Examples with User com.thoughtworks.go.plugin.domain.authorization.User used on opensource projects

Search in sources :

Example 1 with User

use of com.thoughtworks.go.plugin.domain.authorization.User in project gocd by gocd.

the class AuthorizationExtensionTest method shouldTalkToPlugin_To_SearchUsers.

@Test
void shouldTalkToPlugin_To_SearchUsers() {
    String requestBody = "{\n" + "  \"search_term\": \"bob\",\n" + "  \"auth_configs\": [\n" + "    {\n" + "      \"id\": \"ldap\",\n" + "      \"configuration\": {\n" + "        \"foo\": \"bar\"\n" + "      }\n" + "    }\n" + "  ]\n" + "}";
    String responseBody = "[{\"username\":\"bob\",\"display_name\":\"Bob\",\"email\":\"bob@example.com\"}]";
    when(pluginManager.submitTo(eq(PLUGIN_ID), eq(AUTHORIZATION_EXTENSION), requestArgumentCaptor.capture())).thenReturn(new DefaultGoPluginApiResponse(SUCCESS_RESPONSE_CODE, responseBody));
    List<User> users = authorizationExtension.searchUsers(PLUGIN_ID, "bob", Collections.singletonList(new SecurityAuthConfig("ldap", "cd.go.ldap", create("foo", false, "bar"))));
    assertRequest(requestArgumentCaptor.getValue(), AUTHORIZATION_EXTENSION, "1.0", REQUEST_SEARCH_USERS, requestBody);
    assertThat(users).hasSize(1).contains(new User("bob", "Bob", "bob@example.com"));
}
Also used : SecurityAuthConfig(com.thoughtworks.go.config.SecurityAuthConfig) User(com.thoughtworks.go.plugin.domain.authorization.User) DefaultGoPluginApiResponse(com.thoughtworks.go.plugin.api.response.DefaultGoPluginApiResponse) Test(org.junit.jupiter.api.Test)

Example 2 with User

use of com.thoughtworks.go.plugin.domain.authorization.User in project gocd by gocd.

the class AuthorizationExtensionTest method shouldTalkToPlugin_To_AuthenticateUser.

@Test
void shouldTalkToPlugin_To_AuthenticateUser() {
    String requestBody = "{\n" + "  \"credentials\": {\n" + "    \"username\": \"bob\",\n" + "    \"password\": \"secret\"\n" + "  },\n" + "  \"auth_configs\": [\n" + "    {\n" + "      \"id\": \"ldap\",\n" + "      \"configuration\": {\n" + "        \"url\": \"some-url\"\n" + "      }\n" + "    }\n" + "  ],\n" + "  \"role_configs\": [\n" + "    {\n" + "      \"name\": \"foo\",\n" + "      \"auth_config_id\": \"ldap\",\n" + "      \"configuration\": {\n" + "        \"memberOf\": \"ou=some-value\"\n" + "      }\n" + "    }\n" + "  ]\n" + "}";
    String responseBody = "{\"user\":{\"username\":\"bob\",\"display_name\":\"Bob\",\"email\":\"bob@example.com\"},\"roles\":[\"blackbird\"]}";
    when(pluginManager.submitTo(eq(PLUGIN_ID), eq(AUTHORIZATION_EXTENSION), requestArgumentCaptor.capture())).thenReturn(new DefaultGoPluginApiResponse(SUCCESS_RESPONSE_CODE, responseBody));
    final PluginRoleConfig roleConfig = new PluginRoleConfig("foo", "ldap", create("memberOf", false, "ou=some-value"));
    final List<PluginRoleConfig> pluginRoleConfigs = Collections.singletonList(roleConfig);
    final SecurityAuthConfigs authConfigs = new SecurityAuthConfigs();
    authConfigs.add(new SecurityAuthConfig("ldap", "cd.go.ldap", create("url", false, "some-url")));
    AuthenticationResponse authenticationResponse = authorizationExtension.authenticateUser(PLUGIN_ID, "bob", "secret", authConfigs, pluginRoleConfigs);
    assertRequest(requestArgumentCaptor.getValue(), AUTHORIZATION_EXTENSION, "1.0", REQUEST_AUTHENTICATE_USER, requestBody);
    assertThat(authenticationResponse.getUser()).isEqualTo(new User("bob", "Bob", "bob@example.com"));
    assertThat(authenticationResponse.getRoles().get(0)).isEqualTo("blackbird");
}
Also used : SecurityAuthConfig(com.thoughtworks.go.config.SecurityAuthConfig) User(com.thoughtworks.go.plugin.domain.authorization.User) DefaultGoPluginApiResponse(com.thoughtworks.go.plugin.api.response.DefaultGoPluginApiResponse) SecurityAuthConfigs(com.thoughtworks.go.config.SecurityAuthConfigs) PluginRoleConfig(com.thoughtworks.go.config.PluginRoleConfig) AuthenticationResponse(com.thoughtworks.go.plugin.domain.authorization.AuthenticationResponse) Test(org.junit.jupiter.api.Test)

Example 3 with User

use of com.thoughtworks.go.plugin.domain.authorization.User in project gocd by gocd.

the class AuthorizationExtensionTest method shouldTalkToPlugin_To_AuthenticateUserWithEmptyListIfRoleConfigsAreNotProvided.

@Test
void shouldTalkToPlugin_To_AuthenticateUserWithEmptyListIfRoleConfigsAreNotProvided() {
    String requestBody = "{\n" + "  \"credentials\": {\n" + "    \"username\": \"bob\",\n" + "    \"password\": \"secret\"\n" + "  },\n" + "  \"auth_configs\": [\n" + "    {\n" + "      \"id\": \"ldap\",\n" + "      \"configuration\": {\n" + "        \"url\": \"some-url\"\n" + "      }\n" + "    }\n" + "  ],\n" + "  \"role_configs\": []\n" + "}";
    String responseBody = "{\"user\":{\"username\":\"bob\",\"display_name\":\"Bob\",\"email\":\"bob@example.com\"},\"roles\":[\"blackbird\"]}";
    when(pluginManager.submitTo(eq(PLUGIN_ID), eq(AUTHORIZATION_EXTENSION), requestArgumentCaptor.capture())).thenReturn(new DefaultGoPluginApiResponse(SUCCESS_RESPONSE_CODE, responseBody));
    final SecurityAuthConfigs authConfigs = new SecurityAuthConfigs();
    authConfigs.add(new SecurityAuthConfig("ldap", "cd.go.ldap", create("url", false, "some-url")));
    AuthenticationResponse authenticationResponse = authorizationExtension.authenticateUser(PLUGIN_ID, "bob", "secret", authConfigs, null);
    assertRequest(requestArgumentCaptor.getValue(), AUTHORIZATION_EXTENSION, "1.0", REQUEST_AUTHENTICATE_USER, requestBody);
    assertThat(authenticationResponse.getUser()).isEqualTo(new User("bob", "Bob", "bob@example.com"));
    assertThat(authenticationResponse.getRoles().get(0)).isEqualTo("blackbird");
}
Also used : SecurityAuthConfig(com.thoughtworks.go.config.SecurityAuthConfig) User(com.thoughtworks.go.plugin.domain.authorization.User) DefaultGoPluginApiResponse(com.thoughtworks.go.plugin.api.response.DefaultGoPluginApiResponse) SecurityAuthConfigs(com.thoughtworks.go.config.SecurityAuthConfigs) AuthenticationResponse(com.thoughtworks.go.plugin.domain.authorization.AuthenticationResponse) Test(org.junit.jupiter.api.Test)

Example 4 with User

use of com.thoughtworks.go.plugin.domain.authorization.User in project gocd by gocd.

the class AccessTokenBasedPluginAuthenticationProvider method authenticateWithExtension.

@Override
protected AuthenticationResponse authenticateWithExtension(String pluginId, AccessTokenCredential credentials, SecurityAuthConfig authConfig, List<PluginRoleConfig> pluginRoleConfigs) {
    String username = credentials.getAccessToken().getUsername();
    if (authorizationExtensionCacheService.isValidUser(pluginId, username, authConfig)) {
        List<String> roles = new ArrayList<>();
        if (store.doesPluginSupportGetUserRolesCall(pluginId)) {
            roles.addAll(authorizationExtensionCacheService.getUserRoles(pluginId, username, authConfig, pluginRoleConfigs));
        }
        com.thoughtworks.go.domain.User fetched = userService.findUserByName(username);
        User user = new User(fetched.getUsername().getUsername().toString(), fetched.getDisplayName(), fetched.getEmail());
        return new AuthenticationResponse(user, roles);
    } else {
        String msg = String.format("Access Token belonging to the user has either been disabled, removed or expired. ", username, pluginId, authConfig.getId());
        throw new InvalidAccessTokenException(msg);
    }
}
Also used : InvalidAccessTokenException(com.thoughtworks.go.server.exceptions.InvalidAccessTokenException) User(com.thoughtworks.go.plugin.domain.authorization.User) ArrayList(java.util.ArrayList) AuthenticationResponse(com.thoughtworks.go.plugin.domain.authorization.AuthenticationResponse)

Example 5 with User

use of com.thoughtworks.go.plugin.domain.authorization.User in project gocd by gocd.

the class AbstractPluginAuthenticationProvider method authenticateUser.

public AuthenticationToken<T> authenticateUser(T credentials, SecurityAuthConfig authConfig) {
    String pluginId = authConfig.getPluginId();
    try {
        if (!doesPluginSupportAuthentication(pluginId)) {
            return null;
        }
        final List<PluginRoleConfig> roleConfigs = goConfigService.security().getRoles().pluginRoleConfigsFor(authConfig.getId());
        LOGGER.debug("Authenticating user using the authorization plugin: `{}`", pluginId);
        AuthenticationResponse response = authenticateWithExtension(pluginId, credentials, authConfig, roleConfigs);
        User user = ensureDisplayNamePresent(response.getUser());
        if (user != null) {
            userService.addOrUpdateUser(toDomainUser(user), authConfig);
            pluginRoleService.updatePluginRoles(pluginId, user.getUsername(), CaseInsensitiveString.list(response.getRoles()));
            LOGGER.debug("Successfully authenticated user: `{}` using the authorization plugin: `{}`", user.getUsername(), pluginId);
            final GoUserPrinciple goUserPrinciple = new GoUserPrinciple(user.getUsername(), user.getDisplayName(), authorityGranter.authorities(user.getUsername()));
            return createAuthenticationToken(goUserPrinciple, credentials, pluginId, authConfig.getId());
        }
    } catch (OnlyKnownUsersAllowedException e) {
        LOGGER.info("User {} is successfully authenticated. Auto register new user is disabled. Please refer {}", e.getUsername(), CurrentGoCDVersion.docsUrl("configuration/dev_authentication.html#controlling-user-access"));
        throw e;
    } catch (InvalidAccessTokenException e) {
        LOGGER.error("Error while authenticating user using auth_config: {} with the authorization plugin: {} ", authConfig.getId(), pluginId);
        throw e;
    } catch (Exception e) {
        LOGGER.error("Error while authenticating user using auth_config: {} with the authorization plugin: {} ", authConfig.getId(), pluginId);
    }
    LOGGER.debug("Authentication failed using the authorization plugin: `{}`", pluginId);
    return null;
}
Also used : InvalidAccessTokenException(com.thoughtworks.go.server.exceptions.InvalidAccessTokenException) User(com.thoughtworks.go.plugin.domain.authorization.User) OnlyKnownUsersAllowedException(com.thoughtworks.go.server.security.OnlyKnownUsersAllowedException) CaseInsensitiveString(com.thoughtworks.go.config.CaseInsensitiveString) GoUserPrinciple(com.thoughtworks.go.server.security.userdetail.GoUserPrinciple) PluginRoleConfig(com.thoughtworks.go.config.PluginRoleConfig) AuthenticationResponse(com.thoughtworks.go.plugin.domain.authorization.AuthenticationResponse) InvalidAccessTokenException(com.thoughtworks.go.server.exceptions.InvalidAccessTokenException) OnlyKnownUsersAllowedException(com.thoughtworks.go.server.security.OnlyKnownUsersAllowedException)

Aggregations

User (com.thoughtworks.go.plugin.domain.authorization.User)6 AuthenticationResponse (com.thoughtworks.go.plugin.domain.authorization.AuthenticationResponse)4 Test (org.junit.jupiter.api.Test)4 SecurityAuthConfig (com.thoughtworks.go.config.SecurityAuthConfig)3 DefaultGoPluginApiResponse (com.thoughtworks.go.plugin.api.response.DefaultGoPluginApiResponse)3 PluginRoleConfig (com.thoughtworks.go.config.PluginRoleConfig)2 SecurityAuthConfigs (com.thoughtworks.go.config.SecurityAuthConfigs)2 InvalidAccessTokenException (com.thoughtworks.go.server.exceptions.InvalidAccessTokenException)2 CaseInsensitiveString (com.thoughtworks.go.config.CaseInsensitiveString)1 SecurityConfig (com.thoughtworks.go.config.SecurityConfig)1 UserSearchModel (com.thoughtworks.go.presentation.UserSearchModel)1 OnlyKnownUsersAllowedException (com.thoughtworks.go.server.security.OnlyKnownUsersAllowedException)1 GoUserPrinciple (com.thoughtworks.go.server.security.userdetail.GoUserPrinciple)1 HttpLocalizedOperationResult (com.thoughtworks.go.server.service.result.HttpLocalizedOperationResult)1 ArrayList (java.util.ArrayList)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial