Examples with SecurityAuthConfig com.thoughtworks.go.config.SecurityAuthConfig used on opensource projects

Search in sources :

Example 46 with SecurityAuthConfig

use of com.thoughtworks.go.config.SecurityAuthConfig in project gocd by gocd.

the class PluginAuthenticationProviderTest method reuthenticationUsingAuthorizationPlugins_shouldFallbackOnUserNameInAbsenceOfLoginNameInGoUserPrinciple.

@Test
public void reuthenticationUsingAuthorizationPlugins_shouldFallbackOnUserNameInAbsenceOfLoginNameInGoUserPrinciple() throws Exception {
    String pluginId1 = "cd.go.ldap";
    securityConfig.securityAuthConfigs().add(new SecurityAuthConfig("ldap", "cd.go.ldap"));
    addPluginSupportingPasswordBasedAuthentication(pluginId1);
    when(authorizationExtension.authenticateUser(pluginId1, "username", "password", securityConfig.securityAuthConfigs().findByPluginId(pluginId1), securityConfig.getPluginRoles(pluginId1))).thenReturn(new AuthenticationResponse(new User("username", "bob", "bob@example.com"), Arrays.asList("blackbird", "admins")));
    GoUserPrinciple principal = new GoUserPrinciple("username", "Display", "password", true, true, true, true, new GrantedAuthority[] {}, null);
    UserDetails userDetails = provider.retrieveUser("username", new UsernamePasswordAuthenticationToken(principal, "password"));
    assertNotNull(userDetails);
    verify(pluginRoleService).updatePluginRoles("cd.go.ldap", "username", CaseInsensitiveString.caseInsensitiveStrings(Arrays.asList("blackbird", "admins")));
}
Also used : SecurityAuthConfig(com.thoughtworks.go.config.SecurityAuthConfig) User(com.thoughtworks.go.plugin.access.authorization.models.User) UserDetails(org.springframework.security.userdetails.UserDetails) UsernamePasswordAuthenticationToken(org.springframework.security.providers.UsernamePasswordAuthenticationToken) CaseInsensitiveString(com.thoughtworks.go.config.CaseInsensitiveString) GoUserPrinciple(com.thoughtworks.go.server.security.userdetail.GoUserPrinciple) AuthenticationResponse(com.thoughtworks.go.plugin.access.authorization.models.AuthenticationResponse) Test(org.junit.Test)

Example 47 with SecurityAuthConfig

use of com.thoughtworks.go.config.SecurityAuthConfig in project gocd by gocd.

the class PluginAuthenticationProviderTest method shouldBeAbleToAuthenticateUserUsingAnyOfTheAuthorizationPlugins.

@Test
public void shouldBeAbleToAuthenticateUserUsingAnyOfTheAuthorizationPlugins() {
    String pluginId1 = "plugin-id-1";
    String pluginId2 = "plugin-id-2";
    addPluginSupportingPasswordBasedAuthentication(pluginId1);
    addPluginSupportingPasswordBasedAuthentication(pluginId2);
    securityConfig.securityAuthConfigs().add(new SecurityAuthConfig("github", pluginId2));
    securityConfig.addRole(new PluginRoleConfig("admin", "github", ConfigurationPropertyMother.create("foo")));
    when(authorizationExtension.authenticateUser(pluginId1, "username", "password", securityConfig.securityAuthConfigs().findByPluginId(pluginId1), null)).thenReturn(NULL_AUTH_RESPONSE);
    AuthenticationResponse response = new AuthenticationResponse(new User("username", "display-name", "test@test.com"), Collections.emptyList());
    when(authorizationExtension.authenticateUser(pluginId2, "username", "password", securityConfig.securityAuthConfigs().findByPluginId(pluginId2), securityConfig.getPluginRoles(pluginId2))).thenReturn(response);
    UserDetails userDetails = provider.retrieveUser("username", authenticationToken);
    assertThat(userDetails, is(instanceOf(GoUserPrinciple.class)));
    GoUserPrinciple goUserPrincipal = (GoUserPrinciple) userDetails;
    assertThat(goUserPrincipal.getUsername(), is("username"));
    assertThat(goUserPrincipal.getDisplayName(), is("display-name"));
    assertThat(goUserPrincipal.getAuthorities().length, is(1));
    assertThat(goUserPrincipal.getAuthorities()[0], is(userAuthority));
}
Also used : SecurityAuthConfig(com.thoughtworks.go.config.SecurityAuthConfig) User(com.thoughtworks.go.plugin.access.authorization.models.User) UserDetails(org.springframework.security.userdetails.UserDetails) CaseInsensitiveString(com.thoughtworks.go.config.CaseInsensitiveString) GoUserPrinciple(com.thoughtworks.go.server.security.userdetail.GoUserPrinciple) PluginRoleConfig(com.thoughtworks.go.config.PluginRoleConfig) AuthenticationResponse(com.thoughtworks.go.plugin.access.authorization.models.AuthenticationResponse) Test(org.junit.Test)

Example 48 with SecurityAuthConfig

use of com.thoughtworks.go.config.SecurityAuthConfig in project gocd by gocd.

the class PluginAuthenticationProviderTest method reuthenticationUsingAuthorizationPlugins_shouldUseTheLoginNameAvailableInGoUserPrinciple.

@Test
public void reuthenticationUsingAuthorizationPlugins_shouldUseTheLoginNameAvailableInGoUserPrinciple() throws Exception {
    String pluginId1 = "cd.go.ldap";
    securityConfig.securityAuthConfigs().add(new SecurityAuthConfig("ldap", "cd.go.ldap"));
    addPluginSupportingPasswordBasedAuthentication(pluginId1);
    when(authorizationExtension.authenticateUser(pluginId1, "foo@bar.com", "password", securityConfig.securityAuthConfigs().findByPluginId(pluginId1), securityConfig.getPluginRoles(pluginId1))).thenReturn(new AuthenticationResponse(new User("username", "bob", "bob@example.com"), Arrays.asList("blackbird", "admins")));
    GoUserPrinciple principal = new GoUserPrinciple("username", "Display", "password", true, true, true, true, new GrantedAuthority[] {}, "foo@bar.com");
    UserDetails userDetails = provider.retrieveUser("username", new UsernamePasswordAuthenticationToken(principal, "password"));
    assertThat(userDetails, is(instanceOf(GoUserPrinciple.class)));
    GoUserPrinciple goUserPrincipal = (GoUserPrinciple) userDetails;
    assertThat(goUserPrincipal.getUsername(), is("username"));
    assertThat(goUserPrincipal.getLoginName(), is("foo@bar.com"));
    verify(pluginRoleService).updatePluginRoles("cd.go.ldap", "username", CaseInsensitiveString.caseInsensitiveStrings(Arrays.asList("blackbird", "admins")));
}
Also used : SecurityAuthConfig(com.thoughtworks.go.config.SecurityAuthConfig) User(com.thoughtworks.go.plugin.access.authorization.models.User) UserDetails(org.springframework.security.userdetails.UserDetails) UsernamePasswordAuthenticationToken(org.springframework.security.providers.UsernamePasswordAuthenticationToken) CaseInsensitiveString(com.thoughtworks.go.config.CaseInsensitiveString) GoUserPrinciple(com.thoughtworks.go.server.security.userdetail.GoUserPrinciple) AuthenticationResponse(com.thoughtworks.go.plugin.access.authorization.models.AuthenticationResponse) Test(org.junit.Test)

Example 49 with SecurityAuthConfig

use of com.thoughtworks.go.config.SecurityAuthConfig in project gocd by gocd.

the class PluginAuthenticationProviderTest method shouldRelyOnTheAuthConfigOrderWhileAuthenticatingUser.

@Test
public void shouldRelyOnTheAuthConfigOrderWhileAuthenticatingUser() throws Exception {
    SecurityAuthConfig sha1Passwords = new SecurityAuthConfig("sha1Passwords", "file");
    SecurityAuthConfig corporateLDAP = new SecurityAuthConfig("corporateLDAP", "ldap");
    SecurityAuthConfig bcryptPasswords = new SecurityAuthConfig("bcryptPasswords", "file");
    SecurityAuthConfig internalLDAP = new SecurityAuthConfig("internalLDAP", "ldap");
    addPluginSupportingPasswordBasedAuthentication("file");
    addPluginSupportingPasswordBasedAuthentication("ldap");
    securityConfig.securityAuthConfigs().add(sha1Passwords);
    securityConfig.securityAuthConfigs().add(corporateLDAP);
    securityConfig.securityAuthConfigs().add(bcryptPasswords);
    securityConfig.securityAuthConfigs().add(internalLDAP);
    InOrder inOrder = inOrder(authorizationExtension);
    when(authorizationExtension.authenticateUser("ldap", "username", "password", Collections.singletonList(internalLDAP), Collections.emptyList())).thenReturn(new AuthenticationResponse(new User("username", null, null), Collections.emptyList()));
    provider.retrieveUser("username", authenticationToken);
    inOrder.verify(authorizationExtension).authenticateUser("file", "username", "password", Collections.singletonList(sha1Passwords), Collections.emptyList());
    inOrder.verify(authorizationExtension).authenticateUser("ldap", "username", "password", Collections.singletonList(corporateLDAP), Collections.emptyList());
    inOrder.verify(authorizationExtension).authenticateUser("file", "username", "password", Collections.singletonList(bcryptPasswords), Collections.emptyList());
    inOrder.verify(authorizationExtension).authenticateUser("ldap", "username", "password", Collections.singletonList(internalLDAP), Collections.emptyList());
}
Also used : SecurityAuthConfig(com.thoughtworks.go.config.SecurityAuthConfig) InOrder(org.mockito.InOrder) User(com.thoughtworks.go.plugin.access.authorization.models.User) AuthenticationResponse(com.thoughtworks.go.plugin.access.authorization.models.AuthenticationResponse) Test(org.junit.Test)

Example 50 with SecurityAuthConfig

use of com.thoughtworks.go.config.SecurityAuthConfig in project gocd by gocd.

the class PreAuthenticatedAuthenticationProviderTest method authenticate_inCaseOfMultipleAuthConfigsOnSuccessfulAuthenticationShouldNotTryAuthenticatingUserUsingRemainingAuthConfig.

@Test
public void authenticate_inCaseOfMultipleAuthConfigsOnSuccessfulAuthenticationShouldNotTryAuthenticatingUserUsingRemainingAuthConfig() {
    Map<String, String> credentials = Collections.singletonMap("access_token", "some_token");
    SecurityAuthConfig githubPublic = new SecurityAuthConfig("github_public", pluginId);
    SecurityAuthConfig githubEnterprise = new SecurityAuthConfig("github_enterprise", pluginId);
    PluginRoleConfig adminRole = new PluginRoleConfig("admin", githubPublic.getId(), new ConfigurationProperty());
    PluginRoleConfig operatorRole = new PluginRoleConfig("operator", githubEnterprise.getId(), new ConfigurationProperty());
    securityConfig.securityAuthConfigs().clear();
    securityConfig.securityAuthConfigs().add(githubPublic);
    securityConfig.securityAuthConfigs().add(githubEnterprise);
    securityConfig.addRole(adminRole);
    securityConfig.addRole(operatorRole);
    PreAuthenticatedAuthenticationToken authenticationToken = new PreAuthenticatedAuthenticationToken(null, credentials, pluginId);
    when(authorizationExtension.authenticateUser(pluginId, credentials, Collections.singletonList(githubPublic), Collections.singletonList(adminRole))).thenReturn(new AuthenticationResponse(user, asList("admin")));
    PreAuthenticatedAuthenticationToken authenticate = (PreAuthenticatedAuthenticationToken) authenticationProvider.authenticate(authenticationToken);
    assertThat(authenticate.getCredentials(), is(credentials));
    assertThat(authenticate.getPluginId(), is(pluginId));
    assertThat(authenticate.getAuthorities(), is(authorities));
    assertThat(authenticate.isAuthenticated(), is(true));
    verify(authorizationExtension).authenticateUser(pluginId, credentials, Collections.singletonList(githubPublic), Collections.singletonList(adminRole));
    verify(authorizationExtension, never()).authenticateUser(pluginId, credentials, Collections.singletonList(githubEnterprise), Collections.singletonList(operatorRole));
}
Also used : ConfigurationProperty(com.thoughtworks.go.domain.config.ConfigurationProperty) SecurityAuthConfig(com.thoughtworks.go.config.SecurityAuthConfig) PreAuthenticatedAuthenticationToken(com.thoughtworks.go.server.security.tokens.PreAuthenticatedAuthenticationToken) CaseInsensitiveString(com.thoughtworks.go.config.CaseInsensitiveString) PluginRoleConfig(com.thoughtworks.go.config.PluginRoleConfig) AuthenticationResponse(com.thoughtworks.go.plugin.access.authorization.models.AuthenticationResponse) Test(org.junit.Test)

Aggregations

SecurityAuthConfig (com.thoughtworks.go.config.SecurityAuthConfig)81 Test (org.junit.jupiter.api.Test)46 HttpLocalizedOperationResult (com.thoughtworks.go.server.service.result.HttpLocalizedOperationResult)28 Test (org.junit.Test)16 CaseInsensitiveString (com.thoughtworks.go.config.CaseInsensitiveString)14 AuthenticationResponse (com.thoughtworks.go.plugin.access.authorization.models.AuthenticationResponse)14 User (com.thoughtworks.go.plugin.access.authorization.models.User)11 PluginRoleConfig (com.thoughtworks.go.config.PluginRoleConfig)9 Username (com.thoughtworks.go.server.domain.Username)9 UserDetails (org.springframework.security.userdetails.UserDetails)8 ConfigurationProperty (com.thoughtworks.go.domain.config.ConfigurationProperty)7 SecurityConfig (com.thoughtworks.go.config.SecurityConfig)5 VerifyConnectionResponse (com.thoughtworks.go.plugin.domain.common.VerifyConnectionResponse)5 UsernamePasswordAuthenticationToken (org.springframework.security.providers.UsernamePasswordAuthenticationToken)5 BasicCruiseConfig (com.thoughtworks.go.config.BasicCruiseConfig)4 SecurityAuthConfigs (com.thoughtworks.go.config.SecurityAuthConfigs)4 RecordNotFoundException (com.thoughtworks.go.config.exceptions.RecordNotFoundException)4 DefaultGoPluginApiResponse (com.thoughtworks.go.plugin.api.response.DefaultGoPluginApiResponse)4 ValidationResult (com.thoughtworks.go.plugin.domain.common.ValidationResult)4 GoUserPrinciple (com.thoughtworks.go.server.security.userdetail.GoUserPrinciple)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial