Example 16 with PluginRoleConfig
use of com.thoughtworks.go.config.PluginRoleConfig in project gocd by gocd.
the class PluginAuthenticationProviderTest method shouldCreateGoUserPrincipalWhenAnAuthorizationPluginIsAbleToAuthenticateUser.
@Test
public void shouldCreateGoUserPrincipalWhenAnAuthorizationPluginIsAbleToAuthenticateUser() {
String pluginId1 = "plugin-id-1";
String pluginId2 = "plugin-id-2";
securityConfig.securityAuthConfigs().add(new SecurityAuthConfig("github", pluginId2));
securityConfig.addRole(new PluginRoleConfig("admin", "github", ConfigurationPropertyMother.create("foo")));
when(store.getPluginsThatSupportsPasswordBasedAuthentication()).thenReturn(new HashSet<>(Arrays.asList(pluginId1, pluginId2)));
when(authorizationExtension.authenticateUser(pluginId1, "username", "password", securityConfig.securityAuthConfigs().findByPluginId(pluginId1), null)).thenReturn(NULL_AUTH_RESPONSE);
AuthenticationResponse response = new AuthenticationResponse(new User("username", "display-name", "test@test.com"), Collections.emptyList());
when(authorizationExtension.authenticateUser(pluginId2, "username", "password", securityConfig.securityAuthConfigs().findByPluginId(pluginId2), securityConfig.getPluginRoles(pluginId2))).thenReturn(response);
UserDetails userDetails = provider.retrieveUser("username", authenticationToken);
assertThat(userDetails, is(instanceOf(GoUserPrinciple.class)));
GoUserPrinciple goUserPrincipal = (GoUserPrinciple) userDetails;
assertThat(goUserPrincipal.getUsername(), is("username"));
assertThat(goUserPrincipal.getDisplayName(), is("display-name"));
assertThat(goUserPrincipal.getAuthorities().length, is(1));
assertThat(goUserPrincipal.getAuthorities()[0], is(userAuthority));
}
Also used :
SecurityAuthConfig(com.thoughtworks.go.config.SecurityAuthConfig)
User(com.thoughtworks.go.plugin.access.authentication.models.User)
UserDetails(org.springframework.security.userdetails.UserDetails)
CaseInsensitiveString(com.thoughtworks.go.config.CaseInsensitiveString)
GoUserPrinciple(com.thoughtworks.go.server.security.userdetail.GoUserPrinciple)
PluginRoleConfig(com.thoughtworks.go.config.PluginRoleConfig)
AuthenticationResponse(com.thoughtworks.go.plugin.access.authorization.models.AuthenticationResponse)
Test(org.junit.Test)
Example 17 with PluginRoleConfig
use of com.thoughtworks.go.config.PluginRoleConfig in project gocd by gocd.
the class PluginAuthenticationProviderTest method shouldBeAbleToAuthenticateUserUsingAnyOfTheAuthorizationPlugins.
@Test
public void shouldBeAbleToAuthenticateUserUsingAnyOfTheAuthorizationPlugins() {
String pluginId1 = "plugin-id-1";
String pluginId2 = "plugin-id-2";
addPluginSupportingPasswordBasedAuthentication(pluginId1);
addPluginSupportingPasswordBasedAuthentication(pluginId2);
securityConfig.securityAuthConfigs().add(new SecurityAuthConfig("github", pluginId2));
securityConfig.addRole(new PluginRoleConfig("admin", "github", ConfigurationPropertyMother.create("foo")));
when(authorizationExtension.authenticateUser(pluginId1, "username", "password", securityConfig.securityAuthConfigs().findByPluginId(pluginId1), null)).thenReturn(NULL_AUTH_RESPONSE);
AuthenticationResponse response = new AuthenticationResponse(new User("username", "display-name", "test@test.com"), Collections.emptyList());
when(authorizationExtension.authenticateUser(pluginId2, "username", "password", securityConfig.securityAuthConfigs().findByPluginId(pluginId2), securityConfig.getPluginRoles(pluginId2))).thenReturn(response);
UserDetails userDetails = provider.retrieveUser("username", authenticationToken);
assertThat(userDetails, is(instanceOf(GoUserPrinciple.class)));
GoUserPrinciple goUserPrincipal = (GoUserPrinciple) userDetails;
assertThat(goUserPrincipal.getUsername(), is("username"));
assertThat(goUserPrincipal.getDisplayName(), is("display-name"));
assertThat(goUserPrincipal.getAuthorities().length, is(1));
assertThat(goUserPrincipal.getAuthorities()[0], is(userAuthority));
}
Also used :
SecurityAuthConfig(com.thoughtworks.go.config.SecurityAuthConfig)
User(com.thoughtworks.go.plugin.access.authorization.models.User)
UserDetails(org.springframework.security.userdetails.UserDetails)
CaseInsensitiveString(com.thoughtworks.go.config.CaseInsensitiveString)
GoUserPrinciple(com.thoughtworks.go.server.security.userdetail.GoUserPrinciple)
PluginRoleConfig(com.thoughtworks.go.config.PluginRoleConfig)
AuthenticationResponse(com.thoughtworks.go.plugin.access.authorization.models.AuthenticationResponse)
Test(org.junit.Test)
Example 18 with PluginRoleConfig
use of com.thoughtworks.go.config.PluginRoleConfig in project gocd by gocd.
the class PreAuthenticatedAuthenticationProviderTest method authenticate_inCaseOfMultipleAuthConfigsOnSuccessfulAuthenticationShouldNotTryAuthenticatingUserUsingRemainingAuthConfig.
@Test
public void authenticate_inCaseOfMultipleAuthConfigsOnSuccessfulAuthenticationShouldNotTryAuthenticatingUserUsingRemainingAuthConfig() {
Map<String, String> credentials = Collections.singletonMap("access_token", "some_token");
SecurityAuthConfig githubPublic = new SecurityAuthConfig("github_public", pluginId);
SecurityAuthConfig githubEnterprise = new SecurityAuthConfig("github_enterprise", pluginId);
PluginRoleConfig adminRole = new PluginRoleConfig("admin", githubPublic.getId(), new ConfigurationProperty());
PluginRoleConfig operatorRole = new PluginRoleConfig("operator", githubEnterprise.getId(), new ConfigurationProperty());
securityConfig.securityAuthConfigs().clear();
securityConfig.securityAuthConfigs().add(githubPublic);
securityConfig.securityAuthConfigs().add(githubEnterprise);
securityConfig.addRole(adminRole);
securityConfig.addRole(operatorRole);
PreAuthenticatedAuthenticationToken authenticationToken = new PreAuthenticatedAuthenticationToken(null, credentials, pluginId);
when(authorizationExtension.authenticateUser(pluginId, credentials, Collections.singletonList(githubPublic), Collections.singletonList(adminRole))).thenReturn(new AuthenticationResponse(user, asList("admin")));
PreAuthenticatedAuthenticationToken authenticate = (PreAuthenticatedAuthenticationToken) authenticationProvider.authenticate(authenticationToken);
assertThat(authenticate.getCredentials(), is(credentials));
assertThat(authenticate.getPluginId(), is(pluginId));
assertThat(authenticate.getAuthorities(), is(authorities));
assertThat(authenticate.isAuthenticated(), is(true));
verify(authorizationExtension).authenticateUser(pluginId, credentials, Collections.singletonList(githubPublic), Collections.singletonList(adminRole));
verify(authorizationExtension, never()).authenticateUser(pluginId, credentials, Collections.singletonList(githubEnterprise), Collections.singletonList(operatorRole));
}
Also used :
ConfigurationProperty(com.thoughtworks.go.domain.config.ConfigurationProperty)
SecurityAuthConfig(com.thoughtworks.go.config.SecurityAuthConfig)
PreAuthenticatedAuthenticationToken(com.thoughtworks.go.server.security.tokens.PreAuthenticatedAuthenticationToken)
CaseInsensitiveString(com.thoughtworks.go.config.CaseInsensitiveString)
PluginRoleConfig(com.thoughtworks.go.config.PluginRoleConfig)
AuthenticationResponse(com.thoughtworks.go.plugin.access.authorization.models.AuthenticationResponse)
Test(org.junit.Test)
Example 19 with PluginRoleConfig
use of com.thoughtworks.go.config.PluginRoleConfig in project gocd by gocd.
the class CcTrayActivityListenerTest method shouldInvokeConfigChangeHandlerWhenSecurityConfigChanges.
@Test
public void shouldInvokeConfigChangeHandlerWhenSecurityConfigChanges() throws InterruptedException {
CcTrayConfigChangeHandler ccTrayConfigChangeHandler = mock(CcTrayConfigChangeHandler.class);
CruiseConfig cruiseConfig = mock(CruiseConfig.class);
ArgumentCaptor<ConfigChangedListener> captor = ArgumentCaptor.forClass(ConfigChangedListener.class);
doNothing().when(goConfigService).register(captor.capture());
when(goConfigService.currentCruiseConfig()).thenReturn(cruiseConfig);
CcTrayActivityListener listener = new CcTrayActivityListener(goConfigService, mock(CcTrayJobStatusChangeHandler.class), mock(CcTrayStageStatusChangeHandler.class), ccTrayConfigChangeHandler);
listener.initialize();
listener.startDaemon();
List<ConfigChangedListener> listeners = captor.getAllValues();
assertThat(listeners.get(2) instanceof SecurityConfigChangeListener, is(true));
SecurityConfigChangeListener securityConfigChangeListener = (SecurityConfigChangeListener) listeners.get(2);
securityConfigChangeListener.onEntityConfigChange(new PluginRoleConfig());
waitForProcessingToHappen();
verify(ccTrayConfigChangeHandler).call(cruiseConfig);
}
Also used :
EntityConfigChangedListener(com.thoughtworks.go.listener.EntityConfigChangedListener)
ConfigChangedListener(com.thoughtworks.go.listener.ConfigChangedListener)
SecurityConfigChangeListener(com.thoughtworks.go.listener.SecurityConfigChangeListener)
PluginRoleConfig(com.thoughtworks.go.config.PluginRoleConfig)
CruiseConfig(com.thoughtworks.go.config.CruiseConfig)
Test(org.junit.Test)
Example 20 with PluginRoleConfig
use of com.thoughtworks.go.config.PluginRoleConfig in project gocd by gocd.
the class CcTrayStageStatusChangeHandlerTest method shouldReuseViewersListFromExistingStatusWhenCreatingNewStatus.
@Test
public void shouldReuseViewersListFromExistingStatusWhenCreatingNewStatus() throws Exception {
Users viewers = viewers(Collections.singleton(new PluginRoleConfig("admin", "ldap")), "viewer1", "viewer2");
String projectName = "pipeline :: stage1";
ProjectStatus existingStageStatus = new ProjectStatus(projectName, "OldActivity", "OldStatus", "OldLabel", new Date(), webUrlFor("stage1"));
existingStageStatus.updateViewers(viewers);
when(cache.get(projectName)).thenReturn(existingStageStatus);
Stage stage = StageMother.custom("stage1", JobInstanceMother.building("job1"));
List<ProjectStatus> statuses = handler.statusesOfStageAndItsJobsFor(stage);
ProjectStatus statusOfStage = statuses.get(0);
assertThat(statusOfStage.viewers(), is(viewers));
}
Also used :
ProjectStatus(com.thoughtworks.go.domain.activity.ProjectStatus)
NullStage(com.thoughtworks.go.domain.NullStage)
Stage(com.thoughtworks.go.domain.Stage)
Users(com.thoughtworks.go.config.security.users.Users)
AllowedUsers(com.thoughtworks.go.config.security.users.AllowedUsers)
PluginRoleConfig(com.thoughtworks.go.config.PluginRoleConfig)
Test(org.junit.Test)
Aggregations
PluginRoleConfig (com.thoughtworks.go.config.PluginRoleConfig)26
Test (org.junit.Test)22
CaseInsensitiveString (com.thoughtworks.go.config.CaseInsensitiveString)8
SecurityAuthConfig (com.thoughtworks.go.config.SecurityAuthConfig)8
ConfigurationProperty (com.thoughtworks.go.domain.config.ConfigurationProperty)8
AuthenticationResponse (com.thoughtworks.go.plugin.access.authorization.models.AuthenticationResponse)6
ConfigurationKey (com.thoughtworks.go.domain.config.ConfigurationKey)4
ConfigurationValue (com.thoughtworks.go.domain.config.ConfigurationValue)4
User (com.thoughtworks.go.plugin.access.authorization.models.User)4
HttpLocalizedOperationResult (com.thoughtworks.go.server.service.result.HttpLocalizedOperationResult)4
BasicCruiseConfig (com.thoughtworks.go.config.BasicCruiseConfig)3
ValidationError (com.thoughtworks.go.plugin.api.response.validation.ValidationError)3
ValidationResult (com.thoughtworks.go.plugin.api.response.validation.ValidationResult)3
AllowedUsers (com.thoughtworks.go.config.security.users.AllowedUsers)2
Users (com.thoughtworks.go.config.security.users.Users)2
ProjectStatus (com.thoughtworks.go.domain.activity.ProjectStatus)2
PreAuthenticatedAuthenticationToken (com.thoughtworks.go.server.security.tokens.PreAuthenticatedAuthenticationToken)2
GoUserPrinciple (com.thoughtworks.go.server.security.userdetail.GoUserPrinciple)2
HashedMap (org.apache.commons.collections.map.HashedMap)2
UserDetails (org.springframework.security.userdetails.UserDetails)2
