From: Martin Skorupski <martin.skorupski@highstreet-technologies.com>
Date: Sat, 8 Apr 2023 09:52:18 +0000 (+0200)
Subject: Secure all created user accounts
X-Git-Url: https://gerrit.o-ran-sc.org/r/gitweb?a=commitdiff_plain;h=a6355d1d39f9879fac59a4db703b3ebbd764de1f;p=oam.git

Secure all created user accounts

- update for system user account
- this account uses as default the password
  defined in .env

Issue-ID: OAM-328
Change-Id: I029d76c74303db2b87057cd69ca470cdd6b7c5fd
Signed-off-by: Martin Skorupski <martin.skorupski@highstreet-technologies.com>
---

diff --git a/solution/smo/common/identity/config.py b/solution/smo/common/identity/config.py
index 9db5de1..393d918 100644
--- a/solution/smo/common/identity/config.py
+++ b/solution/smo/common/identity/config.py
@@ -202,9 +202,12 @@ def createUsers(token, realmConfig, authConfig):
             {
                 "type": "password",
                 "value": password,
-                "temporary": False
+                "temporary": True
             }
-        ]
+      ],
+      "requiredActions": [
+        "UPDATE_PASSWORD"
+      ]
     }
     createUser(token, realmConfig, systemUser)
 
@@ -232,7 +235,6 @@ def addUserRole(user: dict, role: dict, options: dict):
 
 # searches for the role of a given user
 
-
 def findRole(username: str, authConfig: dict, realmConfig: dict) -> dict:
     roleName = 'administration'
     for grant in authConfig['grants']: