Example 6 with SecurityAuthConfig
use of com.thoughtworks.go.config.SecurityAuthConfig in project gocd by gocd.
the class PluginAuthenticationProviderTest method authenticateUserShouldReceiveAuthConfigAndCorrespondingRoleConfigs.
@Test
public void authenticateUserShouldReceiveAuthConfigAndCorrespondingRoleConfigs() throws Exception {
SecurityAuthConfig corporateLDAP = new SecurityAuthConfig("corporateLDAP", "ldap");
SecurityAuthConfig internalLDAP = new SecurityAuthConfig("internalLDAP", "ldap");
PluginRoleConfig admin = new PluginRoleConfig("admin", "corporateLDAP", new ConfigurationProperty());
PluginRoleConfig operator = new PluginRoleConfig("operator", "internalLDAP", new ConfigurationProperty());
addPluginSupportingPasswordBasedAuthentication("ldap");
securityConfig.securityAuthConfigs().add(corporateLDAP);
securityConfig.securityAuthConfigs().add(internalLDAP);
securityConfig.addRole(admin);
securityConfig.addRole(operator);
InOrder inOrder = inOrder(authorizationExtension);
when(authorizationExtension.authenticateUser("ldap", "username", "password", Collections.singletonList(internalLDAP), Collections.singletonList(operator))).thenReturn(new AuthenticationResponse(new User("username", null, null), Collections.emptyList()));
provider.retrieveUser("username", authenticationToken);
inOrder.verify(authorizationExtension).authenticateUser("ldap", "username", "password", Collections.singletonList(corporateLDAP), Collections.singletonList(admin));
inOrder.verify(authorizationExtension).authenticateUser("ldap", "username", "password", Collections.singletonList(internalLDAP), Collections.singletonList(operator));
}
Also used :
ConfigurationProperty(com.thoughtworks.go.domain.config.ConfigurationProperty)
SecurityAuthConfig(com.thoughtworks.go.config.SecurityAuthConfig)
InOrder(org.mockito.InOrder)
User(com.thoughtworks.go.plugin.access.authorization.models.User)
PluginRoleConfig(com.thoughtworks.go.config.PluginRoleConfig)
AuthenticationResponse(com.thoughtworks.go.plugin.access.authorization.models.AuthenticationResponse)
Test(org.junit.Test)
Example 7 with SecurityAuthConfig
use of com.thoughtworks.go.config.SecurityAuthConfig in project gocd by gocd.
the class PluginAuthenticationProviderTest method authenticatedUsersUsernameShouldBeUsedToAssignRoles.
@Test
public void authenticatedUsersUsernameShouldBeUsedToAssignRoles() throws Exception {
String pluginId1 = "cd.go.ldap";
securityConfig.securityAuthConfigs().add(new SecurityAuthConfig("ldap", "cd.go.ldap"));
addPluginSupportingPasswordBasedAuthentication(pluginId1);
when(authorizationExtension.authenticateUser(pluginId1, "foo@bar.com", "password", securityConfig.securityAuthConfigs().findByPluginId(pluginId1), securityConfig.getPluginRoles(pluginId1))).thenReturn(new AuthenticationResponse(new User("username", "bob", "bob@example.com"), Arrays.asList("blackbird", "admins")));
UserDetails userDetails = provider.retrieveUser("foo@bar.com", new UsernamePasswordAuthenticationToken(null, "password"));
assertNotNull(userDetails);
verify(pluginRoleService).updatePluginRoles("cd.go.ldap", "username", CaseInsensitiveString.caseInsensitiveStrings(Arrays.asList("blackbird", "admins")));
}
Also used :
SecurityAuthConfig(com.thoughtworks.go.config.SecurityAuthConfig)
User(com.thoughtworks.go.plugin.access.authorization.models.User)
UserDetails(org.springframework.security.userdetails.UserDetails)
UsernamePasswordAuthenticationToken(org.springframework.security.providers.UsernamePasswordAuthenticationToken)
CaseInsensitiveString(com.thoughtworks.go.config.CaseInsensitiveString)
AuthenticationResponse(com.thoughtworks.go.plugin.access.authorization.models.AuthenticationResponse)
Test(org.junit.Test)
Example 8 with SecurityAuthConfig
use of com.thoughtworks.go.config.SecurityAuthConfig in project gocd by gocd.
the class PreAuthenticatedAuthenticationProviderTest method setUp.
@Before
public void setUp() throws Exception {
pluginId = "github.oauth";
user = new User("username", "displayname", "emailId");
authorities = new GrantedAuthority[] { GoAuthority.ROLE_USER.asAuthority() };
authorizationExtension = mock(AuthorizationExtension.class);
authorityGranter = mock(AuthorityGranter.class);
userService = mock(UserService.class);
pluginRoleService = mock(PluginRoleService.class);
goConfigService = mock(GoConfigService.class);
authenticationProvider = new PreAuthenticatedAuthenticationProvider(authorizationExtension, pluginRoleService, userService, authorityGranter, goConfigService);
AuthenticationResponse authenticationResponse = new AuthenticationResponse(user, asList("admin"));
securityConfig = new SecurityConfig();
stub(goConfigService.security()).toReturn(securityConfig);
stub(authorizationExtension.authenticateUser(any(String.class), any(Map.class), any(List.class), any(List.class))).toReturn(authenticationResponse);
stub(authorityGranter.authorities(anyString())).toReturn(authorities);
securityConfig.securityAuthConfigs().add(new SecurityAuthConfig("github", pluginId));
}
Also used :
AuthorityGranter(com.thoughtworks.go.server.security.AuthorityGranter)
User(com.thoughtworks.go.plugin.access.authorization.models.User)
UserService(com.thoughtworks.go.server.service.UserService)
AuthorizationExtension(com.thoughtworks.go.plugin.access.authorization.AuthorizationExtension)
CaseInsensitiveString(com.thoughtworks.go.config.CaseInsensitiveString)
PluginRoleService(com.thoughtworks.go.server.service.PluginRoleService)
AuthenticationResponse(com.thoughtworks.go.plugin.access.authorization.models.AuthenticationResponse)
GoConfigService(com.thoughtworks.go.server.service.GoConfigService)
SecurityAuthConfig(com.thoughtworks.go.config.SecurityAuthConfig)
SecurityConfig(com.thoughtworks.go.config.SecurityConfig)
Arrays.asList(java.util.Arrays.asList)
List(java.util.List)
Map(java.util.Map)
Before(org.junit.Before)
Example 9 with SecurityAuthConfig
use of com.thoughtworks.go.config.SecurityAuthConfig in project gocd by gocd.
the class PreAuthenticatedAuthenticationProviderTest method authenticate_shouldAuthenticateUserAgainstTheSpecifiedPlugin.
@Test
public void authenticate_shouldAuthenticateUserAgainstTheSpecifiedPlugin() {
Map<String, String> credentials = Collections.singletonMap("access_token", "some_token");
SecurityAuthConfig githubConfig = new SecurityAuthConfig("github", pluginId);
PluginRoleConfig adminRole = new PluginRoleConfig("admin", "github", new ConfigurationProperty());
securityConfig.securityAuthConfigs().add(githubConfig);
securityConfig.addRole(adminRole);
PreAuthenticatedAuthenticationToken authenticationToken = new PreAuthenticatedAuthenticationToken(null, credentials, pluginId);
authenticationProvider.authenticate(authenticationToken);
verify(authorizationExtension).authenticateUser(pluginId, credentials, Collections.singletonList(githubConfig), Collections.singletonList(adminRole));
}
Also used :
ConfigurationProperty(com.thoughtworks.go.domain.config.ConfigurationProperty)
SecurityAuthConfig(com.thoughtworks.go.config.SecurityAuthConfig)
PreAuthenticatedAuthenticationToken(com.thoughtworks.go.server.security.tokens.PreAuthenticatedAuthenticationToken)
CaseInsensitiveString(com.thoughtworks.go.config.CaseInsensitiveString)
PluginRoleConfig(com.thoughtworks.go.config.PluginRoleConfig)
Test(org.junit.Test)
Example 10 with SecurityAuthConfig
use of com.thoughtworks.go.config.SecurityAuthConfig in project gocd by gocd.
the class PreAuthenticatedRequestsProcessingFilterTest method shouldFetchAuthorizationServerAccessTokenFromThePlugin.
@Test
public void shouldFetchAuthorizationServerAccessTokenFromThePlugin() {
HashMap<String, String[]> params = new HashMap<>();
params.put("code", new String[] { "some_auth_code" });
SecurityAuthConfig githubAuthConfig = new SecurityAuthConfig("github", "github.oauth");
securityConfig.securityAuthConfigs().add(githubAuthConfig);
when(request.getRequestURI()).thenReturn("/go/plugin/github.oauth/authenticate");
when(request.getParameterMap()).thenReturn(params);
when(request.getHeaderNames()).thenReturn(Collections.enumeration(Arrays.asList("Authorization")));
when(request.getHeader("Authorization")).thenReturn("qwe123");
when(authorizationExtension.fetchAccessToken("github.oauth", Collections.singletonMap("Authorization", "qwe123"), Collections.singletonMap("code", "some_auth_code"), Collections.singletonList(githubAuthConfig))).thenReturn(Collections.singletonMap("access_token", "token"));
Map<String, String> credentials = filter.fetchAuthorizationServerAccessToken(request);
assertThat(credentials, hasEntry("access_token", "token"));
}
Also used :
SecurityAuthConfig(com.thoughtworks.go.config.SecurityAuthConfig)
HashMap(java.util.HashMap)
Test(org.junit.Test)
Aggregations
SecurityAuthConfig (com.thoughtworks.go.config.SecurityAuthConfig)81
Test (org.junit.jupiter.api.Test)46
HttpLocalizedOperationResult (com.thoughtworks.go.server.service.result.HttpLocalizedOperationResult)28
Test (org.junit.Test)16
CaseInsensitiveString (com.thoughtworks.go.config.CaseInsensitiveString)14
AuthenticationResponse (com.thoughtworks.go.plugin.access.authorization.models.AuthenticationResponse)14
User (com.thoughtworks.go.plugin.access.authorization.models.User)11
PluginRoleConfig (com.thoughtworks.go.config.PluginRoleConfig)9
Username (com.thoughtworks.go.server.domain.Username)9
UserDetails (org.springframework.security.userdetails.UserDetails)8
ConfigurationProperty (com.thoughtworks.go.domain.config.ConfigurationProperty)7
SecurityConfig (com.thoughtworks.go.config.SecurityConfig)5
VerifyConnectionResponse (com.thoughtworks.go.plugin.domain.common.VerifyConnectionResponse)5
UsernamePasswordAuthenticationToken (org.springframework.security.providers.UsernamePasswordAuthenticationToken)5
BasicCruiseConfig (com.thoughtworks.go.config.BasicCruiseConfig)4
SecurityAuthConfigs (com.thoughtworks.go.config.SecurityAuthConfigs)4
RecordNotFoundException (com.thoughtworks.go.config.exceptions.RecordNotFoundException)4
DefaultGoPluginApiResponse (com.thoughtworks.go.plugin.api.response.DefaultGoPluginApiResponse)4
ValidationResult (com.thoughtworks.go.plugin.domain.common.ValidationResult)4
GoUserPrinciple (com.thoughtworks.go.server.security.userdetail.GoUserPrinciple)4
