SONARCLOUD-213 merge login and password into new class Credentials

server/sonar-server/src/main/java/org/sonar/server/authentication/BasicAuthenticator.java

@@ -31,7 +31,6 @@ import org.sonar.server.usertoken.UserTokenAuthenticator;
 
 import static java.nio.charset.StandardCharsets.UTF_8;
 import static java.util.Locale.ENGLISH;
-import static org.apache.commons.lang.StringUtils.isEmpty;
 import static org.sonar.server.authentication.event.AuthenticationEvent.Method;
 import static org.sonar.server.authentication.event.AuthenticationEvent.Source;
 
@@ -61,14 +60,12 @@ public class BasicAuthenticator {
       return Optional.empty();
     }
 
-    String[] credentials = getCredentials(authorizationHeader);
-    String login = credentials[0];
-    String password = credentials[1];
-    UserDto userDto = authenticate(login, password, request);
+    Credentials credentials = extractCredentials(authorizationHeader);
+    UserDto userDto = authenticate(credentials, request);
     return Optional.of(userDto);
   }
 
-  private static String[] getCredentials(String authorizationHeader) {
+  private static Credentials extractCredentials(String authorizationHeader) {
     String basicAuthEncoded = authorizationHeader.substring(6);
     String basicAuthDecoded = getDecodedBasicAuth(basicAuthEncoded);
 
@@ -81,7 +78,7 @@ public class BasicAuthenticator {
     }
     String login = basicAuthDecoded.substring(0, semiColonPos);
     String password = basicAuthDecoded.substring(semiColonPos + 1);
-    return new String[] {login, password};
+    return new Credentials(login, password);
   }
 
   private static String getDecodedBasicAuth(String basicAuthEncoded) {
@@ -95,13 +92,13 @@ public class BasicAuthenticator {
     }
   }
 
-  private UserDto authenticate(String login, String password, HttpServletRequest request) {
-    if (isEmpty(password)) {
-      UserDto userDto = authenticateFromUserToken(login);
+  private UserDto authenticate(Credentials credentials, HttpServletRequest request) {
+    if (credentials.getPassword().isEmpty()) {
+      UserDto userDto = authenticateFromUserToken(credentials.getLogin());
       authenticationEvent.loginSuccess(request, userDto.getLogin(), Source.local(Method.BASIC_TOKEN));
       return userDto;
     } else {
-      return credentialsAuthenticator.authenticate(login, password, request, Method.BASIC);
+      return credentialsAuthenticator.authenticate(credentials, request, Method.BASIC);
     }
   }
 

server/sonar-server/src/main/java/org/sonar/server/authentication/Credentials.java

@@ -0,0 +1,68 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2018 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+package org.sonar.server.authentication;
+
+import java.util.Objects;
+import javax.annotation.Nullable;
+import javax.annotation.concurrent.Immutable;
+import org.apache.commons.lang.StringUtils;
+
+@Immutable
+public class Credentials {
+
+  private final String login;
+  private final String password;
+
+  public Credentials(String login, @Nullable String password) {
+    this.login = Objects.requireNonNull(login, "login must not be null");
+    this.password = StringUtils.defaultString(password, "");
+  }
+
+  /**
+   * Non-empty login
+   */
+  public String getLogin() {
+    return login;
+  }
+
+  /**
+   * Non-null password. Can be empty.
+   */
+  public String getPassword() {
+    return password;
+  }
+
+  @Override
+  public boolean equals(Object o) {
+    if (this == o) {
+      return true;
+    }
+    if (o == null || getClass() != o.getClass()) {
+      return false;
+    }
+    Credentials that = (Credentials) o;
+    return login.equals(that.login) && password.equals(that.password);
+  }
+
+  @Override
+  public int hashCode() {
+    return Objects.hash(login, password);
+  }
+}

server/sonar-server/src/main/java/org/sonar/server/authentication/CredentialsAuthenticator.java

@@ -45,27 +45,27 @@ public class CredentialsAuthenticator {
     this.localAuthentication = localAuthentication;
   }
 
-  public UserDto authenticate(String userLogin, String userPassword, HttpServletRequest request, Method method) {
+  public UserDto authenticate(Credentials credentials, HttpServletRequest request, Method method) {
     try (DbSession dbSession = dbClient.openSession(false)) {
-      return authenticate(dbSession, userLogin, userPassword, request, method);
+      return authenticate(dbSession, credentials, request, method);
     }
   }
 
-  private UserDto authenticate(DbSession dbSession, String userLogin, String userPassword, HttpServletRequest request, Method method) {
-    UserDto localUser = dbClient.userDao().selectActiveUserByLogin(dbSession, userLogin);
+  private UserDto authenticate(DbSession dbSession, Credentials credentials, HttpServletRequest request, Method method) {
+    UserDto localUser = dbClient.userDao().selectActiveUserByLogin(dbSession, credentials.getLogin());
     if (localUser != null && localUser.isLocal()) {
-      localAuthentication.authenticate(dbSession, localUser, userPassword, method);
+      localAuthentication.authenticate(dbSession, localUser, credentials.getPassword(), method);
       dbSession.commit();
-      authenticationEvent.loginSuccess(request, userLogin, Source.local(method));
+      authenticationEvent.loginSuccess(request, localUser.getLogin(), Source.local(method));
       return localUser;
     }
-    Optional<UserDto> externalUser = externalAuthenticator.authenticate(userLogin, userPassword, request, method);
+    Optional<UserDto> externalUser = externalAuthenticator.authenticate(credentials, request, method);
     if (externalUser.isPresent()) {
       return externalUser.get();
     }
     throw AuthenticationException.newBuilder()
       .setSource(Source.local(method))
-      .setLogin(userLogin)
+      .setLogin(credentials.getLogin())
       .setMessage(localUser != null && !localUser.isLocal() ? "User is not local" : "No active user for login")
       .build();
   }

server/sonar-server/src/main/java/org/sonar/server/authentication/RealmAuthenticator.java

@@ -81,35 +81,35 @@ public class RealmAuthenticator implements Startable {
     }
   }
 
-  public Optional<UserDto> authenticate(String userLogin, String userPassword, HttpServletRequest request, AuthenticationEvent.Method method) {
+  public Optional<UserDto> authenticate(Credentials credentials, HttpServletRequest request, AuthenticationEvent.Method method) {
     if (realm == null) {
       return Optional.empty();
     }
-    return Optional.of(doAuthenticate(getLogin(userLogin), userPassword, request, method));
+    return Optional.of(doAuthenticate(sanitize(credentials), request, method));
   }
 
-  private UserDto doAuthenticate(String userLogin, String userPassword, HttpServletRequest request, AuthenticationEvent.Method method) {
+  private UserDto doAuthenticate(Credentials credentials, HttpServletRequest request, AuthenticationEvent.Method method) {
     try {
-      ExternalUsersProvider.Context externalUsersProviderContext = new ExternalUsersProvider.Context(userLogin, request);
+      ExternalUsersProvider.Context externalUsersProviderContext = new ExternalUsersProvider.Context(credentials.getLogin(), request);
       UserDetails details = externalUsersProvider.doGetUserDetails(externalUsersProviderContext);
       if (details == null) {
         throw AuthenticationException.newBuilder()
           .setSource(realmEventSource(method))
-          .setLogin(userLogin)
+          .setLogin(credentials.getLogin())
           .setMessage("No user details")
           .build();
       }
-      Authenticator.Context authenticatorContext = new Authenticator.Context(userLogin, userPassword, request);
+      Authenticator.Context authenticatorContext = new Authenticator.Context(credentials.getLogin(), credentials.getPassword(), request);
       boolean status = authenticator.doAuthenticate(authenticatorContext);
       if (!status) {
         throw AuthenticationException.newBuilder()
           .setSource(realmEventSource(method))
-          .setLogin(userLogin)
+          .setLogin(credentials.getLogin())
           .setMessage("Realm returned authenticate=false")
           .build();
       }
-      UserDto userDto = synchronize(userLogin, details, request, method);
-      authenticationEvent.loginSuccess(request, userLogin, realmEventSource(method));
+      UserDto userDto = synchronize(credentials.getLogin(), details, request, method);
+      authenticationEvent.loginSuccess(request, credentials.getLogin(), realmEventSource(method));
       return userDto;
     } catch (AuthenticationException e) {
       throw e;
@@ -118,7 +118,7 @@ public class RealmAuthenticator implements Startable {
       LOG.error("Error during authentication", e);
       throw AuthenticationException.newBuilder()
         .setSource(realmEventSource(method))
-        .setLogin(userLogin)
+        .setLogin(credentials.getLogin())
         .setMessage(e.getMessage())
         .build();
     }
@@ -150,11 +150,11 @@ public class RealmAuthenticator implements Startable {
         .build());
   }
 
-  private String getLogin(String userLogin) {
+  private Credentials sanitize(Credentials credentials) {
     if (config.getBoolean("sonar.authenticator.downcase").orElse(false)) {
-      return userLogin.toLowerCase(Locale.ENGLISH);
+      return new Credentials(credentials.getLogin().toLowerCase(Locale.ENGLISH), credentials.getPassword());
     }
-    return userLogin;
+    return credentials;
   }
 
   private static class ExternalIdentityProvider implements IdentityProvider {

server/sonar-server/src/main/java/org/sonar/server/authentication/ws/LoginAction.java

@@ -19,7 +19,6 @@
  */
 package org.sonar.server.authentication.ws;
 
-import javax.annotation.Nullable;
 import javax.servlet.FilterChain;
 import javax.servlet.FilterConfig;
 import javax.servlet.ServletRequest;
@@ -29,6 +28,7 @@ import javax.servlet.http.HttpServletResponse;
 import org.sonar.api.server.ws.WebService;
 import org.sonar.api.web.ServletFilter;
 import org.sonar.db.user.UserDto;
+import org.sonar.server.authentication.Credentials;
 import org.sonar.server.authentication.CredentialsAuthenticator;
 import org.sonar.server.authentication.JwtHttpHandler;
 import org.sonar.server.authentication.event.AuthenticationEvent;
@@ -96,10 +96,8 @@ public class LoginAction extends ServletFilter implements AuthenticationWsAction
       return;
     }
 
-    String login = request.getParameter("login");
-    String password = request.getParameter("password");
     try {
-      UserDto userDto = authenticate(request, login, password);
+      UserDto userDto = authenticate(request);
       jwtHttpHandler.generateToken(userDto, request, response);
       threadLocalUserSession.set(userSessionFactory.create(userDto));
     } catch (AuthenticationException e) {
@@ -110,7 +108,9 @@ public class LoginAction extends ServletFilter implements AuthenticationWsAction
     }
   }
 
-  private UserDto authenticate(HttpServletRequest request, @Nullable String login, @Nullable String password) {
+  private UserDto authenticate(HttpServletRequest request) {
+    String login = request.getParameter("login");
+    String password = request.getParameter("password");
     if (isEmpty(login) || isEmpty(password)) {
       throw AuthenticationException.newBuilder()
         .setSource(Source.local(Method.FORM))
@@ -118,7 +118,7 @@ public class LoginAction extends ServletFilter implements AuthenticationWsAction
         .setMessage("Empty login and/or password")
         .build();
     }
-    return credentialsAuthenticator.authenticate(login, password, request, Method.FORM);
+    return credentialsAuthenticator.authenticate(new Credentials(login, password), request, Method.FORM);
   }
 
   @Override

server/sonar-server/src/test/java/org/sonar/server/authentication/BasicAuthenticatorTest.java

@@ -27,7 +27,6 @@ import org.junit.Test;
 import org.junit.rules.ExpectedException;
 import org.sonar.api.utils.System2;
 import org.sonar.db.DbClient;
-import org.sonar.db.DbSession;
 import org.sonar.db.DbTester;
 import org.sonar.db.user.UserDto;
 import org.sonar.db.user.UserTesting;
@@ -43,20 +42,20 @@ import static org.mockito.Mockito.verifyNoMoreInteractions;
 import static org.mockito.Mockito.verifyZeroInteractions;
 import static org.mockito.Mockito.when;
 import static org.sonar.server.authentication.event.AuthenticationEvent.Method;
-import static org.sonar.server.authentication.event.AuthenticationEvent.Source;
 import static org.sonar.server.authentication.event.AuthenticationEvent.Method.BASIC;
 import static org.sonar.server.authentication.event.AuthenticationEvent.Method.BASIC_TOKEN;
+import static org.sonar.server.authentication.event.AuthenticationEvent.Source;
 import static org.sonar.server.authentication.event.AuthenticationExceptionMatcher.authenticationException;
 
 public class BasicAuthenticatorTest {
 
   private static final Base64.Encoder BASE64_ENCODER = Base64.getEncoder();
 
-  private static final String LOGIN = "login";
-  private static final String PASSWORD = "password";
-  private static final String CREDENTIALS_IN_BASE64 = toBase64(LOGIN + ":" + PASSWORD);
+  private static final String A_LOGIN = "login";
+  private static final String A_PASSWORD = "password";
+  private static final String CREDENTIALS_IN_BASE64 = toBase64(A_LOGIN + ":" + A_PASSWORD);
 
-  private static final UserDto USER = UserTesting.newUserDto().setLogin(LOGIN);
+  private static final UserDto USER = UserTesting.newUserDto().setLogin(A_LOGIN);
 
   @Rule
   public ExpectedException expectedException = none();
@@ -66,8 +65,6 @@ public class BasicAuthenticatorTest {
 
   private DbClient dbClient = db.getDbClient();
 
-  private DbSession dbSession = db.getSession();
-
   private CredentialsAuthenticator credentialsAuthenticator = mock(CredentialsAuthenticator.class);
   private UserTokenAuthenticator userTokenAuthenticator = mock(UserTokenAuthenticator.class);
 
@@ -80,23 +77,24 @@ public class BasicAuthenticatorTest {
   @Test
   public void authenticate_from_basic_http_header() {
     when(request.getHeader("Authorization")).thenReturn("Basic " + CREDENTIALS_IN_BASE64);
-    when(credentialsAuthenticator.authenticate(LOGIN, PASSWORD, request, BASIC)).thenReturn(USER);
+    Credentials credentials = new Credentials(A_LOGIN, A_PASSWORD);
+    when(credentialsAuthenticator.authenticate(credentials, request, BASIC)).thenReturn(USER);
 
     underTest.authenticate(request);
 
-    verify(credentialsAuthenticator).authenticate(LOGIN, PASSWORD, request, BASIC);
+    verify(credentialsAuthenticator).authenticate(credentials, request, BASIC);
     verifyNoMoreInteractions(authenticationEvent);
   }
 
   @Test
   public void authenticate_from_basic_http_header_with_password_containing_semi_colon() {
     String password = "!ascii-only:-)@";
-    when(request.getHeader("Authorization")).thenReturn("Basic " + toBase64(LOGIN + ":" + password));
-    when(credentialsAuthenticator.authenticate(LOGIN, password, request, BASIC)).thenReturn(USER);
+    when(request.getHeader("Authorization")).thenReturn("Basic " + toBase64(A_LOGIN + ":" + password));
+    when(credentialsAuthenticator.authenticate(new Credentials(A_LOGIN, password), request, BASIC)).thenReturn(USER);
 
     underTest.authenticate(request);
 
-    verify(credentialsAuthenticator).authenticate(LOGIN, password, request, BASIC);
+    verify(credentialsAuthenticator).authenticate(new Credentials(A_LOGIN, password), request, BASIC);
     verifyNoMoreInteractions(authenticationEvent);
   }
 
@@ -118,7 +116,7 @@ public class BasicAuthenticatorTest {
 
   @Test
   public void fail_to_authenticate_when_no_login() {
-    when(request.getHeader("Authorization")).thenReturn("Basic " + toBase64(":" + PASSWORD));
+    when(request.getHeader("Authorization")).thenReturn("Basic " + toBase64(":" + A_PASSWORD));
 
     expectedException.expect(authenticationException().from(Source.local(BASIC)).withoutLogin().andNoPublicMessage());
     try {

server/sonar-server/src/test/java/org/sonar/server/authentication/CredentialsAuthenticatorTest.java

@@ -100,20 +100,20 @@ public class CredentialsAuthenticatorTest {
 
   @Test
   public void authenticate_external_user() {
-    when(externalAuthenticator.authenticate(LOGIN, PASSWORD, request, BASIC)).thenReturn(Optional.of(newUserDto()));
+    when(externalAuthenticator.authenticate(new Credentials(LOGIN, PASSWORD), request, BASIC)).thenReturn(Optional.of(newUserDto()));
     insertUser(newUserDto()
       .setLogin(LOGIN)
       .setLocal(false));
 
     executeAuthenticate(BASIC);
 
-    verify(externalAuthenticator).authenticate(LOGIN, PASSWORD, request, BASIC);
+    verify(externalAuthenticator).authenticate(new Credentials(LOGIN, PASSWORD), request, BASIC);
     verifyZeroInteractions(authenticationEvent);
   }
 
   @Test
   public void fail_to_authenticate_authenticate_external_user_when_no_external_authentication() {
-    when(externalAuthenticator.authenticate(LOGIN, PASSWORD, request, BASIC_TOKEN)).thenReturn(Optional.empty());
+    when(externalAuthenticator.authenticate(new Credentials(LOGIN, PASSWORD), request, BASIC_TOKEN)).thenReturn(Optional.empty());
     insertUser(newUserDto()
       .setLogin(LOGIN)
       .setLocal(false));
@@ -164,7 +164,7 @@ public class CredentialsAuthenticatorTest {
   }
 
   private UserDto executeAuthenticate(AuthenticationEvent.Method method) {
-    return underTest.authenticate(LOGIN, PASSWORD, request, method);
+    return underTest.authenticate(new Credentials(LOGIN, PASSWORD), request, method);
   }
 
   private UserDto insertUser(UserDto userDto) {

server/sonar-server/src/test/java/org/sonar/server/authentication/CredentialsTest.java

@@ -0,0 +1,52 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2018 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+package org.sonar.server.authentication;
+
+import org.junit.Test;
+
+import static org.assertj.core.api.Assertions.assertThat;
+
+public class CredentialsTest {
+
+  @Test
+  public void password_can_be_empty_but_not_null() {
+    Credentials underTest = new Credentials("foo", "");
+    assertThat(underTest.getPassword()).isEqualTo("");
+
+    underTest = new Credentials("foo", null);
+    assertThat(underTest.getPassword()).isEqualTo("");
+
+    underTest = new Credentials("foo", "   ");
+    assertThat(underTest.getPassword()).isEqualTo("   ");
+
+    underTest = new Credentials("foo", "bar");
+    assertThat(underTest.getPassword()).isEqualTo("bar");
+  }
+
+  @Test
+  public void test_equality() {
+    assertThat(new Credentials("foo", "bar")).isEqualTo(new Credentials("foo", "bar"));
+    assertThat(new Credentials("foo", "bar")).isNotEqualTo(new Credentials("foo", "baaaar"));
+    assertThat(new Credentials("foo", "bar")).isNotEqualTo(new Credentials("foooooo", "bar"));
+    assertThat(new Credentials("foo", "bar")).isNotEqualTo(new Credentials("foo", null));
+
+    assertThat(new Credentials("foo", "bar").hashCode()).isEqualTo(new Credentials("foo", "bar").hashCode());
+  }
+}

server/sonar-server/src/test/java/org/sonar/server/authentication/RealmAuthenticatorTest.java

@@ -88,7 +88,7 @@ public class RealmAuthenticatorTest {
     userDetails.setEmail("email");
     when(externalUsersProvider.doGetUserDetails(any(ExternalUsersProvider.Context.class))).thenReturn(userDetails);
 
-    underTest.authenticate(LOGIN, PASSWORD, request, BASIC);
+    underTest.authenticate(new Credentials(LOGIN, PASSWORD), request, BASIC);
 
     assertThat(userIdentityAuthenticator.isAuthenticated()).isTrue();
     assertThat(userIdentityAuthenticator.getAuthenticatorParameters().getExistingEmailStrategy()).isEqualTo(FORBID);
@@ -110,7 +110,7 @@ public class RealmAuthenticatorTest {
     userDetails.setEmail("email");
     when(externalUsersProvider.doGetUserDetails(any(ExternalUsersProvider.Context.class))).thenReturn(userDetails);
 
-    underTest.authenticate(LOGIN, PASSWORD, request, BASIC);
+    underTest.authenticate(new Credentials(LOGIN, PASSWORD), request, BASIC);
 
     assertThat(userIdentityAuthenticator.isAuthenticated()).isTrue();
     assertThat(userIdentityAuthenticator.getAuthenticatorParameters().getProvider().getKey()).isEqualTo("sonarqube");
@@ -128,7 +128,7 @@ public class RealmAuthenticatorTest {
     userDetails.setEmail("email");
     when(externalUsersProvider.doGetUserDetails(any(ExternalUsersProvider.Context.class))).thenReturn(userDetails);
 
-    underTest.authenticate(LOGIN, PASSWORD, request, BASIC);
+    underTest.authenticate(new Credentials(LOGIN, PASSWORD), request, BASIC);
 
     assertThat(userIdentityAuthenticator.getAuthenticatorParameters().getProvider().getName()).isEqualTo("sonarqube");
     verify(authenticationEvent).loginSuccess(request, LOGIN, Source.realm(BASIC, REALM_NAME));
@@ -154,7 +154,7 @@ public class RealmAuthenticatorTest {
     userDetails.setName(null);
     when(externalUsersProvider.doGetUserDetails(any(ExternalUsersProvider.Context.class))).thenReturn(userDetails);
 
-    underTest.authenticate(LOGIN, PASSWORD, request, BASIC);
+    underTest.authenticate(new Credentials(LOGIN, PASSWORD), request, BASIC);
 
     assertThat(userIdentityAuthenticator.isAuthenticated()).isTrue();
     assertThat(userIdentityAuthenticator.getAuthenticatorParameters().getUserIdentity().getName()).isEqualTo(LOGIN);
@@ -197,7 +197,7 @@ public class RealmAuthenticatorTest {
     expectedException.expect(authenticationException().from(Source.realm(BASIC, REALM_NAME)).withLogin(LOGIN).andNoPublicMessage());
     expectedException.expectMessage("No user details");
     try {
-      underTest.authenticate(LOGIN, PASSWORD, request, BASIC);
+      underTest.authenticate(new Credentials(LOGIN, PASSWORD), request, BASIC);
     } finally {
       verifyZeroInteractions(authenticationEvent);
     }
@@ -213,7 +213,7 @@ public class RealmAuthenticatorTest {
     expectedException.expect(authenticationException().from(Source.realm(BASIC, REALM_NAME)).withLogin(LOGIN).andNoPublicMessage());
     expectedException.expectMessage("Realm returned authenticate=false");
     try {
-      underTest.authenticate(LOGIN, PASSWORD, request, BASIC);
+      underTest.authenticate(new Credentials(LOGIN, PASSWORD), request, BASIC);
     } finally {
       verifyZeroInteractions(authenticationEvent);
     }
@@ -230,7 +230,7 @@ public class RealmAuthenticatorTest {
     expectedException.expect(authenticationException().from(Source.realm(BASIC_TOKEN, REALM_NAME)).withLogin(LOGIN).andNoPublicMessage());
     expectedException.expectMessage(expectedMessage);
     try {
-      underTest.authenticate(LOGIN, PASSWORD, request, BASIC_TOKEN);
+      underTest.authenticate(new Credentials(LOGIN, PASSWORD), request, BASIC_TOKEN);
     } finally {
       verifyZeroInteractions(authenticationEvent);
     }
@@ -238,7 +238,7 @@ public class RealmAuthenticatorTest {
 
   @Test
   public void return_empty_user_when_no_realm() {
-    assertThat(underTest.authenticate(LOGIN, PASSWORD, request, BASIC)).isEmpty();
+    assertThat(underTest.authenticate(new Credentials(LOGIN, PASSWORD), request, BASIC)).isEmpty();
     verifyNoMoreInteractions(authenticationEvent);
   }
 
@@ -287,7 +287,7 @@ public class RealmAuthenticatorTest {
     UserDetails userDetails = new UserDetails();
     userDetails.setName("name");
     when(externalUsersProvider.doGetUserDetails(any(ExternalUsersProvider.Context.class))).thenReturn(userDetails);
-    underTest.authenticate(login, PASSWORD, request, BASIC);
+    underTest.authenticate(new Credentials(login, PASSWORD), request, BASIC);
   }
 
 }

server/sonar-server/src/test/java/org/sonar/server/authentication/ws/LoginActionTest.java

@@ -33,6 +33,7 @@ import org.sonar.db.DbSession;
 import org.sonar.db.DbTester;
 import org.sonar.db.user.UserDto;
 import org.sonar.db.user.UserTesting;
+import org.sonar.server.authentication.Credentials;
 import org.sonar.server.authentication.CredentialsAuthenticator;
 import org.sonar.server.authentication.JwtHttpHandler;
 import org.sonar.server.authentication.event.AuthenticationEvent;
@@ -93,19 +94,19 @@ public class LoginActionTest {
 
   @Test
   public void do_authenticate() throws Exception {
-    when(credentialsAuthenticator.authenticate(LOGIN, PASSWORD, request, FORM)).thenReturn(user);
+    when(credentialsAuthenticator.authenticate(new Credentials(LOGIN, PASSWORD), request, FORM)).thenReturn(user);
 
     executeRequest(LOGIN, PASSWORD);
 
     assertThat(threadLocalUserSession.isLoggedIn()).isTrue();
-    verify(credentialsAuthenticator).authenticate(LOGIN, PASSWORD, request, FORM);
+    verify(credentialsAuthenticator).authenticate(new Credentials(LOGIN, PASSWORD), request, FORM);
     verify(jwtHttpHandler).generateToken(user, request, response);
     verifyZeroInteractions(chain);
     verifyZeroInteractions(authenticationEvent);
   }
 
   @Test
-  public void ignore_get_request() throws Exception {
+  public void ignore_get_request() {
     when(request.getMethod()).thenReturn("GET");
 
     underTest.doFilter(request, response, chain);
@@ -116,7 +117,7 @@ public class LoginActionTest {
 
   @Test
   public void return_authorized_code_when_unauthorized_exception_is_thrown() throws Exception {
-    doThrow(new UnauthorizedException("error !")).when(credentialsAuthenticator).authenticate(LOGIN, PASSWORD, request, FORM);
+    doThrow(new UnauthorizedException("error !")).when(credentialsAuthenticator).authenticate(new Credentials(LOGIN, PASSWORD), request, FORM);
 
     executeRequest(LOGIN, PASSWORD);