Search in sources :

Example 6 with Modification

use of com.unboundid.ldap.sdk.Modification in project cas by apereo.

the class BaseLdapConsentRepositoryTests method cleanDecisions.

@After
public void cleanDecisions() throws Exception {
    final LDAPConnection conn = getConnection();
    final SearchResult res = conn.search(USER_DN, SearchScope.SUB, DEF_FILTER, ATTR_NAME);
    if (res.getEntryCount() != 0 && res.getSearchEntry(USER_DN).hasAttribute(ATTR_NAME)) {
        conn.modify(USER_DN, new Modification(ModificationType.DELETE, ATTR_NAME));
    }
    final SearchResult res2 = conn.search(USER2_DN, SearchScope.SUB, DEF_FILTER, ATTR_NAME);
    if (res2.getEntryCount() != 0 && res2.getSearchEntry(USER2_DN).hasAttribute(ATTR_NAME)) {
        conn.modify(USER2_DN, new Modification(ModificationType.DELETE, ATTR_NAME));
    }
}
Also used : Modification(com.unboundid.ldap.sdk.Modification) SearchResult(com.unboundid.ldap.sdk.SearchResult) LDAPConnection(com.unboundid.ldap.sdk.LDAPConnection) After(org.junit.After)

Example 7 with Modification

use of com.unboundid.ldap.sdk.Modification in project gitblit by gitblit.

the class LdapPublicKeyManagerTest method testGetKeysPermissions.

@Test
public void testGetKeysPermissions() throws LDAPException {
    // This test is independent from authentication mode, so run only once.
    assumeTrue(authMode == AuthMode.ANONYMOUS);
    String keyRsaOne = getRsaPubKey("UserOne@example.com");
    String keyRsaTwo = getRsaPubKey("");
    String keyDsaTwo = getDsaPubKey("UserTwo at example.com");
    String keyRsaThree = getRsaPubKey("UserThree@example.com");
    String keyDsaThree = getDsaPubKey("READ key for user 'Three' @example.com");
    String keyEcThree = getEcPubKey("UserThree@example.com");
    getDS().modify(DN_USER_ONE, new Modification(ModificationType.ADD, "sshPublicKey", keyRsaOne));
    getDS().modify(DN_USER_ONE, new Modification(ModificationType.ADD, "sshPublicKey", "  	 " + keyRsaTwo));
    getDS().modify(DN_USER_ONE, new Modification(ModificationType.ADD, "sshPublicKey", "no-agent-forwarding " + keyDsaTwo));
    getDS().modify(DN_USER_ONE, new Modification(ModificationType.ADD, "sshPublicKey", " command=\"sh /etc/netstart tun0 \" " + keyRsaThree));
    getDS().modify(DN_USER_ONE, new Modification(ModificationType.ADD, "sshPublicKey", " command=\"netstat -nult\",environment=\"gb=\\\"What now\\\"\" " + keyDsaThree));
    getDS().modify(DN_USER_ONE, new Modification(ModificationType.ADD, "sshPublicKey", "environment=\"SSH=git\",command=\"netstat -nult\",environment=\"gbPerms=VIEW\" " + keyEcThree));
    getDS().modify(DN_USER_TWO, new Modification(ModificationType.ADD, "sshPublicKey", "environment=\"gbPerm=R\" " + keyRsaOne));
    getDS().modify(DN_USER_TWO, new Modification(ModificationType.ADD, "sshPublicKey", " restrict,environment=\"gbperm=V\" 	 " + keyRsaTwo));
    getDS().modify(DN_USER_TWO, new Modification(ModificationType.ADD, "sshPublicKey", "restrict,environment=\"GBPerm=RW\",pty " + keyDsaTwo));
    getDS().modify(DN_USER_TWO, new Modification(ModificationType.ADD, "sshPublicKey", " environment=\"gbPerm=CLONE\",environment=\"X=\\\" Y \\\"\" " + keyRsaThree));
    getDS().modify(DN_USER_TWO, new Modification(ModificationType.ADD, "sshPublicKey", " environment=\"A = B \",from=\"*.example.com,!pc.example.com\",environment=\"gbPerm=VIEW\" " + keyDsaThree));
    getDS().modify(DN_USER_TWO, new Modification(ModificationType.ADD, "sshPublicKey", "environment=\"SSH=git\",environment=\"gbPerm=PUSH\",environment=\"XYZ='Ali Baba'\" " + keyEcThree));
    getDS().modify(DN_USER_THREE, new Modification(ModificationType.ADD, "sshPublicKey", "environment=\"gbPerm=R\",environment=\"josh=\\\"mean\\\"\",tunnel=\"0\" " + keyRsaOne));
    getDS().modify(DN_USER_THREE, new Modification(ModificationType.ADD, "sshPublicKey", " environment=\" gbPerm = V \" 	 " + keyRsaTwo));
    getDS().modify(DN_USER_THREE, new Modification(ModificationType.ADD, "sshPublicKey", "command=\"sh echo \\\"Nope, not you!\\\" \",user-rc,environment=\"gbPerm=RW\" " + keyDsaTwo));
    getDS().modify(DN_USER_THREE, new Modification(ModificationType.ADD, "sshPublicKey", "environment=\"gbPerm=VIEW\",command=\"sh /etc/netstart tun0 \",environment=\"gbPerm=CLONE\",no-pty " + keyRsaThree));
    getDS().modify(DN_USER_THREE, new Modification(ModificationType.ADD, "sshPublicKey", "	command=\"netstat -nult\",environment=\"gbPerm=VIEW\" " + keyDsaThree));
    getDS().modify(DN_USER_THREE, new Modification(ModificationType.ADD, "sshPublicKey", "environment=\"SSH=git\",command=\"netstat -nult\",environment=\"gbPerm=PUSH\" " + keyEcThree));
    LdapKeyManager kmgr = new LdapKeyManager(settings);
    List<SshKey> keys = kmgr.getKeys("UserOne");
    assertNotNull(keys);
    assertEquals(6, keys.size());
    for (SshKey key : keys) {
        assertEquals(AccessPermission.PUSH, key.getPermission());
    }
    keys = kmgr.getKeys("UserTwo");
    assertNotNull(keys);
    assertEquals(6, keys.size());
    int seen = 0;
    for (SshKey key : keys) {
        if (keyRsaOne.equals(key.getRawData())) {
            assertEquals(AccessPermission.CLONE, key.getPermission());
            seen += 1 << 0;
        } else if (keyRsaTwo.equals(key.getRawData())) {
            assertEquals(AccessPermission.VIEW, key.getPermission());
            seen += 1 << 1;
        } else if (keyDsaTwo.equals(key.getRawData())) {
            assertEquals(AccessPermission.PUSH, key.getPermission());
            seen += 1 << 2;
        } else if (keyRsaThree.equals(key.getRawData())) {
            assertEquals(AccessPermission.CLONE, key.getPermission());
            seen += 1 << 3;
        } else if (keyDsaThree.equals(key.getRawData())) {
            assertEquals(AccessPermission.VIEW, key.getPermission());
            seen += 1 << 4;
        } else if (keyEcThree.equals(key.getRawData())) {
            assertEquals(AccessPermission.PUSH, key.getPermission());
            seen += 1 << 5;
        }
    }
    assertEquals(63, seen);
    keys = kmgr.getKeys("UserThree");
    assertNotNull(keys);
    assertEquals(6, keys.size());
    seen = 0;
    for (SshKey key : keys) {
        if (keyRsaOne.equals(key.getRawData())) {
            assertEquals(AccessPermission.CLONE, key.getPermission());
            seen += 1 << 0;
        } else if (keyRsaTwo.equals(key.getRawData())) {
            assertEquals(AccessPermission.VIEW, key.getPermission());
            seen += 1 << 1;
        } else if (keyDsaTwo.equals(key.getRawData())) {
            assertEquals(AccessPermission.PUSH, key.getPermission());
            seen += 1 << 2;
        } else if (keyRsaThree.equals(key.getRawData())) {
            assertEquals(AccessPermission.CLONE, key.getPermission());
            seen += 1 << 3;
        } else if (keyDsaThree.equals(key.getRawData())) {
            assertEquals(AccessPermission.VIEW, key.getPermission());
            seen += 1 << 4;
        } else if (keyEcThree.equals(key.getRawData())) {
            assertEquals(AccessPermission.PUSH, key.getPermission());
            seen += 1 << 5;
        }
    }
    assertEquals(63, seen);
}
Also used : SshKey(com.gitblit.transport.ssh.SshKey) Modification(com.unboundid.ldap.sdk.Modification) LdapKeyManager(com.gitblit.transport.ssh.LdapKeyManager) Test(org.junit.Test)

Example 8 with Modification

use of com.unboundid.ldap.sdk.Modification in project gitblit by gitblit.

the class LdapPublicKeyManagerTest method testGetKeysAttributeName.

@Test
public void testGetKeysAttributeName() throws LDAPException {
    settings.put(Keys.realm.ldap.sshPublicKey, "sshPublicKey");
    String keyRsaOne = getRsaPubKey("UserOne@example.com");
    getDS().modify(DN_USER_ONE, new Modification(ModificationType.ADD, "sshPublicKey", keyRsaOne));
    String keyDsaTwo = getDsaPubKey("UserTwo@example.com");
    getDS().modify(DN_USER_TWO, new Modification(ModificationType.ADD, "publicsshkey", keyDsaTwo));
    String keyRsaThree = getRsaPubKey("UserThree@example.com");
    String keyDsaThree = getDsaPubKey("UserThree@example.com");
    getDS().modify(DN_USER_THREE, new Modification(ModificationType.ADD, "sshPublicKey", keyRsaThree));
    getDS().modify(DN_USER_THREE, new Modification(ModificationType.ADD, "publicsshkey", keyDsaThree));
    LdapKeyManager kmgr = new LdapKeyManager(settings);
    List<SshKey> keys = kmgr.getKeys("UserOne");
    assertNotNull(keys);
    assertEquals(1, keys.size());
    assertEquals(keyRsaOne, keys.get(0).getRawData());
    keys = kmgr.getKeys("UserTwo");
    assertNotNull(keys);
    assertEquals(0, keys.size());
    keys = kmgr.getKeys("UserThree");
    assertNotNull(keys);
    assertEquals(1, keys.size());
    assertEquals(keyRsaThree, keys.get(0).getRawData());
    keys = kmgr.getKeys("UserFour");
    assertNotNull(keys);
    assertEquals(0, keys.size());
    settings.put(Keys.realm.ldap.sshPublicKey, "publicsshkey");
    keys = kmgr.getKeys("UserOne");
    assertNotNull(keys);
    assertEquals(0, keys.size());
    keys = kmgr.getKeys("UserTwo");
    assertNotNull(keys);
    assertEquals(1, keys.size());
    assertEquals(keyDsaTwo, keys.get(0).getRawData());
    keys = kmgr.getKeys("UserThree");
    assertNotNull(keys);
    assertEquals(1, keys.size());
    assertEquals(keyDsaThree, keys.get(0).getRawData());
    keys = kmgr.getKeys("UserFour");
    assertNotNull(keys);
    assertEquals(0, keys.size());
}
Also used : SshKey(com.gitblit.transport.ssh.SshKey) Modification(com.unboundid.ldap.sdk.Modification) LdapKeyManager(com.gitblit.transport.ssh.LdapKeyManager) Test(org.junit.Test)

Example 9 with Modification

use of com.unboundid.ldap.sdk.Modification in project gitblit by gitblit.

the class LdapPublicKeyManagerTest method testGetKeysPrefixed.

@Test
public void testGetKeysPrefixed() throws LDAPException {
    // This test is independent from authentication mode, so run only once.
    assumeTrue(authMode == AuthMode.ANONYMOUS);
    String keyRsaOne = getRsaPubKey("UserOne@example.com");
    getDS().modify(DN_USER_ONE, new Modification(ModificationType.ADD, "sshPublicKey", keyRsaOne));
    String keyRsaTwo = getRsaPubKey("UserTwo@example.com");
    String keyDsaTwo = getDsaPubKey("UserTwo@example.com");
    getDS().modify(DN_USER_TWO, new Modification(ModificationType.ADD, "altSecurityIdentities", keyRsaTwo));
    getDS().modify(DN_USER_TWO, new Modification(ModificationType.ADD, "altSecurityIdentities", "SSHKey: " + keyDsaTwo));
    String keyRsaThree = getRsaPubKey("UserThree@example.com");
    String keyDsaThree = getDsaPubKey("UserThree@example.com");
    String keyEcThree = getEcPubKey("UserThree@example.com");
    getDS().modify(DN_USER_THREE, new Modification(ModificationType.ADD, "altSecurityIdentities", " SshKey :\r\n" + keyRsaThree));
    getDS().modify(DN_USER_THREE, new Modification(ModificationType.ADD, "altSecurityIdentities", "	sshkey: " + keyDsaThree));
    getDS().modify(DN_USER_THREE, new Modification(ModificationType.ADD, "altSecurityIdentities", "ECDSAKey	:\n " + keyEcThree));
    LdapKeyManager kmgr = new LdapKeyManager(settings);
    settings.put(Keys.realm.ldap.sshPublicKey, "altSecurityIdentities");
    List<SshKey> keys = kmgr.getKeys("UserOne");
    assertNotNull(keys);
    assertEquals(0, keys.size());
    keys = kmgr.getKeys("UserTwo");
    assertNotNull(keys);
    assertEquals(1, keys.size());
    assertEquals(keyRsaTwo, keys.get(0).getRawData());
    keys = kmgr.getKeys("UserThree");
    assertNotNull(keys);
    assertEquals(0, keys.size());
    keys = kmgr.getKeys("UserFour");
    assertNotNull(keys);
    assertEquals(0, keys.size());
    settings.put(Keys.realm.ldap.sshPublicKey, "altSecurityIdentities:SSHKey");
    keys = kmgr.getKeys("UserOne");
    assertNotNull(keys);
    assertEquals(0, keys.size());
    keys = kmgr.getKeys("UserTwo");
    assertNotNull(keys);
    assertEquals(1, keys.size());
    assertEquals(keyDsaTwo, keys.get(0).getRawData());
    keys = kmgr.getKeys("UserThree");
    assertNotNull(keys);
    assertEquals(2, keys.size());
    assertEquals(keyRsaThree, keys.get(0).getRawData());
    assertEquals(keyDsaThree, keys.get(1).getRawData());
    keys = kmgr.getKeys("UserFour");
    assertNotNull(keys);
    assertEquals(0, keys.size());
    settings.put(Keys.realm.ldap.sshPublicKey, "altSecurityIdentities:ECDSAKey");
    keys = kmgr.getKeys("UserOne");
    assertNotNull(keys);
    assertEquals(0, keys.size());
    keys = kmgr.getKeys("UserTwo");
    assertNotNull(keys);
    assertEquals(0, keys.size());
    keys = kmgr.getKeys("UserThree");
    assertNotNull(keys);
    assertEquals(1, keys.size());
    assertEquals(keyEcThree, keys.get(0).getRawData());
    keys = kmgr.getKeys("UserFour");
    assertNotNull(keys);
    assertEquals(0, keys.size());
}
Also used : SshKey(com.gitblit.transport.ssh.SshKey) Modification(com.unboundid.ldap.sdk.Modification) LdapKeyManager(com.gitblit.transport.ssh.LdapKeyManager) Test(org.junit.Test)

Example 10 with Modification

use of com.unboundid.ldap.sdk.Modification in project gitblit by gitblit.

the class LdapPublicKeyManagerTest method testGetKeys.

@Test
public void testGetKeys() throws LDAPException {
    String keyRsaOne = getRsaPubKey("UserOne@example.com");
    getDS().modify(DN_USER_ONE, new Modification(ModificationType.ADD, "sshPublicKey", keyRsaOne));
    String keyRsaTwo = getRsaPubKey("UserTwo@example.com");
    String keyDsaTwo = getDsaPubKey("UserTwo@example.com");
    getDS().modify(DN_USER_TWO, new Modification(ModificationType.ADD, "sshPublicKey", keyRsaTwo, keyDsaTwo));
    String keyRsaThree = getRsaPubKey("UserThree@example.com");
    String keyDsaThree = getDsaPubKey("UserThree@example.com");
    String keyEcThree = getEcPubKey("UserThree@example.com");
    getDS().modify(DN_USER_THREE, new Modification(ModificationType.ADD, "sshPublicKey", keyEcThree, keyRsaThree, keyDsaThree));
    LdapKeyManager kmgr = new LdapKeyManager(settings);
    List<SshKey> keys = kmgr.getKeys("UserOne");
    assertNotNull(keys);
    assertTrue(keys.size() == 1);
    assertEquals(keyRsaOne, keys.get(0).getRawData());
    keys = kmgr.getKeys("UserTwo");
    assertNotNull(keys);
    assertTrue(keys.size() == 2);
    if (keyRsaTwo.equals(keys.get(0).getRawData())) {
        assertEquals(keyDsaTwo, keys.get(1).getRawData());
    } else if (keyDsaTwo.equals(keys.get(0).getRawData())) {
        assertEquals(keyRsaTwo, keys.get(1).getRawData());
    } else {
        fail("Mismatch in UserTwo keys.");
    }
    keys = kmgr.getKeys("UserThree");
    assertNotNull(keys);
    assertTrue(keys.size() == 3);
    assertEquals(keyEcThree, keys.get(0).getRawData());
    assertEquals(keyRsaThree, keys.get(1).getRawData());
    assertEquals(keyDsaThree, keys.get(2).getRawData());
    keys = kmgr.getKeys("UserFour");
    assertNotNull(keys);
    assertTrue(keys.size() == 0);
}
Also used : SshKey(com.gitblit.transport.ssh.SshKey) Modification(com.unboundid.ldap.sdk.Modification) LdapKeyManager(com.gitblit.transport.ssh.LdapKeyManager) Test(org.junit.Test)

Aggregations

Modification (com.unboundid.ldap.sdk.Modification)19 Test (org.junit.Test)12 LdapKeyManager (com.gitblit.transport.ssh.LdapKeyManager)6 SshKey (com.gitblit.transport.ssh.SshKey)6 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)6 ASN1OctetString (com.unboundid.asn1.ASN1OctetString)5 SearchResult (com.unboundid.ldap.sdk.SearchResult)3 ArrayList (java.util.ArrayList)2 LDAPConnection (com.unboundid.ldap.sdk.LDAPConnection)1 Signature (java.security.Signature)1 ParseException (java.text.ParseException)1 LocalDateTime (java.time.LocalDateTime)1 Comparator (java.util.Comparator)1 LinkedList (java.util.LinkedList)1 List (java.util.List)1 Map (java.util.Map)1 EntryPersistenceException (org.gluu.persist.exception.mapping.EntryPersistenceException)1 MappingException (org.gluu.persist.exception.mapping.MappingException)1 AuthenticationException (org.gluu.persist.exception.operation.AuthenticationException)1 ConnectionException (org.gluu.persist.exception.operation.ConnectionException)1