVERTER WARNING: The original Java variable was marked 'final':
//ORIGINAL LINE: final org.neo4j.kernel.impl.security.User user = users.getUserByName("neo4j");
User user = Users.getUserByName("neo4j");
assertNotNull(user);
assertTrue(user.Credentials().matchesPassword("neo4j"));
assertFalse(user.PasswordChangeRequired());
}
private void TestSlowRequestRateOnMultipleFailedAttemptsWhereAttemptIsValid(int maxFailedAttempts, Duration lockDuration)
{
// Given
FakeClock clock = FakeClock;
AuthenticationStrategy authStrategy = NewAuthStrategy(clock, maxFailedAttempts, lockDuration);
User user = (new User.Builder("user", LegacyCredential.ForPassword("right"))).build();
// When we've failed max number of times
for (int i = 0; i < maxFailedAttempts; i++)
{
assertThat(authStrategy.Authenticate(user, password("wrong")), equalTo(AuthenticationResult.FAILURE));
}
// Then
assertThat(authStrategy.Authenticate(user, password("right")), equalTo(AuthenticationResult.TOO_MANY_ATTEMPTS));
// But when time heals all wounds
clock.Forward(lockDuration.plus(1, SECONDS));
// Then things should be alright
assertThat(authStrategy.Authenticate(user, password("right")), equalTo(AuthenticationResult.SUCCESS));
}
//JAVA TO C# CONVERTER TODO TASK: Most Java annotations will not have direct .NET equivalent attributes:
//ORIGINAL LINE: @Test public void shouldBuildImmutableUser()
public virtual void ShouldBuildImmutableUser()
{
LegacyCredential abc = LegacyCredential.ForPassword("123abc");
LegacyCredential fruit = LegacyCredential.ForPassword("fruit");
User u1 = (new User.Builder("Steve", abc)).build();
User u2 = (new User.Builder("Steve", fruit)).withRequiredPasswordChange(true).withFlag("nice_guy").build();
assertThat(u1, equalTo(u1));
assertThat(u1, not(equalTo(u2)));
User u1AsU2 = u1.Augment().withCredentials(fruit).withRequiredPasswordChange(true).withFlag("nice_guy").build();
assertThat(u1, not(equalTo(u1AsU2)));
assertThat(u2, equalTo(u1AsU2));
User u2AsU1 = u2.Augment().withCredentials(abc).withRequiredPasswordChange(false).withoutFlag("nice_guy").build();
assertThat(u2, not(equalTo(u2AsU1)));
assertThat(u1, equalTo(u2AsU1));
assertThat(u1, not(equalTo(u2)));
}
//JAVA TO C# CONVERTER TODO TASK: Most Java annotations will not have direct .NET equivalent attributes:
//ORIGINAL LINE: @Test public void shouldProvideUserByUsernameEvenIfMidSetUsers() throws Throwable
//JAVA TO C# CONVERTER WARNING: Method 'throws' clauses are not available in C#:
public virtual void ShouldProvideUserByUsernameEvenIfMidSetUsers()
{
// Given
FileUserRepository users = new FileUserRepository(_fs, _authFile, _logProvider);
users.Create((new User.Builder("oskar", LegacyCredential.ForPassword("hidden"))).build());
DoubleLatch latch = new DoubleLatch(2);
// When
Future <object> setUsers = Threading.execute(o =>
{
users.Users = new HangingListSnapshot(this, latch, 10L, java.util.Collections.emptyList());
return(null);
}, null);
latch.StartAndWaitForAllToStart();
// Then
assertNotNull(users.GetUserByName("oskar"));
latch.Finish();
setUsers.get();
}
protected internal virtual User NewUser(string userName, string password, bool pwdChange)
{
return((new User.Builder(userName, LegacyCredential.ForPassword(password))).withRequiredPasswordChange(pwdChange).build());
}
