SONAR-6226 Add ITs

it/it-plugins/base-auth-plugin/pom.xml

@@ -0,0 +1,45 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+  <modelVersion>4.0.0</modelVersion>
+
+  <parent>
+    <groupId>org.sonarsource.sonarqube</groupId>
+    <artifactId>it-plugins</artifactId>
+    <version>5.4-SNAPSHOT</version>
+  </parent>
+
+  <artifactId>base-auth-plugin</artifactId>
+  <version>1.0-SNAPSHOT</version>
+  <packaging>sonar-plugin</packaging>
+  <name>Plugins :: Fake Base Authentication Plugin</name>
+  <description>Test for base authentication plugin (like openid)</description>
+
+  <dependencies>
+    <dependency>
+      <groupId>org.sonarsource.sonarqube</groupId>
+      <artifactId>sonar-plugin-api</artifactId>
+      <version>${apiVersion}</version>
+      <scope>provided</scope>
+    </dependency>
+    <dependency>
+      <groupId>javax.servlet</groupId>
+      <artifactId>javax.servlet-api</artifactId>
+      <version>3.0.1</version>
+      <scope>provided</scope>
+    </dependency>
+  </dependencies>
+
+  <build>
+    <plugins>
+      <plugin>
+        <groupId>org.sonarsource.sonar-packaging-maven-plugin</groupId>
+        <artifactId>sonar-packaging-maven-plugin</artifactId>
+        <version>1.15</version>
+        <configuration>
+          <pluginClass>FakeBaseAuthPlugin</pluginClass>
+        </configuration>
+      </plugin>
+    </plugins>
+  </build>
+</project>

it/it-plugins/base-auth-plugin/src/main/java/FakeBaseAuthPlugin.java

@@ -0,0 +1,32 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2016 SonarSource SA
+ * mailto:contact AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+import java.util.ArrayList;
+import java.util.List;
+import org.sonar.api.SonarPlugin;
+
+public final class FakeBaseAuthPlugin extends SonarPlugin {
+
+  public List getExtensions() {
+    List extensions = new ArrayList();
+    extensions.add(FakeBaseIdProvider.class);
+    return extensions;
+  }
+
+}

it/it-plugins/base-auth-plugin/src/main/java/FakeBaseIdProvider.java

@@ -0,0 +1,80 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2016 SonarSource SA
+ * mailto:contact AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+import java.io.IOException;
+import org.sonar.api.config.Settings;
+import org.sonar.api.server.authentication.BaseIdentityProvider;
+import org.sonar.api.server.authentication.UserIdentity;
+
+public class FakeBaseIdProvider implements BaseIdentityProvider {
+
+  private static final String ENABLED = "sonar.auth.fake-base-id-provider.enabled";
+  private static final String USER_INFO = "sonar.auth.fake-base-id-provider.user";
+
+  private final Settings settings;
+
+  public FakeBaseIdProvider(Settings settings) {
+    this.settings = settings;
+  }
+
+  @Override
+  public void init(Context context) {
+    String userInfoProperty = settings.getString(USER_INFO);
+    if (userInfoProperty == null) {
+      throw new IllegalStateException(String.format("The property %s is required", USER_INFO));
+    }
+    String[] userInfos = userInfoProperty.split(",");
+    context.authenticate(UserIdentity.builder()
+      .setId(userInfos[0])
+      .setName(userInfos[1])
+      .setEmail(userInfos[2])
+      .build());
+
+    try {
+      context.getResponse().sendRedirect("/");
+    } catch (IOException e) {
+      throw new IllegalStateException("Fail to redirect to home", e);
+    }
+  }
+
+  @Override
+  public String getKey() {
+    return "fake-base-id-provider";
+  }
+
+  @Override
+  public String getName() {
+    return "Fake base identity provider";
+  }
+
+  @Override
+  public String getIconPath() {
+    return "/static/baseauthplugin/base.png";
+  }
+
+  @Override
+  public boolean isEnabled() {
+    return settings.getBoolean(ENABLED);
+  }
+
+  @Override
+  public boolean allowsUsersToSignUp() {
+    return true;
+  }
+}

it/it-plugins/oauth2-auth-plugin/pom.xml

@@ -0,0 +1,45 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+  <modelVersion>4.0.0</modelVersion>
+
+  <parent>
+    <groupId>org.sonarsource.sonarqube</groupId>
+    <artifactId>it-plugins</artifactId>
+    <version>5.4-SNAPSHOT</version>
+  </parent>
+
+  <artifactId>oauth2-auth-plugin</artifactId>
+  <version>1.0-SNAPSHOT</version>
+  <packaging>sonar-plugin</packaging>
+  <name>Plugins :: Fake OAuth2 Authentication Plugin</name>
+  <description>Test for OAuth2 authentication plugin (like openid)</description>
+
+  <dependencies>
+    <dependency>
+      <groupId>org.sonarsource.sonarqube</groupId>
+      <artifactId>sonar-plugin-api</artifactId>
+      <version>${apiVersion}</version>
+      <scope>provided</scope>
+    </dependency>
+    <dependency>
+      <groupId>javax.servlet</groupId>
+      <artifactId>javax.servlet-api</artifactId>
+      <version>3.0.1</version>
+      <scope>provided</scope>
+    </dependency>
+  </dependencies>
+
+  <build>
+    <plugins>
+      <plugin>
+        <groupId>org.sonarsource.sonar-packaging-maven-plugin</groupId>
+        <artifactId>sonar-packaging-maven-plugin</artifactId>
+        <version>1.15</version>
+        <configuration>
+          <pluginClass>FakeOAuth2AuthPlugin</pluginClass>
+        </configuration>
+      </plugin>
+    </plugins>
+  </build>
+</project>

it/it-plugins/oauth2-auth-plugin/src/main/java/FakeOAuth2AuthPlugin.java

@@ -0,0 +1,32 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2016 SonarSource SA
+ * mailto:contact AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+import java.util.ArrayList;
+import java.util.List;
+import org.sonar.api.SonarPlugin;
+
+public final class FakeOAuth2AuthPlugin extends SonarPlugin {
+
+  public List getExtensions() {
+    List extensions = new ArrayList();
+    extensions.add(FakeOAuth2IdProvider.class);
+    return extensions;
+  }
+
+}

it/it-plugins/oauth2-auth-plugin/src/main/java/FakeOAuth2IdProvider.java

@@ -0,0 +1,87 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2016 SonarSource SA
+ * mailto:contact AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+
+import org.sonar.api.config.Settings;
+import org.sonar.api.server.authentication.OAuth2IdentityProvider;
+import org.sonar.api.server.authentication.UserIdentity;
+
+public class FakeOAuth2IdProvider implements OAuth2IdentityProvider {
+
+  private static final String ENABLED = "sonar.auth.fake-oauth2-id-provider.enabled";
+  private static final String URL = "sonar.auth.fake-oauth2-id-provider.url";
+  private static final String USER_INFO = "sonar.auth.fake-oauth2-id-provider.user";
+
+  private final Settings settings;
+
+  public FakeOAuth2IdProvider(Settings settings) {
+    this.settings = settings;
+  }
+
+
+  @Override
+  public void init(InitContext context) {
+    String url = settings.getString(URL);
+    if (url == null) {
+      throw new IllegalStateException(String.format("The property %s is required", URL));
+    }
+    context.redirectTo(url);
+  }
+
+  @Override
+  public void callback(CallbackContext context) {
+    String userInfoProperty = settings.getString(USER_INFO);
+    if (userInfoProperty == null) {
+      throw new IllegalStateException(String.format("The property %s is required", USER_INFO));
+    }
+    String[] userInfos = userInfoProperty.split(",");
+    context.authenticate(UserIdentity.builder()
+      .setId(userInfos[0])
+      .setName(userInfos[1])
+      .setEmail(userInfos[2])
+      .build());
+    context.redirectToRequestedPage();
+  }
+
+  @Override
+  public String getKey() {
+    return "fake-oauth2-id-provider";
+  }
+
+  @Override
+  public String getName() {
+    return "Fake oauth2 identity provider";
+  }
+
+  @Override
+  public String getIconPath() {
+    return "/static/baseauthplugin/base.png";
+  }
+
+  @Override
+  public boolean isEnabled() {
+    return settings.getBoolean(ENABLED);
+  }
+
+  @Override
+  public boolean allowsUsersToSignUp() {
+    return true;
+  }
+
+}

it/it-plugins/pom.xml

@@ -31,12 +31,14 @@
 
   <modules>
     <module>access-secured-props-plugin</module>
+    <module>base-auth-plugin</module>
     <module>batch-plugin</module>
     <module>extension-lifecycle-plugin</module>
     <module>global-property-change-plugin</module>
     <module>issue-action-plugin</module>
     <module>l10n-fr-pack</module>
     <module>license-plugin</module>
+    <module>oauth2-auth-plugin</module>
     <module>project-builder-plugin</module>
     <module>property-relocation-plugin</module>
     <module>property-sets-plugin</module>

it/it-tests/pom.xml

@@ -72,6 +72,11 @@
       <groupId>org.assertj</groupId>
       <artifactId>assertj-core</artifactId>
     </dependency>
+    <dependency>
+      <groupId>org.assertj</groupId>
+      <artifactId>assertj-guava</artifactId>
+      <version>1.3.1</version>
+    </dependency>
     <dependency>
       <groupId>org.hamcrest</groupId>
       <artifactId>hamcrest-all</artifactId>
@@ -91,6 +96,11 @@
       <artifactId>jsoup</artifactId>
       <version>1.8.3</version>
     </dependency>
+    <dependency>
+      <groupId>com.squareup.okhttp</groupId>
+      <artifactId>mockwebserver</artifactId>
+      <version>2.6.0</version>
+    </dependency>
 
     <!-- Email notifications -->
     <dependency>

it/it-tests/src/test/java/it/Category1Suite.java

@@ -41,9 +41,11 @@ import com.sonar.orchestrator.Orchestrator;
 import it.actionPlan.ActionPlanTest;
 import it.actionPlan.ActionPlanUiTest;
 import it.administration.UsersUITest;
-import it.authorisation.AuthenticationTest;
+import it.authorisation.BaseIdentityProviderTest;
 import it.authorisation.ExecuteAnalysisPermissionTest;
 import it.authorisation.IssuePermissionTest;
+import it.authorisation.LocalAuthenticationTest;
+import it.authorisation.OAuth2IdentityProviderTest;
 import it.authorisation.PermissionTest;
 import it.i18n.I18nTest;
 import it.measureHistory.DifferentialPeriodsTest;
@@ -92,8 +94,11 @@ import static util.ItUtils.xooPlugin;
   QualityGateTest.class,
   QualityGateUiTest.class,
   QualityGateNotificationTest.class,
+  // authentication
+  LocalAuthenticationTest.class,
+  BaseIdentityProviderTest.class,
+  OAuth2IdentityProviderTest.class,
   // permission
-  AuthenticationTest.class,
   PermissionTest.class,
   IssuePermissionTest.class,
   ExecuteAnalysisPermissionTest.class,
@@ -128,6 +133,12 @@ public class Category1Suite {
     // Used in SettingsTest.should_get_settings_default_value
     .addPlugin(pluginArtifact("server-plugin"))
 
+    // Used in BaseIdentityProviderTest
+    .addPlugin(pluginArtifact("base-auth-plugin"))
+
+    // Used in OAuth2IdentityProviderTest
+    .addPlugin(pluginArtifact("oauth2-auth-plugin"))
+
     .addPlugin(xooPlugin())
     .build();
 

it/it-tests/src/test/java/it/authorisation/BaseIdentityProviderTest.java

@@ -0,0 +1,130 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2016 SonarSource SA
+ * mailto:contact AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+package it.authorisation;
+
+import com.google.common.base.Optional;
+import com.sonar.orchestrator.Orchestrator;
+import it.Category1Suite;
+import org.junit.After;
+import org.junit.BeforeClass;
+import org.junit.ClassRule;
+import org.junit.Ignore;
+import org.junit.Rule;
+import org.junit.Test;
+import org.sonarqube.ws.client.GetRequest;
+import org.sonarqube.ws.client.WsClient;
+import org.sonarqube.ws.client.WsResponse;
+import util.user.UserRule;
+import util.user.Users;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.assertj.guava.api.Assertions.assertThat;
+import static util.ItUtils.newAdminWsClient;
+import static util.ItUtils.setServerProperty;
+
+public class BaseIdentityProviderTest {
+
+  @ClassRule
+  public static Orchestrator ORCHESTRATOR = Category1Suite.ORCHESTRATOR;
+
+  @Rule
+  public UserRule userRule = UserRule.from(ORCHESTRATOR);
+
+  static String FAKE_PROVIDER_KEY = "fake-base-id-provider";
+
+  static String USER_PROVIDER_LOGIN = "john";
+
+  static String USER_NAME = "John";
+  static String USER_EMAIL = "john@email.com";
+
+  static String USER_NAME_UPDATED = "John Doe";
+  static String USER_EMAIL_UPDATED = "john.doe@email.com";
+
+  static WsClient adminWsClient;
+
+  @BeforeClass
+  public static void setUp() {
+    ORCHESTRATOR.resetData();
+    adminWsClient = newAdminWsClient(ORCHESTRATOR);
+  }
+
+  @After
+  public void removeUsers() throws Exception {
+    userRule.deactivateUsers(userRule.getUsersByEmails(USER_EMAIL, USER_EMAIL_UPDATED));
+  }
+
+  @Test
+  public void create_new_user_when_authenticate() throws Exception {
+    setServerProperty(ORCHESTRATOR, "sonar.auth.fake-base-id-provider.enabled", "true");
+    setServerProperty(ORCHESTRATOR, "sonar.auth.fake-base-id-provider.user", USER_PROVIDER_LOGIN + "," + USER_NAME + "," + USER_EMAIL);
+
+    userRule.verifyUserDoesNotExist(USER_EMAIL);
+
+    // First connection, user is created
+    authenticateWithFakeAuthProvider();
+
+    userRule.verifyUserExists(USER_NAME, USER_EMAIL);
+  }
+
+  @Test
+  public void update_existing_user_when_authenticate() throws Exception {
+    setServerProperty(ORCHESTRATOR, "sonar.auth.fake-base-id-provider.enabled", "true");
+    setServerProperty(ORCHESTRATOR, "sonar.auth.fake-base-id-provider.user", USER_PROVIDER_LOGIN + "," + USER_NAME + "," + USER_EMAIL);
+    // First connection, user is created
+    authenticateWithFakeAuthProvider();
+
+    setServerProperty(ORCHESTRATOR, "sonar.auth.fake-base-id-provider.user", USER_PROVIDER_LOGIN + "," + USER_NAME_UPDATED + "," + USER_EMAIL_UPDATED);
+
+    // Second connection, user should be updated
+    authenticateWithFakeAuthProvider();
+
+    userRule.verifyUserDoesNotExist(USER_EMAIL);
+    userRule.verifyUserExists(USER_NAME_UPDATED, USER_EMAIL_UPDATED);
+  }
+
+  @Test
+  @Ignore("Waiting for SONAR-7233 to be implemented")
+  public void reactivate_disabled_user() throws Exception {
+    setServerProperty(ORCHESTRATOR, "sonar.auth.fake-base-id-provider.enabled", "true");
+    setServerProperty(ORCHESTRATOR, "sonar.auth.fake-base-id-provider.user", USER_PROVIDER_LOGIN + "," + USER_NAME + "," + USER_EMAIL);
+
+    userRule.verifyUserDoesNotExist(USER_EMAIL);
+
+    // First connection, user is created
+    authenticateWithFakeAuthProvider();
+
+    Optional<Users.User> user = userRule.getUserByEmail(USER_EMAIL);
+    assertThat(user).isPresent();
+
+    // Disable user
+    userRule.deactivateUsers(user.get());
+
+    // Second connection, user is reactivated
+    authenticateWithFakeAuthProvider();
+    userRule.verifyUserExists(USER_NAME, USER_EMAIL);
+  }
+
+  private void authenticateWithFakeAuthProvider() {
+    WsResponse response = adminWsClient.wsConnector().call(
+      new GetRequest(("/sessions/init/" + FAKE_PROVIDER_KEY)));
+    assertThat(response.code()).isEqualTo(200);
+  }
+
+}

it/it-tests/src/test/java/it/authorisation/AuthenticationTest.java → it/it-tests/src/test/java/it/authorisation/LocalAuthenticationTest.java

@@ -52,7 +52,7 @@ import static util.ItUtils.newAdminWsClient;
 import static util.ItUtils.projectDir;
 import static util.ItUtils.setServerProperty;
 
-public class AuthenticationTest {
+public class LocalAuthenticationTest {
   @ClassRule
   public static Orchestrator ORCHESTRATOR = Category1Suite.ORCHESTRATOR;
   private static WsClient adminWsClient;

it/it-tests/src/test/java/it/authorisation/OAuth2IdentityProviderTest.java

@@ -0,0 +1,106 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2016 SonarSource SA
+ * mailto:contact AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+package it.authorisation;
+
+import com.sonar.orchestrator.Orchestrator;
+import com.squareup.okhttp.mockwebserver.MockResponse;
+import com.squareup.okhttp.mockwebserver.MockWebServer;
+import it.Category1Suite;
+import java.net.HttpURLConnection;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.ClassRule;
+import org.junit.Rule;
+import org.junit.Test;
+import org.sonarqube.ws.client.GetRequest;
+import org.sonarqube.ws.client.WsClient;
+import org.sonarqube.ws.client.WsResponse;
+import util.user.UserRule;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static util.ItUtils.newAdminWsClient;
+import static util.ItUtils.setServerProperty;
+
+public class OAuth2IdentityProviderTest {
+
+  @ClassRule
+  public static Orchestrator ORCHESTRATOR = Category1Suite.ORCHESTRATOR;
+
+  @Rule
+  public UserRule userRule = UserRule.from(ORCHESTRATOR);
+
+  static String FAKE_PROVIDER_KEY = "fake-oauth2-id-provider";
+
+  static String USER_PROVIDER_LOGIN = "john";
+
+  static String USER_NAME = "John";
+  static String USER_EMAIL = "john@email.com";
+
+  static WsClient adminWsClient;
+
+  MockWebServer fakeServerAuthProvider;
+  String fakeServerAuthProviderUrl;
+
+  @BeforeClass
+  public static void resetData() {
+    ORCHESTRATOR.resetData();
+    adminWsClient = newAdminWsClient(ORCHESTRATOR);
+  }
+
+  @Before
+  public void setUp() throws Exception {
+    fakeServerAuthProvider = new MockWebServer();
+    fakeServerAuthProvider.start();
+    fakeServerAuthProviderUrl = fakeServerAuthProvider.url("").url().toString();
+  }
+
+  @After
+  public void tearDown() throws Exception {
+    fakeServerAuthProvider.shutdown();
+  }
+
+  @Test
+  public void create_new_user_when_authenticate() throws Exception {
+    simulateRedirectionToCallback();
+
+    setServerProperty(ORCHESTRATOR, "sonar.auth.fake-oauth2-id-provider.enabled", "true");
+    setServerProperty(ORCHESTRATOR, "sonar.auth.fake-oauth2-id-provider.url", fakeServerAuthProviderUrl);
+    setServerProperty(ORCHESTRATOR, "sonar.auth.fake-oauth2-id-provider.user", USER_PROVIDER_LOGIN + "," + USER_NAME + "," + USER_EMAIL);
+
+    authenticateWithFakeAuthProvider();
+
+    userRule.verifyUserExists(USER_NAME, USER_EMAIL);
+  }
+
+  private void authenticateWithFakeAuthProvider() {
+    WsResponse response = adminWsClient.wsConnector().call(
+      new GetRequest(("/sessions/init/" + FAKE_PROVIDER_KEY)));
+    assertThat(response.code()).isEqualTo(200);
+  }
+
+  private void simulateRedirectionToCallback() {
+    fakeServerAuthProvider.enqueue(new MockResponse()
+      .setResponseCode(HttpURLConnection.HTTP_MOVED_TEMP)
+      .addHeader("Location: " + ORCHESTRATOR.getServer().getUrl() + "/oauth2/callback/" + FAKE_PROVIDER_KEY)
+      .setBody("Redirect to SonarQube"));
+  }
+
+}

it/it-tests/src/test/java/util/ItUtils.java

@@ -56,6 +56,8 @@ import org.sonarqube.ws.client.HttpWsClient;
 import org.sonarqube.ws.client.WsClient;
 
 import static com.google.common.collect.FluentIterable.from;
+import static com.sonar.orchestrator.container.Server.ADMIN_LOGIN;
+import static com.sonar.orchestrator.container.Server.ADMIN_PASSWORD;
 import static java.util.Arrays.asList;
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.assertj.core.api.Assertions.fail;
@@ -99,7 +101,7 @@ public class ItUtils {
     Server server = orchestrator.getServer();
     return new HttpWsClient(new HttpConnector.Builder()
       .url(server.getUrl())
-      .credentials(server.ADMIN_LOGIN, server.ADMIN_PASSWORD)
+      .credentials(ADMIN_LOGIN, ADMIN_PASSWORD)
       .build());
   }
 

it/it-tests/src/test/java/util/user/UserRule.java

@@ -0,0 +1,118 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2016 SonarSource SA
+ * mailto:contact AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+package util.user;
+
+import com.google.common.base.Optional;
+import com.google.common.base.Predicate;
+import com.google.common.collect.FluentIterable;
+import com.sonar.orchestrator.Orchestrator;
+import java.util.ArrayList;
+import java.util.List;
+import javax.annotation.Nonnull;
+import org.assertj.core.api.Assertions;
+import org.junit.rules.ExternalResource;
+import org.sonarqube.ws.client.GetRequest;
+import org.sonarqube.ws.client.PostRequest;
+import org.sonarqube.ws.client.WsClient;
+import org.sonarqube.ws.client.WsResponse;
+
+import static java.util.Arrays.asList;
+import static java.util.Objects.requireNonNull;
+import static org.assertj.guava.api.Assertions.assertThat;
+import static util.ItUtils.newAdminWsClient;
+
+public class UserRule extends ExternalResource {
+
+  private final Orchestrator orchestrator;
+
+  private WsClient adminWsClient;
+
+  private UserRule(Orchestrator orchestrator) {
+    this.orchestrator = orchestrator;
+  }
+
+  public static UserRule from(Orchestrator orchestrator) {
+    return new UserRule(requireNonNull(orchestrator, "Orchestrator instance can not be null"));
+  }
+
+  @Override
+  protected void before() throws Throwable {
+    adminWsClient = newAdminWsClient(orchestrator);
+  }
+
+  public void verifyUserExists(String name, String email) {
+    Optional<Users.User> user = getUserByEmail(email);
+    assertThat(user).isPresent();
+    Assertions.assertThat(user.get().getName()).isEqualTo(name);
+    Assertions.assertThat(user.get().getEmail()).isEqualTo(email);
+  }
+
+  public void verifyUserDoesNotExist(String email) {
+    assertThat(getUserByEmail(email)).isAbsent();
+  }
+
+  public Optional<Users.User> getUserByEmail(String email) {
+    return FluentIterable.from(getUsers().getUsers()).firstMatch(new MatchUserEmail(email));
+  }
+
+  public List<Users.User> getUsersByEmails(String... emails) {
+    List<Users.User> foundUsers = new ArrayList<>();
+    for (String email : emails) {
+      Optional<Users.User> user = FluentIterable.from(getUsers().getUsers()).firstMatch(new MatchUserEmail(email));
+      if (user.isPresent()) {
+        foundUsers.add(user.get());
+      }
+    }
+    return foundUsers;
+  }
+
+  public Users getUsers() {
+    WsResponse response = adminWsClient.wsConnector().call(
+      new GetRequest("api/users/search"));
+    Assertions.assertThat(response.code()).isEqualTo(200);
+    return Users.parse(response.content());
+  }
+
+  private class MatchUserEmail implements Predicate<Users.User> {
+    private final String email;
+
+    private MatchUserEmail(String email) {
+      this.email = email;
+    }
+
+    @Override
+    public boolean apply(@Nonnull Users.User user) {
+      String userEmail = user.getEmail();
+      return userEmail != null && userEmail.equals(email) && user.isActive();
+    }
+  }
+
+  public void deactivateUsers(List<Users.User> users) {
+    for (Users.User user : users) {
+      adminWsClient.wsConnector().call(
+        new PostRequest("api/users/deactivate")
+          .setParam("login", user.getLogin()));
+    }
+  }
+
+  public void deactivateUsers(Users.User... users) {
+    deactivateUsers(asList(users));
+  }
+}

it/it-tests/src/test/java/util/user/Users.java

@@ -0,0 +1,91 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2016 SonarSource SA
+ * mailto:contact AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+package util.user;
+
+import com.google.gson.Gson;
+import java.util.List;
+
+public class Users {
+
+  private List<User> users;
+
+  private Users(List<User> users) {
+    this.users = users;
+  }
+
+  public List<User> getUsers() {
+    return users;
+  }
+
+  public static Users parse(String json) {
+    Gson gson = new Gson();
+    return gson.fromJson(json, Users.class);
+  }
+
+  public static class User {
+    private final String login;
+    private final String name;
+    private final String email;
+    private final List<String> groups;
+    private final List<String> scmAccounts;
+    private final boolean active;
+    private int tokensCount;
+
+    private User(String login, String name, String email, List<String> groups, List<String> scmAccounts, boolean active, int tokensCount) {
+      this.login = login;
+      this.name = name;
+      this.email = email;
+      this.groups = groups;
+      this.scmAccounts = scmAccounts;
+      this.active = active;
+      this.tokensCount = tokensCount;
+    }
+
+    public String getLogin() {
+      return login;
+    }
+
+    public String getName() {
+      return name;
+    }
+
+    public String getEmail() {
+      return email;
+    }
+
+    public List<String> getGroups() {
+      return groups;
+    }
+
+    public List<String> getScmAccounts() {
+      return scmAccounts;
+    }
+
+    public boolean isActive() {
+      return active;
+    }
+
+    public int getTokensCount() {
+      return tokensCount;
+    }
+  }
+}
+
+