From 5cb8d2b142c9e08936bbdf29beb8d71f185004b6 Mon Sep 17 00:00:00 2001
From: Julien Lancelot <julien.lancelot@sonarsource.com>
Date: Fri, 29 Jan 2016 17:55:02 +0100
Subject: [PATCH] SONAR-6226 Add ITs

---
 .../src/main}/resources/static/base.png       | Bin
 .../src/main/resources/static/oauth2.png      | Bin 0 -> 2087 bytes
 .../BaseIdentityProviderTest.java             |  81 +++++++++++++++---
 .../OAuth2IdentityProviderTest.java           |  12 +--
 .../authenticate_user.html                    |  39 +++++++++
 ...rized_page_when_authentication_failed.html |  29 +++++++
 ...henticate_when_not_allowed_to_sign_up.html |  29 +++++++
 7 files changed, 174 insertions(+), 16 deletions(-)
 rename it/it-plugins/{oauth2-auth-plugin/src => base-auth-plugin/src/main}/resources/static/base.png (100%)
 create mode 100644 it/it-plugins/oauth2-auth-plugin/src/main/resources/static/oauth2.png
 create mode 100644 it/it-tests/src/test/resources/authorisation/BaseIdentityProviderTest/authenticate_user.html
 create mode 100644 it/it-tests/src/test/resources/authorisation/BaseIdentityProviderTest/display_unauthorized_page_when_authentication_failed.html
 create mode 100644 it/it-tests/src/test/resources/authorisation/BaseIdentityProviderTest/fail_to_authenticate_when_not_allowed_to_sign_up.html

diff --git a/it/it-plugins/oauth2-auth-plugin/src/resources/static/base.png b/it/it-plugins/base-auth-plugin/src/main/resources/static/base.png
similarity index 100%
rename from it/it-plugins/oauth2-auth-plugin/src/resources/static/base.png
rename to it/it-plugins/base-auth-plugin/src/main/resources/static/base.png
diff --git a/it/it-plugins/oauth2-auth-plugin/src/main/resources/static/oauth2.png b/it/it-plugins/oauth2-auth-plugin/src/main/resources/static/oauth2.png
new file mode 100644
index 0000000000000000000000000000000000000000..28a3e01698c7fbf7855206c7bb0a9566c8dd8926
GIT binary patch
literal 2087
zcmV+?2-x?DP)<h;3K|Lk000e1NJLTq001xm001xu1^@s6R|5Hm000N>Nkl<Zc-rk*
z3vg7`8UF6R?%ljaz(B1a5<rYW#7EVbNk*tsiUq~CGgZ`apbXf-v@<128w!d*z!|L+
z1)V8Fgmge~csNADCV`O0=B+$q5(uxD1oGHqvrDqs-P8Z<y?5Qj4J?x9jA!P|J$qm0
z`~Ls?{&Q|3V3;>yumSu`V6XuU83HA>Y_6`o@wta4k6Jh^2^^|mtzDNZgD-yH7PIWt
zN6!o^0{<;xJ0e5yQcJ}toV(O=Vdb*8dxs5yt%WQ?)Sx+3gwS}Z9A_%(FnY`#FaKl7
zlRJk6fzA1>OwwYyQ4iFW7vjW;T7-let((`(4jb|WKFDQ{3k+s0jg2BuTbPTovP+(8
zlkXq<?+wcn5{EQ_cTB8~<P)hQ20;d(=2#XAi)uXALc@%%2V#CXBIR#!Z9|g4nrybz
z(TUCc1$v!KpxX2`^77Al?|FE}c+<9&IkScwfxjGJ8j`$CCqU9u^hF{NW(3OiA4E=0
zrT0Ej(qrbV=$Ma_pE)_C2qYb1+po3Z6>eNlC;d|uf_c|oWM)-#yEi)K?y9^mUYj&z
z2qYh2qv|baaJe8DNjAZ1mw=4a-N?wGHH<O2yBP#Qz=BtvSdhAI_KqPzAn_n8X|rJl
zmrjr<gXj9^WDb4)C5~ivC&1g3Ns-os_{kBUtVnPVDuES;S$u;9*&MtIoOhBscqQ7u
zb019E-~EUH+-}UD_wc5@@Ben$pb}X6C2L@AjOJA*Sc$qsV*_=G#(Q>t1=BHq1Q<r$
z8SI)jXWCt#CB-!j3W21rSyE#w)`y5n+0@I`M^cO|5`na|L&!W{?KcCU;mo+GW2Q}W
z;|H9;;(bi3W3cNrFnHv{NoZv79{tl%OJugCWgsiB+HVH<Z_%K|ALmYgB6WGJc|Zv)
zPiK2<9hlE$!wK+i^a0PMq@{CP(=w55KHqBwK>C~U;N6!>w?02^zzF=)#O|@$ae+2$
zf=&VNF|PvLs7T30_kObbD6;uh!tFl;atD4tJNk_;l43s|5CVTsXQ$mxOyzQ+lJ2cM
z>LSL$b5bBleYE>Hj+S2RJp;;d{MZP4!sGXbZCg6S)vp9rWwYP4+pwR5)M(_WdrPNM
zeMr{e#l6M~9L&tevGPm3dO*zpKmO*aiQCgx#J<+A1gP>fGZ*gQ(f3M6iM~!TaeEi=
zO+9dDC~zdN5INsoxuFMC0^z};`?;ql-m_!z^xA$QK+#`ox8rT2p}X!S1-$12#s*Y0
zasyMH4;7GME<w)8+JG{^`%}@sD9&5?^kaQaU}ZK7vf0r}GSPA1Tqf$G#mlEi;Lo)H
z-?uZ*3aq7bW5NX-Fqh-_>AHY2z`Kr2^+H_Ktlf)ZOnpiq*~AXhT)*ZKHz<pis(0>%
z)7Q9km}kth!?SW%n1EgRCy-lFA8-cv`KjYZG@Mx-7ujb7R^_n!JMB2bCE{7Iv@&o`
zz~z>~GmQ+4pHtU?5g`In^G_qM@~WRQ>OTYO^*N7@d+V!352o}9fq!MQYCXe!K|YHX
zmriRZP}#yaZStg&vj0)ng76>#pXFB|ulic=8E`W{1Q^Cd1a-zw9TWb)KSg!k7J+wj
z*h?-4cJRn^P#&P%tnISidBphxMr8-8g4cV<2>8@oh5VYPfIZ+#D1J)h-lL17U%V{>
zYmPFjs6~hho&!ElQMYy}W)&3RqMQLvKs9lQB;X_3Mig9Zz9kQMPS7}5uVvFZ&OVmE
z@z4CPdOQ;WEplE0>+;xt1Sj6`)O?NnG_N!+nt%iJlupAB8#sRSHL)ZL*jR88=F65_
z%K+dVPahjnRlfA0XCbeR4(c5WnO+Hb2&9-<nA3q4Qh|oAx}9!0@_HTfY#+FZC7<mB
z&w!dC{+nOZ(HH)E1y^9MZT(3Z;A0I<_N1<EN$%V8(iIYJD4P)KPK8L9(p_Ex8w%KQ
ziheAQWOIkCc~LJ<F6z2RUR1r|V`6@dX2;5cIuzDfe{u$Rn-DIxo?j9@%?|<J?o=}*
zY%F4rI6F{G+DE+|XzOHNkZN?*QrXkQl8=cyT>_GeucGK``%QPFy=6eXH#Wk#C3oQ?
z>wA#kQNOOp%ITF55tyhKu)WrTU)dZ?!@+2T?p4NX)*dF7d`#?O0+tsyp{UV*)7@xq
z84&43lS8#tL03+#HNW+IwgQwkEU+sP@7=^}i<n3Y)w&J`UZ<CZOX}XofFGII*u%t}
z<aNqGVzC9q&DU?u19TiIYMm2wjvUK@EvqZjKH!@>N+YZa@W85&Z~O3D_6NfCE`gpT
z(2Tw&mi(C5KnAu@V&5#YqJ*z_0eJwpPtsUMTkFzF6K8LBv|Od~g*GMP>}J4kNI-3$
zR<J0-w#lf&OrxG@jXg{(OG|!53kCkolXjF^9XHH?MEZ=<bXDrU$@;K7dBI`+DD_rF
z>$ltj`X=6Wff*>;?@<+6C}~-QDj}`rhsQkx&UT{I=JcC^ky^nyzN0y(DRsl@nmt?2
zD!`qA%zxVid|P@0n;&k(noto_eDH%yKe5V*((5iS0fAyVLF2THtUv#G*`kD$uC^B1
zDET+zfDuqzMkAX*Ys9875zmrGv`u8UMEV>qqgBvI;3sz3zB8UJSyi;?nSGE;U%#~5
z{uh&}i5aLGz2kJ@h4q)6qpa=LTvn2`tmLmR*7O(XJ|!^N?Pmgm-G)7Z{{yh{QEi&e
R7jggq002ovPDHLkV1m9>0h|B;

literal 0
HcmV?d00001

diff --git a/it/it-tests/src/test/java/it/authorisation/BaseIdentityProviderTest.java b/it/it-tests/src/test/java/it/authorisation/BaseIdentityProviderTest.java
index 705ce8c5684..be11304d8f3 100644
--- a/it/it-tests/src/test/java/it/authorisation/BaseIdentityProviderTest.java
+++ b/it/it-tests/src/test/java/it/authorisation/BaseIdentityProviderTest.java
@@ -21,11 +21,12 @@ package it.authorisation;
 
 import com.google.common.base.Optional;
 import com.sonar.orchestrator.Orchestrator;
+import com.sonar.orchestrator.selenium.Selenese;
 import it.Category1Suite;
 import org.junit.After;
-import org.junit.AfterClass;
 import org.junit.BeforeClass;
 import org.junit.ClassRule;
+import org.junit.Ignore;
 import org.junit.Rule;
 import org.junit.Test;
 import org.sonarqube.ws.client.GetRequest;
@@ -39,6 +40,11 @@ import static org.assertj.guava.api.Assertions.assertThat;
 import static util.ItUtils.newAdminWsClient;
 import static util.ItUtils.setServerProperty;
 
+/**
+ * TODO : Add missing ITs
+ * - creating new user using email already used
+ * - display multiple identity provider plugins (probably in another class)
+ */
 public class BaseIdentityProviderTest {
 
   @ClassRule
@@ -63,24 +69,21 @@ public class BaseIdentityProviderTest {
   public static void setUp() {
     ORCHESTRATOR.resetData();
     adminWsClient = newAdminWsClient(ORCHESTRATOR);
-    setServerProperty(ORCHESTRATOR, "sonar.auth.fake-base-id-provider.enabled", "true");
-  }
-
-  @AfterClass
-  public static void disableAuthPlugin() throws Exception {
-    setServerProperty(ORCHESTRATOR, "sonar.auth.fake-base-id-provider.enabled", "false");
   }
 
   @After
-  public void removeUser() throws Exception {
+  public void removeUserAndCleanPluginProperties() throws Exception {
     Optional<Users.User> user = userRule.getUserByLogin(USER_LOGIN);
     if (user.isPresent()) {
       userRule.deactivateUsers(user.get());
     }
+    setServerProperty(ORCHESTRATOR, "sonar.auth.fake-base-id-provider.enabled", null);
+    setServerProperty(ORCHESTRATOR, "sonar.auth.fake-base-id-provider.user", null);
   }
 
   @Test
   public void create_new_user_when_authenticate() throws Exception {
+    enablePlugin();
     setUserCreatedByAuthPlugin(USER_LOGIN, USER_PROVIDER_ID, USER_NAME, USER_EMAIL);
 
     userRule.verifyUserDoesNotExist(USER_LOGIN);
@@ -91,8 +94,48 @@ public class BaseIdentityProviderTest {
     userRule.verifyUserExists(USER_LOGIN, USER_NAME, USER_EMAIL);
   }
 
+  @Test
+  public void authenticate_user() throws Exception {
+    enablePlugin();
+    setUserCreatedByAuthPlugin(USER_LOGIN, USER_PROVIDER_ID, USER_NAME, USER_EMAIL);
+
+    ORCHESTRATOR.executeSelenese(Selenese.builder().setHtmlTestsInClasspath("authenticate_through_ui",
+      "/authorisation/BaseIdentityProviderTest/authenticate_user.html"
+    ).build());
+
+    userRule.verifyUserExists(USER_LOGIN, USER_NAME, USER_EMAIL);
+  }
+
+  @Test
+  public void display_unauthorized_page_when_authentication_failed() throws Exception {
+    enablePlugin();
+    // As this property is null, the plugin will throw an exception
+    setServerProperty(ORCHESTRATOR, "sonar.auth.fake-base-id-provider.user", null);
+
+    ORCHESTRATOR.executeSelenese(Selenese.builder().setHtmlTestsInClasspath("display_unauthorized_page_when_authentication_failed",
+      "/authorisation/BaseIdentityProviderTest/display_unauthorized_page_when_authentication_failed.html"
+    ).build());
+
+    userRule.verifyUserDoesNotExist(USER_LOGIN);
+  }
+
+  @Test
+  @Ignore("Do not understand why it's failing...")
+  public void fail_to_authenticate_when_not_allowed_to_sign_up() throws Exception {
+    enablePlugin();
+    setUserCreatedByAuthPlugin(USER_LOGIN, USER_PROVIDER_ID, USER_NAME, USER_EMAIL);
+    setServerProperty(ORCHESTRATOR, "sonar.auth.fake-base-id-provider.allowsUsersToSignUp", "false");
+
+    ORCHESTRATOR.executeSelenese(Selenese.builder().setHtmlTestsInClasspath("fail_to_authenticate_when_not_allowed_to_sign_up",
+      "/authorisation/BaseIdentityProviderTest/fail_to_authenticate_when_not_allowed_to_sign_up.html"
+    ).build());
+
+    userRule.verifyUserDoesNotExist(USER_LOGIN);
+  }
+
   @Test
   public void update_existing_user_when_authenticate() throws Exception {
+    enablePlugin();
     setUserCreatedByAuthPlugin(USER_LOGIN, USER_PROVIDER_ID, USER_NAME, USER_EMAIL);
 
     // First connection, user is created
@@ -108,6 +151,7 @@ public class BaseIdentityProviderTest {
 
   @Test
   public void reactivate_disabled_user() throws Exception {
+    enablePlugin();
     setUserCreatedByAuthPlugin(USER_LOGIN, USER_PROVIDER_ID, USER_NAME, USER_EMAIL);
 
     userRule.verifyUserDoesNotExist(USER_LOGIN);
@@ -126,14 +170,31 @@ public class BaseIdentityProviderTest {
     userRule.verifyUserExists(USER_LOGIN, USER_NAME, USER_EMAIL);
   }
 
-  private void setUserCreatedByAuthPlugin(String login, String providerId, String name, String email) {
+  @Test
+  public void not_authenticate_when_plugin_is_disabled() throws Exception {
+    setServerProperty(ORCHESTRATOR, "sonar.auth.fake-base-id-provider.enabled", "false");
+    setUserCreatedByAuthPlugin(USER_LOGIN, USER_PROVIDER_ID, USER_NAME, USER_EMAIL);
+
+    authenticateWithFakeAuthProvider();
+
+    // User is not created as nothing plugin is disabled
+    userRule.verifyUserDoesNotExist(USER_LOGIN);
+
+    // TODO Add Selenium test to check login form
+  }
+
+  private static void setUserCreatedByAuthPlugin(String login, String providerId, String name, String email) {
     setServerProperty(ORCHESTRATOR, "sonar.auth.fake-base-id-provider.user", login + "," + providerId + "," + name + "," + email);
   }
 
-  private void authenticateWithFakeAuthProvider() {
+  private static void authenticateWithFakeAuthProvider() {
     WsResponse response = adminWsClient.wsConnector().call(
       new GetRequest(("/sessions/init/" + FAKE_PROVIDER_KEY)));
     assertThat(response.code()).isEqualTo(200);
   }
 
+  private static void enablePlugin() {
+    setServerProperty(ORCHESTRATOR, "sonar.auth.fake-base-id-provider.enabled", "true");
+  }
+
 }
diff --git a/it/it-tests/src/test/java/it/authorisation/OAuth2IdentityProviderTest.java b/it/it-tests/src/test/java/it/authorisation/OAuth2IdentityProviderTest.java
index 1919bcf5777..4385c3b56b7 100644
--- a/it/it-tests/src/test/java/it/authorisation/OAuth2IdentityProviderTest.java
+++ b/it/it-tests/src/test/java/it/authorisation/OAuth2IdentityProviderTest.java
@@ -25,7 +25,6 @@ import com.squareup.okhttp.mockwebserver.MockWebServer;
 import it.Category1Suite;
 import java.net.HttpURLConnection;
 import org.junit.After;
-import org.junit.AfterClass;
 import org.junit.Before;
 import org.junit.BeforeClass;
 import org.junit.ClassRule;
@@ -40,6 +39,9 @@ import static org.assertj.core.api.Assertions.assertThat;
 import static util.ItUtils.newAdminWsClient;
 import static util.ItUtils.setServerProperty;
 
+/**
+ * There's only tests specific to OAuth2 in this class
+ */
 public class OAuth2IdentityProviderTest {
 
   @ClassRule
@@ -76,11 +78,9 @@ public class OAuth2IdentityProviderTest {
   @After
   public void tearDown() throws Exception {
     fakeServerAuthProvider.shutdown();
-  }
-
-  @AfterClass
-  public static void disableAuthPlugin() throws Exception {
-    setServerProperty(ORCHESTRATOR, "sonar.auth.fake-oauth2-id-provider.enabled", "false");
+    setServerProperty(ORCHESTRATOR, "sonar.auth.fake-oauth2-id-provider.enabled", null);
+    setServerProperty(ORCHESTRATOR, "sonar.auth.fake-oauth2-id-provider.url", null);
+    setServerProperty(ORCHESTRATOR, "sonar.auth.fake-oauth2-id-provider.user", null);
   }
 
   @Test
diff --git a/it/it-tests/src/test/resources/authorisation/BaseIdentityProviderTest/authenticate_user.html b/it/it-tests/src/test/resources/authorisation/BaseIdentityProviderTest/authenticate_user.html
new file mode 100644
index 00000000000..8ea18b77624
--- /dev/null
+++ b/it/it-tests/src/test/resources/authorisation/BaseIdentityProviderTest/authenticate_user.html
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<head profile="http://selenium-ide.openqa.org/profiles/test-case">
+  <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
+  <title>fail_to_authenticate_when_not_allowed_to_sign_up</title>
+</head>
+<body>
+<table cellpadding="1" cellspacing="1" border="1">
+  <thead>
+  <tr>
+    <td>open</td>
+    <td>sessions/new</td>
+    <td></td>
+  </tr>
+  <tr>
+    <td>assertAttribute</td>
+    <td>css=a.oauth-link@href</td>
+    <td>/sessions/init/fake-base-id-provider</td>
+  </tr>
+  <tr>
+    <td>open</td>
+    <td>/sessions/init/fake-base-id-provider</td>
+    <td></td>
+  </tr>
+  <tr>
+    <td>waitForVisible</td>
+    <td>dashboard</td>
+    <td></td>
+  </tr>
+  <tr>
+    <td>waitForText</td>
+    <td>id=global-navigation</td>
+    <td>*John*</td>
+  </tr>
+  </tbody>
+</table>
+</body>
+</html>
diff --git a/it/it-tests/src/test/resources/authorisation/BaseIdentityProviderTest/display_unauthorized_page_when_authentication_failed.html b/it/it-tests/src/test/resources/authorisation/BaseIdentityProviderTest/display_unauthorized_page_when_authentication_failed.html
new file mode 100644
index 00000000000..db0799b4e32
--- /dev/null
+++ b/it/it-tests/src/test/resources/authorisation/BaseIdentityProviderTest/display_unauthorized_page_when_authentication_failed.html
@@ -0,0 +1,29 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<head profile="http://selenium-ide.openqa.org/profiles/test-case">
+  <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
+  <title>display_unauthorized_page_when_authentication_failed</title>
+</head>
+<body>
+<table cellpadding="1" cellspacing="1" border="1">
+  <thead>
+  <tr>
+    <td rowspan="1" colspan="3">french</td>
+  </tr>
+  </thead>
+  <tbody>
+  <tr>
+    <td>open</td>
+    <td>/sessions/init/fake-base-id-provider</td>
+    <td></td>
+  </tr>
+  <tr>
+    <td>waitForText</td>
+    <td>bd</td>
+    <td>*You're not authorized to access this page. Please contact the administrator.*</td>
+  </tr>
+  </tbody>
+</table>
+</body>
+</html>
diff --git a/it/it-tests/src/test/resources/authorisation/BaseIdentityProviderTest/fail_to_authenticate_when_not_allowed_to_sign_up.html b/it/it-tests/src/test/resources/authorisation/BaseIdentityProviderTest/fail_to_authenticate_when_not_allowed_to_sign_up.html
new file mode 100644
index 00000000000..d53f5239da9
--- /dev/null
+++ b/it/it-tests/src/test/resources/authorisation/BaseIdentityProviderTest/fail_to_authenticate_when_not_allowed_to_sign_up.html
@@ -0,0 +1,29 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<head profile="http://selenium-ide.openqa.org/profiles/test-case">
+  <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
+  <title>fail_to_authenticate_when_not_allowed_to_sign_up</title>
+</head>
+<body>
+<table cellpadding="1" cellspacing="1" border="1">
+  <thead>
+  <tr>
+    <td rowspan="1" colspan="3">french</td>
+  </tr>
+  </thead>
+  <tbody>
+  <tr>
+    <td>open</td>
+    <td>/sessions/init/fake-base-id-provider</td>
+    <td></td>
+  </tr>
+  <tr>
+    <td>waitForText</td>
+    <td>bd</td>
+    <td>*You're not authorized to access this page. Please contact the administrator.*</td>
+  </tr>
+  </tbody>
+</table>
+</body>
+</html>
-- 
2.39.5