private void setExternalIdentity(DbSession dbSession, UserDto dto, @Nullable ExternalIdentity externalIdentity) { if (externalIdentity == null) { dto.setExternalLogin(dto.getLogin()); dto.setExternalIdentityProvider(SQ_AUTHORITY); dto.setExternalId(dto.getLogin()); dto.setLocal(true); } else { dto.setExternalLogin(externalIdentity.getLogin()); dto.setExternalIdentityProvider(externalIdentity.getProvider()); dto.setExternalId(externalIdentity.getId()); dto.setLocal(false); dto.setSalt(null); dto.setCryptedPassword(null); } UserDto existingUser = dbClient.userDao().selectByExternalIdAndIdentityProvider(dbSession, dto.getExternalId(), dto.getExternalIdentityProvider()); checkArgument(existingUser == null || Objects.equals(dto.getUuid(), existingUser.getUuid()), "A user with provider id '%s' and identity provider '%s' already exists", dto.getExternalId(), dto.getExternalIdentityProvider()); }
@Test public void authenticate_external_user() { when(externalAuthentication.authenticate(new Credentials(LOGIN, PASSWORD), request, BASIC)).thenReturn(Optional.of(newUserDto())); insertUser(newUserDto() .setLogin(LOGIN) .setLocal(false)); executeAuthenticate(BASIC); verify(externalAuthentication).authenticate(new Credentials(LOGIN, PASSWORD), request, BASIC); verifyZeroInteractions(authenticationEvent); }
public static UserDto newLocalUser(String login, String name, @Nullable String email) { return newUserDto() .setLocal(true) .setName(name) .setEmail(email) .setLogin(login) .setExternalId(login) .setExternalLogin(login) .setExternalIdentityProvider("sonarqube"); }
@Test public void return_minimal_user_info() { UserDto user = db.users().insertUser(u -> u .setLogin("obiwan.kenobi") .setName("Obiwan Kenobi") .setEmail(null) .setLocal(true) .setExternalLogin("obiwan") .setExternalIdentityProvider("sonarqube") .setScmAccounts((String) null)); userSession.logIn(user); CurrentWsResponse response = call(); assertThat(response) .extracting(CurrentWsResponse::getIsLoggedIn, CurrentWsResponse::getLogin, CurrentWsResponse::getName, CurrentWsResponse::hasAvatar, CurrentWsResponse::getLocal, CurrentWsResponse::getExternalIdentity, CurrentWsResponse::getExternalProvider, CurrentWsResponse::hasPersonalOrganization, CurrentWsResponse::getSettingsList) .containsExactly(true, "obiwan.kenobi", "Obiwan Kenobi", false, true, "obiwan", "sonarqube", false, Collections.emptyList()); assertThat(response.hasEmail()).isFalse(); assertThat(response.getScmAccountsList()).isEmpty(); assertThat(response.getGroupsList()).isEmpty(); assertThat(response.getPermissions().getGlobalList()).isEmpty(); }
@Test public void authenticate_local_user() { insertUser(newUserDto() .setLogin(LOGIN) .setCryptedPassword(ENCRYPTED_PASSWORD) .setHashMethod(CredentialsLocalAuthentication.HashMethod.SHA1.name()) .setSalt(SALT) .setLocal(true)); UserDto userDto = executeAuthenticate(BASIC); assertThat(userDto.getLogin()).isEqualTo(LOGIN); verify(authenticationEvent).loginSuccess(request, LOGIN, Source.local(BASIC)); }
@Test public void fail_to_authenticate_authenticate_external_user_when_no_external_authentication() { when(externalAuthentication.authenticate(new Credentials(LOGIN, PASSWORD), request, BASIC_TOKEN)).thenReturn(Optional.empty()); insertUser(newUserDto() .setLogin(LOGIN) .setLocal(false)); expectedException.expect(authenticationException().from(Source.local(BASIC_TOKEN)).withLogin(LOGIN).andNoPublicMessage()); expectedException.expectMessage("User is not local"); try { executeAuthenticate(BASIC_TOKEN); } finally { verifyZeroInteractions(authenticationEvent); } }
@Test public void reactivate_user_with_external_provider() { UserDto user = db.users().insertDisabledUser(u -> u.setLocal(true)); createDefaultGroup(); underTest.reactivateAndCommit(db.getSession(), user, NewUser.builder() .setLogin(user.getLogin()) .setName(user.getName()) .setExternalIdentity(new ExternalIdentity("github", "john", "ABCD")) .build(), u -> { }); session.commit(); UserDto dto = dbClient.userDao().selectByUuid(session, user.getUuid()); assertThat(dto.isLocal()).isFalse(); assertThat(dto.getExternalId()).isEqualTo("ABCD"); assertThat(dto.getExternalLogin()).isEqualTo("john"); assertThat(dto.getExternalIdentityProvider()).isEqualTo("github"); }
public static UserDto newExternalUser(String login, String name, @Nullable String email) { return newUserDto() .setLocal(false) .setName(name) .setEmail(email) .setLogin(login) .setExternalId(randomAlphanumeric(40)) .setExternalLogin(randomAlphanumeric(40)) .setExternalIdentityProvider(randomAlphanumeric(40)); }
@Test public void reactivate_user_with_local_provider() { UserDto user = db.users().insertDisabledUser(u -> u.setLocal(false) .setExternalId("ABCD") .setExternalLogin("john") .setExternalIdentityProvider("github")); createDefaultGroup(); underTest.reactivateAndCommit(db.getSession(), user, NewUser.builder() .setLogin(user.getLogin()) .setName(user.getName()) .build(), u -> { }); session.commit(); UserDto dto = dbClient.userDao().selectByUuid(session, user.getUuid()); assertThat(dto.isLocal()).isTrue(); assertThat(dto.getExternalId()).isEqualTo(user.getLogin()); assertThat(dto.getExternalLogin()).isEqualTo(user.getLogin()); assertThat(dto.getExternalIdentityProvider()).isEqualTo("sonarqube"); }
@Test public void update_login_from_external_account() { userSession.logIn().setSystemAdministrator(); UserDto user = db.users().insertUser(u -> u .setLogin("old_login") .setLocal(false) .setExternalIdentityProvider("github") .setExternalLogin("github_login") .setExternalId("github_id") .setCryptedPassword(null) .setSalt(null)); ws.newRequest() .setParam("login", user.getLogin()) .setParam("newLogin", "new_login") .execute(); UserDto userReloaded = db.getDbClient().userDao().selectByUuid(db.getSession(), user.getUuid()); assertThat(userReloaded.getLogin()).isEqualTo("new_login"); assertThat(userReloaded.getExternalLogin()).isEqualTo("github_login"); assertThat(userReloaded.getExternalId()).isEqualTo("github_id"); assertThat(userReloaded.isLocal()).isFalse(); assertThat(userReloaded.getCryptedPassword()).isNull(); assertThat(userReloaded.getSalt()).isNull(); }
@Test public void reactivate_user_using_same_external_info_but_was_local() { UserDto user = db.users().insertDisabledUser(u -> u.setLocal(true) .setExternalId("ABCD") .setExternalLogin("john") .setExternalIdentityProvider("github")); createDefaultGroup(); underTest.reactivateAndCommit(db.getSession(), user, NewUser.builder() .setLogin(user.getLogin()) .setName(user.getName()) .setExternalIdentity(new ExternalIdentity("github", "john", "ABCD")) .build(), u -> { }); session.commit(); UserDto dto = dbClient.userDao().selectByUuid(session, user.getUuid()); assertThat(dto.isLocal()).isFalse(); assertThat(dto.getExternalId()).isEqualTo("ABCD"); assertThat(dto.getExternalLogin()).isEqualTo("john"); assertThat(dto.getExternalIdentityProvider()).isEqualTo("github"); }
private void createUser() { UserDto userDto = newUserDto() .setEmail("john@email.com") .setLogin("john") .setName("John") .setScmAccounts(newArrayList("jn")) .setActive(true) .setLocal(true) .setExternalLogin("jo") .setExternalIdentityProvider("sonarqube"); dbClient.userDao().insert(dbSession, userDto); userIndexer.commitAndIndex(dbSession, userDto); } }
@Test public void return_user_info() { UserDto user = db.users().insertUser(u -> u .setLogin("obiwan.kenobi") .setName("Obiwan Kenobi") .setEmail("obiwan.kenobi@starwars.com") .setLocal(true) .setExternalLogin("obiwan") .setExternalIdentityProvider("sonarqube") .setScmAccounts(newArrayList("obiwan:github", "obiwan:bitbucket")) .setOnboarded(false)); userSession.logIn(user); CurrentWsResponse response = call(); assertThat(response) .extracting(CurrentWsResponse::getIsLoggedIn, CurrentWsResponse::getLogin, CurrentWsResponse::getName, CurrentWsResponse::getEmail, CurrentWsResponse::getAvatar, CurrentWsResponse::getLocal, CurrentWsResponse::getExternalIdentity, CurrentWsResponse::getExternalProvider, CurrentWsResponse::getScmAccountsList, CurrentWsResponse::getShowOnboardingTutorial) .containsExactly(true, "obiwan.kenobi", "Obiwan Kenobi", "obiwan.kenobi@starwars.com", "f5aa64437a1821ffe8b563099d506aef", true, "obiwan", "sonarqube", newArrayList("obiwan:github", "obiwan:bitbucket"), true); }
@Test public void test_example() { UserDto user = db.users().insertUser(u -> u .setLogin("ada.lovelace") .setEmail("ada.lovelace@noteg.com") .setName("Ada Lovelace") .setLocal(true) .setScmAccounts(singletonList("al"))); logInAsSystemAdministrator(); String json = deactivate(user.getLogin()).getInput(); assertJson(json).isSimilarTo(ws.getDef().responseExampleAsString()); }
@Test public void fail_to_update_password_when_user_is_not_local() { UserDto user = db.users().insertUser(newUserDto() .setLogin(DEFAULT_LOGIN) .setLocal(false)); createDefaultGroup(); expectedException.expect(BadRequestException.class); expectedException.expectMessage("Password cannot be changed when external authentication is used"); underTest.updateAndCommit(session, user, new UpdateUser().setPassword("password2"), u -> { }); }
@Test public void fail_to_authenticate_local_user_when_password_is_wrong() { insertUser(newUserDto() .setLogin(LOGIN) .setCryptedPassword("Wrong password") .setSalt("Wrong salt") .setHashMethod(CredentialsLocalAuthentication.HashMethod.SHA1.name()) .setLocal(true)); expectedException.expect(authenticationException().from(Source.local(BASIC)).withLogin(LOGIN).andNoPublicMessage()); expectedException.expectMessage("wrong password"); try { executeAuthenticate(BASIC); } finally { verifyZeroInteractions(authenticationEvent); } }
@Test public void fail_to_authenticate_local_user_that_have_no_password() { insertUser(newUserDto() .setLogin(LOGIN) .setCryptedPassword(null) .setSalt(SALT) .setHashMethod(CredentialsLocalAuthentication.HashMethod.SHA1.name()) .setLocal(true)); expectedException.expect(authenticationException().from(Source.local(BASIC)).withLogin(LOGIN).andNoPublicMessage()); expectedException.expectMessage("null password in DB"); try { executeAuthenticate(BASIC); } finally { verifyZeroInteractions(authenticationEvent); } }
@Test public void fail_to_authenticate_local_user_that_have_no_salt() { insertUser(newUserDto() .setLogin(LOGIN) .setCryptedPassword(ENCRYPTED_PASSWORD) .setSalt(null) .setHashMethod(CredentialsLocalAuthentication.HashMethod.SHA1.name()) .setLocal(true)); expectedException.expect(authenticationException().from(Source.local(BASIC_TOKEN)).withLogin(LOGIN).andNoPublicMessage()); expectedException.expectMessage("null salt"); try { executeAuthenticate(BASIC_TOKEN); } finally { verifyZeroInteractions(authenticationEvent); } }
@Override public UserDto register(UserRegistration registration) { this.authenticatorParameters = registration; String providerId = registration.getUserIdentity().getProviderId(); return UserTesting.newUserDto() .setLocal(false) .setLogin(registration.getUserIdentity().getLogin()) .setExternalLogin(registration.getUserIdentity().getProviderLogin()) .setExternalId(providerId == null ? registration.getUserIdentity().getProviderLogin() : providerId) .setExternalIdentityProvider(registration.getProvider().getKey()); }
public static UserDto newUserDto() { return new UserDto() .setId(nextInt()) .setUuid(randomAlphanumeric(40)) .setActive(true) .setLocal(nextBoolean()) .setLogin(randomAlphanumeric(30)) .setName(randomAlphanumeric(30)) .setEmail(randomAlphanumeric(30)) .setOnboarded(nextBoolean()) .setScmAccounts(singletonList(randomAlphanumeric(40))) .setExternalId(randomAlphanumeric(40)) .setExternalLogin(randomAlphanumeric(40)) .setExternalIdentityProvider(randomAlphanumeric(40)) .setSalt(randomAlphanumeric(40)) .setCryptedPassword(randomAlphanumeric(40)) .setCreatedAt(nextLong()) .setUpdatedAt(nextLong()); }