From 8e325b86c9247da1659fbd23f5358156468dd795 Mon Sep 17 00:00:00 2001
From: Julien Lancelot <julien.lancelot@sonarsource.com>
Date: Mon, 19 Sep 2016 12:04:49 +0200
Subject: [PATCH] SONAR-8031 Allow user login with 2 characters in Realm and
 IdentityProvider API

---
 .../it/user/BaseIdentityProviderTest.java     | 18 ++++++++++++--
 .../java/it/user/LocalAuthenticationTest.java |  7 ++++++
 .../java/it/user/RealmAuthenticationTest.java | 24 +++++++++++--------
 .../server/authentication/UserIdentity.java   | 14 +++++------
 .../authentication/UserIdentityTest.java      | 12 +++++-----
 5 files changed, 50 insertions(+), 25 deletions(-)

diff --git a/it/it-tests/src/test/java/it/user/BaseIdentityProviderTest.java b/it/it-tests/src/test/java/it/user/BaseIdentityProviderTest.java
index fcccdd5545a..07471d31fdc 100644
--- a/it/it-tests/src/test/java/it/user/BaseIdentityProviderTest.java
+++ b/it/it-tests/src/test/java/it/user/BaseIdentityProviderTest.java
@@ -80,10 +80,11 @@ public class BaseIdentityProviderTest {
 
   @After
   public void cleanUpUsersAndGroupsAndProperties() throws Exception {
-    userRule.deactivateUsers(USER_LOGIN);
+    userRule.resetUsers();
     userRule.removeGroups(GROUP1, GROUP2, GROUP3);
     resetSettings(ORCHESTRATOR, null, "sonar.auth.fake-base-id-provider.enabled", "sonar.auth.fake-base-id-provider.user",
-      "sonar.auth.fake-base-id-provider.throwUnauthorizedMessage", "sonar.auth.fake-base-id-provider.enabledGroupsSync", "sonar.auth.fake-base-id-provider.groups");
+      "sonar.auth.fake-base-id-provider.throwUnauthorizedMessage", "sonar.auth.fake-base-id-provider.enabledGroupsSync", "sonar.auth.fake-base-id-provider.groups",
+      "sonar.auth.fake-base-id-provider.allowsUsersToSignUp");
   }
 
   @Test
@@ -247,6 +248,19 @@ public class BaseIdentityProviderTest {
     userRule.verifyUserGroupMembership(USER_LOGIN);
   }
 
+  @Test
+  public void allow_user_login_with_2_characters() throws Exception {
+    enablePlugin();
+    String login = "jo";
+    setUserCreatedByAuthPlugin(login, USER_PROVIDER_ID, USER_NAME, USER_EMAIL);
+    userRule.verifyUserDoesNotExist(login);
+
+    // First connection, user is created
+    authenticateWithFakeAuthProvider();
+
+    userRule.verifyUserExists(login, USER_NAME, USER_EMAIL, false);
+  }
+
   private static void enablePlugin() {
     setServerProperty(ORCHESTRATOR, "sonar.auth.fake-base-id-provider.enabled", "true");
   }
diff --git a/it/it-tests/src/test/java/it/user/LocalAuthenticationTest.java b/it/it-tests/src/test/java/it/user/LocalAuthenticationTest.java
index 1db146aabc2..76c601b0e1c 100644
--- a/it/it-tests/src/test/java/it/user/LocalAuthenticationTest.java
+++ b/it/it-tests/src/test/java/it/user/LocalAuthenticationTest.java
@@ -185,6 +185,13 @@ public class LocalAuthenticationTest {
     assertThat(checkAuthenticationWithAuthenticateWebService(login, password)).isFalse();
   }
 
+  @Test
+  public void allow_user_login_with_2_characters() throws Exception {
+    userRule.createUser("jo", "password");
+
+    assertThat(checkAuthenticationWithAuthenticateWebService("jo", "password")).isTrue();
+  }
+
   @Test
   public void allow_users_to_sign_up() throws IOException {
     setServerProperty(ORCHESTRATOR, "sonar.allowUsersToSignUp", "true");
diff --git a/it/it-tests/src/test/java/it/user/RealmAuthenticationTest.java b/it/it-tests/src/test/java/it/user/RealmAuthenticationTest.java
index 59863a364bf..b6a99034d6d 100644
--- a/it/it-tests/src/test/java/it/user/RealmAuthenticationTest.java
+++ b/it/it-tests/src/test/java/it/user/RealmAuthenticationTest.java
@@ -48,6 +48,7 @@ import org.sonarqube.ws.client.WsClient;
 import org.sonarqube.ws.client.WsClientFactories;
 import org.sonarqube.ws.client.WsResponse;
 import util.selenium.SeleneseTest;
+import util.user.UserRule;
 
 import static java.net.HttpURLConnection.HTTP_OK;
 import static java.net.HttpURLConnection.HTTP_UNAUTHORIZED;
@@ -82,22 +83,16 @@ public class RealmAuthenticationTest {
     .setServerProperty("sonar.security.realm", "FakeRealm")
     .build();
 
+  @ClassRule
+  public static UserRule USER_RULE = UserRule.from(orchestrator);
+
   @Before
   @After
   public void resetData() throws Exception {
     setServerProperty(orchestrator, USERS_PROPERTY, null);
     setServerProperty(orchestrator, "sonar.security.updateUserAttributes", null);
     setServerProperty(orchestrator, "sonar.authenticator.createUsers", null);
-    resetUsers(USER_LOGIN, TECH_USER);
-  }
-
-  private void resetUsers(String... logins) {
-    for (String login : logins) {
-      String result = orchestrator.getServer().adminWsClient().get("/api/users/search?q=" + login);
-      if (result.contains(login)) {
-        orchestrator.getServer().adminWsClient().userClient().deactivate(login);
-      }
-    }
+    USER_RULE.resetUsers();
   }
 
   /**
@@ -333,6 +328,15 @@ public class RealmAuthenticationTest {
     assertThat(checkAuthenticationWithWebService(null, null).code()).isEqualTo(HTTP_UNAUTHORIZED);
   }
 
+  @Test
+  public void allow_user_login_with_2_characters() {
+    String username = "jo";
+    String password = "1234567";
+    updateUsersInExtAuth(ImmutableMap.of(username + ".password", password));
+
+    assertThat(loginAttempt(username, password)).isEqualTo(AUTHORIZED);
+  }
+
   protected void verifyHttpException(Exception e, int expectedCode) {
     assertThat(e).isInstanceOf(HttpException.class);
     HttpException exception = (HttpException) e;
diff --git a/sonar-plugin-api/src/main/java/org/sonar/api/server/authentication/UserIdentity.java b/sonar-plugin-api/src/main/java/org/sonar/api/server/authentication/UserIdentity.java
index 65753247e7c..b6d56989549 100644
--- a/sonar-plugin-api/src/main/java/org/sonar/api/server/authentication/UserIdentity.java
+++ b/sonar-plugin-api/src/main/java/org/sonar/api/server/authentication/UserIdentity.java
@@ -19,12 +19,6 @@
  */
 package org.sonar.api.server.authentication;
 
-import static com.google.common.base.Preconditions.checkArgument;
-import static com.google.common.base.Preconditions.checkNotNull;
-import static com.google.common.collect.FluentIterable.from;
-import static org.apache.commons.lang.StringUtils.isNotBlank;
-import static org.sonar.api.user.UserGroupValidation.validateGroupName;
-
 import com.google.common.base.Predicate;
 import java.util.HashSet;
 import java.util.Set;
@@ -34,6 +28,12 @@ import javax.annotation.Nullable;
 import javax.annotation.concurrent.Immutable;
 import org.sonar.api.CoreProperties;
 
+import static com.google.common.base.Preconditions.checkArgument;
+import static com.google.common.base.Preconditions.checkNotNull;
+import static com.google.common.collect.FluentIterable.from;
+import static org.apache.commons.lang.StringUtils.isNotBlank;
+import static org.sonar.api.user.UserGroupValidation.validateGroupName;
+
 /**
  * User information provided by the Identity Provider to be register into the platform.
  *
@@ -193,7 +193,7 @@ public final class UserIdentity {
 
     private static void validateLogin(String login) {
       checkArgument(isNotBlank(login), "User login must not be blank");
-      checkArgument(login.length() <= 255 && login.length() >= 3, "User login size is incorrect (Between 3 and 255 characters)");
+      checkArgument(login.length() <= 255 && login.length() >= 2, "User login size is incorrect (Between 2 and 255 characters)");
     }
 
     private static void validateName(String name) {
diff --git a/sonar-plugin-api/src/test/java/org/sonar/api/server/authentication/UserIdentityTest.java b/sonar-plugin-api/src/test/java/org/sonar/api/server/authentication/UserIdentityTest.java
index 5c41e477d91..8366dcc1549 100644
--- a/sonar-plugin-api/src/test/java/org/sonar/api/server/authentication/UserIdentityTest.java
+++ b/sonar-plugin-api/src/test/java/org/sonar/api/server/authentication/UserIdentityTest.java
@@ -19,14 +19,14 @@
  */
 package org.sonar.api.server.authentication;
 
-import static com.google.common.collect.Sets.newHashSet;
-import static org.assertj.core.api.Assertions.assertThat;
-
 import com.google.common.base.Strings;
 import org.junit.Rule;
 import org.junit.Test;
 import org.junit.rules.ExpectedException;
 
+import static com.google.common.collect.Sets.newHashSet;
+import static org.assertj.core.api.Assertions.assertThat;
+
 public class UserIdentityTest {
 
   @Rule
@@ -75,7 +75,7 @@ public class UserIdentityTest {
   @Test
   public void fail_when_login_is_too_long() throws Exception {
     thrown.expect(IllegalArgumentException.class);
-    thrown.expectMessage("User login size is incorrect (Between 3 and 255 characters)");
+    thrown.expectMessage("User login size is incorrect (Between 2 and 255 characters)");
     UserIdentity.builder()
       .setProviderLogin("john")
       .setLogin(Strings.repeat("1", 256))
@@ -87,10 +87,10 @@ public class UserIdentityTest {
   @Test
   public void fail_when_login_is_too_small() throws Exception {
     thrown.expect(IllegalArgumentException.class);
-    thrown.expectMessage("User login size is incorrect (Between 3 and 255 characters)");
+    thrown.expectMessage("User login size is incorrect (Between 2 and 255 characters)");
     UserIdentity.builder()
       .setProviderLogin("john")
-      .setLogin("12")
+      .setLogin("j")
       .setName("John")
       .setEmail("john@email.com")
       .build();
-- 
2.39.5