You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@syncope.apache.org by an...@apache.org on 2022/03/31 12:16:53 UTC

[syncope] branch 2_1_X updated: [SYNCOPE-1666] linked account must have AES as encryption algorithm (#333)

This is an automated email from the ASF dual-hosted git repository.

andreapatricelli pushed a commit to branch 2_1_X
in repository https://gitbox.apache.org/repos/asf/syncope.git


The following commit(s) were added to refs/heads/2_1_X by this push:
     new 50e10e6  [SYNCOPE-1666] linked account must have AES as encryption algorithm (#333)
50e10e6 is described below

commit 50e10e6cdb119121a1d405f16612b5429564f26b
Author: Andrea Patricelli <an...@apache.org>
AuthorDate: Thu Mar 31 14:16:47 2022 +0200

    [SYNCOPE-1666] linked account must have AES as encryption algorithm (#333)
    
    * [SYNCOPE-1666] linked account must have AES as encryption algorithm
---
 .../core/provisioning/java/data/UserDataBinderImpl.java       | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/UserDataBinderImpl.java b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/UserDataBinderImpl.java
index a6b98cb..606254e 100644
--- a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/UserDataBinderImpl.java
+++ b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/UserDataBinderImpl.java
@@ -50,7 +50,6 @@ import org.apache.syncope.core.persistence.api.dao.AccessTokenDAO;
 import org.apache.syncope.core.persistence.api.dao.ConfDAO;
 import org.apache.syncope.core.persistence.api.dao.SecurityQuestionDAO;
 import org.apache.syncope.core.persistence.api.entity.group.Group;
-import org.apache.syncope.core.persistence.api.entity.user.Account;
 import org.apache.syncope.core.persistence.api.entity.user.SecurityQuestion;
 import org.apache.syncope.core.persistence.api.entity.user.User;
 import org.apache.syncope.core.provisioning.api.PropagationByResource;
@@ -153,9 +152,9 @@ public class UserDataBinderImpl extends AbstractAnyDataBinder implements UserDat
         }
     }
 
-    private void setCipherAlgorithm(final Account account) {
-        if (account.getCipherAlgorithm() == null) {
-            account.setCipherAlgorithm(
+    private void setCipherAlgorithm(final User user) {
+        if (user.getCipherAlgorithm() == null) {
+            user.setCipherAlgorithm(
                     CipherAlgorithm.valueOf(confDAO.find("password.cipher.algorithm", CipherAlgorithm.AES.name())));
         }
     }
@@ -203,7 +202,9 @@ public class UserDataBinderImpl extends AbstractAnyDataBinder implements UserDat
             if (StringUtils.isBlank(accountTO.getPassword())) {
                 account.setEncodedPassword(null, null);
             } else if (!accountTO.getPassword().equals(account.getPassword())) {
-                setCipherAlgorithm(account);
+                if (account.getCipherAlgorithm() == null) {
+                    account.setCipherAlgorithm(CipherAlgorithm.AES);
+                }
                 account.setPassword(accountTO.getPassword());
             }
             account.setSuspended(accountTO.isSuspended());