Examples with AccessToken - com.thoughtworks.go.server.newsecurity.models.AccessToken

Example 1 with AccessToken

use of com.thoughtworks.go.server.newsecurity.models.AccessToken in project gocd by gocd.

the class WebBasedPluginAuthenticationProviderTest method shouldFetchAccessTokenFromPlugin.

@Test
void shouldFetchAccessTokenFromPlugin() {
    when(authorizationExtension.fetchAccessToken(PLUGIN_ID, emptyMap(), singletonMap("code", "some-code"), singletonList(githubSecurityAuthconfig))).thenReturn(singletonMap("access_token", "some-access-token"));
    final AccessToken accessToken = authenticationProvider.fetchAccessToken(PLUGIN_ID, emptyMap(), singletonMap("code", "some-code"));
    assertThat(accessToken.getCredentials()).containsEntry("access_token", "some-access-token").hasSize(1);
}

Also used : AccessToken(com.thoughtworks.go.server.newsecurity.models.AccessToken) Test(org.junit.jupiter.api.Test)

Example 2 with AccessToken

use of com.thoughtworks.go.server.newsecurity.models.AccessToken in project gocd by gocd.

the class AuthenticationController method authenticateWithWebBasedPlugin.

@RequestMapping(value = "/plugin/{pluginId}/authenticate")
public RedirectView authenticateWithWebBasedPlugin(@PathVariable("pluginId") String pluginId, HttpServletRequest request) {
    if (securityIsDisabledOrAlreadyLoggedIn(request)) {
        return new RedirectView("/pipelines", true);
    }
    LOGGER.debug("Requesting authentication for form auth.");
    SavedRequest savedRequest = SessionUtils.savedRequest(request);
    try {
        final AccessToken accessToken = webBasedPluginAuthenticationProvider.fetchAccessToken(pluginId, getRequestHeaders(request), getParameterMap(request));
        AuthenticationToken<AccessToken> authenticationToken = webBasedPluginAuthenticationProvider.authenticate(accessToken, pluginId);
        if (authenticationToken == null) {
            return unknownAuthenticationError(request);
        }
        SessionUtils.setAuthenticationTokenAfterRecreatingSession(authenticationToken, request);
    } catch (AuthenticationException e) {
        LOGGER.error("Failed to authenticate user.", e);
        return badAuthentication(request, e.getMessage());
    } catch (Exception e) {
        return unknownAuthenticationError(request);
    }
    SessionUtils.removeAuthenticationError(request);
    String redirectUrl = savedRequest == null ? "/go/pipelines" : savedRequest.getRedirectUrl();
    return new RedirectView(redirectUrl, false);
}

Also used : AuthenticationException(org.springframework.security.core.AuthenticationException) AccessToken(com.thoughtworks.go.server.newsecurity.models.AccessToken) RedirectView(org.springframework.web.servlet.view.RedirectView) AuthenticationException(org.springframework.security.core.AuthenticationException) SavedRequest(org.springframework.security.web.savedrequest.SavedRequest) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Aggregations

AccessToken (com.thoughtworks.go.server.newsecurity.models.AccessToken)2 Test (org.junit.jupiter.api.Test)1 AuthenticationException (org.springframework.security.core.AuthenticationException)1 SavedRequest (org.springframework.security.web.savedrequest.SavedRequest)1 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)1 RedirectView (org.springframework.web.servlet.view.RedirectView)1