Search in sources :

Example 1 with AlertAuthenticationProvider

use of com.synopsys.integration.alert.component.authentication.security.AlertAuthenticationProvider in project hub-alert by blackducksoftware.

the class AuthenticationActionsTestIT method userLoginWithBadCredentialsTest.

@Test
public void userLoginWithBadCredentialsTest() {
    AlertAuthenticationProvider authenticationProvider = Mockito.mock(AlertAuthenticationProvider.class);
    Mockito.when(authenticationProvider.authenticate(Mockito.any())).thenThrow(new BadCredentialsException("Bad credentials test"));
    AuthenticationActions authenticationActions = new AuthenticationActions(authenticationProvider, csrfTokenRepository);
    HttpServletRequest servletRequest = new MockHttpServletRequest();
    HttpServletResponse servletResponse = new MockHttpServletResponse();
    TestProperties testProperties = new TestProperties();
    MockLoginRestModel mockLoginRestModel = new MockLoginRestModel();
    mockLoginRestModel.setAlertUsername(testProperties.getProperty(TestPropertyKey.TEST_BLACKDUCK_PROVIDER_USERNAME));
    mockLoginRestModel.setAlertPassword(testProperties.getProperty(TestPropertyKey.TEST_BLACKDUCK_PROVIDER_PASSWORD));
    ActionResponse<Void> response = authenticationActions.authenticateUser(servletRequest, servletResponse, mockLoginRestModel.createRestModel());
    assertTrue(response.isError());
    assertEquals(HttpStatus.UNAUTHORIZED, response.getHttpStatus());
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) TestProperties(com.synopsys.integration.alert.test.common.TestProperties) MockLoginRestModel(com.synopsys.integration.alert.mock.model.MockLoginRestModel) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) HttpServletResponse(javax.servlet.http.HttpServletResponse) AlertAuthenticationProvider(com.synopsys.integration.alert.component.authentication.security.AlertAuthenticationProvider) BadCredentialsException(org.springframework.security.authentication.BadCredentialsException) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) AlertIntegrationTest(com.synopsys.integration.alert.util.AlertIntegrationTest) Test(org.junit.jupiter.api.Test)

Example 2 with AlertAuthenticationProvider

use of com.synopsys.integration.alert.component.authentication.security.AlertAuthenticationProvider in project hub-alert by blackducksoftware.

the class AuthenticationActionsTestIT method testAuthenticationLDAPExceptionIT.

@Test
public void testAuthenticationLDAPExceptionIT() throws Exception {
    HttpServletRequest servletRequest = new MockHttpServletRequest();
    HttpServletResponse servletResponse = new MockHttpServletResponse();
    Authentication authentication = Mockito.mock(Authentication.class);
    Mockito.when(authentication.isAuthenticated()).thenReturn(true);
    LdapAuthenticationProvider ldapAuthenticationProvider = Mockito.mock(LdapAuthenticationProvider.class);
    Mockito.when(ldapAuthenticationProvider.authenticate(Mockito.any(Authentication.class))).thenReturn(authentication);
    LdapManager mockLdapManager = Mockito.mock(LdapManager.class);
    Mockito.when(mockLdapManager.isLdapEnabled()).thenReturn(true);
    Mockito.when(mockLdapManager.getAuthenticationProvider()).thenThrow(new AlertConfigurationException("LDAP CONFIG EXCEPTION"));
    DaoAuthenticationProvider databaseProvider = Mockito.mock(DaoAuthenticationProvider.class);
    Mockito.when(databaseProvider.authenticate(Mockito.any(Authentication.class))).thenReturn(authentication);
    AuthenticationEventManager authenticationEventManager = Mockito.mock(AuthenticationEventManager.class);
    Mockito.doNothing().when(authenticationEventManager).sendAuthenticationEvent(Mockito.any(), Mockito.eq(AuthenticationType.LDAP));
    RoleAccessor roleAccessor = Mockito.mock(RoleAccessor.class);
    AlertDatabaseAuthenticationPerformer alertDatabaseAuthenticationPerformer = new AlertDatabaseAuthenticationPerformer(authenticationEventManager, roleAccessor, databaseProvider);
    LdapAuthenticationPerformer ldapAuthenticationPerformer = new LdapAuthenticationPerformer(authenticationEventManager, roleAccessor, mockLdapManager);
    AlertAuthenticationProvider authenticationProvider = new AlertAuthenticationProvider(List.of(ldapAuthenticationPerformer, alertDatabaseAuthenticationPerformer));
    AuthenticationActions authenticationActions = new AuthenticationActions(authenticationProvider, csrfTokenRepository);
    ActionResponse<Void> response = authenticationActions.authenticateUser(servletRequest, servletResponse, mockLoginRestModel.createRestModel());
    assertTrue(response.isError());
    Mockito.verify(databaseProvider).authenticate(Mockito.any(Authentication.class));
}
Also used : AlertDatabaseAuthenticationPerformer(com.synopsys.integration.alert.component.authentication.security.database.AlertDatabaseAuthenticationPerformer) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) HttpServletResponse(javax.servlet.http.HttpServletResponse) RoleAccessor(com.synopsys.integration.alert.common.descriptor.accessor.RoleAccessor) LdapManager(com.synopsys.integration.alert.component.authentication.security.ldap.LdapManager) LdapAuthenticationPerformer(com.synopsys.integration.alert.component.authentication.security.ldap.LdapAuthenticationPerformer) HttpServletRequest(javax.servlet.http.HttpServletRequest) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) DaoAuthenticationProvider(org.springframework.security.authentication.dao.DaoAuthenticationProvider) Authentication(org.springframework.security.core.Authentication) AuthenticationEventManager(com.synopsys.integration.alert.component.authentication.security.event.AuthenticationEventManager) AlertAuthenticationProvider(com.synopsys.integration.alert.component.authentication.security.AlertAuthenticationProvider) LdapAuthenticationProvider(org.springframework.security.ldap.authentication.LdapAuthenticationProvider) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) AlertConfigurationException(com.synopsys.integration.alert.api.common.model.exception.AlertConfigurationException) AlertIntegrationTest(com.synopsys.integration.alert.util.AlertIntegrationTest) Test(org.junit.jupiter.api.Test)

Aggregations

AlertAuthenticationProvider (com.synopsys.integration.alert.component.authentication.security.AlertAuthenticationProvider)2 AlertIntegrationTest (com.synopsys.integration.alert.util.AlertIntegrationTest)2 HttpServletRequest (javax.servlet.http.HttpServletRequest)2 HttpServletResponse (javax.servlet.http.HttpServletResponse)2 Test (org.junit.jupiter.api.Test)2 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)2 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)2 AlertConfigurationException (com.synopsys.integration.alert.api.common.model.exception.AlertConfigurationException)1 RoleAccessor (com.synopsys.integration.alert.common.descriptor.accessor.RoleAccessor)1 AlertDatabaseAuthenticationPerformer (com.synopsys.integration.alert.component.authentication.security.database.AlertDatabaseAuthenticationPerformer)1 AuthenticationEventManager (com.synopsys.integration.alert.component.authentication.security.event.AuthenticationEventManager)1 LdapAuthenticationPerformer (com.synopsys.integration.alert.component.authentication.security.ldap.LdapAuthenticationPerformer)1 LdapManager (com.synopsys.integration.alert.component.authentication.security.ldap.LdapManager)1 MockLoginRestModel (com.synopsys.integration.alert.mock.model.MockLoginRestModel)1 TestProperties (com.synopsys.integration.alert.test.common.TestProperties)1 BadCredentialsException (org.springframework.security.authentication.BadCredentialsException)1 DaoAuthenticationProvider (org.springframework.security.authentication.dao.DaoAuthenticationProvider)1 Authentication (org.springframework.security.core.Authentication)1 LdapAuthenticationProvider (org.springframework.security.ldap.authentication.LdapAuthenticationProvider)1