Example 16 with SecurityAuthConfig
use of com.thoughtworks.go.config.SecurityAuthConfig in project gocd by gocd.
the class AuthorizationExtensionTest method shouldTalkToPlugin_To_AuthenticateUser.
@Test
void shouldTalkToPlugin_To_AuthenticateUser() {
String requestBody = "{\n" + " \"credentials\": {\n" + " \"username\": \"bob\",\n" + " \"password\": \"secret\"\n" + " },\n" + " \"auth_configs\": [\n" + " {\n" + " \"id\": \"ldap\",\n" + " \"configuration\": {\n" + " \"url\": \"some-url\"\n" + " }\n" + " }\n" + " ],\n" + " \"role_configs\": [\n" + " {\n" + " \"name\": \"foo\",\n" + " \"auth_config_id\": \"ldap\",\n" + " \"configuration\": {\n" + " \"memberOf\": \"ou=some-value\"\n" + " }\n" + " }\n" + " ]\n" + "}";
String responseBody = "{\"user\":{\"username\":\"bob\",\"display_name\":\"Bob\",\"email\":\"bob@example.com\"},\"roles\":[\"blackbird\"]}";
when(pluginManager.submitTo(eq(PLUGIN_ID), eq(AUTHORIZATION_EXTENSION), requestArgumentCaptor.capture())).thenReturn(new DefaultGoPluginApiResponse(SUCCESS_RESPONSE_CODE, responseBody));
final PluginRoleConfig roleConfig = new PluginRoleConfig("foo", "ldap", create("memberOf", false, "ou=some-value"));
final List<PluginRoleConfig> pluginRoleConfigs = Collections.singletonList(roleConfig);
final SecurityAuthConfigs authConfigs = new SecurityAuthConfigs();
authConfigs.add(new SecurityAuthConfig("ldap", "cd.go.ldap", create("url", false, "some-url")));
AuthenticationResponse authenticationResponse = authorizationExtension.authenticateUser(PLUGIN_ID, "bob", "secret", authConfigs, pluginRoleConfigs);
assertRequest(requestArgumentCaptor.getValue(), AUTHORIZATION_EXTENSION, "1.0", REQUEST_AUTHENTICATE_USER, requestBody);
assertThat(authenticationResponse.getUser()).isEqualTo(new User("bob", "Bob", "bob@example.com"));
assertThat(authenticationResponse.getRoles().get(0)).isEqualTo("blackbird");
}
Also used :
SecurityAuthConfig(com.thoughtworks.go.config.SecurityAuthConfig)
User(com.thoughtworks.go.plugin.domain.authorization.User)
DefaultGoPluginApiResponse(com.thoughtworks.go.plugin.api.response.DefaultGoPluginApiResponse)
SecurityAuthConfigs(com.thoughtworks.go.config.SecurityAuthConfigs)
PluginRoleConfig(com.thoughtworks.go.config.PluginRoleConfig)
AuthenticationResponse(com.thoughtworks.go.plugin.domain.authorization.AuthenticationResponse)
Test(org.junit.jupiter.api.Test)
Example 17 with SecurityAuthConfig
use of com.thoughtworks.go.config.SecurityAuthConfig in project gocd by gocd.
the class AuthorizationExtensionTest method shouldTalkToPlugin_To_GetAuthorizationServerUrl.
@Test
void shouldTalkToPlugin_To_GetAuthorizationServerUrl() {
String requestBody = "{\n" + " \"auth_configs\": [\n" + " {\n" + " \"id\": \"github\",\n" + " \"configuration\": {\n" + " \"url\": \"some-url\"\n" + " }\n" + " }\n" + " ],\n" + " \"authorization_server_callback_url\": \"http://go.site.url/go/plugin/plugin-id/authenticate\"\n" + "}";
String responseBody = "{\"authorization_server_url\":\"url_to_authorization_server\"}";
SecurityAuthConfig authConfig = new SecurityAuthConfig("github", "cd.go.github", create("url", false, "some-url"));
when(pluginManager.submitTo(eq(PLUGIN_ID), eq(AUTHORIZATION_EXTENSION), requestArgumentCaptor.capture())).thenReturn(new DefaultGoPluginApiResponse(SUCCESS_RESPONSE_CODE, responseBody));
String authorizationServerRedirectUrl = authorizationExtension.getAuthorizationServerUrl(PLUGIN_ID, Collections.singletonList(authConfig), "http://go.site.url");
assertRequest(requestArgumentCaptor.getValue(), AUTHORIZATION_EXTENSION, "1.0", REQUEST_AUTHORIZATION_SERVER_URL, requestBody);
assertThat(authorizationServerRedirectUrl).isEqualTo("url_to_authorization_server");
}
Also used :
SecurityAuthConfig(com.thoughtworks.go.config.SecurityAuthConfig)
DefaultGoPluginApiResponse(com.thoughtworks.go.plugin.api.response.DefaultGoPluginApiResponse)
Test(org.junit.jupiter.api.Test)
Example 18 with SecurityAuthConfig
use of com.thoughtworks.go.config.SecurityAuthConfig in project gocd by gocd.
the class AuthorizationExtensionTest method shouldReturnFalseForSupportsValidatingUserExistenceForAuthorizationExtensionV1.
@Test
void shouldReturnFalseForSupportsValidatingUserExistenceForAuthorizationExtensionV1() throws Exception {
String pluginId = "cd.go.ldap";
when(pluginManager.resolveExtensionVersion(pluginId, AUTHORIZATION_EXTENSION, SUPPORTED_VERSIONS)).thenReturn(AuthorizationMessageConverterV1.VERSION);
SecurityAuthConfig authConfig = new SecurityAuthConfig("ldap", pluginId, create("url", false, "some-url"));
boolean expected = authorizationExtension.supportsPluginAPICallsRequiredForAccessToken(authConfig);
assertThat(expected).isFalse();
}
Also used :
SecurityAuthConfig(com.thoughtworks.go.config.SecurityAuthConfig)
Test(org.junit.jupiter.api.Test)
Example 19 with SecurityAuthConfig
use of com.thoughtworks.go.config.SecurityAuthConfig in project gocd by gocd.
the class AuthorizationExtensionTest method shouldTalkToPlugin_To_AuthenticateUserWithEmptyListIfRoleConfigsAreNotProvided.
@Test
void shouldTalkToPlugin_To_AuthenticateUserWithEmptyListIfRoleConfigsAreNotProvided() {
String requestBody = "{\n" + " \"credentials\": {\n" + " \"username\": \"bob\",\n" + " \"password\": \"secret\"\n" + " },\n" + " \"auth_configs\": [\n" + " {\n" + " \"id\": \"ldap\",\n" + " \"configuration\": {\n" + " \"url\": \"some-url\"\n" + " }\n" + " }\n" + " ],\n" + " \"role_configs\": []\n" + "}";
String responseBody = "{\"user\":{\"username\":\"bob\",\"display_name\":\"Bob\",\"email\":\"bob@example.com\"},\"roles\":[\"blackbird\"]}";
when(pluginManager.submitTo(eq(PLUGIN_ID), eq(AUTHORIZATION_EXTENSION), requestArgumentCaptor.capture())).thenReturn(new DefaultGoPluginApiResponse(SUCCESS_RESPONSE_CODE, responseBody));
final SecurityAuthConfigs authConfigs = new SecurityAuthConfigs();
authConfigs.add(new SecurityAuthConfig("ldap", "cd.go.ldap", create("url", false, "some-url")));
AuthenticationResponse authenticationResponse = authorizationExtension.authenticateUser(PLUGIN_ID, "bob", "secret", authConfigs, null);
assertRequest(requestArgumentCaptor.getValue(), AUTHORIZATION_EXTENSION, "1.0", REQUEST_AUTHENTICATE_USER, requestBody);
assertThat(authenticationResponse.getUser()).isEqualTo(new User("bob", "Bob", "bob@example.com"));
assertThat(authenticationResponse.getRoles().get(0)).isEqualTo("blackbird");
}
Also used :
SecurityAuthConfig(com.thoughtworks.go.config.SecurityAuthConfig)
User(com.thoughtworks.go.plugin.domain.authorization.User)
DefaultGoPluginApiResponse(com.thoughtworks.go.plugin.api.response.DefaultGoPluginApiResponse)
SecurityAuthConfigs(com.thoughtworks.go.config.SecurityAuthConfigs)
AuthenticationResponse(com.thoughtworks.go.plugin.domain.authorization.AuthenticationResponse)
Test(org.junit.jupiter.api.Test)
Example 20 with SecurityAuthConfig
use of com.thoughtworks.go.config.SecurityAuthConfig in project gocd by gocd.
the class AuthorizationMessageConverterV2Test method shouldReturnRequestBodyForDoesUserExistsRequest.
@Test
void shouldReturnRequestBodyForDoesUserExistsRequest() {
SecurityAuthConfig authConfig = new SecurityAuthConfig("p1", "ldap", ConfigurationPropertyMother.create("key1", false, "value2"));
String requestBody = converter.isValidUserRequestBody("foo", authConfig);
assertThatJson(requestBody).isEqualTo("{\n" + " \"auth_config\": {\n" + " \"configuration\": {\n" + " \"key1\": \"value2\"\n" + " },\n" + " \"id\": \"p1\"\n" + " },\n" + " \"username\": \"foo\"\n" + "}");
}
Also used :
SecurityAuthConfig(com.thoughtworks.go.config.SecurityAuthConfig)
Test(org.junit.jupiter.api.Test)
Aggregations
SecurityAuthConfig (com.thoughtworks.go.config.SecurityAuthConfig)81
Test (org.junit.jupiter.api.Test)46
HttpLocalizedOperationResult (com.thoughtworks.go.server.service.result.HttpLocalizedOperationResult)28
Test (org.junit.Test)16
CaseInsensitiveString (com.thoughtworks.go.config.CaseInsensitiveString)14
AuthenticationResponse (com.thoughtworks.go.plugin.access.authorization.models.AuthenticationResponse)14
User (com.thoughtworks.go.plugin.access.authorization.models.User)11
PluginRoleConfig (com.thoughtworks.go.config.PluginRoleConfig)9
Username (com.thoughtworks.go.server.domain.Username)9
UserDetails (org.springframework.security.userdetails.UserDetails)8
ConfigurationProperty (com.thoughtworks.go.domain.config.ConfigurationProperty)7
SecurityConfig (com.thoughtworks.go.config.SecurityConfig)5
VerifyConnectionResponse (com.thoughtworks.go.plugin.domain.common.VerifyConnectionResponse)5
UsernamePasswordAuthenticationToken (org.springframework.security.providers.UsernamePasswordAuthenticationToken)5
BasicCruiseConfig (com.thoughtworks.go.config.BasicCruiseConfig)4
SecurityAuthConfigs (com.thoughtworks.go.config.SecurityAuthConfigs)4
RecordNotFoundException (com.thoughtworks.go.config.exceptions.RecordNotFoundException)4
DefaultGoPluginApiResponse (com.thoughtworks.go.plugin.api.response.DefaultGoPluginApiResponse)4
ValidationResult (com.thoughtworks.go.plugin.domain.common.ValidationResult)4
GoUserPrinciple (com.thoughtworks.go.server.security.userdetail.GoUserPrinciple)4
