Example 16 with UserDetails
use of org.springframework.security.userdetails.UserDetails in project gocd by gocd.
the class PluginAuthenticationProviderTest method shouldBeAbleToAuthenticateUserUsingAnyOfTheAuthorizationPlugins.
@Test
public void shouldBeAbleToAuthenticateUserUsingAnyOfTheAuthorizationPlugins() {
String pluginId1 = "plugin-id-1";
String pluginId2 = "plugin-id-2";
addPluginSupportingPasswordBasedAuthentication(pluginId1);
addPluginSupportingPasswordBasedAuthentication(pluginId2);
securityConfig.securityAuthConfigs().add(new SecurityAuthConfig("github", pluginId2));
securityConfig.addRole(new PluginRoleConfig("admin", "github", ConfigurationPropertyMother.create("foo")));
when(authorizationExtension.authenticateUser(pluginId1, "username", "password", securityConfig.securityAuthConfigs().findByPluginId(pluginId1), null)).thenReturn(NULL_AUTH_RESPONSE);
AuthenticationResponse response = new AuthenticationResponse(new User("username", "display-name", "test@test.com"), Collections.emptyList());
when(authorizationExtension.authenticateUser(pluginId2, "username", "password", securityConfig.securityAuthConfigs().findByPluginId(pluginId2), securityConfig.getPluginRoles(pluginId2))).thenReturn(response);
UserDetails userDetails = provider.retrieveUser("username", authenticationToken);
assertThat(userDetails, is(instanceOf(GoUserPrinciple.class)));
GoUserPrinciple goUserPrincipal = (GoUserPrinciple) userDetails;
assertThat(goUserPrincipal.getUsername(), is("username"));
assertThat(goUserPrincipal.getDisplayName(), is("display-name"));
assertThat(goUserPrincipal.getAuthorities().length, is(1));
assertThat(goUserPrincipal.getAuthorities()[0], is(userAuthority));
}
Also used :
SecurityAuthConfig(com.thoughtworks.go.config.SecurityAuthConfig)
User(com.thoughtworks.go.plugin.access.authorization.models.User)
UserDetails(org.springframework.security.userdetails.UserDetails)
CaseInsensitiveString(com.thoughtworks.go.config.CaseInsensitiveString)
GoUserPrinciple(com.thoughtworks.go.server.security.userdetail.GoUserPrinciple)
PluginRoleConfig(com.thoughtworks.go.config.PluginRoleConfig)
AuthenticationResponse(com.thoughtworks.go.plugin.access.authorization.models.AuthenticationResponse)
Test(org.junit.Test)
Example 17 with UserDetails
use of org.springframework.security.userdetails.UserDetails in project gocd by gocd.
the class PluginAuthenticationProviderTest method reuthenticationUsingAuthorizationPlugins_shouldUseTheLoginNameAvailableInGoUserPrinciple.
@Test
public void reuthenticationUsingAuthorizationPlugins_shouldUseTheLoginNameAvailableInGoUserPrinciple() throws Exception {
String pluginId1 = "cd.go.ldap";
securityConfig.securityAuthConfigs().add(new SecurityAuthConfig("ldap", "cd.go.ldap"));
addPluginSupportingPasswordBasedAuthentication(pluginId1);
when(authorizationExtension.authenticateUser(pluginId1, "foo@bar.com", "password", securityConfig.securityAuthConfigs().findByPluginId(pluginId1), securityConfig.getPluginRoles(pluginId1))).thenReturn(new AuthenticationResponse(new User("username", "bob", "bob@example.com"), Arrays.asList("blackbird", "admins")));
GoUserPrinciple principal = new GoUserPrinciple("username", "Display", "password", true, true, true, true, new GrantedAuthority[] {}, "foo@bar.com");
UserDetails userDetails = provider.retrieveUser("username", new UsernamePasswordAuthenticationToken(principal, "password"));
assertThat(userDetails, is(instanceOf(GoUserPrinciple.class)));
GoUserPrinciple goUserPrincipal = (GoUserPrinciple) userDetails;
assertThat(goUserPrincipal.getUsername(), is("username"));
assertThat(goUserPrincipal.getLoginName(), is("foo@bar.com"));
verify(pluginRoleService).updatePluginRoles("cd.go.ldap", "username", CaseInsensitiveString.caseInsensitiveStrings(Arrays.asList("blackbird", "admins")));
}
Also used :
SecurityAuthConfig(com.thoughtworks.go.config.SecurityAuthConfig)
User(com.thoughtworks.go.plugin.access.authorization.models.User)
UserDetails(org.springframework.security.userdetails.UserDetails)
UsernamePasswordAuthenticationToken(org.springframework.security.providers.UsernamePasswordAuthenticationToken)
CaseInsensitiveString(com.thoughtworks.go.config.CaseInsensitiveString)
GoUserPrinciple(com.thoughtworks.go.server.security.userdetail.GoUserPrinciple)
AuthenticationResponse(com.thoughtworks.go.plugin.access.authorization.models.AuthenticationResponse)
Test(org.junit.Test)
Example 18 with UserDetails
use of org.springframework.security.userdetails.UserDetails in project gocd by gocd.
the class PreAuthenticatedAuthenticationProvider method doAuthenticate.
private Authentication doAuthenticate(PreAuthenticatedAuthenticationToken preAuthToken) {
String pluginId = preAuthToken.getPluginId();
AuthenticationResponse response = null;
try {
response = authenticateUser(preAuthToken);
} catch (Exception e) {
handleUnSuccessfulAuthentication(preAuthToken);
}
if (!isAuthenticated(response)) {
handleUnSuccessfulAuthentication(preAuthToken);
}
validateUser(response.getUser());
assignRoles(pluginId, response.getUser().getUsername(), response.getRoles());
UserDetails userDetails = getUserDetails(response.getUser());
userService.addUserIfDoesNotExist(toDomainUser(response.getUser()));
PreAuthenticatedAuthenticationToken result = new PreAuthenticatedAuthenticationToken(userDetails, preAuthToken.getCredentials(), pluginId, userDetails.getAuthorities());
result.setAuthenticated(true);
return result;
}
Also used :
UserDetails(org.springframework.security.userdetails.UserDetails)
PreAuthenticatedAuthenticationToken(com.thoughtworks.go.server.security.tokens.PreAuthenticatedAuthenticationToken)
CaseInsensitiveString(com.thoughtworks.go.config.CaseInsensitiveString)
AuthenticationResponse(com.thoughtworks.go.plugin.access.authorization.models.AuthenticationResponse)
BadCredentialsException(org.springframework.security.BadCredentialsException)
AuthenticationException(org.springframework.security.AuthenticationException)
Example 19 with UserDetails
use of org.springframework.security.userdetails.UserDetails in project gocd by gocd.
the class IntegrationTestsFixture method login.
public static void login(String username, String password) {
UserDetails principal = new User(username, password, true, true, true, true, new GrantedAuthority[0]);
SecurityContextHolder.getContext().setAuthentication(new UsernamePasswordAuthenticationToken(principal, password));
}
Also used :
UserDetails(org.springframework.security.userdetails.UserDetails)
User(org.springframework.security.userdetails.User)
UsernamePasswordAuthenticationToken(org.springframework.security.providers.UsernamePasswordAuthenticationToken)
Aggregations
UserDetails (org.springframework.security.userdetails.UserDetails)19
Test (org.junit.Test)15
CaseInsensitiveString (com.thoughtworks.go.config.CaseInsensitiveString)11
AuthenticationResponse (com.thoughtworks.go.plugin.access.authorization.models.AuthenticationResponse)9
SecurityAuthConfig (com.thoughtworks.go.config.SecurityAuthConfig)8
UsernamePasswordAuthenticationToken (org.springframework.security.providers.UsernamePasswordAuthenticationToken)8
User (com.thoughtworks.go.plugin.access.authorization.models.User)7
GoUserPrinciple (com.thoughtworks.go.server.security.userdetail.GoUserPrinciple)5
AuthorityGranter (com.thoughtworks.go.server.security.AuthorityGranter)4
User (org.springframework.security.userdetails.User)4
PluginRoleConfig (com.thoughtworks.go.config.PluginRoleConfig)2
User (com.thoughtworks.go.plugin.access.authentication.models.User)2
Username (com.thoughtworks.go.server.domain.Username)2
OauthAuthenticationToken (com.thoughtworks.go.server.security.OauthAuthenticationToken)2
BadCredentialsException (org.springframework.security.BadCredentialsException)2
GrantedAuthority (org.springframework.security.GrantedAuthority)2
X509CertificateGenerator (com.thoughtworks.go.security.X509CertificateGenerator)1
OauthDataSource (com.thoughtworks.go.server.oauth.OauthDataSource)1
PreAuthenticatedAuthenticationToken (com.thoughtworks.go.server.security.tokens.PreAuthenticatedAuthenticationToken)1
IOException (java.io.IOException)1
