Example 6 with GithubAppConfiguration
use of org.sonar.alm.client.github.config.GithubAppConfiguration in project sonarqube by SonarSource.
the class GithubAppSecurityImplTest method getApplicationJWTToken_returns_token_if_app_config_and_private_key_are_valid.
@Test
public void getApplicationJWTToken_returns_token_if_app_config_and_private_key_are_valid() {
GithubAppConfiguration githubAppConfiguration = createAppConfiguration(true);
assertThat(underTest.createAppToken(githubAppConfiguration.getId(), githubAppConfiguration.getPrivateKey())).isNotNull();
}
Also used :
GithubAppConfiguration(org.sonar.alm.client.github.config.GithubAppConfiguration)
Test(org.junit.Test)
Example 7 with GithubAppConfiguration
use of org.sonar.alm.client.github.config.GithubAppConfiguration in project sonarqube by SonarSource.
the class GithubApplicationClientImplTest method checkApiEndpoint.
@Test
@UseDataProvider("validApiEndpoints")
public void checkApiEndpoint(String url) {
GithubAppConfiguration configuration = new GithubAppConfiguration(1L, "", url);
assertThatCode(() -> underTest.checkApiEndpoint(configuration)).isNull();
}
Also used :
GithubAppConfiguration(org.sonar.alm.client.github.config.GithubAppConfiguration)
Test(org.junit.Test)
UseDataProvider(com.tngtech.java.junit.dataprovider.UseDataProvider)
Example 8 with GithubAppConfiguration
use of org.sonar.alm.client.github.config.GithubAppConfiguration in project sonarqube by SonarSource.
the class GithubApplicationClientImplTest method checkApiEndpoint_Invalid.
@Test
@UseDataProvider("invalidApiEndpoints")
public void checkApiEndpoint_Invalid(String url, String expectedMessage) {
GithubAppConfiguration configuration = new GithubAppConfiguration(1L, "", url);
assertThatThrownBy(() -> underTest.checkApiEndpoint(configuration)).isInstanceOf(IllegalArgumentException.class).hasMessage(expectedMessage);
}
Also used :
GithubAppConfiguration(org.sonar.alm.client.github.config.GithubAppConfiguration)
Test(org.junit.Test)
UseDataProvider(com.tngtech.java.junit.dataprovider.UseDataProvider)
Example 9 with GithubAppConfiguration
use of org.sonar.alm.client.github.config.GithubAppConfiguration in project sonarqube by SonarSource.
the class GithubApplicationClientImpl method checkAppPermissions.
@Override
public void checkAppPermissions(GithubAppConfiguration githubAppConfiguration) {
AppToken appToken = appSecurity.createAppToken(githubAppConfiguration.getId(), githubAppConfiguration.getPrivateKey());
Map<String, String> permissions = new HashMap<>();
permissions.put("checks", WRITE_PERMISSION_NAME);
permissions.put("pull_requests", WRITE_PERMISSION_NAME);
permissions.put("statuses", READ_PERMISSION_NAME);
permissions.put("metadata", READ_PERMISSION_NAME);
String endPoint = "/app";
GetResponse response;
try {
response = appHttpClient.get(githubAppConfiguration.getApiEndpoint(), appToken, endPoint);
} catch (IOException e) {
LOG.warn(FAILED_TO_REQUEST_BEGIN_MSG + githubAppConfiguration.getApiEndpoint() + endPoint, e);
throw new IllegalArgumentException("Failed to validate configuration, check URL and Private Key");
}
if (response.getCode() == HTTP_OK) {
Map<String, String> perms = handleResponse(response, endPoint, GsonApp.class).map(GsonApp::getPermissions).orElseThrow(() -> new IllegalArgumentException("Failed to get app permissions, unexpected response body"));
List<String> missingPermissions = permissions.entrySet().stream().filter(permission -> !Objects.equals(permission.getValue(), perms.get(permission.getKey()))).map(Map.Entry::getKey).collect(toList());
if (!missingPermissions.isEmpty()) {
String message = missingPermissions.stream().map(perm -> perm + " is '" + perms.get(perm) + "', should be '" + permissions.get(perm) + "'").collect(Collectors.joining(", "));
throw new IllegalArgumentException("Missing permissions; permission granted on " + message);
}
} else if (response.getCode() == HTTP_UNAUTHORIZED || response.getCode() == HTTP_FORBIDDEN) {
throw new IllegalArgumentException("Authentication failed, verify the Client Id, Client Secret and Private Key fields");
} else {
throw new IllegalArgumentException("Failed to check permissions with Github, check the configuration");
}
}
Also used :
AppToken(org.sonar.alm.client.github.security.AppToken)
Arrays(java.util.Arrays)
StringUtils(org.sonar.api.internal.apachecommons.lang.StringUtils)
HashMap(java.util.HashMap)
UserAccessToken(org.sonar.alm.client.github.security.UserAccessToken)
GsonApp(org.sonar.alm.client.gitlab.GsonApp)
HTTP_OK(java.net.HttpURLConnection.HTTP_OK)
AccessToken(org.sonar.alm.client.github.security.AccessToken)
Loggers(org.sonar.api.utils.log.Loggers)
Preconditions.checkArgument(com.google.common.base.Preconditions.checkArgument)
Gson(com.google.gson.Gson)
Locale(java.util.Locale)
Map(java.util.Map)
GsonRepositorySearch(org.sonar.alm.client.github.GithubBinding.GsonRepositorySearch)
URI(java.net.URI)
Nullable(javax.annotation.Nullable)
Logger(org.sonar.api.utils.log.Logger)
GsonInstallations(org.sonar.alm.client.github.GithubBinding.GsonInstallations)
GithubAppConfiguration(org.sonar.alm.client.github.config.GithubAppConfiguration)
AppToken(org.sonar.alm.client.github.security.AppToken)
HTTP_UNAUTHORIZED(java.net.HttpURLConnection.HTTP_UNAUTHORIZED)
IOException(java.io.IOException)
GithubAppSecurity(org.sonar.alm.client.github.security.GithubAppSecurity)
GsonGithubRepository(org.sonar.alm.client.github.GithubBinding.GsonGithubRepository)
Collectors(java.util.stream.Collectors)
String.format(java.lang.String.format)
Objects(java.util.Objects)
List(java.util.List)
Collectors.toList(java.util.stream.Collectors.toList)
Optional(java.util.Optional)
HTTP_FORBIDDEN(java.net.HttpURLConnection.HTTP_FORBIDDEN)
GetResponse(org.sonar.alm.client.github.GithubApplicationHttpClient.GetResponse)
HashMap(java.util.HashMap)
IOException(java.io.IOException)
GetResponse(org.sonar.alm.client.github.GithubApplicationHttpClient.GetResponse)
HashMap(java.util.HashMap)
Map(java.util.Map)
Example 10 with GithubAppConfiguration
use of org.sonar.alm.client.github.config.GithubAppConfiguration in project sonarqube by SonarSource.
the class GithubGlobalSettingsValidator method validate.
public GithubAppConfiguration validate(AlmSettingDto settings) {
long appId;
try {
appId = Long.parseLong(Optional.ofNullable(settings.getAppId()).orElseThrow(() -> new IllegalArgumentException("Missing appId")));
} catch (NumberFormatException e) {
throw new IllegalArgumentException("Invalid appId; " + e.getMessage());
}
if (isBlank(settings.getClientId())) {
throw new IllegalArgumentException("Missing Client Id");
}
if (isBlank(settings.getDecryptedClientSecret(encryption))) {
throw new IllegalArgumentException("Missing Client Secret");
}
GithubAppConfiguration configuration = new GithubAppConfiguration(appId, settings.getDecryptedPrivateKey(encryption), settings.getUrl());
githubApplicationClient.checkApiEndpoint(configuration);
githubApplicationClient.checkAppPermissions(configuration);
return configuration;
}
Also used :
GithubAppConfiguration(org.sonar.alm.client.github.config.GithubAppConfiguration)
Aggregations
GithubAppConfiguration (org.sonar.alm.client.github.config.GithubAppConfiguration)11
Test (org.junit.Test)9
UseDataProvider (com.tngtech.java.junit.dataprovider.UseDataProvider)2
IOException (java.io.IOException)2
AlmSettingDto (org.sonar.db.alm.setting.AlmSettingDto)2
Preconditions.checkArgument (com.google.common.base.Preconditions.checkArgument)1
Gson (com.google.gson.Gson)1
String.format (java.lang.String.format)1
HTTP_FORBIDDEN (java.net.HttpURLConnection.HTTP_FORBIDDEN)1
HTTP_OK (java.net.HttpURLConnection.HTTP_OK)1
HTTP_UNAUTHORIZED (java.net.HttpURLConnection.HTTP_UNAUTHORIZED)1
URI (java.net.URI)1
Arrays (java.util.Arrays)1
HashMap (java.util.HashMap)1
List (java.util.List)1
Locale (java.util.Locale)1
Map (java.util.Map)1
Objects (java.util.Objects)1
Optional (java.util.Optional)1
Collectors (java.util.stream.Collectors)1
