source.dussan.org Git - sonarqube.git/blob

   1 /*
   2  * SonarQube
   3  * Copyright (C) 2009-2016 SonarSource SA
   4  * mailto:contact AT sonarsource DOT com
   5  *
   6  * This program is free software; you can redistribute it and/or
   7  * modify it under the terms of the GNU Lesser General Public
   8  * License as published by the Free Software Foundation; either
   9  * version 3 of the License, or (at your option) any later version.
  10  *
  11  * This program is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14  * Lesser General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU Lesser General Public License
  17  * along with this program; if not, write to the Free Software Foundation,
  18  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
  19  */
  20 package org.sonar.server.authentication.event;
  21
  22 import com.google.common.base.Joiner;
  23 import java.util.Arrays;
  24 import java.util.Collections;
  25 import java.util.List;
  26 import java.util.stream.Collectors;
  27 import javax.servlet.http.HttpServletRequest;
  28 import org.junit.Rule;
  29 import org.junit.Test;
  30 import org.junit.rules.ExpectedException;
  31 import org.sonar.api.utils.log.LogTester;
  32 import org.sonar.api.utils.log.LoggerLevel;
  33
  34 import static java.util.Arrays.asList;
  35 import static org.assertj.core.api.Assertions.assertThat;
  36 import static org.mockito.Mockito.mock;
  37 import static org.mockito.Mockito.when;
  38 import static org.sonar.server.authentication.event.AuthenticationEvent.Method;
  39 import static org.sonar.server.authentication.event.AuthenticationEvent.Source;
  40
  41 public class AuthenticationEventImplTest {
  42   @Rule
  43   public LogTester logTester = new LogTester();
  44   @Rule
  45   public ExpectedException expectedException = ExpectedException.none();
  46
  47   private AuthenticationEventImpl underTest = new AuthenticationEventImpl();
  48
  49   @Test
  50   public void login_fails_with_NPE_if_request_is_null() {
  51     expectedException.expect(NullPointerException.class);
  52
  53     underTest.login(null, "login", Source.sso());
  54   }
  55
  56   @Test
  57   public void login_fails_with_NPE_if_source_is_null() {
  58     expectedException.expect(NullPointerException.class);
  59
  60     underTest.login(mock(HttpServletRequest.class), "login", null);
  61   }
  62
  63   @Test
  64   public void login_creates_INFO_log_with_empty_login_if_login_argument_is_null() {
  65     underTest.login(mockRequest(), null, Source.sso());
  66
  67     verifyLog("login success [method|SSO][provider|SSO|sso][IP||][login|]");
  68   }
  69
  70   @Test
  71   public void login_creates_INFO_log_with_method_provider_and_login() {
  72     underTest.login(mockRequest(), "foo", Source.realm(Method.BASIC, "some provider name"));
  73
  74     verifyLog("login success [method|BASIC][provider|REALM|some provider name][IP||][login|foo]");
  75   }
  76
  77   @Test
  78   public void login_logs_remote_ip_from_request() {
  79     underTest.login(mockRequest("1.2.3.4"), "foo", Source.realm(Method.EXTERNAL, "bar"));
  80
  81     verifyLog("login success [method|EXTERNAL][provider|REALM|bar][IP|1.2.3.4|][login|foo]");
  82   }
  83
  84   @Test
  85   public void login_logs_X_Forwarded_For_header_from_request() {
  86     HttpServletRequest request = mockRequest("1.2.3.4", asList("2.3.4.5"));
  87     underTest.login(request, "foo", Source.realm(Method.EXTERNAL, "bar"));
  88
  89     verifyLog("login success [method|EXTERNAL][provider|REALM|bar][IP|1.2.3.4|2.3.4.5][login|foo]");
  90   }
  91
  92   @Test
  93   public void login_logs_X_Forwarded_For_header_from_request_and_supports_multiple_headers() {
  94     HttpServletRequest request = mockRequest("1.2.3.4", asList("2.3.4.5", "6.5.4.3"), asList("9.5.6.7"), asList("6.3.2.4"));
  95     underTest.login(request, "foo", Source.realm(Method.EXTERNAL, "bar"));
  96
  97     verifyLog("login success [method|EXTERNAL][provider|REALM|bar][IP|1.2.3.4|2.3.4.5,6.5.4.3,9.5.6.7,6.3.2.4][login|foo]");
  98   }
  99
 100   private void verifyLog(String expected) {
 101     assertThat(logTester.logs()).hasSize(1);
 102     assertThat(logTester.logs(LoggerLevel.INFO))
 103       .containsOnly(expected);
 104   }
 105
 106   private static HttpServletRequest mockRequest() {
 107     return mockRequest("");
 108   }
 109
 110   private static HttpServletRequest mockRequest(String remoteAddr, List<String>... remoteIps) {
 111     HttpServletRequest res = mock(HttpServletRequest.class);
 112     when(res.getRemoteAddr()).thenReturn(remoteAddr);
 113     when(res.getHeaders("X-Forwarded-For"))
 114       .thenReturn(Collections.enumeration(
 115         Arrays.stream(remoteIps)
 116           .map(Joiner.on(",")::join)
 117           .collect(Collectors.toList())));
 118     return res;
 119   }
 120 }