private Credentials fixCase(Credentials credentials) { if (config.getBoolean("sonar.authenticator.downcase").orElse(false)) { return new Credentials(credentials.getLogin().toLowerCase(Locale.ENGLISH), credentials.getPassword().orElse(null)); } return credentials; }
@Test public void test_equality() { assertThat(new Credentials("foo", "bar")).isEqualTo(new Credentials("foo", "bar")); assertThat(new Credentials("foo", "bar")).isNotEqualTo(new Credentials("foo", "baaaar")); assertThat(new Credentials("foo", "bar")).isNotEqualTo(new Credentials("foooooo", "bar")); assertThat(new Credentials("foo", "bar")).isNotEqualTo(new Credentials("foo", null)); assertThat(new Credentials("foo", "bar").hashCode()).isEqualTo(new Credentials("foo", "bar").hashCode()); } }
private UserDto authenticate(HttpServletRequest request) { String login = request.getParameter("login"); String password = request.getParameter("password"); if (isEmpty(login) || isEmpty(password)) { throw AuthenticationException.newBuilder() .setSource(Source.local(Method.FORM)) .setLogin(login) .setMessage("Empty login and/or password") .build(); } return credentialsAuthentication.authenticate(new Credentials(login, password), request, Method.FORM); }
@Test public void login_cant_be_empty() { Throwable thrown = catchThrowable(() -> new Credentials("", "bar")); assertThat(thrown) .isInstanceOf(IllegalArgumentException.class) .hasMessage("login must not be null nor empty"); thrown = catchThrowable(() -> new Credentials(null, "bar")); assertThat(thrown) .isInstanceOf(IllegalArgumentException.class) .hasMessage("login must not be null nor empty"); Credentials underTest = new Credentials("foo", "bar"); assertThat(underTest.getLogin()).isEqualTo("foo"); }
private UserDto executeAuthenticate(AuthenticationEvent.Method method) { return underTest.authenticate(new Credentials(LOGIN, PASSWORD), request, method); }
@Test public void authenticate_from_basic_http_header_with_password_containing_semi_colon() { String password = "!ascii-only:-)@"; when(request.getHeader("Authorization")).thenReturn("Basic " + toBase64(A_LOGIN + ":" + password)); when(credentialsAuthentication.authenticate(new Credentials(A_LOGIN, password), request, BASIC)).thenReturn(USER); underTest.authenticate(request); verify(credentialsAuthentication).authenticate(new Credentials(A_LOGIN, password), request, BASIC); verifyNoMoreInteractions(authenticationEvent); }
@Test public void do_authenticate() throws Exception { when(credentialsAuthentication.authenticate(new Credentials(LOGIN, PASSWORD), request, FORM)).thenReturn(user); executeRequest(LOGIN, PASSWORD); assertThat(threadLocalUserSession.isLoggedIn()).isTrue(); verify(credentialsAuthentication).authenticate(new Credentials(LOGIN, PASSWORD), request, FORM); verify(jwtHttpHandler).generateToken(user, request, response); verifyZeroInteractions(chain); verifyZeroInteractions(authenticationEvent); }
@Test public void authenticate_from_basic_http_header() { when(request.getHeader("Authorization")).thenReturn("Basic " + CREDENTIALS_IN_BASE64); Credentials credentials = new Credentials(A_LOGIN, A_PASSWORD); when(credentialsAuthentication.authenticate(credentials, request, BASIC)).thenReturn(USER); underTest.authenticate(request); verify(credentialsAuthentication).authenticate(credentials, request, BASIC); verifyNoMoreInteractions(authenticationEvent); }
@Test public void password_cant_be_empty_string() { Credentials underTest = new Credentials("foo", ""); assertThat(underTest.getPassword()).isEmpty(); underTest = new Credentials("foo", null); assertThat(underTest.getPassword()).isEmpty(); underTest = new Credentials("foo", " "); assertThat(underTest.getPassword()).hasValue(" "); underTest = new Credentials("foo", "bar"); assertThat(underTest.getPassword()).hasValue("bar"); }
@Test public void return_authorized_code_when_unauthorized_exception_is_thrown() throws Exception { doThrow(new UnauthorizedException("error !")).when(credentialsAuthentication).authenticate(new Credentials(LOGIN, PASSWORD), request, FORM); executeRequest(LOGIN, PASSWORD); verify(response).setStatus(401); assertThat(threadLocalUserSession.hasSession()).isFalse(); verifyZeroInteractions(authenticationEvent); }
private void executeAuthenticate(String login) { when(authenticator.doAuthenticate(any(Authenticator.Context.class))).thenReturn(true); UserDetails userDetails = new UserDetails(); userDetails.setName("name"); when(externalUsersProvider.doGetUserDetails(any(ExternalUsersProvider.Context.class))).thenReturn(userDetails); underTest.authenticate(new Credentials(login, PASSWORD), request, BASIC); }
@Test public void return_empty_user_when_no_realm() { assertThat(underTest.authenticate(new Credentials(LOGIN, PASSWORD), request, BASIC)).isEmpty(); verifyNoMoreInteractions(authenticationEvent); }
@Test public void authenticate_external_user() { when(externalAuthentication.authenticate(new Credentials(LOGIN, PASSWORD), request, BASIC)).thenReturn(Optional.of(newUserDto())); insertUser(newUserDto() .setLogin(LOGIN) .setLocal(false)); executeAuthenticate(BASIC); verify(externalAuthentication).authenticate(new Credentials(LOGIN, PASSWORD), request, BASIC); verifyZeroInteractions(authenticationEvent); }
@Test public void login_is_used_when_no_name_provided() { executeStartWithoutGroupSync(); when(authenticator.doAuthenticate(any(Authenticator.Context.class))).thenReturn(true); UserDetails userDetails = new UserDetails(); userDetails.setEmail("email"); when(externalUsersProvider.doGetUserDetails(any(ExternalUsersProvider.Context.class))).thenReturn(userDetails); underTest.authenticate(new Credentials(LOGIN, PASSWORD), request, BASIC); assertThat(userIdentityAuthenticator.getAuthenticatorParameters().getProvider().getName()).isEqualTo("sonarqube"); verify(authenticationEvent).loginSuccess(request, LOGIN, Source.realm(BASIC, REALM_NAME)); }
@Test public void use_login_if_user_details_contains_no_name() { executeStartWithoutGroupSync(); when(authenticator.doAuthenticate(any(Authenticator.Context.class))).thenReturn(true); UserDetails userDetails = new UserDetails(); userDetails.setName(null); when(externalUsersProvider.doGetUserDetails(any(ExternalUsersProvider.Context.class))).thenReturn(userDetails); underTest.authenticate(new Credentials(LOGIN, PASSWORD), request, BASIC); assertThat(userIdentityAuthenticator.isAuthenticated()).isTrue(); assertThat(userIdentityAuthenticator.getAuthenticatorParameters().getUserIdentity().getName()).isEqualTo(LOGIN); verify(authenticationEvent).loginSuccess(request, LOGIN, Source.realm(BASIC, REALM_NAME)); }
@Test public void fail_to_authenticate_when_user_details_are_null() { executeStartWithoutGroupSync(); when(authenticator.doAuthenticate(any(Authenticator.Context.class))).thenReturn(true); when(externalUsersProvider.doGetUserDetails(any(ExternalUsersProvider.Context.class))).thenReturn(null); expectedException.expect(authenticationException().from(Source.realm(BASIC, REALM_NAME)).withLogin(LOGIN).andNoPublicMessage()); expectedException.expectMessage("No user details"); try { underTest.authenticate(new Credentials(LOGIN, PASSWORD), request, BASIC); } finally { verifyZeroInteractions(authenticationEvent); } }
@Test public void fail_to_authenticate_when_any_exception_is_thrown() { executeStartWithoutGroupSync(); String expectedMessage = "emulating exception in doAuthenticate"; doThrow(new IllegalArgumentException(expectedMessage)).when(authenticator).doAuthenticate(any(Authenticator.Context.class)); when(externalUsersProvider.doGetUserDetails(any(ExternalUsersProvider.Context.class))).thenReturn(new UserDetails()); expectedException.expect(authenticationException().from(Source.realm(BASIC_TOKEN, REALM_NAME)).withLogin(LOGIN).andNoPublicMessage()); expectedException.expectMessage(expectedMessage); try { underTest.authenticate(new Credentials(LOGIN, PASSWORD), request, BASIC_TOKEN); } finally { verifyZeroInteractions(authenticationEvent); } }
@Test public void fail_to_authenticate_when_external_authentication_fails() { executeStartWithoutGroupSync(); when(externalUsersProvider.doGetUserDetails(any(ExternalUsersProvider.Context.class))).thenReturn(new UserDetails()); when(authenticator.doAuthenticate(any(Authenticator.Context.class))).thenReturn(false); expectedException.expect(authenticationException().from(Source.realm(BASIC, REALM_NAME)).withLogin(LOGIN).andNoPublicMessage()); expectedException.expectMessage("Realm returned authenticate=false"); try { underTest.authenticate(new Credentials(LOGIN, PASSWORD), request, BASIC); } finally { verifyZeroInteractions(authenticationEvent); } }
@Test public void authenticate_with_sonarqube_identity_provider() { executeStartWithoutGroupSync(); when(authenticator.doAuthenticate(any(Authenticator.Context.class))).thenReturn(true); UserDetails userDetails = new UserDetails(); userDetails.setName("name"); userDetails.setEmail("email"); when(externalUsersProvider.doGetUserDetails(any(ExternalUsersProvider.Context.class))).thenReturn(userDetails); underTest.authenticate(new Credentials(LOGIN, PASSWORD), request, BASIC); assertThat(userIdentityAuthenticator.isAuthenticated()).isTrue(); assertThat(userIdentityAuthenticator.getAuthenticatorParameters().getProvider().getKey()).isEqualTo("sonarqube"); assertThat(userIdentityAuthenticator.getAuthenticatorParameters().getProvider().getName()).isEqualTo("sonarqube"); assertThat(userIdentityAuthenticator.getAuthenticatorParameters().getProvider().getDisplay()).isNull(); assertThat(userIdentityAuthenticator.getAuthenticatorParameters().getProvider().isEnabled()).isTrue(); verify(authenticationEvent).loginSuccess(request, LOGIN, Source.realm(BASIC, REALM_NAME)); }
@Test public void fail_to_authenticate_authenticate_external_user_when_no_external_authentication() { when(externalAuthentication.authenticate(new Credentials(LOGIN, PASSWORD), request, BASIC_TOKEN)).thenReturn(Optional.empty()); insertUser(newUserDto() .setLogin(LOGIN) .setLocal(false)); expectedException.expect(authenticationException().from(Source.local(BASIC_TOKEN)).withLogin(LOGIN).andNoPublicMessage()); expectedException.expectMessage("User is not local"); try { executeAuthenticate(BASIC_TOKEN); } finally { verifyZeroInteractions(authenticationEvent); } }