Example 11 with SecurityAuthConfig
use of com.thoughtworks.go.config.SecurityAuthConfig in project gocd by gocd.
the class PluginAuthenticationProvider method getUserDetailsFromAuthorizationPlugins.
private User getUserDetailsFromAuthorizationPlugins(String username, UsernamePasswordAuthenticationToken authentication) {
String loginName = loginName(username, authentication);
String password = (String) authentication.getCredentials();
for (SecurityAuthConfig authConfig : configService.security().securityAuthConfigs()) {
String pluginId = authConfig.getPluginId();
if (!store.doesPluginSupportPasswordBasedAuthentication(pluginId)) {
continue;
}
final List<PluginRoleConfig> roleConfigs = configService.security().getRoles().pluginRoleConfigsFor(authConfig.getId());
try {
LOGGER.debug("[Authenticate] Authenticating user: `{}` using the authorization plugin: `{}`", loginName, pluginId);
AuthenticationResponse response = authorizationExtension.authenticateUser(pluginId, loginName, password, Collections.singletonList(authConfig), roleConfigs);
User user = ensureDisplayNamePresent(response.getUser());
if (user != null) {
pluginRoleService.updatePluginRoles(pluginId, user.getUsername(), CaseInsensitiveString.caseInsensitiveStrings(response.getRoles()));
LOGGER.debug("[Authenticate] Successfully authenticated user: `{}` using the authorization plugin: `{}`", loginName, pluginId);
return user;
}
} catch (Exception e) {
LOGGER.error("[Authenticate] Error while authenticating user: `{}` using the authorization plugin: {} ", loginName, pluginId);
}
LOGGER.debug("[Authenticate] Authentication failed for user: `{}` using the authorization plugin: `{}`", loginName, pluginId);
}
return null;
}
Also used :
SecurityAuthConfig(com.thoughtworks.go.config.SecurityAuthConfig)
User(com.thoughtworks.go.plugin.access.authorization.models.User)
CaseInsensitiveString(com.thoughtworks.go.config.CaseInsensitiveString)
PluginRoleConfig(com.thoughtworks.go.config.PluginRoleConfig)
AuthenticationResponse(com.thoughtworks.go.plugin.access.authorization.models.AuthenticationResponse)
BadCredentialsException(org.springframework.security.BadCredentialsException)
AuthenticationException(org.springframework.security.AuthenticationException)
UsernameNotFoundException(org.springframework.security.userdetails.UsernameNotFoundException)
Example 12 with SecurityAuthConfig
use of com.thoughtworks.go.config.SecurityAuthConfig in project gocd by gocd.
the class SecurityAuthConfigUpdateCommand method isRequestFresh.
private boolean isRequestFresh(CruiseConfig cruiseConfig) {
SecurityAuthConfig existingProfile = findExistingProfile(cruiseConfig);
boolean freshRequest = hashingService.hashForEntity(existingProfile).equals(digest);
if (!freshRequest) {
result.stale(getObjectDescriptor().staleConfig(existingProfile.getId()));
}
return freshRequest;
}
Also used :
SecurityAuthConfig(com.thoughtworks.go.config.SecurityAuthConfig)
Example 13 with SecurityAuthConfig
use of com.thoughtworks.go.config.SecurityAuthConfig in project gocd by gocd.
the class SecurityAuthConfigControllerV2 method show.
public String show(Request request, Response response) throws IOException {
final SecurityAuthConfig securityAuthConfig = fetchEntityFromConfig(request.params("id"));
String etag = etagFor(securityAuthConfig);
if (fresh(request, etag)) {
return notModified(response);
}
setEtagHeader(response, etag);
return writerForTopLevelObject(request, response, jsonWriter(securityAuthConfig));
}
Also used :
SecurityAuthConfig(com.thoughtworks.go.config.SecurityAuthConfig)
Example 14 with SecurityAuthConfig
use of com.thoughtworks.go.config.SecurityAuthConfig in project gocd by gocd.
the class SecurityAuthConfigControllerV2 method update.
public String update(Request request, Response response) {
final String securityAuthConfigId = request.params("id");
final SecurityAuthConfig existingAuthConfig = fetchEntityFromConfig(securityAuthConfigId);
final SecurityAuthConfig newAuthConfig = buildEntityFromRequestBody(request);
HttpLocalizedOperationResult result = new HttpLocalizedOperationResult();
if (isRenameAttempt(securityAuthConfigId, newAuthConfig.getId())) {
throw haltBecauseRenameOfEntityIsNotSupported(getEntityType().getEntityNameLowerCase());
}
if (isPutRequestStale(request, existingAuthConfig)) {
throw haltBecauseEtagDoesNotMatch(getEntityType().getEntityNameLowerCase(), existingAuthConfig.getId());
}
newAuthConfig.setId(securityAuthConfigId);
securityAuthConfigService.update(currentUsername(), etagFor(existingAuthConfig), newAuthConfig, result);
return handleCreateOrUpdateResponse(request, response, newAuthConfig, result);
}
Also used :
SecurityAuthConfig(com.thoughtworks.go.config.SecurityAuthConfig)
HttpLocalizedOperationResult(com.thoughtworks.go.server.service.result.HttpLocalizedOperationResult)
Example 15 with SecurityAuthConfig
use of com.thoughtworks.go.config.SecurityAuthConfig in project gocd by gocd.
the class AuthorizationExtensionTest method shouldTalkToPlugin_To_SearchUsers.
@Test
void shouldTalkToPlugin_To_SearchUsers() {
String requestBody = "{\n" + " \"search_term\": \"bob\",\n" + " \"auth_configs\": [\n" + " {\n" + " \"id\": \"ldap\",\n" + " \"configuration\": {\n" + " \"foo\": \"bar\"\n" + " }\n" + " }\n" + " ]\n" + "}";
String responseBody = "[{\"username\":\"bob\",\"display_name\":\"Bob\",\"email\":\"bob@example.com\"}]";
when(pluginManager.submitTo(eq(PLUGIN_ID), eq(AUTHORIZATION_EXTENSION), requestArgumentCaptor.capture())).thenReturn(new DefaultGoPluginApiResponse(SUCCESS_RESPONSE_CODE, responseBody));
List<User> users = authorizationExtension.searchUsers(PLUGIN_ID, "bob", Collections.singletonList(new SecurityAuthConfig("ldap", "cd.go.ldap", create("foo", false, "bar"))));
assertRequest(requestArgumentCaptor.getValue(), AUTHORIZATION_EXTENSION, "1.0", REQUEST_SEARCH_USERS, requestBody);
assertThat(users).hasSize(1).contains(new User("bob", "Bob", "bob@example.com"));
}
Also used :
SecurityAuthConfig(com.thoughtworks.go.config.SecurityAuthConfig)
User(com.thoughtworks.go.plugin.domain.authorization.User)
DefaultGoPluginApiResponse(com.thoughtworks.go.plugin.api.response.DefaultGoPluginApiResponse)
Test(org.junit.jupiter.api.Test)
Aggregations
SecurityAuthConfig (com.thoughtworks.go.config.SecurityAuthConfig)81
Test (org.junit.jupiter.api.Test)46
HttpLocalizedOperationResult (com.thoughtworks.go.server.service.result.HttpLocalizedOperationResult)28
Test (org.junit.Test)16
CaseInsensitiveString (com.thoughtworks.go.config.CaseInsensitiveString)14
AuthenticationResponse (com.thoughtworks.go.plugin.access.authorization.models.AuthenticationResponse)14
User (com.thoughtworks.go.plugin.access.authorization.models.User)11
PluginRoleConfig (com.thoughtworks.go.config.PluginRoleConfig)9
Username (com.thoughtworks.go.server.domain.Username)9
UserDetails (org.springframework.security.userdetails.UserDetails)8
ConfigurationProperty (com.thoughtworks.go.domain.config.ConfigurationProperty)7
SecurityConfig (com.thoughtworks.go.config.SecurityConfig)5
VerifyConnectionResponse (com.thoughtworks.go.plugin.domain.common.VerifyConnectionResponse)5
UsernamePasswordAuthenticationToken (org.springframework.security.providers.UsernamePasswordAuthenticationToken)5
BasicCruiseConfig (com.thoughtworks.go.config.BasicCruiseConfig)4
SecurityAuthConfigs (com.thoughtworks.go.config.SecurityAuthConfigs)4
RecordNotFoundException (com.thoughtworks.go.config.exceptions.RecordNotFoundException)4
DefaultGoPluginApiResponse (com.thoughtworks.go.plugin.api.response.DefaultGoPluginApiResponse)4
ValidationResult (com.thoughtworks.go.plugin.domain.common.ValidationResult)4
GoUserPrinciple (com.thoughtworks.go.server.security.userdetail.GoUserPrinciple)4
