Search in sources :

Example 46 with GoCipher

use of com.thoughtworks.go.security.GoCipher in project gocd by gocd.

the class ServerConfigServiceIntegrationTest method updateServerConfig_ShouldFailWhenAllowAutoLoginIsTurnedOffWithNoAdminsRemaining.

@Test
public void updateServerConfig_ShouldFailWhenAllowAutoLoginIsTurnedOffWithNoAdminsRemaining() throws IOException {
    configHelper.enableSecurity();
    userService.deleteAll();
    HttpLocalizedOperationResult result = new HttpLocalizedOperationResult();
    serverConfigService.updateServerConfig(new MailHost(new GoCipher()), "artifacts", null, null, "42", false, "http://site_url", "https://secure_site_url", "default", result, goConfigDao.md5OfConfigFile());
    assertThat(result.isSuccessful(), is(false));
    assertThat(result.message(localizer), containsString("Cannot disable auto login with no admins enabled."));
}
Also used : HttpLocalizedOperationResult(com.thoughtworks.go.server.service.result.HttpLocalizedOperationResult) GoCipher(com.thoughtworks.go.security.GoCipher) Test(org.junit.Test)

Example 47 with GoCipher

use of com.thoughtworks.go.security.GoCipher in project gocd by gocd.

the class PipelineTriggerServiceIntegrationTest method shouldNotScheduleAPipelineWithTheJunkEncryptedEnvironmentVariable.

@Test
public void shouldNotScheduleAPipelineWithTheJunkEncryptedEnvironmentVariable() throws InvalidCipherTextException {
    pipelineConfig.addEnvironmentVariable(new EnvironmentVariableConfig(new GoCipher(), "SECURE_VAR1", "SECURE_VAL", true));
    pipelineConfigService.updatePipelineConfig(admin, pipelineConfig, entityHashingService.md5ForEntity(pipelineConfig), new HttpLocalizedOperationResult());
    assertThat(triggerMonitor.isAlreadyTriggered(pipelineName), is(false));
    PipelineScheduleOptions pipelineScheduleOptions = new PipelineScheduleOptions();
    String overriddenEncryptedValue = "some_junk";
    pipelineScheduleOptions.getAllEnvironmentVariables().add(new EnvironmentVariableConfig(new GoCipher(), "SECURE_VAR1", overriddenEncryptedValue));
    pipelineTriggerService.schedule(pipelineName, pipelineScheduleOptions, admin, result);
    assertThat(result.isSuccess(), is(false));
    assertThat(result.fullMessage(), is("Request to schedule pipeline rejected { Encrypted value for variable named 'SECURE_VAR1' is invalid. This usually happens when the cipher text is modified to have an invalid value. }"));
    assertThat(result.httpCode(), is(422));
    assertThat(triggerMonitor.isAlreadyTriggered(pipelineName), is(false));
}
Also used : EnvironmentVariableConfig(com.thoughtworks.go.config.EnvironmentVariableConfig) HttpLocalizedOperationResult(com.thoughtworks.go.server.service.result.HttpLocalizedOperationResult) GoCipher(com.thoughtworks.go.security.GoCipher) PipelineScheduleOptions(com.thoughtworks.go.server.domain.PipelineScheduleOptions) CaseInsensitiveString(com.thoughtworks.go.config.CaseInsensitiveString) Test(org.junit.Test)

Example 48 with GoCipher

use of com.thoughtworks.go.security.GoCipher in project gocd by gocd.

the class SvnMaterialTest method shouldErrorOutIfDecryptionFails.

@Test
public void shouldErrorOutIfDecryptionFails() throws InvalidCipherTextException {
    GoCipher mockGoCipher = mock(GoCipher.class);
    String fakeCipherText = "fake cipher text";
    when(mockGoCipher.decrypt(fakeCipherText)).thenThrow(new InvalidCipherTextException("exception"));
    SvnMaterial material = new SvnMaterial("/foo", "username", null, false, mockGoCipher);
    ReflectionUtil.setField(material, "encryptedPassword", fakeCipherText);
    try {
        material.getPassword();
        fail("Should have thrown up");
    } catch (Exception e) {
        assertThat(e.getMessage(), is("Could not decrypt the password to get the real password"));
    }
}
Also used : InvalidCipherTextException(org.bouncycastle.crypto.InvalidCipherTextException) GoCipher(com.thoughtworks.go.security.GoCipher) SvnMaterial(com.thoughtworks.go.config.materials.svn.SvnMaterial) CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString) InvalidCipherTextException(org.bouncycastle.crypto.InvalidCipherTextException) Test(org.junit.Test)

Example 49 with GoCipher

use of com.thoughtworks.go.security.GoCipher in project gocd by gocd.

the class ConfigurationPropertyTest method shouldFailValidationIfAPropertyDoesNotHaveValue.

@Test
public void shouldFailValidationIfAPropertyDoesNotHaveValue() {
    ConfigurationProperty property = new ConfigurationProperty(new ConfigurationKey("secureKey"), null, new EncryptedConfigurationValue("invalid-encrypted-value"), new GoCipher());
    property.validate(ConfigSaveValidationContext.forChain(property));
    assertThat(property.errors().isEmpty(), is(false));
    assertThat(property.errors().getAllOn(ConfigurationProperty.ENCRYPTED_VALUE).contains("Encrypted value for property with key 'secureKey' is invalid. This usually happens when the cipher text is modified to have an invalid value."), is(true));
}
Also used : GoCipher(com.thoughtworks.go.security.GoCipher) Test(org.junit.Test)

Example 50 with GoCipher

use of com.thoughtworks.go.security.GoCipher in project gocd by gocd.

the class ConfigurationPropertyTest method shouldSetConfigAttributesForSecurePropertyWhenUserChangesIt.

@Test
public void shouldSetConfigAttributesForSecurePropertyWhenUserChangesIt() throws Exception {
    ConfigurationProperty configurationProperty = new ConfigurationProperty();
    HashMap attributes = new HashMap();
    HashMap keyMap = new HashMap();
    final String secureKey = "fooKey";
    keyMap.put("name", secureKey);
    attributes.put(ConfigurationProperty.CONFIGURATION_KEY, keyMap);
    HashMap valueMap = new HashMap();
    valueMap.put("value", "fooValue");
    attributes.put(ConfigurationProperty.CONFIGURATION_VALUE, valueMap);
    attributes.put(ConfigurationProperty.IS_CHANGED, "0");
    configurationProperty.setConfigAttributes(attributes, new SecureKeyInfoProvider() {

        @Override
        public boolean isSecure(String key) {
            return secureKey.equals(key);
        }
    });
    String encryptedValue = new GoCipher().encrypt("fooValue");
    assertThat(configurationProperty.getConfigurationKey().getName(), is(secureKey));
    assertThat(configurationProperty.getConfigurationValue(), is(nullValue()));
    assertThat(configurationProperty.getEncryptedValue(), is(encryptedValue));
}
Also used : GoCipher(com.thoughtworks.go.security.GoCipher) HashMap(java.util.HashMap) Matchers.anyString(org.mockito.Matchers.anyString) Test(org.junit.Test)

Aggregations

GoCipher (com.thoughtworks.go.security.GoCipher)149 Test (org.junit.Test)128 UrlArgument (com.thoughtworks.go.util.command.UrlArgument)36 HttpLocalizedOperationResult (com.thoughtworks.go.server.service.result.HttpLocalizedOperationResult)16 CaseInsensitiveString (com.thoughtworks.go.config.CaseInsensitiveString)15 HashMap (java.util.HashMap)15 ConfigurationProperty (com.thoughtworks.go.domain.config.ConfigurationProperty)11 EnvironmentVariableConfig (com.thoughtworks.go.config.EnvironmentVariableConfig)10 ConfigurationKey (com.thoughtworks.go.domain.config.ConfigurationKey)10 ConfigurationValue (com.thoughtworks.go.domain.config.ConfigurationValue)10 EncryptedConfigurationValue (com.thoughtworks.go.domain.config.EncryptedConfigurationValue)10 Configuration (com.thoughtworks.go.domain.config.Configuration)9 ConfigSaveValidationContext (com.thoughtworks.go.config.ConfigSaveValidationContext)8 SvnMaterialConfig (com.thoughtworks.go.config.materials.svn.SvnMaterialConfig)7 TfsMaterialConfig (com.thoughtworks.go.config.materials.tfs.TfsMaterialConfig)7 PluginConfiguration (com.thoughtworks.go.domain.config.PluginConfiguration)7 PackageConfiguration (com.thoughtworks.go.plugin.access.packagematerial.PackageConfiguration)7 Map (java.util.Map)7 PackageConfigurations (com.thoughtworks.go.plugin.access.packagematerial.PackageConfigurations)6 File (java.io.File)6