use of org.springframework.security.providers.UsernamePasswordAuthenticationToken in project gocd by gocd.
the class BasicAuthenticationFilterTest method shouldConvey_itsBasicProcessingFilter.
@Test
public void shouldConvey_itsBasicProcessingFilter() throws IOException, ServletException {
BasicAuthenticationFilter filter = new BasicAuthenticationFilter(localizer);
final Boolean[] hadBasicMarkOnInsideAuthenticationManager = new Boolean[] { false };
filter.setAuthenticationManager(new AuthenticationManager() {
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
hadBasicMarkOnInsideAuthenticationManager[0] = BasicAuthenticationFilter.isProcessingBasicAuth();
return new UsernamePasswordAuthenticationToken("school-principal", "u can be principal if you know this!");
}
});
assertThat(BasicAuthenticationFilter.isProcessingBasicAuth(), is(false));
MockHttpServletRequest httpRequest = new MockHttpServletRequest();
httpRequest.addHeader("Authorization", "Basic " + java.util.Base64.getEncoder().encodeToString("loser:boozer".getBytes()));
filter.doFilterHttp(httpRequest, new MockHttpServletResponse(), new FilterChain() {
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse) throws IOException, ServletException {
}
});
assertThat(BasicAuthenticationFilter.isProcessingBasicAuth(), is(false));
assertThat(hadBasicMarkOnInsideAuthenticationManager[0], is(true));
}
use of org.springframework.security.providers.UsernamePasswordAuthenticationToken in project gocd by gocd.
the class ConfigModifyingUserTest method shouldIdentifyLoggedInUserAsModifyingUser_WhenNoModifyingUserIsGiven.
@Test
public void shouldIdentifyLoggedInUserAsModifyingUser_WhenNoModifyingUserIsGiven() {
SecurityContext context = SecurityContextHolder.getContext();
context.setAuthentication(new UsernamePasswordAuthenticationToken(new User("loser_boozer", "pass", true, true, true, true, new GrantedAuthority[] {}), null));
ConfigModifyingUser user = new ConfigModifyingUser();
assertThat(user.getUserName(), is("loser_boozer"));
}
use of org.springframework.security.providers.UsernamePasswordAuthenticationToken in project gocd by gocd.
the class LdapAuthenticationTest method commonLdapUserShouldOnlyHaveAuthorityOfUserAndNotAdmin.
@Test
public void commonLdapUserShouldOnlyHaveAuthorityOfUserAndNotAdmin() throws Exception {
ldapServer.addUser(employeesOrgUnit, "foleys", "some-password", "Shilpa Foley", "foleys@somecompany.com");
configFileHelper.initializeConfigFile();
configFileHelper.addLdapSecurityWithAdmin(LDAP_URL, MANAGER_DN, MANAGER_PASSWORD, SEARCH_BASE, SEARCH_FILTER, "another_admin");
Authentication authentication = new UsernamePasswordAuthenticationToken("foleys", "some-password");
Authentication result = ldapAuthenticationProvider.authenticate(authentication);
assertThat(result.isAuthenticated(), is(true));
GrantedAuthority[] authorities = result.getAuthorities();
assertThat("foleys should have only user authority. Found: " + ArrayUtils.toString(authorities), authorities.length, is(1));
assertThat(authorities[0].getAuthority(), is("ROLE_USER"));
}
use of org.springframework.security.providers.UsernamePasswordAuthenticationToken in project gocd by gocd.
the class LdapAuthenticationTest method assertAuthenticationOfValidAdminUser.
private void assertAuthenticationOfValidAdminUser(String userName, String password) {
Authentication authentication = new UsernamePasswordAuthenticationToken(userName, password);
Authentication result = ldapAuthenticationProvider.authenticate(authentication);
assertThat(result.isAuthenticated(), is(true));
assertThat(userName + " should have " + ROLE_SUPERVISOR + " authority", result.getAuthorities(), // by default, every user is administrator
hasItemInArray(ROLE_SUPERVISOR.asAuthority()));
}
use of org.springframework.security.providers.UsernamePasswordAuthenticationToken in project gocd by gocd.
the class ScheduleStageTest method shouldRerunJobsWithUserAsApprover.
@Test
public void shouldRerunJobsWithUserAsApprover() throws Exception {
Pipeline pipeline = fixture.createdPipelineWithAllStagesPassed();
Stage oldStage = pipeline.getStages().byName(fixture.devStage);
SecurityContext context = SecurityContextHolder.getContext();
context.setAuthentication(new UsernamePasswordAuthenticationToken(new User("loser", "pass", true, true, true, true, new GrantedAuthority[] {}), null));
HttpOperationResult result = new HttpOperationResult();
Stage newStage = scheduleService.rerunJobs(oldStage, a("foo", "foo3"), result);
Stage loadedLatestStage = dbHelper.getStageDao().findStageWithIdentifier(newStage.getIdentifier());
assertThat(loadedLatestStage.getApprovedBy(), is("loser"));
assertThat(oldStage.getApprovedBy(), is(not("loser")));
assertThat(result.canContinue(), is(true));
}
Aggregations