Examples with Domain com.cloudbees.plugins.credentials.domains.Domain used on opensource projects

Example 26 with Domain

use of com.cloudbees.plugins.credentials.domains.Domain in project blueocean-plugin by jenkinsci.

the class GithubPipelineCreateRequestTest method shouldFindUserStoreCredential.

@Test
public void shouldFindUserStoreCredential() throws IOException {
    // add username password credential to user's credential store in user domain and in USER scope
    User user = login();
    CredentialsStore store = null;
    for (CredentialsStore s : CredentialsProvider.lookupStores(user)) {
        if (s.hasPermission(CredentialsProvider.CREATE) && s.hasPermission(CredentialsProvider.UPDATE)) {
            store = s;
            break;
        }
    }
    assertNotNull(store);
    store.addDomain(new Domain("github-domain", "GitHub Domain to store personal access token", Collections.<DomainSpecification>singletonList(new BlueOceanDomainSpecification())));
    Domain domain = store.getDomainByName("github-domain");
    StandardUsernamePasswordCredentials credential = new UsernamePasswordCredentialsImpl(CredentialsScope.USER, "github", "GitHub Access Token", user.getId(), "12345");
    store.addCredentials(domain, credential);
    // create another credentials with same id in system store with different description
    for (CredentialsStore s : CredentialsProvider.lookupStores(Jenkins.get())) {
        s.addCredentials(Domain.global(), new UsernamePasswordCredentialsImpl(CredentialsScope.USER, "github", "System GitHub Access Token", user.getId(), "12345"));
    }
    WorkflowMultiBranchProject mp = j.jenkins.createProject(WorkflowMultiBranchProject.class, "demo");
    AbstractFolderProperty prop = new BlueOceanCredentialsProvider.FolderPropertyImpl(user.getId(), credential.getId(), BlueOceanCredentialsProvider.createDomain("https://api.github.com"));
    mp.addProperty(prop);
    // lookup for created credential id in system store, it should resolve to previously created user store credential
    StandardCredentials c = Connector.lookupScanCredentials((Item) mp, "https://api.github.com", credential.getId());
    assertEquals("GitHub Access Token", c.getDescription());
    assertNotNull(c);
    assertTrue(c instanceof StandardUsernamePasswordCredentials);
    StandardUsernamePasswordCredentials usernamePasswordCredentials = (StandardUsernamePasswordCredentials) c;
    assertEquals(credential.getId(), usernamePasswordCredentials.getId());
    assertEquals(credential.getPassword().getPlainText(), usernamePasswordCredentials.getPassword().getPlainText());
    assertEquals(credential.getUsername(), usernamePasswordCredentials.getUsername());
    // check the domain
    Domain d = CredentialsUtils.findDomain(credential.getId(), user);
    assertNotNull(d);
    assertTrue(d.test(new BlueOceanDomainRequirement()));
    // now remove this property
    mp.getProperties().remove(prop);
    // it must resolve to system credential
    c = Connector.lookupScanCredentials((Item) mp, null, credential.getId());
    assertEquals("System GitHub Access Token", c.getDescription());
}

Example 27 with Domain

use of com.cloudbees.plugins.credentials.domains.Domain in project blueocean-plugin by jenkinsci.

the class GithubScmTest method mockCredentials.

void mockCredentials(String userId, String accessToken, String credentialId, String domainName) throws Exception {
    // Mock Credentials
    UsernamePasswordCredentialsImpl credentials = mock(UsernamePasswordCredentialsImpl.class);
    whenNew(UsernamePasswordCredentialsImpl.class).withAnyArguments().thenReturn(credentials);
    when(credentials.getId()).thenReturn(credentialId);
    when(credentials.getUsername()).thenReturn(userId);
    Secret secret = mock(Secret.class);
    when(secret.getPlainText()).thenReturn(accessToken);
    when(credentials.getPassword()).thenReturn(secret);
    CredentialsMatcher credentialsMatcher = mock(CredentialsMatcher.class);
    mockStatic(CredentialsMatchers.class);
    mockStatic(CredentialsProvider.class);
    when(CredentialsMatchers.withId(credentialId)).thenReturn(credentialsMatcher);
    BlueOceanDomainRequirement blueOceanDomainRequirement = mock(BlueOceanDomainRequirement.class);
    whenNew(BlueOceanDomainRequirement.class).withNoArguments().thenReturn(blueOceanDomainRequirement);
    when(CredentialsProvider.class, "lookupCredentials", StandardUsernamePasswordCredentials.class, jenkins, authentication, blueOceanDomainRequirement).thenReturn(Collections.singletonList(credentials));
    when(CredentialsMatchers.class, "firstOrNull", Collections.singletonList(credentials), credentialsMatcher).thenReturn(credentials);
    when(CredentialsMatchers.allOf(credentialsMatcher)).thenReturn(credentialsMatcher);
    // Mock credentials Domain
    Domain domain = mock(Domain.class);
    when(domain.getName()).thenReturn(domainName);
    // Mock credentials Store
    CredentialsStore credentialsStore = mock(CredentialsStore.class);
    when(credentialsStore.hasPermission(CredentialsProvider.CREATE)).thenReturn(true);
    when(credentialsStore.hasPermission(CredentialsProvider.UPDATE)).thenReturn(true);
    when(credentialsStore.getDomainByName(domainName)).thenReturn(domain);
    when(CredentialsProvider.class, "lookupStores", user).thenReturn(Collections.singletonList(credentialsStore));
    when(credentialsStore.addCredentials(domain, credentials)).thenReturn(true);
    when(credentialsStore.updateCredentials(domain, credentials, credentials)).thenReturn(true);
}

Example 28 with Domain

use of com.cloudbees.plugins.credentials.domains.Domain in project blueocean-plugin by jenkinsci.

the class CredentialApiTest method createUsingUsernamePassword.

@Test
public void createUsingUsernamePassword() throws IOException {
    SystemCredentialsProvider.ProviderImpl system = ExtensionList.lookup(CredentialsProvider.class).get(SystemCredentialsProvider.ProviderImpl.class);
    CredentialsStore systemStore = system.getStore(j.getInstance());
    systemStore.addDomain(new Domain("domain1", null, null));
    Map<String, Object> resp = post("/organizations/jenkins/credentials/system/domains/domain1/credentials/", MapsHelper.of("credentials", new MapsHelper.Builder<String, Object>().put("password", "abcd").put("stapler-class", "com.cloudbees.plugins.credentials.impl.UsernamePasswordCredentialsImpl").put("scope", "GLOBAL").put("description", "joe desc").put("$class", "com.cloudbees.plugins.credentials.impl.UsernamePasswordCredentialsImpl").put("username", "joe").build()), 201);
    Assert.assertEquals("Username with password", resp.get("typeName"));
    Assert.assertEquals("domain1", resp.get("domain"));
}

Example 29 with Domain

use of com.cloudbees.plugins.credentials.domains.Domain in project blueocean-plugin by jenkinsci.

the class BlueOceanCredentialsProviderTest method getCredentialsWhenUserExistedButNotAccessible.

@Test
@Issue("JENKINS-53188")
public void getCredentialsWhenUserExistedButNotAccessible() {
    PowerMockito.mockStatic(Jenkins.class);
    PowerMockito.when(Jenkins.get()).thenReturn(jenkins);
    PowerMockito.when(Jenkins.get()).thenReturn(jenkins);
    PowerMockito.when(Jenkins.get()).thenReturn(jenkins);
    when(jenkins.getSecurityRealm()).thenReturn(SecurityRealm.NO_AUTHENTICATION);
    when(jenkins.getSecretKey()).thenReturn("xxx");
    PowerMockito.mockStatic(User.class);
    // Make sure we return a user, cause it did once exist
    PowerMockito.when(User.get(anyString(), anyBoolean(), any())).thenReturn(user);
    Domain domain = BlueOceanCredentialsProvider.createDomain("api.github.com");
    BlueOceanCredentialsProvider blueOceanCredentialsProvider = new BlueOceanCredentialsProvider();
    BlueOceanCredentialsProvider.FolderPropertyImpl prop = new BlueOceanCredentialsProvider.FolderPropertyImpl("halkeye", "halkeye", domain);
    when(folder.getProperties()).thenReturn(describableList);
    when(describableList.get(BlueOceanCredentialsProvider.FolderPropertyImpl.class)).thenReturn(prop);
    // Should be empty when trying to impersonate and grab credentials though
    List<StandardUsernameCredentials> credentials = blueOceanCredentialsProvider.getCredentials(StandardUsernameCredentials.class, (ItemGroup) folder, ACL.SYSTEM, new ArrayList<>(Arrays.asList(new SchemeRequirement("https"), new HostnameRequirement("api.github.com"), new PathRequirement("/"))));
    assertEquals(Collections.emptyList(), credentials);
    List<Credentials> storeCredentials = prop.getStore().getCredentials(domain);
    assertEquals(Collections.emptyList(), storeCredentials);
}

Example 30 with Domain

use of com.cloudbees.plugins.credentials.domains.Domain in project blueocean-plugin by jenkinsci.

the class AbstractMultiBranchCreateRequest method assignCredentialToProject.

private void assignCredentialToProject(BlueScmConfig scmConfig, MultiBranchProject project) throws IOException {
    User authenticatedUser = User.current();
    String credentialId = computeCredentialId(scmConfig);
    if (StringUtils.isNotBlank(credentialId)) {
        Domain domain = CredentialsUtils.findDomain(credentialId, authenticatedUser);
        if (domain == null) {
            throw new ServiceException.BadRequestException(new ErrorMessage(400, "Failed to create pipeline").add(new Error(ERROR_FIELD_SCM_CREDENTIAL_ID, Error.ErrorCodes.INVALID.toString(), "No domain in user credentials found for credentialId: " + credentialId)));
        }
        if (StringUtils.isEmpty(scmConfig.getUri())) {
            throw new ServiceException.BadRequestException("uri not specified");
        }
        if (domain.test(new BlueOceanDomainRequirement())) {
            // this is blueocean specific domain
            project.addProperty(new BlueOceanCredentialsProvider.FolderPropertyImpl(authenticatedUser.getId(), credentialId, BlueOceanCredentialsProvider.createDomain(scmConfig.getUri())));
        }
    }
}