Search in sources :

Example 21 with UsernamePasswordAuthenticationToken

use of org.springframework.security.providers.UsernamePasswordAuthenticationToken in project gocd by gocd.

the class PluginAuthenticationProviderTest method reuthenticationUsingAuthorizationPlugins_shouldUseTheLoginNameAvailableInGoUserPrinciple.

@Test
public void reuthenticationUsingAuthorizationPlugins_shouldUseTheLoginNameAvailableInGoUserPrinciple() throws Exception {
    String pluginId1 = "cd.go.ldap";
    securityConfig.securityAuthConfigs().add(new SecurityAuthConfig("ldap", "cd.go.ldap"));
    addPluginSupportingPasswordBasedAuthentication(pluginId1);
    when(authorizationExtension.authenticateUser(pluginId1, "foo@bar.com", "password", securityConfig.securityAuthConfigs().findByPluginId(pluginId1), securityConfig.getPluginRoles(pluginId1))).thenReturn(new AuthenticationResponse(new User("username", "bob", "bob@example.com"), Arrays.asList("blackbird", "admins")));
    GoUserPrinciple principal = new GoUserPrinciple("username", "Display", "password", true, true, true, true, new GrantedAuthority[] {}, "foo@bar.com");
    UserDetails userDetails = provider.retrieveUser("username", new UsernamePasswordAuthenticationToken(principal, "password"));
    assertThat(userDetails, is(instanceOf(GoUserPrinciple.class)));
    GoUserPrinciple goUserPrincipal = (GoUserPrinciple) userDetails;
    assertThat(goUserPrincipal.getUsername(), is("username"));
    assertThat(goUserPrincipal.getLoginName(), is("foo@bar.com"));
    verify(pluginRoleService).updatePluginRoles("cd.go.ldap", "username", CaseInsensitiveString.caseInsensitiveStrings(Arrays.asList("blackbird", "admins")));
}
Also used : SecurityAuthConfig(com.thoughtworks.go.config.SecurityAuthConfig) User(com.thoughtworks.go.plugin.access.authorization.models.User) UserDetails(org.springframework.security.userdetails.UserDetails) UsernamePasswordAuthenticationToken(org.springframework.security.providers.UsernamePasswordAuthenticationToken) CaseInsensitiveString(com.thoughtworks.go.config.CaseInsensitiveString) GoUserPrinciple(com.thoughtworks.go.server.security.userdetail.GoUserPrinciple) AuthenticationResponse(com.thoughtworks.go.plugin.access.authorization.models.AuthenticationResponse) Test(org.junit.Test)

Example 22 with UsernamePasswordAuthenticationToken

use of org.springframework.security.providers.UsernamePasswordAuthenticationToken in project gocd by gocd.

the class DisallowExternalReAuthenticationFilterTest method shouldDisallowAuthenticatedUsersFromMakingAReAuthenticationRequest.

@Test
public void shouldDisallowAuthenticatedUsersFromMakingAReAuthenticationRequest() throws Exception {
    SecurityContextHolder.getContext().setAuthentication(new UsernamePasswordAuthenticationToken(null, null, null));
    when(request.getRequestURI()).thenReturn("/go/auth/security_check");
    filter.doFilter(request, response, filterChain);
    verify(response).sendRedirect("/");
    verifyNoMoreInteractions(filterChain);
}
Also used : UsernamePasswordAuthenticationToken(org.springframework.security.providers.UsernamePasswordAuthenticationToken) Test(org.junit.Test)

Example 23 with UsernamePasswordAuthenticationToken

use of org.springframework.security.providers.UsernamePasswordAuthenticationToken in project gocd by gocd.

the class ConfigModifyingUserTest method shouldIdentifyLoggedInUserAsModifyingUser_WhenNoModifyingUserIsGiven.

@Test
public void shouldIdentifyLoggedInUserAsModifyingUser_WhenNoModifyingUserIsGiven() {
    SecurityContext context = SecurityContextHolder.getContext();
    context.setAuthentication(new UsernamePasswordAuthenticationToken(new User("loser_boozer", "pass", true, true, true, true, new GrantedAuthority[] {}), null));
    ConfigModifyingUser user = new ConfigModifyingUser();
    assertThat(user.getUserName(), is("loser_boozer"));
}
Also used : User(org.springframework.security.userdetails.User) SecurityContext(org.springframework.security.context.SecurityContext) UsernamePasswordAuthenticationToken(org.springframework.security.providers.UsernamePasswordAuthenticationToken) Test(org.junit.Test)

Example 24 with UsernamePasswordAuthenticationToken

use of org.springframework.security.providers.UsernamePasswordAuthenticationToken in project gocd by gocd.

the class GoFileConfigDataSourceTest method setup.

@Before
public void setup() throws Exception {
    systemEnvironment = new SystemEnvironment();
    systemEnvironment.setProperty(SystemEnvironment.OPTIMIZE_FULL_CONFIG_SAVE.propertyName(), "false");
    configHelper = new GoConfigFileHelper();
    configHelper.onSetUp();
    configRepository = new ConfigRepository(systemEnvironment);
    configRepository.initialize();
    timeProvider = mock(TimeProvider.class);
    fullConfigSaveMergeFlow = mock(FullConfigSaveMergeFlow.class);
    fullConfigSaveNormalFlow = mock(FullConfigSaveNormalFlow.class);
    when(timeProvider.currentTime()).thenReturn(new Date());
    ServerVersion serverVersion = new ServerVersion();
    ConfigElementImplementationRegistry registry = ConfigElementImplementationRegistryMother.withNoPlugins();
    ServerHealthService serverHealthService = new ServerHealthService();
    cachedGoPartials = new CachedGoPartials(serverHealthService);
    dataSource = new GoFileConfigDataSource(new GoConfigMigration(new GoConfigMigration.UpgradeFailedHandler() {

        public void handle(Exception e) {
            throw new RuntimeException(e);
        }
    }, configRepository, new TimeProvider(), configCache, registry), configRepository, systemEnvironment, timeProvider, configCache, serverVersion, registry, mock(ServerHealthService.class), cachedGoPartials, fullConfigSaveMergeFlow, fullConfigSaveNormalFlow);
    dataSource.upgradeIfNecessary();
    CachedGoConfig cachedGoConfig = new CachedGoConfig(serverHealthService, dataSource, mock(CachedGoPartials.class), null, null);
    cachedGoConfig.loadConfigIfNull();
    goConfigDao = new GoConfigDao(cachedGoConfig);
    configHelper.load();
    configHelper.usingCruiseConfigDao(goConfigDao);
    GoConfigWatchList configWatchList = new GoConfigWatchList(cachedGoConfig, mock(GoConfigService.class));
    ConfigElementImplementationRegistry configElementImplementationRegistry = new ConfigElementImplementationRegistry(new NoPluginsInstalled());
    GoConfigPluginService configPluginService = new GoConfigPluginService(mock(ConfigRepoExtension.class), new ConfigCache(), configElementImplementationRegistry, cachedGoConfig);
    repoConfig = new ConfigRepoConfig(new GitMaterialConfig("url"), "plugin");
    configHelper.addConfigRepo(repoConfig);
    SecurityContext context = SecurityContextHolder.getContext();
    context.setAuthentication(new UsernamePasswordAuthenticationToken(new User("loser_boozer", "pass", true, true, true, true, new GrantedAuthority[] {}), null));
}
Also used : ServerVersion(com.thoughtworks.go.server.util.ServerVersion) User(org.springframework.security.userdetails.User) ConfigRepository(com.thoughtworks.go.service.ConfigRepository) UsernamePasswordAuthenticationToken(org.springframework.security.providers.UsernamePasswordAuthenticationToken) GitMaterialConfig(com.thoughtworks.go.config.materials.git.GitMaterialConfig) ServerHealthService(com.thoughtworks.go.serverhealth.ServerHealthService) NoPluginsInstalled(com.thoughtworks.go.config.registry.NoPluginsInstalled) ConfigRepoConfig(com.thoughtworks.go.config.remote.ConfigRepoConfig) ConfigFileHasChangedException(com.thoughtworks.go.config.exceptions.ConfigFileHasChangedException) GitAPIException(org.eclipse.jgit.api.errors.GitAPIException) GoConfigInvalidException(com.thoughtworks.go.config.exceptions.GoConfigInvalidException) ExpectedException(org.junit.rules.ExpectedException) ConfigMergeException(com.thoughtworks.go.config.exceptions.ConfigMergeException) IOException(java.io.IOException) GoConfigService(com.thoughtworks.go.server.service.GoConfigService) ConfigElementImplementationRegistry(com.thoughtworks.go.config.registry.ConfigElementImplementationRegistry) SecurityContext(org.springframework.security.context.SecurityContext) ConfigRepoExtension(com.thoughtworks.go.plugin.access.configrepo.ConfigRepoExtension) Before(org.junit.Before)

Example 25 with UsernamePasswordAuthenticationToken

use of org.springframework.security.providers.UsernamePasswordAuthenticationToken in project gocd by gocd.

the class ScheduleStageTest method shouldRerunJobsWithUserAsApprover.

@Test
public void shouldRerunJobsWithUserAsApprover() throws Exception {
    Pipeline pipeline = fixture.createdPipelineWithAllStagesPassed();
    Stage oldStage = pipeline.getStages().byName(fixture.devStage);
    SecurityContext context = SecurityContextHolder.getContext();
    context.setAuthentication(new UsernamePasswordAuthenticationToken(new User("loser", "pass", true, true, true, true, new GrantedAuthority[] {}), null));
    HttpOperationResult result = new HttpOperationResult();
    Stage newStage = scheduleService.rerunJobs(oldStage, a("foo", "foo3"), result);
    Stage loadedLatestStage = dbHelper.getStageDao().findStageWithIdentifier(newStage.getIdentifier());
    assertThat(loadedLatestStage.getApprovedBy(), is("loser"));
    assertThat(oldStage.getApprovedBy(), is(not("loser")));
    assertThat(result.canContinue(), is(true));
}
Also used : HttpOperationResult(com.thoughtworks.go.server.service.result.HttpOperationResult) User(org.springframework.security.userdetails.User) SecurityContext(org.springframework.security.context.SecurityContext) UsernamePasswordAuthenticationToken(org.springframework.security.providers.UsernamePasswordAuthenticationToken) Test(org.junit.Test)

Aggregations

UsernamePasswordAuthenticationToken (org.springframework.security.providers.UsernamePasswordAuthenticationToken)28 Test (org.junit.Test)20 User (org.springframework.security.userdetails.User)10 UserDetails (org.springframework.security.userdetails.UserDetails)8 CaseInsensitiveString (com.thoughtworks.go.config.CaseInsensitiveString)5 SecurityAuthConfig (com.thoughtworks.go.config.SecurityAuthConfig)5 AuthenticationResponse (com.thoughtworks.go.plugin.access.authorization.models.AuthenticationResponse)5 User (com.thoughtworks.go.plugin.access.authorization.models.User)5 Authentication (org.springframework.security.Authentication)5 SecurityContext (org.springframework.security.context.SecurityContext)4 AuthorityGranter (com.thoughtworks.go.server.security.AuthorityGranter)2 GoUserPrinciple (com.thoughtworks.go.server.security.userdetail.GoUserPrinciple)2 IOException (java.io.IOException)2 Before (org.junit.Before)2 GrantedAuthority (org.springframework.security.GrantedAuthority)2 SecurityContextImpl (org.springframework.security.context.SecurityContextImpl)2 AuthenticationProvider (org.springframework.security.providers.AuthenticationProvider)2 ConfigFileHasChangedException (com.thoughtworks.go.config.exceptions.ConfigFileHasChangedException)1 ConfigMergeException (com.thoughtworks.go.config.exceptions.ConfigMergeException)1 GoConfigInvalidException (com.thoughtworks.go.config.exceptions.GoConfigInvalidException)1