2 * Copyright (c) 2016, 2017 Inocybe Technologies. and others. All rights reserved.
4 * This program and the accompanying materials are made available under the
5 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6 * and is available at http://www.eclipse.org/legal/epl-v10.html
9 package org.opendaylight.aaa.cli.dmstore;
11 import org.apache.karaf.shell.commands.Command;
12 import org.apache.karaf.shell.commands.Option;
13 import org.apache.karaf.shell.console.OsgiCommandSupport;
14 import org.opendaylight.aaa.api.IIDMStore;
15 import org.opendaylight.aaa.api.SHA256Calculator;
16 import org.opendaylight.aaa.api.model.User;
17 import org.opendaylight.aaa.api.model.Users;
18 import org.opendaylight.aaa.cli.utils.CliUtils;
19 import org.opendaylight.aaa.shiro.idm.IdmLightProxy;
21 @Command(name = "change-user-pwd", scope = "aaa", description = "Change the user password.")
24 * ChangeUserPassword change the user password.
29 public class ChangeUserPassword extends OsgiCommandSupport {
31 private final IIDMStore identityStore;
33 @Option(name = "-user", aliases = {
34 "--userName" }, description = "The user name", required = true, multiValued = false)
35 private final String userName = "";
37 public ChangeUserPassword(IIDMStore identityStore) {
38 this.identityStore = identityStore;
42 protected Object doExecute() throws Exception {
43 if (identityStore == null) {
44 return "Failed to access the users data store";
46 final String currentPwd = CliUtils.readPassword(this.session, "Enter current password:");
47 final String newPwd = CliUtils.readPassword(this.session, "Enter new password:");
48 final Users users = identityStore.getUsers();
49 for (User usr : users.getUsers()) {
50 final String realPwd = SHA256Calculator.getSHA256(currentPwd, usr.getSalt());
51 if (usr.getName().equals(userName) && usr.getPassword().equals(realPwd)) {
52 IdmLightProxy.clearClaimCache();
53 usr.setPassword(newPwd);
54 identityStore.updateUser(usr);
55 return userName + "'s password has been changed";
58 return CliUtils.LOGIN_FAILED_MESS;