use of org.eclipse.che.api.factory.server.scm.PersonalAccessToken in project che-server by eclipse-che.
the class KubernetesPersonalAccessTokenManagerTest method shouldDeleteInvalidTokensOnGet.
@Test
public void shouldDeleteInvalidTokensOnGet() throws Exception {
// given
KubernetesNamespaceMeta meta = new KubernetesNamespaceMetaImpl("test");
when(namespaceFactory.list()).thenReturn(Collections.singletonList(meta));
KubernetesNamespace kubernetesnamespace = Mockito.mock(KubernetesNamespace.class);
KubernetesSecrets secrets = Mockito.mock(KubernetesSecrets.class);
when(namespaceFactory.access(eq(null), eq(meta.getName()))).thenReturn(kubernetesnamespace);
when(kubernetesnamespace.secrets()).thenReturn(secrets);
when(scmPersonalAccessTokenFetcher.isValid(any(PersonalAccessToken.class))).thenReturn(false);
when(clientFactory.create()).thenReturn(kubeClient);
when(kubeClient.secrets()).thenReturn(secretsMixedOperation);
when(secretsMixedOperation.inNamespace(eq(meta.getName()))).thenReturn(nonNamespaceOperation);
Map<String, String> data1 = Map.of("token", Base64.getEncoder().encodeToString("token1".getBytes(UTF_8)));
ObjectMeta meta1 = new ObjectMetaBuilder().withAnnotations(Map.of(ANNOTATION_CHE_USERID, "user1", ANNOTATION_SCM_URL, "http://host1")).build();
Secret secret1 = new SecretBuilder().withMetadata(meta1).withData(data1).build();
when(secrets.get(any(LabelSelector.class))).thenReturn(Arrays.asList(secret1));
// when
Optional<PersonalAccessToken> token = personalAccessTokenManager.get(new SubjectImpl("user", "user1", "t1", false), "http://host1");
// then
assertFalse(token.isPresent());
verify(nonNamespaceOperation, times(1)).delete(eq(secret1));
}
use of org.eclipse.che.api.factory.server.scm.PersonalAccessToken in project che-server by eclipse-che.
the class KubernetesPersonalAccessTokenManagerTest method shouldReturnFirstValidToken.
@Test(dependsOnMethods = "shouldDeleteInvalidTokensOnGet")
public void shouldReturnFirstValidToken() throws Exception {
// given
KubernetesNamespaceMeta meta = new KubernetesNamespaceMetaImpl("test");
when(namespaceFactory.list()).thenReturn(Collections.singletonList(meta));
KubernetesNamespace kubernetesnamespace = Mockito.mock(KubernetesNamespace.class);
KubernetesSecrets secrets = Mockito.mock(KubernetesSecrets.class);
when(namespaceFactory.access(eq(null), eq(meta.getName()))).thenReturn(kubernetesnamespace);
when(kubernetesnamespace.secrets()).thenReturn(secrets);
when(scmPersonalAccessTokenFetcher.isValid(any(PersonalAccessToken.class))).thenAnswer((Answer<Boolean>) invocation -> {
PersonalAccessToken token = invocation.getArgument(0);
return "id2".equals(token.getScmTokenId());
});
when(clientFactory.create()).thenReturn(kubeClient);
when(kubeClient.secrets()).thenReturn(secretsMixedOperation);
when(secretsMixedOperation.inNamespace(eq(meta.getName()))).thenReturn(nonNamespaceOperation);
Map<String, String> data1 = Map.of("token", Base64.getEncoder().encodeToString("token1".getBytes(UTF_8)));
Map<String, String> data2 = Map.of("token", Base64.getEncoder().encodeToString("token2".getBytes(UTF_8)));
ObjectMeta meta1 = new ObjectMetaBuilder().withAnnotations(Map.of(ANNOTATION_CHE_USERID, "user1", ANNOTATION_SCM_URL, "http://host1", ANNOTATION_SCM_PERSONAL_ACCESS_TOKEN_ID, "id1")).build();
ObjectMeta meta2 = new ObjectMetaBuilder().withAnnotations(Map.of(ANNOTATION_CHE_USERID, "user1", ANNOTATION_SCM_URL, "http://host1", ANNOTATION_SCM_PERSONAL_ACCESS_TOKEN_ID, "id2")).build();
Secret secret1 = new SecretBuilder().withMetadata(meta1).withData(data1).build();
Secret secret2 = new SecretBuilder().withMetadata(meta2).withData(data2).build();
when(secrets.get(any(LabelSelector.class))).thenReturn(Arrays.asList(secret1, secret2));
// when
Optional<PersonalAccessToken> token = personalAccessTokenManager.get(new SubjectImpl("user", "user1", "t1", false), "http://host1");
// then
assertTrue(token.isPresent());
assertEquals(token.get().getScmTokenId(), "id2");
}
use of org.eclipse.che.api.factory.server.scm.PersonalAccessToken in project che-server by eclipse-che.
the class KubernetesPersonalAccessTokenManagerTest method testGetTokenFromNamespace.
@Test
public void testGetTokenFromNamespace() throws Exception {
KubernetesNamespaceMeta meta = new KubernetesNamespaceMetaImpl("test");
when(namespaceFactory.list()).thenReturn(Collections.singletonList(meta));
KubernetesNamespace kubernetesnamespace = Mockito.mock(KubernetesNamespace.class);
KubernetesSecrets secrets = Mockito.mock(KubernetesSecrets.class);
when(namespaceFactory.access(eq(null), eq(meta.getName()))).thenReturn(kubernetesnamespace);
when(kubernetesnamespace.secrets()).thenReturn(secrets);
when(scmPersonalAccessTokenFetcher.isValid(any(PersonalAccessToken.class))).thenReturn(true);
Map<String, String> data1 = Map.of("token", Base64.getEncoder().encodeToString("token1".getBytes(UTF_8)));
Map<String, String> data2 = Map.of("token", Base64.getEncoder().encodeToString("token2".getBytes(UTF_8)));
Map<String, String> data3 = Map.of("token", Base64.getEncoder().encodeToString("token3".getBytes(UTF_8)));
ObjectMeta meta1 = new ObjectMetaBuilder().withAnnotations(Map.of(ANNOTATION_CHE_USERID, "user1", ANNOTATION_SCM_URL, "http://host1")).build();
ObjectMeta meta2 = new ObjectMetaBuilder().withAnnotations(Map.of(ANNOTATION_CHE_USERID, "user1", ANNOTATION_SCM_URL, "http://host2")).build();
ObjectMeta meta3 = new ObjectMetaBuilder().withAnnotations(Map.of(ANNOTATION_CHE_USERID, "user2", ANNOTATION_SCM_URL, "http://host3")).build();
Secret secret1 = new SecretBuilder().withMetadata(meta1).withData(data1).build();
Secret secret2 = new SecretBuilder().withMetadata(meta2).withData(data2).build();
Secret secret3 = new SecretBuilder().withMetadata(meta3).withData(data3).build();
when(secrets.get(any(LabelSelector.class))).thenReturn(Arrays.asList(secret1, secret2, secret3));
// when
PersonalAccessToken token = personalAccessTokenManager.get(new SubjectImpl("user", "user1", "t1", false), "http://host1").get();
// then
assertEquals(token.getCheUserId(), "user1");
assertEquals(token.getScmProviderUrl(), "http://host1");
assertEquals(token.getToken(), "token1");
}
use of org.eclipse.che.api.factory.server.scm.PersonalAccessToken in project che-server by eclipse-che.
the class BitbucketServerPersonalAccessTokenFetcher method fetchPersonalAccessToken.
@Override
public PersonalAccessToken fetchPersonalAccessToken(Subject cheUser, String scmServerUrl) throws ScmUnauthorizedException, ScmCommunicationException {
if (!bitbucketServerApiClient.isConnected(scmServerUrl)) {
LOG.debug("not a valid url {} for current fetcher ", scmServerUrl);
return null;
}
final String tokenName = format(TOKEN_NAME_TEMPLATE, cheUser.getUserId(), apiEndpoint.getHost());
try {
BitbucketUser user = bitbucketServerApiClient.getUser(EnvironmentContext.getCurrent().getSubject());
LOG.debug("Current bitbucket user {} ", user);
// cleanup existed
List<BitbucketPersonalAccessToken> existingTokens = bitbucketServerApiClient.getPersonalAccessTokens(user.getSlug()).stream().filter(p -> p.getName().equals(tokenName)).collect(Collectors.toList());
for (BitbucketPersonalAccessToken existedToken : existingTokens) {
LOG.debug("Deleting existed che token {} {}", existedToken.getId(), existedToken.getName());
bitbucketServerApiClient.deletePersonalAccessTokens(user.getSlug(), existedToken.getId());
}
BitbucketPersonalAccessToken token = bitbucketServerApiClient.createPersonalAccessTokens(user.getSlug(), tokenName, DEFAULT_TOKEN_SCOPE);
LOG.debug("Token created = {} for {}", token.getId(), token.getUser());
return new PersonalAccessToken(scmServerUrl, EnvironmentContext.getCurrent().getSubject().getUserId(), user.getName(), valueOf(user.getId()), token.getName(), valueOf(token.getId()), token.getToken());
} catch (ScmBadRequestException | ScmItemNotFoundException e) {
throw new ScmCommunicationException(e.getMessage(), e);
}
}
use of org.eclipse.che.api.factory.server.scm.PersonalAccessToken in project che-server by eclipse-che.
the class BitbucketServerAuthorizingFileContentProviderTest method shouldFetchContentWithTokenIfPresent.
@Test
public void shouldFetchContentWithTokenIfPresent() throws Exception {
BitbucketUrl url = new BitbucketUrl().withHostName(TEST_HOSTNAME);
BitbucketServerAuthorizingFileContentProvider fileContentProvider = new BitbucketServerAuthorizingFileContentProvider(url, urlFetcher, gitCredentialManager, personalAccessTokenManager);
PersonalAccessToken token = new PersonalAccessToken(TEST_HOSTNAME, "user1", "token");
when(personalAccessTokenManager.get(any(Subject.class), anyString())).thenReturn(Optional.of(token));
String fileURL = "https://foo.bar/scm/repo/.devfile";
// when
fileContentProvider.fetchContent(fileURL);
// then
verify(urlFetcher).fetch(eq(fileURL), eq("Bearer token"));
}
Aggregations