use of com.thoughtworks.go.plugin.access.authorization.models.AuthenticationResponse in project gocd by gocd.
the class PluginAuthenticationProviderTest method shouldAddUserIfDoesNotExistOnSuccessfulAuthenticationUsingTheAuthorizationPlugin.
@Test
public void shouldAddUserIfDoesNotExistOnSuccessfulAuthenticationUsingTheAuthorizationPlugin() {
String pluginId = "plugin-id-1";
securityConfig.securityAuthConfigs().add(new SecurityAuthConfig("github", pluginId));
when(authenticationPluginRegistry.getPluginsThatSupportsPasswordBasedAuthentication()).thenReturn(new HashSet<>(Arrays.asList()));
when(store.getPluginsThatSupportsPasswordBasedAuthentication()).thenReturn(new HashSet<>(Arrays.asList(pluginId)));
AuthenticationResponse response = new AuthenticationResponse(new User("username", "display-name", "username@example.com"), Collections.emptyList());
when(authorizationExtension.authenticateUser(pluginId, "username", "password", securityConfig.securityAuthConfigs().findByPluginId(pluginId), securityConfig.getPluginRoles(pluginId))).thenReturn(response);
provider.retrieveUser("username", authenticationToken);
verify(userService).addUserIfDoesNotExist(new com.thoughtworks.go.domain.User("username", "display-name", "username@example.com"));
}
use of com.thoughtworks.go.plugin.access.authorization.models.AuthenticationResponse in project gocd by gocd.
the class PluginAuthenticationProviderTest method shouldUpdatePluginRolesForAUserPostAuthentication.
@Test
public void shouldUpdatePluginRolesForAUserPostAuthentication() {
securityConfig.securityAuthConfigs().add(new SecurityAuthConfig("ldap", "cd.go.ldap"));
securityConfig.securityAuthConfigs().add(new SecurityAuthConfig("github", "cd.go.github"));
String pluginId1 = "cd.go.ldap";
String pluginId2 = "cd.go.github";
addPluginSupportingPasswordBasedAuthentication(pluginId1);
addPluginSupportingPasswordBasedAuthentication(pluginId2);
when(authorizationExtension.authenticateUser(pluginId1, "username", "password", securityConfig.securityAuthConfigs().findByPluginId(pluginId1), securityConfig.getPluginRoles(pluginId1))).thenReturn(new AuthenticationResponse(new User("username", "bob", "bob@example.com"), Arrays.asList("blackbird", "admins")));
when(authorizationExtension.authenticateUser(pluginId2, "username", "password", securityConfig.securityAuthConfigs().findByPluginId(pluginId2), securityConfig.getPluginRoles(pluginId2))).thenReturn(NULL_AUTH_RESPONSE);
UserDetails userDetails = provider.retrieveUser("username", new UsernamePasswordAuthenticationToken(null, "password"));
assertNotNull(userDetails);
verify(pluginRoleService).updatePluginRoles("cd.go.ldap", "username", CaseInsensitiveString.caseInsensitiveStrings(Arrays.asList("blackbird", "admins")));
}
use of com.thoughtworks.go.plugin.access.authorization.models.AuthenticationResponse in project gocd by gocd.
the class PluginAuthenticationProviderTest method reuthenticationUsingAuthorizationPlugins_shouldFallbackOnUserNameInAbsenceOfGoUserPrinciple.
@Test
public void reuthenticationUsingAuthorizationPlugins_shouldFallbackOnUserNameInAbsenceOfGoUserPrinciple() throws Exception {
String pluginId1 = "cd.go.ldap";
securityConfig.securityAuthConfigs().add(new SecurityAuthConfig("ldap", "cd.go.ldap"));
addPluginSupportingPasswordBasedAuthentication(pluginId1);
when(authorizationExtension.authenticateUser(pluginId1, "username", "password", securityConfig.securityAuthConfigs().findByPluginId(pluginId1), securityConfig.getPluginRoles(pluginId1))).thenReturn(new AuthenticationResponse(new User("username", "bob", "bob@example.com"), Arrays.asList("blackbird", "admins")));
UserDetails userDetails = provider.retrieveUser("username", new UsernamePasswordAuthenticationToken(null, "password"));
assertNotNull(userDetails);
verify(pluginRoleService).updatePluginRoles("cd.go.ldap", "username", CaseInsensitiveString.caseInsensitiveStrings(Arrays.asList("blackbird", "admins")));
}
use of com.thoughtworks.go.plugin.access.authorization.models.AuthenticationResponse in project gocd by gocd.
the class PluginAuthenticationProviderTest method shouldTryAuthenticatingAgainstEachAuthorizationPluginInCaseOfErrors.
@Test
public void shouldTryAuthenticatingAgainstEachAuthorizationPluginInCaseOfErrors() throws Exception {
SecurityAuthConfig fileAuthConfig = new SecurityAuthConfig("file_based", "file");
SecurityAuthConfig ldapAuthConfig = new SecurityAuthConfig("ldap_based", "ldap");
addPluginSupportingPasswordBasedAuthentication("file");
addPluginSupportingPasswordBasedAuthentication("ldap");
securityConfig.securityAuthConfigs().add(fileAuthConfig);
securityConfig.securityAuthConfigs().add(ldapAuthConfig);
when(authorizationExtension.authenticateUser("file", "username", "password", Collections.singletonList(fileAuthConfig), Collections.emptyList())).thenThrow(new RuntimeException());
when(authorizationExtension.authenticateUser("ldap", "username", "password", Collections.singletonList(ldapAuthConfig), Collections.emptyList())).thenReturn(new AuthenticationResponse(new User("username", null, null), Collections.emptyList()));
UserDetails bob = provider.retrieveUser("username", authenticationToken);
assertThat(bob.getUsername(), is("username"));
}
use of com.thoughtworks.go.plugin.access.authorization.models.AuthenticationResponse in project gocd by gocd.
the class PluginAuthenticationProviderTest method authenticateUserShouldReceiveAuthConfigAndCorrespondingRoleConfigs.
@Test
public void authenticateUserShouldReceiveAuthConfigAndCorrespondingRoleConfigs() throws Exception {
SecurityAuthConfig corporateLDAP = new SecurityAuthConfig("corporateLDAP", "ldap");
SecurityAuthConfig internalLDAP = new SecurityAuthConfig("internalLDAP", "ldap");
PluginRoleConfig admin = new PluginRoleConfig("admin", "corporateLDAP", new ConfigurationProperty());
PluginRoleConfig operator = new PluginRoleConfig("operator", "internalLDAP", new ConfigurationProperty());
addPluginSupportingPasswordBasedAuthentication("ldap");
securityConfig.securityAuthConfigs().add(corporateLDAP);
securityConfig.securityAuthConfigs().add(internalLDAP);
securityConfig.addRole(admin);
securityConfig.addRole(operator);
InOrder inOrder = inOrder(authorizationExtension);
when(authorizationExtension.authenticateUser("ldap", "username", "password", Collections.singletonList(internalLDAP), Collections.singletonList(operator))).thenReturn(new AuthenticationResponse(new User("username", null, null), Collections.emptyList()));
provider.retrieveUser("username", authenticationToken);
inOrder.verify(authorizationExtension).authenticateUser("ldap", "username", "password", Collections.singletonList(corporateLDAP), Collections.singletonList(admin));
inOrder.verify(authorizationExtension).authenticateUser("ldap", "username", "password", Collections.singletonList(internalLDAP), Collections.singletonList(operator));
}
Aggregations