use of com.synopsys.integration.alert.component.authentication.web.LoginConfig in project hub-alert by blackducksoftware.
the class LoginConfigTest method testPasswordIsExcludedToString.
@Test
public void testPasswordIsExcludedToString() {
String username = "username";
String password = "password";
LoginConfig loginConfig = new LoginConfig(username, password);
assertTrue(loginConfig.toString().contains(username));
assertFalse(loginConfig.toString().contains(password));
}
use of com.synopsys.integration.alert.component.authentication.web.LoginConfig in project hub-alert by blackducksoftware.
the class ConfigurationOverridesStartupComponentTest method testInitializeNoChange.
@Test
public void testInitializeNoChange() throws AlertException {
Environment environment = Mockito.mock(Environment.class);
EnvironmentVariableUtility environmentVariableUtility = new EnvironmentVariableUtility(environment);
ConfigurationOverridesStartupComponent configurationOverridesStartupComponent = new ConfigurationOverridesStartupComponent(environmentVariableUtility, userAccessor, descriptorKey, configurationModelConfigurationAccessor, apiAction, configurationFieldModelConverter);
// Update the sysadmin password
Optional<UserModel> sysadminOptional = userAccessor.getUser(UserAccessor.DEFAULT_ADMIN_USER_ID);
assertTrue(sysadminOptional.isPresent());
UserModel sysadmin = sysadminOptional.get();
assertEquals(DEFAULT_PASSWORD_ENCODED, sysadmin.getPassword());
UserModel updatedSysadmin = changeUserPassword(sysadmin, UPDATED_PASSWORD);
userAccessor.updateUser(updatedSysadmin, false);
// Run the initialize method
configurationOverridesStartupComponent.initialize();
// Verify the sysadmin password is the updated password
sysadminOptional = userAccessor.getUser(UserAccessor.DEFAULT_ADMIN_USER_ID);
assertTrue(sysadminOptional.isPresent());
sysadmin = sysadminOptional.get();
assertNotEquals(DEFAULT_PASSWORD_ENCODED, sysadmin.getPassword());
HttpServletRequest servletRequest = Mockito.mock(HttpServletRequest.class);
HttpSession session = Mockito.mock(HttpSession.class);
Mockito.when(servletRequest.getSession()).thenReturn(session);
HttpServletResponse servletResponse = Mockito.mock(HttpServletResponse.class);
// Try to login with the updated password
LoginConfig updatedLoginConfig = new LoginConfig(DEFAULT_ADMIN_USER, UPDATED_PASSWORD);
ActionResponse<Void> actionResponse = authenticationActions.authenticateUser(servletRequest, servletResponse, updatedLoginConfig);
assertEquals(HttpStatus.NO_CONTENT, actionResponse.getHttpStatus());
// Try to login with the default password
LoginConfig defaultLoginConfig = new LoginConfig(DEFAULT_ADMIN_USER, DEFAULT_PASSWORD);
actionResponse = authenticationActions.authenticateUser(servletRequest, servletResponse, defaultLoginConfig);
assertEquals(HttpStatus.UNAUTHORIZED, actionResponse.getHttpStatus());
}
use of com.synopsys.integration.alert.component.authentication.web.LoginConfig in project hub-alert by blackducksoftware.
the class ConfigurationOverridesStartupComponentTest method testInitializeResetPassword.
@Test
public void testInitializeResetPassword() throws AlertException {
Environment environment = Mockito.mock(Environment.class);
Mockito.when(environment.getProperty(ConfigurationOverridesStartupComponent.ENV_VAR_ADMIN_USER_PASSWORD_RESET)).thenReturn("true");
EnvironmentVariableUtility environmentVariableUtility = new EnvironmentVariableUtility(environment);
ConfigurationOverridesStartupComponent configurationOverridesStartupComponent = new ConfigurationOverridesStartupComponent(environmentVariableUtility, userAccessor, descriptorKey, configurationModelConfigurationAccessor, apiAction, configurationFieldModelConverter);
// Update the sysadmin password
Optional<UserModel> sysadminOptional = userAccessor.getUser(UserAccessor.DEFAULT_ADMIN_USER_ID);
assertTrue(sysadminOptional.isPresent());
UserModel sysadmin = sysadminOptional.get();
assertEquals(DEFAULT_PASSWORD_ENCODED, sysadmin.getPassword());
UserModel updatedSysadmin = changeUserPassword(sysadmin, UPDATED_PASSWORD);
userAccessor.updateUser(updatedSysadmin, false);
// Run the initialize method
configurationOverridesStartupComponent.initialize();
// Verify the sysadmin password is the default password
sysadminOptional = userAccessor.getUser(UserAccessor.DEFAULT_ADMIN_USER_ID);
assertTrue(sysadminOptional.isPresent());
sysadmin = sysadminOptional.get();
assertEquals(DEFAULT_PASSWORD_ENCODED, sysadmin.getPassword());
HttpServletRequest servletRequest = Mockito.mock(HttpServletRequest.class);
HttpSession session = Mockito.mock(HttpSession.class);
Mockito.when(servletRequest.getSession()).thenReturn(session);
HttpServletResponse servletResponse = Mockito.mock(HttpServletResponse.class);
// Try to login with the updated password
LoginConfig updatedLoginConfig = new LoginConfig(DEFAULT_ADMIN_USER, UPDATED_PASSWORD);
ActionResponse<Void> actionResponse = authenticationActions.authenticateUser(servletRequest, servletResponse, updatedLoginConfig);
assertEquals(HttpStatus.UNAUTHORIZED, actionResponse.getHttpStatus());
// Try to login with the default password
LoginConfig defaultLoginConfig = new LoginConfig(DEFAULT_ADMIN_USER, DEFAULT_PASSWORD);
actionResponse = authenticationActions.authenticateUser(servletRequest, servletResponse, defaultLoginConfig);
assertEquals(HttpStatus.NO_CONTENT, actionResponse.getHttpStatus());
}
use of com.synopsys.integration.alert.component.authentication.web.LoginConfig in project hub-alert by blackducksoftware.
the class ConfigurationOverridesStartupComponentTest method testInitializeResetPasswordDifferentUsername.
@Test
public void testInitializeResetPasswordDifferentUsername() throws AlertException {
Environment environment = Mockito.mock(Environment.class);
Mockito.when(environment.getProperty(ConfigurationOverridesStartupComponent.ENV_VAR_ADMIN_USER_PASSWORD_RESET)).thenReturn("true");
EnvironmentVariableUtility environmentVariableUtility = new EnvironmentVariableUtility(environment);
ConfigurationOverridesStartupComponent configurationOverridesStartupComponent = new ConfigurationOverridesStartupComponent(environmentVariableUtility, userAccessor, descriptorKey, configurationModelConfigurationAccessor, apiAction, configurationFieldModelConverter);
String newUsername = "UpdatedAdmin";
// Update the sysadmin username and password
Optional<UserModel> sysadminOptional = userAccessor.getUser(UserAccessor.DEFAULT_ADMIN_USER_ID);
assertTrue(sysadminOptional.isPresent());
UserModel sysadmin = sysadminOptional.get();
assertEquals(DEFAULT_PASSWORD_ENCODED, sysadmin.getPassword());
UserModel updatedSysadmin = changeUserNameAndPassword(sysadmin, newUsername, UPDATED_PASSWORD);
userAccessor.updateUser(updatedSysadmin, false);
// Run the initialize method
configurationOverridesStartupComponent.initialize();
// Verify the sysadmin password is the default password
sysadminOptional = userAccessor.getUser(UserAccessor.DEFAULT_ADMIN_USER_ID);
assertTrue(sysadminOptional.isPresent());
sysadmin = sysadminOptional.get();
assertEquals(DEFAULT_PASSWORD_ENCODED, sysadmin.getPassword());
HttpServletRequest servletRequest = Mockito.mock(HttpServletRequest.class);
HttpSession session = Mockito.mock(HttpSession.class);
Mockito.when(servletRequest.getSession()).thenReturn(session);
HttpServletResponse servletResponse = Mockito.mock(HttpServletResponse.class);
// Try to login with the updated password
LoginConfig updatedLoginConfig = new LoginConfig(newUsername, UPDATED_PASSWORD);
ActionResponse<Void> actionResponse = authenticationActions.authenticateUser(servletRequest, servletResponse, updatedLoginConfig);
assertEquals(HttpStatus.UNAUTHORIZED, actionResponse.getHttpStatus());
// Try to login with the default password
LoginConfig defaultLoginConfig = new LoginConfig(newUsername, DEFAULT_PASSWORD);
actionResponse = authenticationActions.authenticateUser(servletRequest, servletResponse, defaultLoginConfig);
assertEquals(HttpStatus.NO_CONTENT, actionResponse.getHttpStatus());
}
Aggregations