JwtSerializer.class,
JwtHttpHandler.class,
JwtCsrfVerifier.class,
- OAuth2Redirection.class,
LoginAction.class,
LogoutAction.class,
CredentialsAuthenticator.class,
private final BaseContextFactory baseContextFactory;
private final OAuth2ContextFactory oAuth2ContextFactory;
private final AuthenticationEvent authenticationEvent;
- private final OAuth2Redirection oAuthRedirection;
public InitFilter(IdentityProviderRepository identityProviderRepository, BaseContextFactory baseContextFactory,
- OAuth2ContextFactory oAuth2ContextFactory, Server server, AuthenticationEvent authenticationEvent, OAuth2Redirection oAuthRedirection) {
+ OAuth2ContextFactory oAuth2ContextFactory, Server server, AuthenticationEvent authenticationEvent) {
super(server, identityProviderRepository);
this.baseContextFactory = baseContextFactory;
this.oAuth2ContextFactory = oAuth2ContextFactory;
this.authenticationEvent = authenticationEvent;
- this.oAuthRedirection = oAuthRedirection;
}
@Override
handleError(response, format("Unsupported IdentityProvider class: %s", provider.getClass()));
}
} catch (AuthenticationException e) {
- oAuthRedirection.delete(request, response);
authenticationEvent.loginFailure(request, e);
handleAuthenticationError(e, response, getContextPath());
} catch (Exception e) {
- oAuthRedirection.delete(request, response);
handleError(e, response, format("Fail to initialize authentication with provider '%s'", provider.getKey()));
}
}
private void handleOAuth2IdentityProvider(HttpServletRequest request, HttpServletResponse response, OAuth2IdentityProvider provider) {
try {
- oAuthRedirection.create(request, response);
provider.init(oAuth2ContextFactory.newContext(request, response, provider));
} catch (UnauthorizedException e) {
throw AuthenticationException.newBuilder()
private final OAuth2ContextFactory oAuth2ContextFactory;
private final AuthenticationEvent authenticationEvent;
- private final OAuth2Redirection oAuthRedirection;
public OAuth2CallbackFilter(IdentityProviderRepository identityProviderRepository, OAuth2ContextFactory oAuth2ContextFactory,
- Server server, AuthenticationEvent authenticationEvent, OAuth2Redirection oAuthRedirection) {
+ Server server, AuthenticationEvent authenticationEvent) {
super(server, identityProviderRepository);
this.oAuth2ContextFactory = oAuth2ContextFactory;
this.authenticationEvent = authenticationEvent;
- this.oAuthRedirection = oAuthRedirection;
}
@Override
handleError(response, format("Not an OAuth2IdentityProvider: %s", provider.getClass()));
}
} catch (AuthenticationException e) {
- oAuthRedirection.delete(request, response);
authenticationEvent.loginFailure(request, e);
handleAuthenticationError(e, response, getContextPath());
} catch (Exception e) {
- oAuthRedirection.delete(request, response);
handleError(e, response, format("Fail to callback authentication with '%s'", provider.getKey()));
}
}
package org.sonar.server.authentication;
import java.io.IOException;
-import java.util.Optional;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.sonar.api.platform.Server;
private final OAuthCsrfVerifier csrfVerifier;
private final JwtHttpHandler jwtHttpHandler;
private final UserSessionFactory userSessionFactory;
- private final OAuth2Redirection oAuthRedirection;
public OAuth2ContextFactory(ThreadLocalUserSession threadLocalUserSession, UserIdentityAuthenticator userIdentityAuthenticator, Server server,
- OAuthCsrfVerifier csrfVerifier, JwtHttpHandler jwtHttpHandler, UserSessionFactory userSessionFactory, OAuth2Redirection oAuthRedirection) {
+ OAuthCsrfVerifier csrfVerifier, JwtHttpHandler jwtHttpHandler, UserSessionFactory userSessionFactory) {
this.threadLocalUserSession = threadLocalUserSession;
this.userIdentityAuthenticator = userIdentityAuthenticator;
this.server = server;
this.csrfVerifier = csrfVerifier;
this.jwtHttpHandler = jwtHttpHandler;
this.userSessionFactory = userSessionFactory;
- this.oAuthRedirection = oAuthRedirection;
}
public OAuth2IdentityProvider.InitContext newContext(HttpServletRequest request, HttpServletResponse response, OAuth2IdentityProvider identityProvider) {
@Override
public void redirectToRequestedPage() {
try {
- Optional<String> redirectTo = oAuthRedirection.getAndDelete(request, response);
- getResponse().sendRedirect(server.getContextPath() + redirectTo.orElse("/"));
+ getResponse().sendRedirect(server.getContextPath() + "/");
} catch (IOException e) {
throw new IllegalStateException("Fail to redirect to home", e);
}
+++ /dev/null
-/*
- * SonarQube
- * Copyright (C) 2009-2017 SonarSource SA
- * mailto:info AT sonarsource DOT com
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- */
-package org.sonar.server.authentication;
-
-import java.util.Optional;
-import javax.servlet.http.Cookie;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import static org.apache.commons.lang.StringUtils.isBlank;
-import static org.sonar.server.authentication.Cookies.findCookie;
-import static org.sonar.server.authentication.Cookies.newCookieBuilder;
-
-public class OAuth2Redirection {
-
- private static final String REDIRECT_TO_COOKIE = "REDIRECT_TO";
- private static final String RETURN_TO_PARAMETER = "return_to";
-
- public void create(HttpServletRequest request, HttpServletResponse response) {
- String redirectTo = request.getParameter(RETURN_TO_PARAMETER);
- if (isBlank(redirectTo)) {
- return;
- }
- response.addCookie(newCookieBuilder(request)
- .setName(REDIRECT_TO_COOKIE)
- .setValue(redirectTo)
- .setHttpOnly(true)
- .setExpiry(-1)
- .build());
- }
-
- public Optional<String> getAndDelete(HttpServletRequest request, HttpServletResponse response) {
- Optional<Cookie> cookie = findCookie(REDIRECT_TO_COOKIE, request);
- if (!cookie.isPresent()) {
- return Optional.empty();
- }
-
- delete(request, response);
-
- String redirectTo = cookie.get().getValue();
- if (isBlank(redirectTo)) {
- return Optional.empty();
- }
- return Optional.of(redirectTo);
- }
-
- public void delete(HttpServletRequest request, HttpServletResponse response) {
- response.addCookie(newCookieBuilder(request)
- .setName(REDIRECT_TO_COOKIE)
- .setValue(null)
- .setHttpOnly(true)
- .setExpiry(0)
- .build());
- }
-
-}
public void verify_count_of_added_components() {
ComponentContainer container = new ComponentContainer();
new AuthenticationModule().configure(container);
- assertThat(container.size()).isEqualTo(2 + 22);
+ assertThat(container.size()).isEqualTo(2 + 21);
}
}
private FakeBasicIdentityProvider baseIdentityProvider = new FakeBasicIdentityProvider(BASIC_PROVIDER_KEY, true);
private BaseIdentityProvider.Context baseContext = mock(BaseIdentityProvider.Context.class);
private AuthenticationEvent authenticationEvent = mock(AuthenticationEvent.class);
- private OAuth2Redirection oAuthRedirection = mock(OAuth2Redirection.class);
private ArgumentCaptor<AuthenticationException> authenticationExceptionCaptor = ArgumentCaptor.forClass(AuthenticationException.class);
- private InitFilter underTest = new InitFilter(identityProviderRepository, baseContextFactory, oAuth2ContextFactory, server, authenticationEvent, oAuthRedirection);
+ private InitFilter underTest = new InitFilter(identityProviderRepository, baseContextFactory, oAuth2ContextFactory, server, authenticationEvent);
@Before
public void setUp() throws Exception {
assertOAuth2InitCalled();
verifyZeroInteractions(authenticationEvent);
- verify(oAuthRedirection).create(eq(request), eq(response));
}
@Test
assertOAuth2InitCalled();
verifyZeroInteractions(authenticationEvent);
- verify(oAuthRedirection).create(eq(request), eq(response));
}
@Test
assertBasicInitCalled();
verifyZeroInteractions(authenticationEvent);
- verifyZeroInteractions(oAuthRedirection);
}
@Test
assertError("No provider key found in URI");
verifyZeroInteractions(authenticationEvent);
- verifyZeroInteractions(oAuthRedirection);
}
@Test
assertError("No provider key found in URI");
verifyZeroInteractions(authenticationEvent);
- verifyZeroInteractions(oAuthRedirection);
}
@Test
assertError("Unsupported IdentityProvider class: class org.sonar.server.authentication.InitFilterTest$UnsupportedIdentityProvider");
verifyZeroInteractions(authenticationEvent);
- verifyZeroInteractions(oAuthRedirection);
}
@Test
assertThat(authenticationException.getSource()).isEqualTo(AuthenticationEvent.Source.external(identityProvider));
assertThat(authenticationException.getLogin()).isNull();
assertThat(authenticationException.getPublicMessage()).isEqualTo("Email john@email.com is already used");
- verifyDeleteRedirection();
}
@Test
underTest.doFilter(request, response, chain);
verify(response).sendRedirect("/sonarqube/sessions/unauthorized?message=Email+john%40email.com+is+already+used");
- verifyDeleteRedirection();
- }
-
- @Test
- public void redirect_when_failing_because_of_Exception() throws Exception {
- IdentityProvider identityProvider = new FailWithIllegalStateException("failing");
- when(request.getRequestURI()).thenReturn("/sessions/init/" + identityProvider.getKey());
- identityProviderRepository.addIdentityProvider(identityProvider);
-
- underTest.doFilter(request, response, chain);
-
- verify(response).sendRedirect("/sessions/unauthorized");
- assertThat(logTester.logs(LoggerLevel.ERROR)).containsExactlyInAnyOrder("Fail to initialize authentication with provider 'failing'");
- verifyDeleteRedirection();
}
private void assertOAuth2InitCalled() {
assertThat(oAuth2IdentityProvider.isInitCalled()).isFalse();
}
- private void verifyDeleteRedirection() {
- verify(oAuthRedirection).delete(eq(request), eq(response));
- }
-
private static class FailWithUnauthorizedExceptionIdProvider extends FakeBasicIdentityProvider {
public FailWithUnauthorizedExceptionIdProvider(String key) {
}
}
- private static class FailWithIllegalStateException extends FakeBasicIdentityProvider {
-
- public FailWithIllegalStateException(String key) {
- super(key, true);
- }
-
- @Override
- public void init(Context context) {
- throw new IllegalStateException("Failure !");
- }
- }
-
private static class UnsupportedIdentityProvider implements IdentityProvider {
private final String unsupportedKey;
public boolean isEnabled() {
return true;
}
-
@Override
public boolean allowsUsersToSignUp() {
return false;
private FakeOAuth2IdentityProvider oAuth2IdentityProvider = new WellbehaveFakeOAuth2IdentityProvider(OAUTH2_PROVIDER_KEY, true, LOGIN);
private AuthenticationEvent authenticationEvent = mock(AuthenticationEvent.class);
- private OAuth2Redirection oAuthRedirection = mock(OAuth2Redirection.class);
private ArgumentCaptor<AuthenticationException> authenticationExceptionCaptor = ArgumentCaptor.forClass(AuthenticationException.class);
- private OAuth2CallbackFilter underTest = new OAuth2CallbackFilter(identityProviderRepository, oAuth2ContextFactory, server, authenticationEvent, oAuthRedirection);
+ private OAuth2CallbackFilter underTest = new OAuth2CallbackFilter(identityProviderRepository, oAuth2ContextFactory, server, authenticationEvent);
@Before
public void setUp() throws Exception {
assertThat(authenticationException.getSource()).isEqualTo(Source.oauth2(identityProvider));
assertThat(authenticationException.getLogin()).isNull();
assertThat(authenticationException.getPublicMessage()).isEqualTo("Email john@email.com is already used");
- verify(oAuthRedirection).delete(eq(request), eq(response));
}
@Test
underTest.doFilter(request, response, chain);
verify(response).sendRedirect("/sonarqube/sessions/unauthorized?message=Email+john%40email.com+is+already+used");
- verify(oAuthRedirection).delete(eq(request), eq(response));
- }
-
- @Test
- public void redirect_when_failing_because_of_Exception() throws Exception {
- FailWithIllegalStateException identityProvider = new FailWithIllegalStateException();
- identityProvider
- .setKey("failing")
- .setName("name of failing")
- .setEnabled(true);
- when(request.getRequestURI()).thenReturn("/oauth2/callback/" + identityProvider.getKey());
- identityProviderRepository.addIdentityProvider(identityProvider);
-
- underTest.doFilter(request, response, chain);
-
- verify(response).sendRedirect("/sessions/unauthorized");
- assertThat(logTester.logs(LoggerLevel.ERROR)).containsExactlyInAnyOrder("Fail to callback authentication with 'failing'");
- verify(oAuthRedirection).delete(eq(request), eq(response));
}
@Test
}
}
- private static class FailWithIllegalStateException extends TestIdentityProvider implements OAuth2IdentityProvider {
-
- @Override
- public void init(InitContext context) {
-
- }
-
- @Override
- public void callback(CallbackContext context) {
- throw new IllegalStateException("Failure !");
- }
- }
-
/**
* An extension of {@link FakeOAuth2IdentityProvider} that actually call {@link org.sonar.api.server.authentication.OAuth2IdentityProvider.CallbackContext#authenticate(UserIdentity)}.
*/
*/
package org.sonar.server.authentication;
-import java.util.Optional;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
private OAuthCsrfVerifier csrfVerifier = mock(OAuthCsrfVerifier.class);
private JwtHttpHandler jwtHttpHandler = mock(JwtHttpHandler.class);
private TestUserSessionFactory userSessionFactory = TestUserSessionFactory.standalone();
- private OAuth2Redirection oAuthRedirection = mock(OAuth2Redirection.class);
private HttpServletRequest request = mock(HttpServletRequest.class);
private HttpServletResponse response = mock(HttpServletResponse.class);
private HttpSession session = mock(HttpSession.class);
private OAuth2IdentityProvider identityProvider = mock(OAuth2IdentityProvider.class);
- private OAuth2ContextFactory underTest = new OAuth2ContextFactory(threadLocalUserSession, userIdentityAuthenticator, server, csrfVerifier, jwtHttpHandler, userSessionFactory,
- oAuthRedirection);
+ private OAuth2ContextFactory underTest = new OAuth2ContextFactory(threadLocalUserSession, userIdentityAuthenticator, server, csrfVerifier, jwtHttpHandler, userSessionFactory);
@Before
public void setUp() throws Exception {
}
@Test
- public void redirect_to_home() throws Exception {
+ public void redirect_to_requested_page() throws Exception {
when(server.getContextPath()).thenReturn("");
- when(oAuthRedirection.getAndDelete(request, response)).thenReturn(Optional.empty());
OAuth2IdentityProvider.CallbackContext callback = newCallbackContext();
callback.redirectToRequestedPage();
}
@Test
- public void redirect_to_home_with_context() throws Exception {
+ public void redirect_to_requested_page_with_context() throws Exception {
when(server.getContextPath()).thenReturn("/sonarqube");
- when(oAuthRedirection.getAndDelete(request, response)).thenReturn(Optional.empty());
OAuth2IdentityProvider.CallbackContext callback = newCallbackContext();
callback.redirectToRequestedPage();
verify(response).sendRedirect("/sonarqube/");
}
- @Test
- public void redirect_to_requested_page() throws Exception {
- when(oAuthRedirection.getAndDelete(request, response)).thenReturn(Optional.of("/settings"));
- when(server.getContextPath()).thenReturn("");
- OAuth2IdentityProvider.CallbackContext callback = newCallbackContext();
-
- callback.redirectToRequestedPage();
-
- verify(response).sendRedirect("/settings");
- }
-
- @Test
- public void redirect_to_requested_page_context() throws Exception {
- when(oAuthRedirection.getAndDelete(request, response)).thenReturn(Optional.of("/settings"));
- when(server.getContextPath()).thenReturn("/sonarqube");
- OAuth2IdentityProvider.CallbackContext callback = newCallbackContext();
-
- callback.redirectToRequestedPage();
-
- verify(response).sendRedirect("/sonarqube/settings");
- }
-
@Test
public void verify_csrf_state() throws Exception {
OAuth2IdentityProvider.CallbackContext callback = newCallbackContext();
+++ /dev/null
-/*
- * SonarQube
- * Copyright (C) 2009-2017 SonarSource SA
- * mailto:info AT sonarsource DOT com
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- */
-package org.sonar.server.authentication;
-
-import java.util.Optional;
-import javax.servlet.http.Cookie;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import org.junit.Before;
-import org.junit.Test;
-import org.mockito.ArgumentCaptor;
-import org.sonar.api.platform.Server;
-
-import static org.assertj.core.api.Assertions.assertThat;
-import static org.mockito.Matchers.any;
-import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.never;
-import static org.mockito.Mockito.verify;
-import static org.mockito.Mockito.when;
-
-public class OAuth2RedirectionTest {
-
- private ArgumentCaptor<Cookie> cookieArgumentCaptor = ArgumentCaptor.forClass(Cookie.class);
-
- private Server server = mock(Server.class);
- private HttpServletResponse response = mock(HttpServletResponse.class);
- private HttpServletRequest request = mock(HttpServletRequest.class);
-
- private OAuth2Redirection underTest = new OAuth2Redirection();
-
- @Before
- public void setUp() throws Exception {
- when(server.getContextPath()).thenReturn("");
- }
-
- @Test
- public void create_cookie() throws Exception {
- when(request.getParameter("return_to")).thenReturn("/settings");
-
- underTest.create(request, response);
-
- verify(response).addCookie(cookieArgumentCaptor.capture());
- Cookie cookie = cookieArgumentCaptor.getValue();
- assertThat(cookie.getName()).isEqualTo("REDIRECT_TO");
- assertThat(cookie.getValue()).isEqualTo("/settings");
- assertThat(cookie.getPath()).isEqualTo("/");
- assertThat(cookie.isHttpOnly()).isTrue();
- assertThat(cookie.getMaxAge()).isEqualTo(-1);
- assertThat(cookie.getSecure()).isFalse();
- }
-
- @Test
- public void does_not_create_cookie_when_return_to_parameter_is_empty() {
- when(request.getParameter("return_to")).thenReturn("");
-
- underTest.create(request, response);
-
- verify(response, never()).addCookie(any());
- }
-
- @Test
- public void does_not_create_cookie_when_return_to_parameter_is_null() {
- when(request.getParameter("return_to")).thenReturn(null);
-
- underTest.create(request, response);
-
- verify(response, never()).addCookie(any());
- }
-
- @Test
- public void get_and_delete() throws Exception {
- when(request.getCookies()).thenReturn(new Cookie[]{new Cookie("REDIRECT_TO", "/settings")});
-
- Optional<String> redirection = underTest.getAndDelete(request, response);
-
- assertThat(redirection).isEqualTo(Optional.of("/settings"));
- verify(response).addCookie(cookieArgumentCaptor.capture());
- Cookie updatedCookie = cookieArgumentCaptor.getValue();
- assertThat(updatedCookie.getName()).isEqualTo("REDIRECT_TO");
- assertThat(updatedCookie.getValue()).isNull();
- assertThat(updatedCookie.getPath()).isEqualTo("/");
- assertThat(updatedCookie.getMaxAge()).isEqualTo(0);
- }
-
- @Test
- public void delete() throws Exception {
- when(request.getCookies()).thenReturn(new Cookie[]{new Cookie("REDIRECT_TO", "/settings")});
-
- underTest.delete(request, response);
-
- verify(response).addCookie(cookieArgumentCaptor.capture());
- Cookie updatedCookie = cookieArgumentCaptor.getValue();
- assertThat(updatedCookie.getName()).isEqualTo("REDIRECT_TO");
- assertThat(updatedCookie.getValue()).isNull();
- assertThat(updatedCookie.getPath()).isEqualTo("/");
- assertThat(updatedCookie.getMaxAge()).isEqualTo(0);
- }
-
-}
*/
package org.sonarqube.tests.user;
-import com.codeborne.selenide.Condition;
import com.sonar.orchestrator.Orchestrator;
+import org.sonarqube.tests.Category4Suite;
import java.io.File;
-import java.io.UnsupportedEncodingException;
import java.net.HttpURLConnection;
import okhttp3.mockwebserver.MockResponse;
import okhttp3.mockwebserver.MockWebServer;
import org.junit.ClassRule;
import org.junit.Rule;
import org.junit.Test;
-import org.sonarqube.pageobjects.Navigation;
-import org.sonarqube.tests.Category4Suite;
import org.sonarqube.tests.Tester;
import org.sonarqube.ws.WsUsers.SearchWsResponse.User;
import org.sonarqube.ws.client.GetRequest;
import org.sonarqube.ws.client.WsResponse;
-import org.sonarqube.ws.client.permission.AddUserWsRequest;
import org.sonarqube.ws.client.user.CreateRequest;
+import org.sonarqube.pageobjects.Navigation;
-import static com.codeborne.selenide.Condition.visible;
-import static com.codeborne.selenide.Selenide.$;
import static org.assertj.core.api.Assertions.assertThat;
+import static util.ItUtils.resetSettings;
+import static util.ItUtils.setServerProperty;
+import static util.selenium.Selenese.runSelenese;
/**
* There's only tests specific to OAuth2 in this class
}
private void resetData() {
- tester.settings().resetSettings(
+ resetSettings(orchestrator, null,
"sonar.auth.fake-oauth2-id-provider.enabled",
"sonar.auth.fake-oauth2-id-provider.url",
"sonar.auth.fake-oauth2-id-provider.user",
verifyUser(USER_LOGIN, USER_NAME, USER_EMAIL);
}
- @Test
- public void redirect_to_requested_page() throws UnsupportedEncodingException {
- simulateRedirectionToCallback();
- enablePlugin();
- tester.users().generate(u -> u.setLogin(USER_LOGIN));
- // Give user global admin permission as we want to go to a page where authentication is required
- tester.wsClient().permissions().addUser(new AddUserWsRequest().setLogin(USER_LOGIN).setPermission("admin"));
-
- Navigation nav = tester.openBrowser();
- // Try to go to the settings page
- nav.open("/settings");
- // User should be redirected to login page
- $("#login_form").should(Condition.exist);
- // User click on the link to authenticate with OAuth2
- $(".oauth-providers a").click();
-
- // User is correctly redirected to the settings page
- $("#settings-page").shouldBe(visible);
- }
-
@Test
public void display_unauthorized_page_when_authentication_failed_in_callback() throws Exception {
simulateRedirectionToCallback();
enablePlugin();
// As this property is null, the plugin will throw an exception
- tester.settings().setGlobalSettings("sonar.auth.fake-oauth2-id-provider.user", null);
+ setServerProperty(orchestrator, "sonar.auth.fake-oauth2-id-provider.user", null);
- tester.runHtmlTests("/user/OAuth2IdentityProviderTest/display_unauthorized_page_when_authentication_failed.html");
+ runSelenese(orchestrator, "/user/OAuth2IdentityProviderTest/display_unauthorized_page_when_authentication_failed.html");
assertThatUserDoesNotExist(USER_LOGIN);
}
public void fail_to_authenticate_when_not_allowed_to_sign_up() throws Exception {
simulateRedirectionToCallback();
enablePlugin();
- tester.settings().setGlobalSettings("sonar.auth.fake-oauth2-id-provider.allowsUsersToSignUp", "false");
+ setServerProperty(orchestrator, "sonar.auth.fake-oauth2-id-provider.allowsUsersToSignUp", "false");
- tester.runHtmlTests("/user/OAuth2IdentityProviderTest/fail_to_authenticate_when_not_allowed_to_sign_up.html");
+ runSelenese(orchestrator, "/user/OAuth2IdentityProviderTest/fail_to_authenticate_when_not_allowed_to_sign_up.html");
assertThatUserDoesNotExist(USER_LOGIN);
}
public void display_message_in_ui_but_not_in_log_when_unauthorized_exception_in_callback() throws Exception {
simulateRedirectionToCallback();
enablePlugin();
- tester.settings().setGlobalSettings("sonar.auth.fake-oauth2-id-provider.throwUnauthorizedMessage", "true");
+ setServerProperty(orchestrator, "sonar.auth.fake-oauth2-id-provider.throwUnauthorizedMessage", "true");
tester.runHtmlTests("/user/OAuth2IdentityProviderTest/display_message_in_ui_but_not_in_log_when_unauthorized_exception.html");
assertThat(user.getExternalProvider()).isEqualTo(FAKE_PROVIDER_KEY);
}
-
private void authenticateWithFakeAuthProvider() {
WsResponse response = tester.wsClient().wsConnector().call(
new GetRequest(("/sessions/init/" + FAKE_PROVIDER_KEY)));
}
private void enablePlugin() {
- tester.settings().setGlobalSettings("sonar.auth.fake-oauth2-id-provider.enabled", "true");
- tester.settings().setGlobalSettings("sonar.auth.fake-oauth2-id-provider.url", fakeServerAuthProviderUrl);
- tester.settings().setGlobalSettings("sonar.auth.fake-oauth2-id-provider.user", USER_LOGIN + "," + USER_PROVIDER_ID + "," + USER_NAME + "," + USER_EMAIL);
+ setServerProperty(orchestrator, "sonar.auth.fake-oauth2-id-provider.enabled", "true");
+ setServerProperty(orchestrator, "sonar.auth.fake-oauth2-id-provider.url", fakeServerAuthProviderUrl);
+ setServerProperty(orchestrator, "sonar.auth.fake-oauth2-id-provider.user", USER_LOGIN + "," + USER_PROVIDER_ID + "," + USER_NAME + "," + USER_EMAIL);
}
private void assertThatUserDoesNotExist(String login) {