Example 11 with UsernamePassword
use of com.thoughtworks.go.server.newsecurity.models.UsernamePassword in project gocd by gocd.
the class InvalidateAuthenticationOnSecurityConfigChangeFilterTest method shouldContinueWithTheChainIfTheSecurityConfigHasNotChanged.
@Test
void shouldContinueWithTheChainIfTheSecurityConfigHasNotChanged() throws IOException, ServletException {
request = HttpRequestBuilder.GET("/").withRequestedSessionIdFromSession().build();
final AuthenticationToken<UsernamePassword> authenticationToken = setupAuthentication();
SessionUtils.setAuthenticationTokenAfterRecreatingSession(authenticationToken, request);
final HttpSession originalSession = request.getSession(false);
assertThat(SessionUtils.getAuthenticationToken(request).isAuthenticated(clock, systemEnvironment)).isTrue();
filter.doFilter(request, response, filterChain);
assertThat(request.getSession(false).getAttribute(SECURITY_CONFIG_LAST_CHANGE)).isEqualTo(clock.currentTimeMillis());
long timeBeforeConfigChange = clock.currentTimeMillis();
clock.addSeconds(1);
cruiseConfig.addEnvironment("Foo");
filter.onConfigChange(GoConfigMother.deepClone(cruiseConfig));
response.reset();
filter.doFilter(request, response, filterChain);
assertThat(SessionUtils.getAuthenticationToken(request).isAuthenticated(clock, systemEnvironment)).isTrue();
assertThat(request.getSession(false)).isSameAs(originalSession);
assertThat(request.getSession(false).getAttribute(SECURITY_CONFIG_LAST_CHANGE)).isEqualTo(timeBeforeConfigChange);
verifyNoInteractions(cacheService);
}
Also used :
HttpSession(javax.servlet.http.HttpSession)
UsernamePassword(com.thoughtworks.go.server.newsecurity.models.UsernamePassword)
Test(org.junit.jupiter.api.Test)
Example 12 with UsernamePassword
use of com.thoughtworks.go.server.newsecurity.models.UsernamePassword in project gocd by gocd.
the class DashBoardControllerTest method shouldResolveDashboardViewForStandby.
@Test
void shouldResolveDashboardViewForStandby() {
when(authToken.isValid()).thenReturn(true);
when(authToken.toUsernamePassword()).thenReturn(new UsernamePassword(USERNAME, PASSWORD));
when(addOnConfiguration.isServerInStandby()).thenReturn(true);
when(railsAssetsService.getAssetPath("application.css")).thenReturn("application.css");
when(railsAssetsService.getAssetPath("patterns/application.css")).thenReturn("patterns/application.css");
when(railsAssetsService.getAssetPath("application.js")).thenReturn("application.js");
when(railsAssetsService.getAssetPath("cruise.ico")).thenReturn("cruise.ico");
Map<String, String> expectedModelMap = new HashMap<>();
expectedModelMap.put("REPLACED_BY_GO:application.css", "application.css");
expectedModelMap.put("REPLACED_BY_GO:patterns/application.css", "patterns/application.css");
expectedModelMap.put("REPLACED_BY_GO:application.js", "application.js");
expectedModelMap.put("REPLACED_BY_GO:cruise.ico", "cruise.ico");
String template = "<html></html>";
when(viewResolver.resolveView("standby_dashboard", expectedModelMap)).thenReturn(template);
HttpServletRequest request = HttpRequestBuilder.GET("").withBasicAuth(USERNAME, PASSWORD).build();
String view = controller.dashboard(request, null);
assertThat(view).isEqualTo(template);
}
Also used :
HttpServletRequest(javax.servlet.http.HttpServletRequest)
HashMap(java.util.HashMap)
UsernamePassword(com.thoughtworks.go.server.newsecurity.models.UsernamePassword)
Test(org.junit.jupiter.api.Test)
Example 13 with UsernamePassword
use of com.thoughtworks.go.server.newsecurity.models.UsernamePassword in project gocd by gocd.
the class DashBoardControllerTest method shouldProvideDashboardContentsForStandby.
@Test
void shouldProvideDashboardContentsForStandby() {
when(authToken.isValid()).thenReturn(true);
when(authToken.toUsernamePassword()).thenReturn(new UsernamePassword(USERNAME, PASSWORD));
when(authToken.forHttp()).thenReturn(CREDENTIALS);
HttpServletRequest request = HttpRequestBuilder.GET("").withBasicAuth(USERNAME, PASSWORD).build();
httpClientMock.onGet("https://localhost:8154/go/add-on/business-continuity/api/health-check").withHeader("Authorization", AUTHORIZATION_HEADER_VALUE).doReturnStatus(200);
httpClientMock.onGet("https://localhost:8154/go/add-on/business-continuity/api/latest_database_wal_location").withHeader("Authorization", AUTHORIZATION_HEADER_VALUE).doReturn(200, "/logs/location");
httpClientMock.onGet("https://localhost:8154/go/add-on/business-continuity/api/config_files_status").withHeader("Authorization", AUTHORIZATION_HEADER_VALUE).doReturn(200, "{\"configFilesUpdateInterval\":10,\"fileDetailsMap\":{\"CRUISE_CONFIG_XML\":{\"md5\":\"a\"}}}");
httpClientMock.onGet("https://localhost:8154/go/add-on/business-continuity/api/plugin_files_status").withHeader("Authorization", AUTHORIZATION_HEADER_VALUE).doReturn(200, "{\"bundled\":[{\"name\":\"yum.jar\",\"md5\":\"LAVBbwaDykricDnAP57klg\\u003d\\u003d\"}],\"external\":[{\"name\":\"external1.jar\",\"md5\":\"+yWDK4+tYQtfqyh3tmT95A\\u003d\\u003d\"},{\"name\":\"external2.jar\",\"md5\":\"DS/Oa0vv5URteXfzSU7mvQ\\u003d\\u003d\"}]}");
when(addOnConfiguration.isServerInStandby()).thenReturn(true);
MockHttpServletResponse response = new MockHttpServletResponse();
String dashboardData = controller.dashboardData(request, response);
MockHttpServletResponseAssert.assertThat(response).hasStatus(200);
JsonFluentAssert.assertThatJson(dashboardData).isEqualTo("{\n" + " \"setupStatus\": \"success\",\n" + " \"userName\": \"bob\",\n" + " \"standbyServerDetails\": {\n" + " \"primaryStatusCheckInterval\": 0,\n" + " \"pluginStatus\": \"\",\n" + " \"lastUpdateTime\": " + new GsonBuilder().setDateFormat("MMM d, YYYY HH:mm:ss").create().toJson(new Date(0)) + "\n" + " },\n" + " \"primaryServerDetails\": {\n" + " \"latestDatabaseWalLocation\": \"/logs/location\",\n" + " \"configFilesUpdateInterval\": 10,\n" + " \"lastConfigUpdateTime\": " + new GsonBuilder().setDateFormat("MMM d, YYYY HH:mm:ss").create().toJson(new Date(0)) + ",\n" + " \"CRUISE_CONFIG_XML\": {\n" + " \"md5\": \"a\"\n" + " },\n" + " \"pluginStatus\": \"external1.jar\\u003d+yWDK4+tYQtfqyh3tmT95A\\u003d\\u003d, external2.jar\\u003dDS/Oa0vv5URteXfzSU7mvQ\\u003d\\u003d\",\n" + " \"url\": \"https://localhost:8154\"\n" + " },\n" + " \"syncErrors\": []\n" + "}");
}
Also used :
HttpServletRequest(javax.servlet.http.HttpServletRequest)
GsonBuilder(com.google.gson.GsonBuilder)
MockHttpServletResponse(com.thoughtworks.go.http.mocks.MockHttpServletResponse)
Date(java.util.Date)
UsernamePassword(com.thoughtworks.go.server.newsecurity.models.UsernamePassword)
Test(org.junit.jupiter.api.Test)
Example 14 with UsernamePassword
use of com.thoughtworks.go.server.newsecurity.models.UsernamePassword in project gocd by gocd.
the class AuthTokenTest method shouldGetTheTokenStringAfterStrippingWhitespace.
@Test
public void shouldGetTheTokenStringAfterStrippingWhitespace() throws IOException {
AuthToken authToken = new AuthToken(systemEnvironment);
FileUtils.writeStringToFile(tokenFile, "\n\t bl = ah \r\n \t", UTF_8);
Assertions.assertThat(authToken.toUsernamePassword()).isEqualTo(new UsernamePassword("bl", "ah"));
Assertions.assertThat(authToken.forHttp()).isEqualTo("bl:ah");
}
Also used :
UsernamePassword(com.thoughtworks.go.server.newsecurity.models.UsernamePassword)
Test(org.junit.jupiter.api.Test)
Aggregations
UsernamePassword (com.thoughtworks.go.server.newsecurity.models.UsernamePassword)14
Test (org.junit.jupiter.api.Test)9
HttpServletRequest (javax.servlet.http.HttpServletRequest)5
HttpSession (javax.servlet.http.HttpSession)4
MockHttpServletResponse (com.thoughtworks.go.http.mocks.MockHttpServletResponse)3
HashMap (java.util.HashMap)2
AuthenticationException (org.springframework.security.core.AuthenticationException)2
GsonBuilder (com.google.gson.GsonBuilder)1
MockFilterChain (com.thoughtworks.go.http.mocks.MockFilterChain)1
MockHttpServletRequest (com.thoughtworks.go.http.mocks.MockHttpServletRequest)1
GoUserPrinciple (com.thoughtworks.go.server.security.userdetail.GoUserPrinciple)1
Date (java.util.Date)1
Matcher (java.util.regex.Matcher)1
FilterChain (javax.servlet.FilterChain)1
Servlet (javax.servlet.Servlet)1
HttpServletResponse (javax.servlet.http.HttpServletResponse)1
BadCredentialsException (org.springframework.security.authentication.BadCredentialsException)1
SavedRequest (org.springframework.security.web.savedrequest.SavedRequest)1
RequestMapping (org.springframework.web.bind.annotation.RequestMapping)1
OncePerRequestFilter (org.springframework.web.filter.OncePerRequestFilter)1
