Examples with AuthRequest com.google.gerrit.server.account.AuthRequest used on opensource projects

Example 16 with AuthRequest

use of com.google.gerrit.server.account.AuthRequest in project gerrit by GerritCodeReview.

the class AccountManagerIT method canFlagExistingExternalIdMailAsPreferred.

@Test
public void canFlagExistingExternalIdMailAsPreferred() throws Exception {
    String email = "foo@example.com";
    // Create an account with a SCHEME_GERRIT external ID
    String username = "foo";
    ExternalId.Key gerritExtIdKey = externalIdKeyFactory.create(ExternalId.SCHEME_GERRIT, username);
    Account.Id accountId = Account.id(seq.nextAccountId());
    accountsUpdate.insert("Create Test Account", accountId, u -> u.addExternalId(externalIdFactory.create(gerritExtIdKey, accountId)));
    // Add the additional mail external ID with SCHEME_EMAIL
    accountManager.link(accountId, authRequestFactory.createForEmail(email));
    // Try to authenticate and update the email for the account.
    // Expect that this to succeed because even if the email already exist
    // it is associated to the same account-id and thus is not really
    // a duplicate but simply a promotion of external id to preferred email.
    AuthRequest who = authRequestFactory.createForUser(username);
    who.setEmailAddress(email);
    AuthResult authResult = accountManager.authenticate(who);
    // Verify that no new accounts have been created
    assertThat(authResult.isNew()).isFalse();
    // Verify that the account external ids with scheme 'mailto:' contains the email
    AccountState account = accounts.get(authResult.getAccountId()).get();
    ImmutableSet<ExternalId> accountExternalIds = account.externalIds();
    assertThat(accountExternalIds).isNotEmpty();
    Set<String> emails = ExternalId.getEmails(accountExternalIds).collect(toSet());
    assertThat(emails).contains(email);
    // Verify the preferred email
    assertThat(account.account().preferredEmail()).isEqualTo(email);
}

Example 17 with AuthRequest

use of com.google.gerrit.server.account.AuthRequest in project gerrit by GerritCodeReview.

the class AccountManagerIT method cannotLinkExternalIdThatIsAlreadyUsed.

@Test
public void cannotLinkExternalIdThatIsAlreadyUsed() throws Exception {
    // Create an account with a SCHEME_EXTERNAL external ID
    String username1 = "foo";
    Account.Id accountId1 = Account.id(seq.nextAccountId());
    ExternalId.Key externalExtIdKey1 = externalIdKeyFactory.create(ExternalId.SCHEME_EXTERNAL, username1);
    accountsUpdate.insert("Create Test Account", accountId1, u -> u.addExternalId(externalIdFactory.create(externalExtIdKey1, accountId1)));
    // Create another account with a SCHEME_EXTERNAL external ID
    String username2 = "bar";
    Account.Id accountId2 = Account.id(seq.nextAccountId());
    ExternalId.Key externalExtIdKey2 = externalIdKeyFactory.create(ExternalId.SCHEME_EXTERNAL, username2);
    accountsUpdate.insert("Create Test Account", accountId2, u -> u.addExternalId(externalIdFactory.create(externalExtIdKey2, accountId2)));
    // Try to link external ID of the first account to the second account.
    // Expect that this fails because the external ID is already assigned to the first account.
    AuthRequest who = authRequestFactory.createForExternalUser(username1);
    AccountException thrown = assertThrows(AccountException.class, () -> accountManager.link(accountId2, who));
    assertThat(thrown).hasMessageThat().contains("Identity 'external:foo' in use by another account");
}

Example 18 with AuthRequest

use of com.google.gerrit.server.account.AuthRequest in project gerrit by GerritCodeReview.

the class AccountManagerIT method cannotUpdateToEmailThatIsAlreadyUsed.

@Test
public void cannotUpdateToEmailThatIsAlreadyUsed() throws Exception {
    String email = "foo@example.com";
    String newEmail = "bar@example.com";
    // Create an account with a SCHEME_GERRIT external ID and an email.
    String username = "foo";
    Account.Id accountId = Account.id(seq.nextAccountId());
    ExternalId.Key gerritExtIdKey = externalIdKeyFactory.create(ExternalId.SCHEME_GERRIT, username);
    accountsUpdate.insert("Create Test Account", accountId, u -> u.setPreferredEmail(email).addExternalId(externalIdFactory.createWithEmail(gerritExtIdKey, accountId, email)));
    // Create another account with an SCHEME_EXTERNAL external ID that occupies the new email.
    Account.Id accountId2 = Account.id(seq.nextAccountId());
    ExternalId.Key externalExtIdKey = externalIdKeyFactory.create(ExternalId.SCHEME_EXTERNAL, "bar");
    accountsUpdate.insert("Create Test Account", accountId2, u -> u.addExternalId(externalIdFactory.createWithEmail(externalExtIdKey, accountId2, newEmail)));
    // Try to authenticate and update the email for the first account.
    // Expect that this fails because the new email is already assigned to the other account.
    AuthRequest who = authRequestFactory.createForUser(username);
    who.setEmailAddress(newEmail);
    AccountException thrown = assertThrows(AccountException.class, () -> accountManager.authenticate(who));
    assertThat(thrown).hasMessageThat().isEqualTo("Email 'bar@example.com' in use by another account");
    // Verify that the email in the external ID was not updated.
    Optional<ExternalId> gerritExtId = externalIds.get(gerritExtIdKey);
    assertThat(gerritExtId).isPresent();
    assertThat(gerritExtId.get().email()).isEqualTo(email);
    // Verify that the preferred email was not updated.
    Optional<AccountState> accountState = accounts.get(accountId);
    assertThat(accountState).isPresent();
    assertThat(accountState.get().account().preferredEmail()).isEqualTo(email);
}

Example 19 with AuthRequest

use of com.google.gerrit.server.account.AuthRequest in project gerrit by GerritCodeReview.

the class AccountManagerIT method authenticateWithEmail.

@Test
public void authenticateWithEmail() throws Exception {
    String email = "foo@example.com";
    Account.Id accountId = Account.id(seq.nextAccountId());
    ExternalId.Key mailtoExtIdKey = externalIdKeyFactory.create(ExternalId.SCHEME_MAILTO, email);
    accountsUpdate.insert("Create Test Account", accountId, u -> u.addExternalId(externalIdFactory.create(mailtoExtIdKey, accountId)));
    AuthRequest who = authRequestFactory.createForEmail(email);
    AuthResult authResult = accountManager.authenticate(who);
    assertAuthResultForExistingAccount(authResult, accountId, mailtoExtIdKey);
}

Example 20 with AuthRequest

use of com.google.gerrit.server.account.AuthRequest in project gerrit by GerritCodeReview.

the class AccountManagerIT method cannotActivateAccountOnAuthenticationWhenAutoUpdateAccountActiveStatusIsDisabled.

@Test
public void cannotActivateAccountOnAuthenticationWhenAutoUpdateAccountActiveStatusIsDisabled() throws Exception {
    String username = "foo";
    Account.Id accountId = Account.id(seq.nextAccountId());
    ExternalId.Key gerritExtIdKey = externalIdKeyFactory.create(ExternalId.SCHEME_GERRIT, username);
    accountsUpdate.insert("Create Test Account", accountId, u -> u.setActive(false).addExternalId(externalIdFactory.create(gerritExtIdKey, accountId)));
    AuthRequest who = authRequestFactory.createForUser(username);
    who.setActive(true);
    who.setAuthProvidesAccountActiveStatus(true);
    AccountException thrown = assertThrows(AccountException.class, () -> accountManager.authenticate(who));
    assertThat(thrown).hasMessageThat().contains("Authentication error, account inactive");
}