Java tutorial
/* * (C) Copyright 2006-2015 Nuxeo SA (http://nuxeo.com/) and others. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. * * Contributors: * George Lefter */ package org.nuxeo.ecm.directory.sql; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertNotSame; import static org.junit.Assert.assertNull; import static org.junit.Assert.assertTrue; import static org.junit.Assert.fail; import java.io.Serializable; import java.util.Arrays; import java.util.Calendar; import java.util.Collections; import java.util.HashMap; import java.util.HashSet; import java.util.List; import java.util.Map; import java.util.Set; import javax.inject.Inject; import org.apache.commons.lang.StringUtils; import org.junit.Ignore; import org.junit.Test; import org.nuxeo.ecm.core.api.DocumentModel; import org.nuxeo.ecm.core.api.DocumentModelList; import org.nuxeo.ecm.core.test.annotations.Granularity; import org.nuxeo.ecm.core.test.annotations.RepositoryConfig; import org.nuxeo.ecm.directory.AbstractDirectory; import org.nuxeo.ecm.directory.BaseSession; import org.nuxeo.ecm.directory.DirectoryException; import org.nuxeo.ecm.directory.PasswordHelper; import org.nuxeo.ecm.directory.Reference; import org.nuxeo.ecm.directory.Session; import org.nuxeo.ecm.directory.api.DirectoryService; import org.nuxeo.runtime.test.runner.LocalDeploy; @RepositoryConfig(cleanup = Granularity.METHOD) @LocalDeploy({ "org.nuxeo.ecm.directory.sql.tests:test-sql-directories-schema-override.xml", "org.nuxeo.ecm.directory.sql.tests:test-sql-directories-bundle.xml" }) public abstract class SQLDirectoryTestSuite { protected static final String USER_DIR = "userDirectory"; protected static final String GROUP_DIR = "groupDirectory"; protected static final String SCHEMA = "user"; @Inject protected DirectoryService directoryService; public static Calendar getCalendar(int year, int month, int day, int hours, int minutes, int seconds, int milliseconds) { Calendar cal = Calendar.getInstance(); cal.set(Calendar.YEAR, year); cal.set(Calendar.MONTH, month - 1); // 0-based cal.set(Calendar.DAY_OF_MONTH, day); cal.set(Calendar.HOUR_OF_DAY, hours); cal.set(Calendar.MINUTE, minutes); cal.set(Calendar.SECOND, seconds); cal.set(Calendar.MILLISECOND, milliseconds); return cal; } public static Calendar stripMillis(Calendar calendar) { return getCalendar(calendar.get(Calendar.YEAR), // calendar.get(Calendar.MONTH) + 1, // calendar.get(Calendar.DAY_OF_MONTH), // calendar.get(Calendar.HOUR_OF_DAY), // calendar.get(Calendar.MINUTE), // calendar.get(Calendar.SECOND), 0); } public static void assertCalendarEquals(Calendar expected, Calendar actual) throws Exception { if (expected.equals(actual)) { return; } // try without milliseconds for stupid MySQL if (stripMillis(expected).equals(stripMillis(actual))) { return; } assertEquals(expected, actual); // proper failure } public Session getSession() throws Exception { return directoryService.open(USER_DIR); } public SQLDirectory getSQLDirectory() throws Exception { return (SQLDirectory) directoryService.getDirectory(USER_DIR); } @Test public void testTableReference() throws Exception { Reference membersRef = directoryService.getDirectory(GROUP_DIR).getReference("members"); // test initial configuration List<String> administrators = membersRef.getTargetIdsForSource("administrators"); assertEquals(1, administrators.size()); assertTrue(administrators.contains("Administrator")); // add user_1 to the administrators group membersRef.addLinks("administrators", Arrays.asList("user_1")); administrators = membersRef.getTargetIdsForSource("administrators"); assertEquals(2, administrators.size()); assertTrue(administrators.contains("Administrator")); assertTrue(administrators.contains("user_1")); // readding the same link should not duplicate it membersRef.addLinks("administrators", Arrays.asList("user_1", "user_2")); administrators = membersRef.getTargetIdsForSource("administrators"); assertEquals(3, administrators.size()); assertTrue(administrators.contains("Administrator")); assertTrue(administrators.contains("user_1")); assertTrue(administrators.contains("user_2")); // remove the reference to Administrator membersRef.removeLinksForTarget("Administrator"); administrators = membersRef.getTargetIdsForSource("administrators"); assertEquals(2, administrators.size()); assertTrue(administrators.contains("user_1")); assertTrue(administrators.contains("user_2")); // remove the references from administrators membersRef.removeLinksForSource("administrators"); administrators = membersRef.getTargetIdsForSource("administrators"); assertEquals(0, administrators.size()); // readd references with the set* methods membersRef.setTargetIdsForSource("administrators", Arrays.asList("user_1", "user_2")); administrators = membersRef.getTargetIdsForSource("administrators"); assertEquals(2, administrators.size()); assertTrue(administrators.contains("user_1")); assertTrue(administrators.contains("user_2")); membersRef.setTargetIdsForSource("administrators", Arrays.asList("user_1", "Administrator")); administrators = membersRef.getTargetIdsForSource("administrators"); assertEquals(2, administrators.size()); assertTrue(administrators.contains("user_1")); assertTrue(administrators.contains("Administrator")); membersRef.setSourceIdsForTarget("Administrator", Arrays.asList("members")); administrators = membersRef.getTargetIdsForSource("administrators"); assertEquals(1, administrators.size()); assertTrue(administrators.contains("user_1")); administrators = membersRef.getSourceIdsForTarget("Administrator"); assertEquals(1, administrators.size()); assertTrue(administrators.contains("members")); // cleanup for other tests // (because the feature doesn't clean up everything) membersRef.setTargetIdsForSource("administrators", Arrays.asList("Administrator")); membersRef.setTargetIdsForSource("members", Arrays.asList("user_1")); } @SuppressWarnings("unchecked") @Test public void testCreateEntry() throws Exception { try (Session session = getSession()) { Map<String, Object> map = new HashMap<String, Object>(); map.put("username", "user_0"); map.put("password", "pass_0"); map.put("intField", Long.valueOf(5)); map.put("dateField", getCalendar(1982, 3, 25, 16, 30, 47, 0)); map.put("groups", Arrays.asList("members", "administrators")); DocumentModel dm = session.createEntry(map); assertNotNull(dm); assertEquals("user_0", dm.getId()); String[] schemaNames = dm.getSchemas(); assertEquals(1, schemaNames.length); assertEquals(SCHEMA, schemaNames[0]); assertEquals("user_0", dm.getProperty(SCHEMA, "username")); assertEquals("pass_0", dm.getProperty(SCHEMA, "password")); assertEquals(Long.valueOf(5), dm.getProperty(SCHEMA, "intField")); assertCalendarEquals(getCalendar(1982, 3, 25, 16, 30, 47, 0), (Calendar) dm.getProperty(SCHEMA, "dateField")); List<String> groups = (List<String>) dm.getProperty(SCHEMA, "groups"); assertEquals(2, groups.size()); assertTrue(groups.contains("administrators")); assertTrue(groups.contains("members")); } // recheck the created entries has really been created from a second // session try (Session session = getSession()) { DocumentModel dm = session.getEntry("user_0"); assertNotNull(dm); assertEquals("user_0", dm.getId()); String[] schemaNames = dm.getSchemas(); assertEquals(1, schemaNames.length); assertEquals(SCHEMA, schemaNames[0]); assertEquals("user_0", dm.getProperty(SCHEMA, "username")); assertEquals(Long.valueOf(5), dm.getProperty(SCHEMA, "intField")); assertCalendarEquals(getCalendar(1982, 3, 25, 16, 30, 47, 0), (Calendar) dm.getProperty(SCHEMA, "dateField")); List<String> groups = (List<String>) dm.getProperty(SCHEMA, "groups"); assertEquals(2, groups.size()); assertTrue(groups.contains("administrators")); assertTrue(groups.contains("members")); // password check assertTrue(session.authenticate("user_0", "pass_0")); } } @SuppressWarnings("unchecked") @Test public void testGetEntry() throws Exception { try (Session session = getSession()) { DocumentModel dm = session.getEntry("user_1"); assertEquals("user_1", dm.getProperty(SCHEMA, "username")); assertEquals(Long.valueOf(3), dm.getProperty(SCHEMA, "intField")); assertCalendarEquals(getCalendar(2007, 9, 7, 14, 36, 28, 0), (Calendar) dm.getProperty(SCHEMA, "dateField")); assertNull(dm.getProperty(SCHEMA, "company")); List<String> groups = (List<String>) dm.getProperty(SCHEMA, "groups"); assertEquals(2, groups.size()); assertTrue(groups.contains("group_1")); assertTrue(groups.contains("members")); dm = session.getEntry("Administrator"); assertEquals("Administrator", dm.getProperty(SCHEMA, "username")); assertEquals(Long.valueOf(10), dm.getProperty(SCHEMA, "intField")); assertCalendarEquals(getCalendar(1982, 3, 25, 16, 30, 47, 123), (Calendar) dm.getProperty(SCHEMA, "dateField")); assertTrue((Boolean) dm.getProperty(SCHEMA, "booleanField")); groups = (List<String>) dm.getProperty(SCHEMA, "groups"); assertEquals(1, groups.size()); assertTrue(groups.contains("administrators")); // assertTrue(groups.contains("members")); } } @Test public void testGetEntries() throws Exception { try (Session session = getSession()) { DocumentModelList entries = session.getEntries(); assertEquals(3, entries.size()); Map<String, DocumentModel> entryMap = new HashMap<String, DocumentModel>(); for (DocumentModel entry : entries) { entryMap.put(entry.getId(), entry); } DocumentModel dm = entryMap.get("user_1"); assertNotNull(dm); assertEquals("user_1", dm.getProperty(SCHEMA, "username")); assertCalendarEquals(getCalendar(2007, 9, 7, 14, 36, 28, 0), (Calendar) dm.getProperty(SCHEMA, "dateField")); assertEquals(Long.valueOf(3), dm.getProperty(SCHEMA, "intField")); assertTrue((Boolean) dm.getProperty(SCHEMA, "booleanField")); // XXX: getEntries does not fetch references anymore => groups is // null dm = entryMap.get("Administrator"); assertNotNull(dm); assertEquals("Administrator", dm.getProperty(SCHEMA, "username")); assertEquals(Long.valueOf(10), dm.getProperty(SCHEMA, "intField")); assertCalendarEquals(getCalendar(1982, 3, 25, 16, 30, 47, 123), (Calendar) dm.getProperty(SCHEMA, "dateField")); dm = entryMap.get("user_3"); assertFalse((Boolean) dm.getProperty(SCHEMA, "booleanField")); } try (Session session = directoryService.open(GROUP_DIR)) { DocumentModel doc = session.getEntry("administrators"); assertEquals("administrators", doc.getPropertyValue("group:groupname")); assertEquals("Administrators group", doc.getPropertyValue("group:grouplabel")); doc = session.getEntry("group_1"); assertEquals("group_1", doc.getPropertyValue("group:groupname")); Serializable label = doc.getPropertyValue("group:grouplabel"); if (label != null) { // NULL for Oracle assertEquals("", label); } } } @SuppressWarnings("unchecked") @Test public void testUpdateEntry() throws Exception { try (Session session = getSession()) { DocumentModel dm = session.getEntry("user_1"); // update entry dm.setProperty(SCHEMA, "username", "user_2"); dm.setProperty(SCHEMA, "password", "pass_2"); dm.setProperty(SCHEMA, "intField", Long.valueOf(2)); dm.setProperty(SCHEMA, "dateField", getCalendar(2001, 2, 3, 4, 5, 6, 7)); dm.setProperty(SCHEMA, "groups", Arrays.asList("administrators", "members")); session.updateEntry(dm); } // retrieve entry again // even if we tried to change the user id (username), it should // not be changed try (Session session = getSession()) { DocumentModel dm = session.getEntry("user_1"); assertEquals("user_1", dm.getProperty(SCHEMA, "username")); assertEquals(Long.valueOf(2), dm.getProperty(SCHEMA, "intField")); assertCalendarEquals(getCalendar(2001, 2, 3, 4, 5, 6, 7), (Calendar) dm.getProperty(SCHEMA, "dateField")); List<String> groups = (List<String>) dm.getProperty(SCHEMA, "groups"); assertEquals(2, groups.size()); assertTrue(groups.contains("administrators")); assertTrue(groups.contains("members")); // password check assertTrue(session.authenticate("user_1", "pass_2")); // the user_2 username change was ignored assertNull(session.getEntry("user_2")); // change other field, check password still ok dm.setProperty(SCHEMA, "company", "foo"); session.updateEntry(dm); } try (Session session = getSession()) { // password check assertTrue(session.authenticate("user_1", "pass_2")); } } @SuppressWarnings("unchecked") @Test public void testDeleteEntry() throws Exception { try (Session session = getSession()) { DocumentModel dm = session.getEntry("user_1"); session.deleteEntry(dm); } try (Session session = getSession()) { DocumentModel dm = session.getEntry("user_1"); assertNull(dm); } try (Session session = directoryService.open(GROUP_DIR)) { DocumentModel group1 = session.getEntry("group_1"); List<String> members = (List<String>) group1.getProperty("group", "members"); assertTrue(members.isEmpty()); // assertFalse(members.contains("group_1")); } } // XXX AT: disabled because SQL directories do not accept anymore creation // of a second entry with the same id. The goal here is to accept an entry // with an existing id, as long as parent id is different - e.g full id is // the (parent id, id) tuple. But this constraint does not appear the // directory configuration, so drop it for now. @Test @Ignore public void testDeleteEntryExtended() throws Exception { try (Session session = getSession()) { // create a second entry with user_1 as key but with // a different email (would be "parent" in a hierarchical // vocabulary) Map<String, Object> entryMap = new HashMap<String, Object>(); entryMap.put("username", "user_1"); entryMap.put("email", "second@email"); DocumentModel dm = session.createEntry(entryMap); assertNotNull(dm); assertEquals(3, session.getEntries().size()); // delete with nonexisting email Map<String, String> map = new HashMap<String, String>(); map.put("email", "nosuchemail"); session.deleteEntry("user_1", map); // still there assertEquals(3, session.getEntries().size()); // delete just one map.put("email", "e@m"); session.deleteEntry("user_1", map); // two more entries left assertEquals(2, session.getEntries().size()); // other user_1 still present dm = session.getEntry("user_1"); assertEquals("second@email", dm.getProperty(SCHEMA, "email")); // delete it with a WHERE on a null key map.clear(); map.put("company", null); session.deleteEntry("user_1", map); // entry is gone, only Administrator left assertEquals(1, session.getEntries().size()); } } @SuppressWarnings("unchecked") @Test public void testQuery1() throws Exception { try (Session session = getSession()) { Map<String, Serializable> filter = new HashMap<String, Serializable>(); filter.put("username", "user_1"); filter.put("firstName", "f"); DocumentModelList list = session.query(filter); assertEquals(1, list.size()); DocumentModel docModel = list.get(0); assertNotNull(docModel); assertEquals("user_1", docModel.getProperty(SCHEMA, "username")); assertEquals("f", docModel.getProperty(SCHEMA, "firstName")); // simple query does not fetch references by default => restart with // an explicit fetch request List<String> groups = (List<String>) docModel.getProperty(SCHEMA, "groups"); assertTrue(groups.isEmpty()); list = session.query(filter, null, null, true); assertEquals(1, list.size()); docModel = list.get(0); assertNotNull(docModel); assertEquals("user_1", docModel.getProperty(SCHEMA, "username")); assertEquals("f", docModel.getProperty(SCHEMA, "firstName")); // test that the groups (reference) of user_1 were fetched as well groups = (List<String>) docModel.getProperty(SCHEMA, "groups"); assertEquals(2, groups.size()); assertTrue(groups.contains("members")); assertTrue(groups.contains("group_1")); } } @Test public void testQuerySubAny() throws Exception { try (Session session = getSession()) { Map<String, Serializable> filter = new HashMap<String, Serializable>(); filter.put("username", "er_"); Set<String> set = new HashSet<String>(); set.add("username"); DocumentModelList list = session.query(filter, set); assertEquals(2, list.size()); Set<String> usernames = new HashSet<>(); for (DocumentModel docModel : list) { usernames.add((String) docModel.getProperty(SCHEMA, "username")); } Set<String> expectedUsernames = new HashSet<>(Arrays.asList("user_1", "user_3")); assertEquals(expectedUsernames, usernames); } } @Test public void testQuery2() throws Exception { try (Session session = getSession()) { Map<String, Serializable> filter = new HashMap<String, Serializable>(); filter.put("username", "user_1"); filter.put("email", "nosuchemail"); DocumentModelList list = session.query(filter); assertEquals(0, list.size()); } } @Test public void testQueryCaseInsensitive() throws Exception { try (Session session = getSession()) { Map<String, Serializable> filter = new HashMap<String, Serializable>(); // case insensitive substring search filter.put("username", "admini"); DocumentModelList list = session.query(filter, filter.keySet()); assertEquals(1, list.size()); DocumentModel dm = list.get(0); assertEquals("Administrator", dm.getProperty(SCHEMA, "username")); } } @Test public void testGetProjection() throws Exception { try (Session session = getSession()) { Map<String, Serializable> filter = new HashMap<String, Serializable>(); filter.put("username", "user_1"); List<String> list = session.getProjection(filter, "firstName"); assertEquals(1, list.size()); assertTrue(list.contains("f")); } } @Test public void testSearch() throws Exception { try (Session session = getSession()) { Map<String, Serializable> filter = new HashMap<String, Serializable>(); // exact match filter.put("username", "u"); List<String> users = session.getProjection(filter, "username"); assertEquals(0, users.size()); // substring match users = session.getProjection(filter, filter.keySet(), "username"); assertEquals(2, users.size()); assertTrue(users.contains("user_1")); filter.put("username", "v"); users = session.getProjection(filter, filter.keySet(), "username"); assertEquals(0, users.size()); // trying to cheat filter.put("username", "*"); users = session.getProjection(filter, "username"); assertEquals(0, users.size()); // substring with empty key filter.put("username", ""); users = session.getProjection(filter, filter.keySet(), "username"); assertEquals(3, users.size()); assertTrue(users.contains("user_1")); assertTrue(users.contains("Administrator")); } } @Test public void testIsAuthenticating() throws Exception { try (Session session = getSession()) { // by default the user directory is authenticating assertTrue(session.isAuthenticating()); // by setting a password field that does not belong to the // user SCHEMA, we disable that feature SQLDirectoryDescriptor config = getSQLDirectory().getDescriptor(); try { config.passwordField = "SomeStrangePassordField"; assertFalse(session.isAuthenticating()); } finally { config.passwordField = "password"; } } } @Test public void testAuthenticate() throws Exception { try (Session session = getSession()) { // successful authentication assertTrue(session.authenticate("Administrator", "Administrator")); assertTrue(session.authenticate("user_1", "pass_1")); // authentication against encrypted password assertTrue(session.authenticate("user_3", "pass_3")); // failed authentication: bad password assertFalse(session.authenticate("Administrator", "WrongPassword")); assertFalse(session.authenticate("user", ".asdf'23423")); // failed authentication: not existing user assertFalse(session.authenticate("NonExistingUser", "whatever")); } } @Test public void testCreateFromModel() throws Exception { try (Session session = getSession()) { String schema = "user"; DocumentModel entry = BaseSession.createEntryModel(null, schema, null, null); entry.setProperty("user", "username", "yo"); assertNull(session.getEntry("yo")); session.createEntry(entry); assertNotNull(session.getEntry("yo")); // create one with existing same id, must fail entry.setProperty("user", "username", "Administrator"); try { assertTrue(session.hasEntry("Administrator")); entry = session.createEntry(entry); session.getEntry("Administrator"); fail("Should raise an error, entry already exists"); } catch (DirectoryException e) { } } } @Test public void testHasEntry() throws Exception { try (Session session = getSession()) { assertTrue(session.hasEntry("Administrator")); assertFalse(session.hasEntry("foo")); } } @Ignore @Test @LocalDeploy("org.nuxeo.ecm.directory.sql.tests:test-sql-directories-alteration-config.xml") public void testColumnCreation() throws Exception { AbstractDirectory dirtmp1 = null; AbstractDirectory dirtmp2 = null; try { dirtmp1 = (AbstractDirectory) directoryService.getDirectory("tmpdirectory1"); assertNotNull(dirtmp1); Session session = dirtmp1.getSession(); String schema1 = "tmpschema1"; DocumentModel entry = BaseSession.createEntryModel(null, schema1, null, null); entry.setProperty(schema1, "id", "john"); entry.setProperty(schema1, "label", "monLabel"); assertNull(session.getEntry("john")); entry = session.createEntry(entry); assertEquals("john", entry.getId()); assertNotNull(session.getEntry("john")); // Open a new directory that uses the same table with a different // schema. // And test if the table has not been re-created, and data are there dirtmp2 = (AbstractDirectory) directoryService.getDirectory("tmpdirectory2"); assertNotNull(dirtmp2); session = dirtmp2.getSession(); assertNotNull(session.getEntry("john")); } finally { if (dirtmp1 != null) { dirtmp1.shutdown(); } if (dirtmp2 != null) { dirtmp2.shutdown(); } } } @Test public void testPasswordUpdate() throws Exception { try (Session session = getSession()) { String username = "myuser"; String password = "MyPassword:)"; String password2 = "SomeOtherPassword-"; // create entry Map<String, Object> map = new HashMap<>(); map.put("username", username); map.put("password", password); session.createEntry(map); // check authentication assertTrue(session.authenticate(username, password)); // password has been hashed String pw = ((SQLSession) session).getPassword(username); assertFalse(StringUtils.isBlank(pw)); assertNotSame(password, pw); // different because hashed // change password DocumentModel dm = session.getEntry(username); dm.setProperty(SCHEMA, "password", password2); session.updateEntry(dm); // check authentication with new password assertTrue(session.authenticate(username, password2)); // changing other field dm = session.getEntry(username); dm.setProperty(SCHEMA, "company", "my company"); session.updateEntry(dm); // entry was updated dm = session.getEntry(username); assertEquals("my company", dm.getProperty(SCHEMA, "company")); // check authentication still works, password was not cleared assertTrue(session.authenticate(username, password2)); // setting password to empty is also ignored dm = session.getEntry(username); dm.setProperty(SCHEMA, "company", "unemployed"); dm.setProperty(SCHEMA, "password", ""); session.updateEntry(dm); // entry was updated dm = session.getEntry(username); assertEquals("unemployed", dm.getProperty(SCHEMA, "company")); // check authentication still works, password was not cleared assertTrue(session.authenticate(username, password2)); } } @Test public void testPasswordIgnoredInQueryFilter() throws Exception { try (Session session = getSession()) { Map<String, Serializable> filter = new HashMap<String, Serializable>(); filter.put("username", "user_1"); filter.put("password", "nosuchpassword"); DocumentModelList list = session.query(filter); // returns the result of the query filtered by username, ignoring password assertEquals(1, list.size()); } } @Test public void testPasswordNotReturned() throws Exception { String username = "myuser"; String password = "MyPassword:)"; // create entry try (Session session = getSession()) { Map<String, Object> map = new HashMap<>(); map.put("username", username); map.put("password", password); session.createEntry(map); // check authentication assertTrue(session.authenticate(username, password)); } try (Session session = getSession()) { // password not returned by getEntry DocumentModel dm = session.getEntry(username); String pw = (String) dm.getProperty(SCHEMA, "password"); assertNull(pw); // password not returned by query List<DocumentModel> docs = session.query(Collections.singletonMap("username", username)); assertEquals(1, docs.size()); dm = docs.get(0); pw = (String) dm.getProperty(SCHEMA, "password"); assertNull(pw); } // however is readAllColumns is set, the password is returned (used for test framework) try (Session session = getSession()) { session.setReadAllColumns(true); // password returned by getEntry DocumentModel dm = session.getEntry(username); String pw = (String) dm.getProperty(SCHEMA, "password"); assertFalse(StringUtils.isBlank(pw)); // hashed password PasswordHelper.verifyPassword(password, pw); // password returned by query List<DocumentModel> docs = session.query(Collections.singletonMap("username", username)); assertEquals(1, docs.size()); dm = docs.get(0); pw = (String) dm.getProperty(SCHEMA, "password"); assertFalse(StringUtils.isBlank(pw)); // hashed password PasswordHelper.verifyPassword(password, pw); } } }