@@ -31,7 +31,6 @@ import org.sonar.server.usertoken.UserTokenAuthenticator; | |||
import static java.nio.charset.StandardCharsets.UTF_8; | |||
import static java.util.Locale.ENGLISH; | |||
import static org.apache.commons.lang.StringUtils.isEmpty; | |||
import static org.sonar.server.authentication.event.AuthenticationEvent.Method; | |||
import static org.sonar.server.authentication.event.AuthenticationEvent.Source; | |||
@@ -61,14 +60,12 @@ public class BasicAuthenticator { | |||
return Optional.empty(); | |||
} | |||
String[] credentials = getCredentials(authorizationHeader); | |||
String login = credentials[0]; | |||
String password = credentials[1]; | |||
UserDto userDto = authenticate(login, password, request); | |||
Credentials credentials = extractCredentials(authorizationHeader); | |||
UserDto userDto = authenticate(credentials, request); | |||
return Optional.of(userDto); | |||
} | |||
private static String[] getCredentials(String authorizationHeader) { | |||
private static Credentials extractCredentials(String authorizationHeader) { | |||
String basicAuthEncoded = authorizationHeader.substring(6); | |||
String basicAuthDecoded = getDecodedBasicAuth(basicAuthEncoded); | |||
@@ -81,7 +78,7 @@ public class BasicAuthenticator { | |||
} | |||
String login = basicAuthDecoded.substring(0, semiColonPos); | |||
String password = basicAuthDecoded.substring(semiColonPos + 1); | |||
return new String[] {login, password}; | |||
return new Credentials(login, password); | |||
} | |||
private static String getDecodedBasicAuth(String basicAuthEncoded) { | |||
@@ -95,13 +92,13 @@ public class BasicAuthenticator { | |||
} | |||
} | |||
private UserDto authenticate(String login, String password, HttpServletRequest request) { | |||
if (isEmpty(password)) { | |||
UserDto userDto = authenticateFromUserToken(login); | |||
private UserDto authenticate(Credentials credentials, HttpServletRequest request) { | |||
if (credentials.getPassword().isEmpty()) { | |||
UserDto userDto = authenticateFromUserToken(credentials.getLogin()); | |||
authenticationEvent.loginSuccess(request, userDto.getLogin(), Source.local(Method.BASIC_TOKEN)); | |||
return userDto; | |||
} else { | |||
return credentialsAuthenticator.authenticate(login, password, request, Method.BASIC); | |||
return credentialsAuthenticator.authenticate(credentials, request, Method.BASIC); | |||
} | |||
} | |||
@@ -0,0 +1,68 @@ | |||
/* | |||
* SonarQube | |||
* Copyright (C) 2009-2018 SonarSource SA | |||
* mailto:info AT sonarsource DOT com | |||
* | |||
* This program is free software; you can redistribute it and/or | |||
* modify it under the terms of the GNU Lesser General Public | |||
* License as published by the Free Software Foundation; either | |||
* version 3 of the License, or (at your option) any later version. | |||
* | |||
* This program is distributed in the hope that it will be useful, | |||
* but WITHOUT ANY WARRANTY; without even the implied warranty of | |||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |||
* Lesser General Public License for more details. | |||
* | |||
* You should have received a copy of the GNU Lesser General Public License | |||
* along with this program; if not, write to the Free Software Foundation, | |||
* Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. | |||
*/ | |||
package org.sonar.server.authentication; | |||
import java.util.Objects; | |||
import javax.annotation.Nullable; | |||
import javax.annotation.concurrent.Immutable; | |||
import org.apache.commons.lang.StringUtils; | |||
@Immutable | |||
public class Credentials { | |||
private final String login; | |||
private final String password; | |||
public Credentials(String login, @Nullable String password) { | |||
this.login = Objects.requireNonNull(login, "login must not be null"); | |||
this.password = StringUtils.defaultString(password, ""); | |||
} | |||
/** | |||
* Non-empty login | |||
*/ | |||
public String getLogin() { | |||
return login; | |||
} | |||
/** | |||
* Non-null password. Can be empty. | |||
*/ | |||
public String getPassword() { | |||
return password; | |||
} | |||
@Override | |||
public boolean equals(Object o) { | |||
if (this == o) { | |||
return true; | |||
} | |||
if (o == null || getClass() != o.getClass()) { | |||
return false; | |||
} | |||
Credentials that = (Credentials) o; | |||
return login.equals(that.login) && password.equals(that.password); | |||
} | |||
@Override | |||
public int hashCode() { | |||
return Objects.hash(login, password); | |||
} | |||
} |
@@ -45,27 +45,27 @@ public class CredentialsAuthenticator { | |||
this.localAuthentication = localAuthentication; | |||
} | |||
public UserDto authenticate(String userLogin, String userPassword, HttpServletRequest request, Method method) { | |||
public UserDto authenticate(Credentials credentials, HttpServletRequest request, Method method) { | |||
try (DbSession dbSession = dbClient.openSession(false)) { | |||
return authenticate(dbSession, userLogin, userPassword, request, method); | |||
return authenticate(dbSession, credentials, request, method); | |||
} | |||
} | |||
private UserDto authenticate(DbSession dbSession, String userLogin, String userPassword, HttpServletRequest request, Method method) { | |||
UserDto localUser = dbClient.userDao().selectActiveUserByLogin(dbSession, userLogin); | |||
private UserDto authenticate(DbSession dbSession, Credentials credentials, HttpServletRequest request, Method method) { | |||
UserDto localUser = dbClient.userDao().selectActiveUserByLogin(dbSession, credentials.getLogin()); | |||
if (localUser != null && localUser.isLocal()) { | |||
localAuthentication.authenticate(dbSession, localUser, userPassword, method); | |||
localAuthentication.authenticate(dbSession, localUser, credentials.getPassword(), method); | |||
dbSession.commit(); | |||
authenticationEvent.loginSuccess(request, userLogin, Source.local(method)); | |||
authenticationEvent.loginSuccess(request, localUser.getLogin(), Source.local(method)); | |||
return localUser; | |||
} | |||
Optional<UserDto> externalUser = externalAuthenticator.authenticate(userLogin, userPassword, request, method); | |||
Optional<UserDto> externalUser = externalAuthenticator.authenticate(credentials, request, method); | |||
if (externalUser.isPresent()) { | |||
return externalUser.get(); | |||
} | |||
throw AuthenticationException.newBuilder() | |||
.setSource(Source.local(method)) | |||
.setLogin(userLogin) | |||
.setLogin(credentials.getLogin()) | |||
.setMessage(localUser != null && !localUser.isLocal() ? "User is not local" : "No active user for login") | |||
.build(); | |||
} |
@@ -81,35 +81,35 @@ public class RealmAuthenticator implements Startable { | |||
} | |||
} | |||
public Optional<UserDto> authenticate(String userLogin, String userPassword, HttpServletRequest request, AuthenticationEvent.Method method) { | |||
public Optional<UserDto> authenticate(Credentials credentials, HttpServletRequest request, AuthenticationEvent.Method method) { | |||
if (realm == null) { | |||
return Optional.empty(); | |||
} | |||
return Optional.of(doAuthenticate(getLogin(userLogin), userPassword, request, method)); | |||
return Optional.of(doAuthenticate(sanitize(credentials), request, method)); | |||
} | |||
private UserDto doAuthenticate(String userLogin, String userPassword, HttpServletRequest request, AuthenticationEvent.Method method) { | |||
private UserDto doAuthenticate(Credentials credentials, HttpServletRequest request, AuthenticationEvent.Method method) { | |||
try { | |||
ExternalUsersProvider.Context externalUsersProviderContext = new ExternalUsersProvider.Context(userLogin, request); | |||
ExternalUsersProvider.Context externalUsersProviderContext = new ExternalUsersProvider.Context(credentials.getLogin(), request); | |||
UserDetails details = externalUsersProvider.doGetUserDetails(externalUsersProviderContext); | |||
if (details == null) { | |||
throw AuthenticationException.newBuilder() | |||
.setSource(realmEventSource(method)) | |||
.setLogin(userLogin) | |||
.setLogin(credentials.getLogin()) | |||
.setMessage("No user details") | |||
.build(); | |||
} | |||
Authenticator.Context authenticatorContext = new Authenticator.Context(userLogin, userPassword, request); | |||
Authenticator.Context authenticatorContext = new Authenticator.Context(credentials.getLogin(), credentials.getPassword(), request); | |||
boolean status = authenticator.doAuthenticate(authenticatorContext); | |||
if (!status) { | |||
throw AuthenticationException.newBuilder() | |||
.setSource(realmEventSource(method)) | |||
.setLogin(userLogin) | |||
.setLogin(credentials.getLogin()) | |||
.setMessage("Realm returned authenticate=false") | |||
.build(); | |||
} | |||
UserDto userDto = synchronize(userLogin, details, request, method); | |||
authenticationEvent.loginSuccess(request, userLogin, realmEventSource(method)); | |||
UserDto userDto = synchronize(credentials.getLogin(), details, request, method); | |||
authenticationEvent.loginSuccess(request, credentials.getLogin(), realmEventSource(method)); | |||
return userDto; | |||
} catch (AuthenticationException e) { | |||
throw e; | |||
@@ -118,7 +118,7 @@ public class RealmAuthenticator implements Startable { | |||
LOG.error("Error during authentication", e); | |||
throw AuthenticationException.newBuilder() | |||
.setSource(realmEventSource(method)) | |||
.setLogin(userLogin) | |||
.setLogin(credentials.getLogin()) | |||
.setMessage(e.getMessage()) | |||
.build(); | |||
} | |||
@@ -150,11 +150,11 @@ public class RealmAuthenticator implements Startable { | |||
.build()); | |||
} | |||
private String getLogin(String userLogin) { | |||
private Credentials sanitize(Credentials credentials) { | |||
if (config.getBoolean("sonar.authenticator.downcase").orElse(false)) { | |||
return userLogin.toLowerCase(Locale.ENGLISH); | |||
return new Credentials(credentials.getLogin().toLowerCase(Locale.ENGLISH), credentials.getPassword()); | |||
} | |||
return userLogin; | |||
return credentials; | |||
} | |||
private static class ExternalIdentityProvider implements IdentityProvider { |
@@ -19,7 +19,6 @@ | |||
*/ | |||
package org.sonar.server.authentication.ws; | |||
import javax.annotation.Nullable; | |||
import javax.servlet.FilterChain; | |||
import javax.servlet.FilterConfig; | |||
import javax.servlet.ServletRequest; | |||
@@ -29,6 +28,7 @@ import javax.servlet.http.HttpServletResponse; | |||
import org.sonar.api.server.ws.WebService; | |||
import org.sonar.api.web.ServletFilter; | |||
import org.sonar.db.user.UserDto; | |||
import org.sonar.server.authentication.Credentials; | |||
import org.sonar.server.authentication.CredentialsAuthenticator; | |||
import org.sonar.server.authentication.JwtHttpHandler; | |||
import org.sonar.server.authentication.event.AuthenticationEvent; | |||
@@ -96,10 +96,8 @@ public class LoginAction extends ServletFilter implements AuthenticationWsAction | |||
return; | |||
} | |||
String login = request.getParameter("login"); | |||
String password = request.getParameter("password"); | |||
try { | |||
UserDto userDto = authenticate(request, login, password); | |||
UserDto userDto = authenticate(request); | |||
jwtHttpHandler.generateToken(userDto, request, response); | |||
threadLocalUserSession.set(userSessionFactory.create(userDto)); | |||
} catch (AuthenticationException e) { | |||
@@ -110,7 +108,9 @@ public class LoginAction extends ServletFilter implements AuthenticationWsAction | |||
} | |||
} | |||
private UserDto authenticate(HttpServletRequest request, @Nullable String login, @Nullable String password) { | |||
private UserDto authenticate(HttpServletRequest request) { | |||
String login = request.getParameter("login"); | |||
String password = request.getParameter("password"); | |||
if (isEmpty(login) || isEmpty(password)) { | |||
throw AuthenticationException.newBuilder() | |||
.setSource(Source.local(Method.FORM)) | |||
@@ -118,7 +118,7 @@ public class LoginAction extends ServletFilter implements AuthenticationWsAction | |||
.setMessage("Empty login and/or password") | |||
.build(); | |||
} | |||
return credentialsAuthenticator.authenticate(login, password, request, Method.FORM); | |||
return credentialsAuthenticator.authenticate(new Credentials(login, password), request, Method.FORM); | |||
} | |||
@Override |
@@ -27,7 +27,6 @@ import org.junit.Test; | |||
import org.junit.rules.ExpectedException; | |||
import org.sonar.api.utils.System2; | |||
import org.sonar.db.DbClient; | |||
import org.sonar.db.DbSession; | |||
import org.sonar.db.DbTester; | |||
import org.sonar.db.user.UserDto; | |||
import org.sonar.db.user.UserTesting; | |||
@@ -43,20 +42,20 @@ import static org.mockito.Mockito.verifyNoMoreInteractions; | |||
import static org.mockito.Mockito.verifyZeroInteractions; | |||
import static org.mockito.Mockito.when; | |||
import static org.sonar.server.authentication.event.AuthenticationEvent.Method; | |||
import static org.sonar.server.authentication.event.AuthenticationEvent.Source; | |||
import static org.sonar.server.authentication.event.AuthenticationEvent.Method.BASIC; | |||
import static org.sonar.server.authentication.event.AuthenticationEvent.Method.BASIC_TOKEN; | |||
import static org.sonar.server.authentication.event.AuthenticationEvent.Source; | |||
import static org.sonar.server.authentication.event.AuthenticationExceptionMatcher.authenticationException; | |||
public class BasicAuthenticatorTest { | |||
private static final Base64.Encoder BASE64_ENCODER = Base64.getEncoder(); | |||
private static final String LOGIN = "login"; | |||
private static final String PASSWORD = "password"; | |||
private static final String CREDENTIALS_IN_BASE64 = toBase64(LOGIN + ":" + PASSWORD); | |||
private static final String A_LOGIN = "login"; | |||
private static final String A_PASSWORD = "password"; | |||
private static final String CREDENTIALS_IN_BASE64 = toBase64(A_LOGIN + ":" + A_PASSWORD); | |||
private static final UserDto USER = UserTesting.newUserDto().setLogin(LOGIN); | |||
private static final UserDto USER = UserTesting.newUserDto().setLogin(A_LOGIN); | |||
@Rule | |||
public ExpectedException expectedException = none(); | |||
@@ -66,8 +65,6 @@ public class BasicAuthenticatorTest { | |||
private DbClient dbClient = db.getDbClient(); | |||
private DbSession dbSession = db.getSession(); | |||
private CredentialsAuthenticator credentialsAuthenticator = mock(CredentialsAuthenticator.class); | |||
private UserTokenAuthenticator userTokenAuthenticator = mock(UserTokenAuthenticator.class); | |||
@@ -80,23 +77,24 @@ public class BasicAuthenticatorTest { | |||
@Test | |||
public void authenticate_from_basic_http_header() { | |||
when(request.getHeader("Authorization")).thenReturn("Basic " + CREDENTIALS_IN_BASE64); | |||
when(credentialsAuthenticator.authenticate(LOGIN, PASSWORD, request, BASIC)).thenReturn(USER); | |||
Credentials credentials = new Credentials(A_LOGIN, A_PASSWORD); | |||
when(credentialsAuthenticator.authenticate(credentials, request, BASIC)).thenReturn(USER); | |||
underTest.authenticate(request); | |||
verify(credentialsAuthenticator).authenticate(LOGIN, PASSWORD, request, BASIC); | |||
verify(credentialsAuthenticator).authenticate(credentials, request, BASIC); | |||
verifyNoMoreInteractions(authenticationEvent); | |||
} | |||
@Test | |||
public void authenticate_from_basic_http_header_with_password_containing_semi_colon() { | |||
String password = "!ascii-only:-)@"; | |||
when(request.getHeader("Authorization")).thenReturn("Basic " + toBase64(LOGIN + ":" + password)); | |||
when(credentialsAuthenticator.authenticate(LOGIN, password, request, BASIC)).thenReturn(USER); | |||
when(request.getHeader("Authorization")).thenReturn("Basic " + toBase64(A_LOGIN + ":" + password)); | |||
when(credentialsAuthenticator.authenticate(new Credentials(A_LOGIN, password), request, BASIC)).thenReturn(USER); | |||
underTest.authenticate(request); | |||
verify(credentialsAuthenticator).authenticate(LOGIN, password, request, BASIC); | |||
verify(credentialsAuthenticator).authenticate(new Credentials(A_LOGIN, password), request, BASIC); | |||
verifyNoMoreInteractions(authenticationEvent); | |||
} | |||
@@ -118,7 +116,7 @@ public class BasicAuthenticatorTest { | |||
@Test | |||
public void fail_to_authenticate_when_no_login() { | |||
when(request.getHeader("Authorization")).thenReturn("Basic " + toBase64(":" + PASSWORD)); | |||
when(request.getHeader("Authorization")).thenReturn("Basic " + toBase64(":" + A_PASSWORD)); | |||
expectedException.expect(authenticationException().from(Source.local(BASIC)).withoutLogin().andNoPublicMessage()); | |||
try { |
@@ -100,20 +100,20 @@ public class CredentialsAuthenticatorTest { | |||
@Test | |||
public void authenticate_external_user() { | |||
when(externalAuthenticator.authenticate(LOGIN, PASSWORD, request, BASIC)).thenReturn(Optional.of(newUserDto())); | |||
when(externalAuthenticator.authenticate(new Credentials(LOGIN, PASSWORD), request, BASIC)).thenReturn(Optional.of(newUserDto())); | |||
insertUser(newUserDto() | |||
.setLogin(LOGIN) | |||
.setLocal(false)); | |||
executeAuthenticate(BASIC); | |||
verify(externalAuthenticator).authenticate(LOGIN, PASSWORD, request, BASIC); | |||
verify(externalAuthenticator).authenticate(new Credentials(LOGIN, PASSWORD), request, BASIC); | |||
verifyZeroInteractions(authenticationEvent); | |||
} | |||
@Test | |||
public void fail_to_authenticate_authenticate_external_user_when_no_external_authentication() { | |||
when(externalAuthenticator.authenticate(LOGIN, PASSWORD, request, BASIC_TOKEN)).thenReturn(Optional.empty()); | |||
when(externalAuthenticator.authenticate(new Credentials(LOGIN, PASSWORD), request, BASIC_TOKEN)).thenReturn(Optional.empty()); | |||
insertUser(newUserDto() | |||
.setLogin(LOGIN) | |||
.setLocal(false)); | |||
@@ -164,7 +164,7 @@ public class CredentialsAuthenticatorTest { | |||
} | |||
private UserDto executeAuthenticate(AuthenticationEvent.Method method) { | |||
return underTest.authenticate(LOGIN, PASSWORD, request, method); | |||
return underTest.authenticate(new Credentials(LOGIN, PASSWORD), request, method); | |||
} | |||
private UserDto insertUser(UserDto userDto) { |
@@ -0,0 +1,52 @@ | |||
/* | |||
* SonarQube | |||
* Copyright (C) 2009-2018 SonarSource SA | |||
* mailto:info AT sonarsource DOT com | |||
* | |||
* This program is free software; you can redistribute it and/or | |||
* modify it under the terms of the GNU Lesser General Public | |||
* License as published by the Free Software Foundation; either | |||
* version 3 of the License, or (at your option) any later version. | |||
* | |||
* This program is distributed in the hope that it will be useful, | |||
* but WITHOUT ANY WARRANTY; without even the implied warranty of | |||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |||
* Lesser General Public License for more details. | |||
* | |||
* You should have received a copy of the GNU Lesser General Public License | |||
* along with this program; if not, write to the Free Software Foundation, | |||
* Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. | |||
*/ | |||
package org.sonar.server.authentication; | |||
import org.junit.Test; | |||
import static org.assertj.core.api.Assertions.assertThat; | |||
public class CredentialsTest { | |||
@Test | |||
public void password_can_be_empty_but_not_null() { | |||
Credentials underTest = new Credentials("foo", ""); | |||
assertThat(underTest.getPassword()).isEqualTo(""); | |||
underTest = new Credentials("foo", null); | |||
assertThat(underTest.getPassword()).isEqualTo(""); | |||
underTest = new Credentials("foo", " "); | |||
assertThat(underTest.getPassword()).isEqualTo(" "); | |||
underTest = new Credentials("foo", "bar"); | |||
assertThat(underTest.getPassword()).isEqualTo("bar"); | |||
} | |||
@Test | |||
public void test_equality() { | |||
assertThat(new Credentials("foo", "bar")).isEqualTo(new Credentials("foo", "bar")); | |||
assertThat(new Credentials("foo", "bar")).isNotEqualTo(new Credentials("foo", "baaaar")); | |||
assertThat(new Credentials("foo", "bar")).isNotEqualTo(new Credentials("foooooo", "bar")); | |||
assertThat(new Credentials("foo", "bar")).isNotEqualTo(new Credentials("foo", null)); | |||
assertThat(new Credentials("foo", "bar").hashCode()).isEqualTo(new Credentials("foo", "bar").hashCode()); | |||
} | |||
} |
@@ -88,7 +88,7 @@ public class RealmAuthenticatorTest { | |||
userDetails.setEmail("email"); | |||
when(externalUsersProvider.doGetUserDetails(any(ExternalUsersProvider.Context.class))).thenReturn(userDetails); | |||
underTest.authenticate(LOGIN, PASSWORD, request, BASIC); | |||
underTest.authenticate(new Credentials(LOGIN, PASSWORD), request, BASIC); | |||
assertThat(userIdentityAuthenticator.isAuthenticated()).isTrue(); | |||
assertThat(userIdentityAuthenticator.getAuthenticatorParameters().getExistingEmailStrategy()).isEqualTo(FORBID); | |||
@@ -110,7 +110,7 @@ public class RealmAuthenticatorTest { | |||
userDetails.setEmail("email"); | |||
when(externalUsersProvider.doGetUserDetails(any(ExternalUsersProvider.Context.class))).thenReturn(userDetails); | |||
underTest.authenticate(LOGIN, PASSWORD, request, BASIC); | |||
underTest.authenticate(new Credentials(LOGIN, PASSWORD), request, BASIC); | |||
assertThat(userIdentityAuthenticator.isAuthenticated()).isTrue(); | |||
assertThat(userIdentityAuthenticator.getAuthenticatorParameters().getProvider().getKey()).isEqualTo("sonarqube"); | |||
@@ -128,7 +128,7 @@ public class RealmAuthenticatorTest { | |||
userDetails.setEmail("email"); | |||
when(externalUsersProvider.doGetUserDetails(any(ExternalUsersProvider.Context.class))).thenReturn(userDetails); | |||
underTest.authenticate(LOGIN, PASSWORD, request, BASIC); | |||
underTest.authenticate(new Credentials(LOGIN, PASSWORD), request, BASIC); | |||
assertThat(userIdentityAuthenticator.getAuthenticatorParameters().getProvider().getName()).isEqualTo("sonarqube"); | |||
verify(authenticationEvent).loginSuccess(request, LOGIN, Source.realm(BASIC, REALM_NAME)); | |||
@@ -154,7 +154,7 @@ public class RealmAuthenticatorTest { | |||
userDetails.setName(null); | |||
when(externalUsersProvider.doGetUserDetails(any(ExternalUsersProvider.Context.class))).thenReturn(userDetails); | |||
underTest.authenticate(LOGIN, PASSWORD, request, BASIC); | |||
underTest.authenticate(new Credentials(LOGIN, PASSWORD), request, BASIC); | |||
assertThat(userIdentityAuthenticator.isAuthenticated()).isTrue(); | |||
assertThat(userIdentityAuthenticator.getAuthenticatorParameters().getUserIdentity().getName()).isEqualTo(LOGIN); | |||
@@ -197,7 +197,7 @@ public class RealmAuthenticatorTest { | |||
expectedException.expect(authenticationException().from(Source.realm(BASIC, REALM_NAME)).withLogin(LOGIN).andNoPublicMessage()); | |||
expectedException.expectMessage("No user details"); | |||
try { | |||
underTest.authenticate(LOGIN, PASSWORD, request, BASIC); | |||
underTest.authenticate(new Credentials(LOGIN, PASSWORD), request, BASIC); | |||
} finally { | |||
verifyZeroInteractions(authenticationEvent); | |||
} | |||
@@ -213,7 +213,7 @@ public class RealmAuthenticatorTest { | |||
expectedException.expect(authenticationException().from(Source.realm(BASIC, REALM_NAME)).withLogin(LOGIN).andNoPublicMessage()); | |||
expectedException.expectMessage("Realm returned authenticate=false"); | |||
try { | |||
underTest.authenticate(LOGIN, PASSWORD, request, BASIC); | |||
underTest.authenticate(new Credentials(LOGIN, PASSWORD), request, BASIC); | |||
} finally { | |||
verifyZeroInteractions(authenticationEvent); | |||
} | |||
@@ -230,7 +230,7 @@ public class RealmAuthenticatorTest { | |||
expectedException.expect(authenticationException().from(Source.realm(BASIC_TOKEN, REALM_NAME)).withLogin(LOGIN).andNoPublicMessage()); | |||
expectedException.expectMessage(expectedMessage); | |||
try { | |||
underTest.authenticate(LOGIN, PASSWORD, request, BASIC_TOKEN); | |||
underTest.authenticate(new Credentials(LOGIN, PASSWORD), request, BASIC_TOKEN); | |||
} finally { | |||
verifyZeroInteractions(authenticationEvent); | |||
} | |||
@@ -238,7 +238,7 @@ public class RealmAuthenticatorTest { | |||
@Test | |||
public void return_empty_user_when_no_realm() { | |||
assertThat(underTest.authenticate(LOGIN, PASSWORD, request, BASIC)).isEmpty(); | |||
assertThat(underTest.authenticate(new Credentials(LOGIN, PASSWORD), request, BASIC)).isEmpty(); | |||
verifyNoMoreInteractions(authenticationEvent); | |||
} | |||
@@ -287,7 +287,7 @@ public class RealmAuthenticatorTest { | |||
UserDetails userDetails = new UserDetails(); | |||
userDetails.setName("name"); | |||
when(externalUsersProvider.doGetUserDetails(any(ExternalUsersProvider.Context.class))).thenReturn(userDetails); | |||
underTest.authenticate(login, PASSWORD, request, BASIC); | |||
underTest.authenticate(new Credentials(login, PASSWORD), request, BASIC); | |||
} | |||
} |
@@ -33,6 +33,7 @@ import org.sonar.db.DbSession; | |||
import org.sonar.db.DbTester; | |||
import org.sonar.db.user.UserDto; | |||
import org.sonar.db.user.UserTesting; | |||
import org.sonar.server.authentication.Credentials; | |||
import org.sonar.server.authentication.CredentialsAuthenticator; | |||
import org.sonar.server.authentication.JwtHttpHandler; | |||
import org.sonar.server.authentication.event.AuthenticationEvent; | |||
@@ -93,19 +94,19 @@ public class LoginActionTest { | |||
@Test | |||
public void do_authenticate() throws Exception { | |||
when(credentialsAuthenticator.authenticate(LOGIN, PASSWORD, request, FORM)).thenReturn(user); | |||
when(credentialsAuthenticator.authenticate(new Credentials(LOGIN, PASSWORD), request, FORM)).thenReturn(user); | |||
executeRequest(LOGIN, PASSWORD); | |||
assertThat(threadLocalUserSession.isLoggedIn()).isTrue(); | |||
verify(credentialsAuthenticator).authenticate(LOGIN, PASSWORD, request, FORM); | |||
verify(credentialsAuthenticator).authenticate(new Credentials(LOGIN, PASSWORD), request, FORM); | |||
verify(jwtHttpHandler).generateToken(user, request, response); | |||
verifyZeroInteractions(chain); | |||
verifyZeroInteractions(authenticationEvent); | |||
} | |||
@Test | |||
public void ignore_get_request() throws Exception { | |||
public void ignore_get_request() { | |||
when(request.getMethod()).thenReturn("GET"); | |||
underTest.doFilter(request, response, chain); | |||
@@ -116,7 +117,7 @@ public class LoginActionTest { | |||
@Test | |||
public void return_authorized_code_when_unauthorized_exception_is_thrown() throws Exception { | |||
doThrow(new UnauthorizedException("error !")).when(credentialsAuthenticator).authenticate(LOGIN, PASSWORD, request, FORM); | |||
doThrow(new UnauthorizedException("error !")).when(credentialsAuthenticator).authenticate(new Credentials(LOGIN, PASSWORD), request, FORM); | |||
executeRequest(LOGIN, PASSWORD); | |||