Examples with User - opengrok.auth.plugin.entity.User

Example 16 with User

use of opengrok.auth.plugin.entity.User in project OpenGrok by OpenGrok.

the class UserPrincipalDecoderTest method testHttpBasicDecoding.

@Test
public void testHttpBasicDecoding() {
    dummyRequest.setHeader("authorization", "Basic Zm9vOmJhcg==");
    User result = decoder.fromRequest(dummyRequest);
    assertNotNull(result);
    assertEquals("foo", result.getUsername());
    assertNull(result.getId());
    assertFalse(result.isTimeouted());
}

Also used : User(opengrok.auth.plugin.entity.User) DummyHttpServletRequestUser(opengrok.auth.plugin.util.DummyHttpServletRequestUser) Test(org.junit.jupiter.api.Test)

Example 17 with User

use of opengrok.auth.plugin.entity.User in project OpenGrok by OpenGrok.

the class UserPlugin method isAllowed.

@Override
public boolean isAllowed(HttpServletRequest request, Group group) {
    User user;
    if ((user = (User) request.getAttribute(REQUEST_ATTR)) == null) {
        user = decoder.fromRequest(request);
        request.setAttribute(REQUEST_ATTR, user);
    }
    return user != null;
}

Also used : User(opengrok.auth.plugin.entity.User)

Example 18 with User

use of opengrok.auth.plugin.entity.User in project OpenGrok by OpenGrok.

the class UserPlugin method isAllowed.

@Override
public boolean isAllowed(HttpServletRequest request, Project project) {
    User user;
    if ((user = (User) request.getAttribute(REQUEST_ATTR)) == null) {
        user = decoder.fromRequest(request);
        request.setAttribute(REQUEST_ATTR, user);
    }
    return user != null;
}

Also used : User(opengrok.auth.plugin.entity.User)

Example 19 with User

use of opengrok.auth.plugin.entity.User in project OpenGrok by OpenGrok.

the class UserPlugin method getUser.

private User getUser(HttpServletRequest request) {
    User user;
    if ((user = (User) request.getAttribute(REQUEST_ATTR)) == null) {
        user = decoder.fromRequest(request);
        request.setAttribute(REQUEST_ATTR, user);
    }
    return user;
}

Also used : User(opengrok.auth.plugin.entity.User)

Example 20 with User

use of opengrok.auth.plugin.entity.User in project OpenGrok by OpenGrok.

the class OSSOHeaderDecoder method fromRequest.

@Override
public User fromRequest(HttpServletRequest request) {
    String username, userguid, timeouted, timestamp;
    Date cookieTimestamp = null;
    // Avoid classification as a taint bug.
    username = Laundromat.launderInput(request.getHeader(OSSO_USER_DN_HEADER));
    timeouted = Laundromat.launderInput(request.getHeader(OSSO_TIMEOUT_EXCEEDED_HEADER));
    timestamp = Laundromat.launderInput(request.getHeader(OSSO_COOKIE_TIMESTAMP_HEADER));
    userguid = Laundromat.launderInput(request.getHeader(OSSO_USER_GUID_HEADER));
    if (username == null || username.isEmpty()) {
        LOGGER.log(Level.WARNING, "Can not construct an user: username could not be extracted from headers: {0}", String.join(",", Collections.list(request.getHeaderNames())));
        return null;
    }
    if (userguid == null || userguid.isEmpty()) {
        LOGGER.log(Level.WARNING, "Can not construct an user: userguid could not be extracted from headers: {0}", String.join(",", Collections.list(request.getHeaderNames())));
        return null;
    }
    /**
     * The timestamp cookie can be corrupted.
     */
    try {
        cookieTimestamp = Timestamp.decodeTimeCookie(timestamp);
    } catch (NumberFormatException ex) {
        LOGGER.log(Level.WARNING, String.format("Unparseable timestamp cookie \"%s\" for user \"%s\"", timestamp, username), ex);
    }
    /**
     * Creating new user entity with provided information. The entity can be
     * checked if the timeout expired via {@link User#isTimeouted()}.
     */
    User user = new User(username, userguid, cookieTimestamp, "true".equalsIgnoreCase(timeouted));
    user.setAttribute("subscriber-dn", request.getHeader(OSSO_SUBSCRIBER_DN_HEADER));
    user.setAttribute("subscriber", request.getHeader(OSSO_SUBSCRIBER_HEADER));
    if (user.isTimeouted()) {
        LOGGER.log(Level.WARNING, "Can not construct an user \"{0}\": header is timeouted", username);
        return null;
    }
    return user;
}

Also used : User(opengrok.auth.plugin.entity.User) Date(java.util.Date)

Aggregations

User (opengrok.auth.plugin.entity.User)31 Test (org.junit.jupiter.api.Test)18 DummyHttpServletRequestUser (opengrok.auth.plugin.util.DummyHttpServletRequestUser)9 DummyHttpServletRequest (org.opengrok.indexer.web.DummyHttpServletRequest)8 LdapUser (opengrok.auth.entity.LdapUser)7 Group (org.opengrok.indexer.configuration.Group)5 Project (org.opengrok.indexer.configuration.Project)5 DummyHttpServletRequestLdap (opengrok.auth.plugin.util.DummyHttpServletRequestLdap)4 ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)4 MethodSource (org.junit.jupiter.params.provider.MethodSource)4 ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)4 HttpServletRequest (jakarta.servlet.http.HttpServletRequest)3 AbstractLdapProvider (opengrok.auth.plugin.ldap.AbstractLdapProvider)3 HashMap (java.util.HashMap)2 Map (java.util.Map)2 Set (java.util.Set)2 TreeMap (java.util.TreeMap)2 Date (java.util.Date)1 TreeSet (java.util.TreeSet)1 Test (org.junit.Test)1