use of com.thoughtworks.go.security.GoCipher in project gocd by gocd.
the class ServerConfigServiceIntegrationTest method updateServerConfig_ShouldFailWhenAllowAutoLoginIsTurnedOffWithNoAdminsRemaining.
@Test
public void updateServerConfig_ShouldFailWhenAllowAutoLoginIsTurnedOffWithNoAdminsRemaining() throws IOException {
configHelper.enableSecurity();
userService.deleteAll();
HttpLocalizedOperationResult result = new HttpLocalizedOperationResult();
serverConfigService.updateServerConfig(new MailHost(new GoCipher()), "artifacts", null, null, "42", false, "http://site_url", "https://secure_site_url", "default", result, goConfigDao.md5OfConfigFile());
assertThat(result.isSuccessful(), is(false));
assertThat(result.message(localizer), containsString("Cannot disable auto login with no admins enabled."));
}
use of com.thoughtworks.go.security.GoCipher in project gocd by gocd.
the class PipelineTriggerServiceIntegrationTest method shouldNotScheduleAPipelineWithTheJunkEncryptedEnvironmentVariable.
@Test
public void shouldNotScheduleAPipelineWithTheJunkEncryptedEnvironmentVariable() throws InvalidCipherTextException {
pipelineConfig.addEnvironmentVariable(new EnvironmentVariableConfig(new GoCipher(), "SECURE_VAR1", "SECURE_VAL", true));
pipelineConfigService.updatePipelineConfig(admin, pipelineConfig, entityHashingService.md5ForEntity(pipelineConfig), new HttpLocalizedOperationResult());
assertThat(triggerMonitor.isAlreadyTriggered(pipelineName), is(false));
PipelineScheduleOptions pipelineScheduleOptions = new PipelineScheduleOptions();
String overriddenEncryptedValue = "some_junk";
pipelineScheduleOptions.getAllEnvironmentVariables().add(new EnvironmentVariableConfig(new GoCipher(), "SECURE_VAR1", overriddenEncryptedValue));
pipelineTriggerService.schedule(pipelineName, pipelineScheduleOptions, admin, result);
assertThat(result.isSuccess(), is(false));
assertThat(result.fullMessage(), is("Request to schedule pipeline rejected { Encrypted value for variable named 'SECURE_VAR1' is invalid. This usually happens when the cipher text is modified to have an invalid value. }"));
assertThat(result.httpCode(), is(422));
assertThat(triggerMonitor.isAlreadyTriggered(pipelineName), is(false));
}
use of com.thoughtworks.go.security.GoCipher in project gocd by gocd.
the class SvnMaterialTest method shouldErrorOutIfDecryptionFails.
@Test
public void shouldErrorOutIfDecryptionFails() throws InvalidCipherTextException {
GoCipher mockGoCipher = mock(GoCipher.class);
String fakeCipherText = "fake cipher text";
when(mockGoCipher.decrypt(fakeCipherText)).thenThrow(new InvalidCipherTextException("exception"));
SvnMaterial material = new SvnMaterial("/foo", "username", null, false, mockGoCipher);
ReflectionUtil.setField(material, "encryptedPassword", fakeCipherText);
try {
material.getPassword();
fail("Should have thrown up");
} catch (Exception e) {
assertThat(e.getMessage(), is("Could not decrypt the password to get the real password"));
}
}
use of com.thoughtworks.go.security.GoCipher in project gocd by gocd.
the class ConfigurationPropertyTest method shouldFailValidationIfAPropertyDoesNotHaveValue.
@Test
public void shouldFailValidationIfAPropertyDoesNotHaveValue() {
ConfigurationProperty property = new ConfigurationProperty(new ConfigurationKey("secureKey"), null, new EncryptedConfigurationValue("invalid-encrypted-value"), new GoCipher());
property.validate(ConfigSaveValidationContext.forChain(property));
assertThat(property.errors().isEmpty(), is(false));
assertThat(property.errors().getAllOn(ConfigurationProperty.ENCRYPTED_VALUE).contains("Encrypted value for property with key 'secureKey' is invalid. This usually happens when the cipher text is modified to have an invalid value."), is(true));
}
use of com.thoughtworks.go.security.GoCipher in project gocd by gocd.
the class ConfigurationPropertyTest method shouldSetConfigAttributesForSecurePropertyWhenUserChangesIt.
@Test
public void shouldSetConfigAttributesForSecurePropertyWhenUserChangesIt() throws Exception {
ConfigurationProperty configurationProperty = new ConfigurationProperty();
HashMap attributes = new HashMap();
HashMap keyMap = new HashMap();
final String secureKey = "fooKey";
keyMap.put("name", secureKey);
attributes.put(ConfigurationProperty.CONFIGURATION_KEY, keyMap);
HashMap valueMap = new HashMap();
valueMap.put("value", "fooValue");
attributes.put(ConfigurationProperty.CONFIGURATION_VALUE, valueMap);
attributes.put(ConfigurationProperty.IS_CHANGED, "0");
configurationProperty.setConfigAttributes(attributes, new SecureKeyInfoProvider() {
@Override
public boolean isSecure(String key) {
return secureKey.equals(key);
}
});
String encryptedValue = new GoCipher().encrypt("fooValue");
assertThat(configurationProperty.getConfigurationKey().getName(), is(secureKey));
assertThat(configurationProperty.getConfigurationValue(), is(nullValue()));
assertThat(configurationProperty.getEncryptedValue(), is(encryptedValue));
}
Aggregations