api 'com.github.scribejava:scribejava-core' | api 'com.github.scribejava:scribejava-core' | ||||
api 'com.google.code.gson:gson' | api 'com.google.code.gson:gson' | ||||
api project(':server:sonar-auth-common') | api project(':server:sonar-auth-common') | ||||
api project(':server:sonar-server-common') | |||||
compileOnlyApi 'com.google.code.findbugs:jsr305' | compileOnlyApi 'com.google.code.findbugs:jsr305' | ||||
compileOnlyApi 'com.squareup.okhttp3:okhttp' | compileOnlyApi 'com.squareup.okhttp3:okhttp' | ||||
testImplementation 'junit:junit' | testImplementation 'junit:junit' | ||||
testImplementation 'org.assertj:assertj-core' | testImplementation 'org.assertj:assertj-core' | ||||
testImplementation 'org.mockito:mockito-core' | testImplementation 'org.mockito:mockito-core' | ||||
testImplementation testFixtures(project(':server:sonar-db-dao')) | |||||
testImplementation project(path: ':server:sonar-webserver-api') | testImplementation project(path: ':server:sonar-webserver-api') | ||||
} | } |
/* | |||||
* SonarQube | |||||
* Copyright (C) 2009-2023 SonarSource SA | |||||
* mailto:info AT sonarsource DOT com | |||||
* | |||||
* This program is free software; you can redistribute it and/or | |||||
* modify it under the terms of the GNU Lesser General Public | |||||
* License as published by the Free Software Foundation; either | |||||
* version 3 of the License, or (at your option) any later version. | |||||
* | |||||
* This program is distributed in the hope that it will be useful, | |||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of | |||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |||||
* Lesser General Public License for more details. | |||||
* | |||||
* You should have received a copy of the GNU Lesser General Public License | |||||
* along with this program; if not, write to the Free Software Foundation, | |||||
* Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. | |||||
*/ | |||||
package org.sonar.auth.github; | |||||
import java.util.Map; | |||||
import java.util.Set; | |||||
import org.sonar.api.ce.ComputeEngineSide; | |||||
import org.sonar.api.server.ServerSide; | |||||
import org.sonar.db.DbSession; | |||||
import org.sonar.server.management.ManagedInstanceService; | |||||
@ServerSide | |||||
@ComputeEngineSide | |||||
public class GitHubManagedInstanceService implements ManagedInstanceService { | |||||
private final GitHubSettings gitHubSettings; | |||||
public GitHubManagedInstanceService(GitHubSettings gitHubSettings) { | |||||
this.gitHubSettings = gitHubSettings; | |||||
} | |||||
@Override | |||||
public boolean isInstanceExternallyManaged() { | |||||
return gitHubSettings.isProvisioningEnabled(); | |||||
} | |||||
@Override | |||||
public Map<String, Boolean> getUserUuidToManaged(DbSession dbSession, Set<String> userUuids) { | |||||
throw new IllegalStateException("Not implemented."); | |||||
} | |||||
@Override | |||||
public Map<String, Boolean> getGroupUuidToManaged(DbSession dbSession, Set<String> groupUuids) { | |||||
throw new IllegalStateException("Not implemented."); | |||||
} | |||||
@Override | |||||
public String getManagedUsersSqlFilter(boolean filterByManaged) { | |||||
throw new IllegalStateException("Not implemented."); | |||||
} | |||||
@Override | |||||
public String getManagedGroupsSqlFilter(boolean filterByManaged) { | |||||
throw new IllegalStateException("Not implemented."); | |||||
} | |||||
} |
*/ | */ | ||||
package org.sonar.auth.github; | package org.sonar.auth.github; | ||||
import com.google.common.annotations.VisibleForTesting; | |||||
import java.util.Arrays; | import java.util.Arrays; | ||||
import java.util.List; | import java.util.List; | ||||
import javax.annotation.CheckForNull; | import javax.annotation.CheckForNull; | ||||
import javax.annotation.Nullable; | import javax.annotation.Nullable; | ||||
import org.sonar.api.config.Configuration; | import org.sonar.api.config.Configuration; | ||||
import org.sonar.api.config.PropertyDefinition; | import org.sonar.api.config.PropertyDefinition; | ||||
import org.sonar.server.property.InternalProperties; | |||||
import static java.lang.String.valueOf; | import static java.lang.String.valueOf; | ||||
import static org.sonar.api.PropertyType.BOOLEAN; | import static org.sonar.api.PropertyType.BOOLEAN; | ||||
public static final String API_URL = "sonar.auth.github.apiUrl"; | public static final String API_URL = "sonar.auth.github.apiUrl"; | ||||
public static final String WEB_URL = "sonar.auth.github.webUrl"; | public static final String WEB_URL = "sonar.auth.github.webUrl"; | ||||
public static final String ORGANIZATIONS = "sonar.auth.github.organizations"; | public static final String ORGANIZATIONS = "sonar.auth.github.organizations"; | ||||
@VisibleForTesting | |||||
static final String PROVISIONING = "sonar.provisioning.github.enabled"; | |||||
private static final String CATEGORY = "authentication"; | private static final String CATEGORY = "authentication"; | ||||
private static final String SUBCATEGORY = "github"; | private static final String SUBCATEGORY = "github"; | ||||
private final Configuration configuration; | private final Configuration configuration; | ||||
public GitHubSettings(Configuration configuration) { | |||||
private final InternalProperties internalProperties; | |||||
public GitHubSettings(Configuration configuration, InternalProperties internalProperties) { | |||||
this.configuration = configuration; | this.configuration = configuration; | ||||
this.internalProperties = internalProperties; | |||||
} | } | ||||
String clientId() { | String clientId() { | ||||
return url; | return url; | ||||
} | } | ||||
public void setProvisioning(boolean enableProvisioning) { | |||||
internalProperties.write(PROVISIONING, String.valueOf(enableProvisioning)); | |||||
} | |||||
public boolean isProvisioningEnabled() { | |||||
return isEnabled() && internalProperties.read(PROVISIONING).map(Boolean::parseBoolean).orElse(false); | |||||
} | |||||
public static List<PropertyDefinition> definitions() { | public static List<PropertyDefinition> definitions() { | ||||
return Arrays.asList( | return Arrays.asList( | ||||
PropertyDefinition.builder(ENABLED) | PropertyDefinition.builder(ENABLED) |
import org.junit.Test; | import org.junit.Test; | ||||
import org.sonar.api.config.internal.MapSettings; | import org.sonar.api.config.internal.MapSettings; | ||||
import org.sonar.api.server.authentication.OAuth2IdentityProvider; | import org.sonar.api.server.authentication.OAuth2IdentityProvider; | ||||
import org.sonar.server.property.InternalProperties; | |||||
import static org.assertj.core.api.Assertions.assertThat; | import static org.assertj.core.api.Assertions.assertThat; | ||||
import static org.assertj.core.api.Assertions.assertThatThrownBy; | import static org.assertj.core.api.Assertions.assertThatThrownBy; | ||||
private MapSettings settings = new MapSettings(); | private MapSettings settings = new MapSettings(); | ||||
private GitHubSettings gitHubSettings = new GitHubSettings(settings.asConfig()); | |||||
private InternalProperties internalProperties = mock(InternalProperties.class); | |||||
private GitHubSettings gitHubSettings = new GitHubSettings(settings.asConfig(), internalProperties); | |||||
private UserIdentityFactoryImpl userIdentityFactory = mock(UserIdentityFactoryImpl.class); | private UserIdentityFactoryImpl userIdentityFactory = mock(UserIdentityFactoryImpl.class); | ||||
private ScribeGitHubApi scribeApi = new ScribeGitHubApi(gitHubSettings); | private ScribeGitHubApi scribeApi = new ScribeGitHubApi(gitHubSettings); | ||||
private GitHubRestClient gitHubRestClient = new GitHubRestClient(gitHubSettings); | private GitHubRestClient gitHubRestClient = new GitHubRestClient(gitHubSettings); |
/* | |||||
* SonarQube | |||||
* Copyright (C) 2009-2023 SonarSource SA | |||||
* mailto:info AT sonarsource DOT com | |||||
* | |||||
* This program is free software; you can redistribute it and/or | |||||
* modify it under the terms of the GNU Lesser General Public | |||||
* License as published by the Free Software Foundation; either | |||||
* version 3 of the License, or (at your option) any later version. | |||||
* | |||||
* This program is distributed in the hope that it will be useful, | |||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of | |||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |||||
* Lesser General Public License for more details. | |||||
* | |||||
* You should have received a copy of the GNU Lesser General Public License | |||||
* along with this program; if not, write to the Free Software Foundation, | |||||
* Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. | |||||
*/ | |||||
package org.sonar.auth.github; | |||||
import org.junit.Test; | |||||
import org.junit.runner.RunWith; | |||||
import org.mockito.InjectMocks; | |||||
import org.mockito.Mock; | |||||
import org.mockito.junit.MockitoJUnitRunner; | |||||
import static org.assertj.core.api.Assertions.assertThat; | |||||
import static org.mockito.Mockito.when; | |||||
@RunWith(MockitoJUnitRunner.class) | |||||
public class GitHubManagedInstanceServiceTest { | |||||
@Mock | |||||
private GitHubSettings gitHubSettings; | |||||
@InjectMocks | |||||
private GitHubManagedInstanceService gitHubManagedInstanceService; | |||||
@Test | |||||
public void isInstanceExternallyManaged_whenFalse_returnsFalse() { | |||||
when(gitHubSettings.isProvisioningEnabled()).thenReturn(false); | |||||
assertThat(gitHubManagedInstanceService.isInstanceExternallyManaged()).isFalse(); | |||||
} | |||||
@Test | |||||
public void isInstanceExternallyManaged_whenTrue_returnsTrue() { | |||||
when(gitHubSettings.isProvisioningEnabled()).thenReturn(true); | |||||
assertThat(gitHubManagedInstanceService.isInstanceExternallyManaged()).isTrue(); | |||||
} | |||||
} |
*/ | */ | ||||
package org.sonar.auth.github; | package org.sonar.auth.github; | ||||
import java.util.Optional; | |||||
import org.junit.Test; | import org.junit.Test; | ||||
import org.sonar.api.config.PropertyDefinitions; | import org.sonar.api.config.PropertyDefinitions; | ||||
import org.sonar.api.config.internal.MapSettings; | import org.sonar.api.config.internal.MapSettings; | ||||
import org.sonar.api.utils.System2; | import org.sonar.api.utils.System2; | ||||
import org.sonar.server.property.InternalProperties; | |||||
import static org.assertj.core.api.Assertions.assertThat; | import static org.assertj.core.api.Assertions.assertThat; | ||||
import static org.mockito.Mockito.mock; | |||||
import static org.mockito.Mockito.verify; | |||||
import static org.mockito.Mockito.when; | |||||
public class GitHubSettingsTest { | public class GitHubSettingsTest { | ||||
private MapSettings settings = new MapSettings(new PropertyDefinitions(System2.INSTANCE, GitHubSettings.definitions())); | private MapSettings settings = new MapSettings(new PropertyDefinitions(System2.INSTANCE, GitHubSettings.definitions())); | ||||
private InternalProperties internalProperties = mock(InternalProperties.class); | |||||
private GitHubSettings underTest = new GitHubSettings(settings.asConfig()); | |||||
private GitHubSettings underTest = new GitHubSettings(settings.asConfig(), internalProperties); | |||||
@Test | @Test | ||||
public void is_enabled() { | public void is_enabled() { | ||||
settings.setProperty("sonar.auth.github.clientId.secured", "id"); | |||||
settings.setProperty("sonar.auth.github.clientSecret.secured", "secret"); | |||||
enableGithubAuthentication(); | |||||
settings.setProperty("sonar.auth.github.enabled", true); | |||||
assertThat(underTest.isEnabled()).isTrue(); | assertThat(underTest.isEnabled()).isTrue(); | ||||
settings.setProperty("sonar.auth.github.enabled", false); | settings.setProperty("sonar.auth.github.enabled", false); | ||||
assertThat(underTest.isEnabled()).isFalse(); | assertThat(underTest.isEnabled()).isFalse(); | ||||
} | } | ||||
@Test | |||||
public void isProvisioningEnabled_returnsFalseByDefault() { | |||||
enableGithubAuthentication(); | |||||
when(internalProperties.read(GitHubSettings.PROVISIONING)).thenReturn(Optional.empty()); | |||||
assertThat(underTest.isProvisioningEnabled()).isFalse(); | |||||
} | |||||
@Test | |||||
public void isProvisioningEnabled_ifProvisioningEnabledButGithubAuthNotSet_returnsFalse() { | |||||
enableGithubAuthentication(); | |||||
when(internalProperties.read(GitHubSettings.PROVISIONING)).thenReturn(Optional.of(Boolean.FALSE.toString())); | |||||
assertThat(underTest.isProvisioningEnabled()).isFalse(); | |||||
} | |||||
@Test | |||||
public void isProvisioningEnabled_ifProvisioningEnabledButGithubAuthDisabled_returnsFalse() { | |||||
when(internalProperties.read(GitHubSettings.PROVISIONING)).thenReturn(Optional.of(Boolean.TRUE.toString())); | |||||
assertThat(underTest.isProvisioningEnabled()).isFalse(); | |||||
} | |||||
@Test | |||||
public void isProvisioningEnabled_ifProvisioningEnabledAndGithubAuthEnabled_returnsTrue() { | |||||
enableGithubAuthentication(); | |||||
when(internalProperties.read(GitHubSettings.PROVISIONING)).thenReturn(Optional.of(Boolean.TRUE.toString())); | |||||
assertThat(underTest.isProvisioningEnabled()).isTrue(); | |||||
} | |||||
@Test | |||||
public void setProvisioning_whenPassedTrue_delegatesToInternalPropertiesWrite() { | |||||
underTest.setProvisioning(true); | |||||
verify(internalProperties).write(GitHubSettings.PROVISIONING, Boolean.TRUE.toString()); | |||||
} | |||||
@Test | |||||
public void setProvisioning_whenPassedFalse_delegatesToInternalPropertiesWrite() { | |||||
underTest.setProvisioning(false); | |||||
verify(internalProperties).write(GitHubSettings.PROVISIONING, Boolean.FALSE.toString()); | |||||
} | |||||
@Test | @Test | ||||
public void return_client_id() { | public void return_client_id() { | ||||
settings.setProperty("sonar.auth.github.clientId.secured", "id"); | settings.setProperty("sonar.auth.github.clientId.secured", "id"); | ||||
public void definitions() { | public void definitions() { | ||||
assertThat(GitHubSettings.definitions()).hasSize(8); | assertThat(GitHubSettings.definitions()).hasSize(8); | ||||
} | } | ||||
private void enableGithubAuthentication() { | |||||
settings.setProperty("sonar.auth.github.clientId.secured", "id"); | |||||
settings.setProperty("sonar.auth.github.clientSecret.secured", "secret"); | |||||
settings.setProperty("sonar.auth.github.enabled", true); | |||||
} | |||||
} | } |
import org.sonar.api.server.http.HttpRequest; | import org.sonar.api.server.http.HttpRequest; | ||||
import org.sonar.api.server.http.HttpResponse; | import org.sonar.api.server.http.HttpResponse; | ||||
import org.sonar.api.utils.System2; | import org.sonar.api.utils.System2; | ||||
import org.sonar.db.DbTester; | |||||
import org.sonar.server.property.InternalProperties; | |||||
import org.sonar.server.property.InternalPropertiesImpl; | |||||
import org.sonar.server.http.JavaxHttpRequest; | import org.sonar.server.http.JavaxHttpRequest; | ||||
import static java.lang.String.format; | import static java.lang.String.format; | ||||
@Rule | @Rule | ||||
public MockWebServer github = new MockWebServer(); | public MockWebServer github = new MockWebServer(); | ||||
@Rule | |||||
public DbTester db = DbTester.create(System2.INSTANCE); | |||||
// load settings with default values | // load settings with default values | ||||
private MapSettings settings = new MapSettings(new PropertyDefinitions(System2.INSTANCE, GitHubSettings.definitions())); | private MapSettings settings = new MapSettings(new PropertyDefinitions(System2.INSTANCE, GitHubSettings.definitions())); | ||||
private GitHubSettings gitHubSettings = new GitHubSettings(settings.asConfig()); | |||||
private InternalProperties internalProperties = new InternalPropertiesImpl(db.getDbClient()); | |||||
private GitHubSettings gitHubSettings = new GitHubSettings(settings.asConfig(), internalProperties); | |||||
private UserIdentityFactoryImpl userIdentityFactory = new UserIdentityFactoryImpl(); | private UserIdentityFactoryImpl userIdentityFactory = new UserIdentityFactoryImpl(); | ||||
private ScribeGitHubApi scribeApi = new ScribeGitHubApi(gitHubSettings); | private ScribeGitHubApi scribeApi = new ScribeGitHubApi(gitHubSettings); | ||||
private GitHubRestClient gitHubRestClient = new GitHubRestClient(gitHubSettings); | private GitHubRestClient gitHubRestClient = new GitHubRestClient(gitHubSettings); |