to UserRegistrar to help understanding its responsibility.tags/7.5
@@ -37,7 +37,7 @@ public class AuthenticationModule extends Module { | |||
IdentityProviderRepository.class, | |||
BaseContextFactory.class, | |||
OAuth2ContextFactory.class, | |||
UserIdentityAuthenticatorImpl.class, | |||
UserRegistrarImpl.class, | |||
OAuthCsrfVerifier.class, | |||
UserSessionInitializer.class, | |||
JwtSerializer.class, |
@@ -25,8 +25,8 @@ import org.sonar.api.platform.Server; | |||
import org.sonar.api.server.authentication.BaseIdentityProvider; | |||
import org.sonar.api.server.authentication.UserIdentity; | |||
import org.sonar.db.user.UserDto; | |||
import org.sonar.server.authentication.UserIdentityAuthenticatorParameters.ExistingEmailStrategy; | |||
import org.sonar.server.authentication.UserIdentityAuthenticatorParameters.UpdateLoginStrategy; | |||
import org.sonar.server.authentication.UserRegistration.ExistingEmailStrategy; | |||
import org.sonar.server.authentication.UserRegistration.UpdateLoginStrategy; | |||
import org.sonar.server.authentication.event.AuthenticationEvent.Source; | |||
import org.sonar.server.user.ThreadLocalUserSession; | |||
import org.sonar.server.user.UserSessionFactory; | |||
@@ -34,15 +34,15 @@ import org.sonar.server.user.UserSessionFactory; | |||
public class BaseContextFactory { | |||
private final ThreadLocalUserSession threadLocalUserSession; | |||
private final UserIdentityAuthenticator userIdentityAuthenticator; | |||
private final UserRegistrar userRegistrar; | |||
private final Server server; | |||
private final JwtHttpHandler jwtHttpHandler; | |||
private final UserSessionFactory userSessionFactory; | |||
public BaseContextFactory(UserIdentityAuthenticator userIdentityAuthenticator, Server server, JwtHttpHandler jwtHttpHandler, | |||
ThreadLocalUserSession threadLocalUserSession, UserSessionFactory userSessionFactory) { | |||
public BaseContextFactory(UserRegistrar userRegistrar, Server server, JwtHttpHandler jwtHttpHandler, | |||
ThreadLocalUserSession threadLocalUserSession, UserSessionFactory userSessionFactory) { | |||
this.userSessionFactory = userSessionFactory; | |||
this.userIdentityAuthenticator = userIdentityAuthenticator; | |||
this.userRegistrar = userRegistrar; | |||
this.server = server; | |||
this.jwtHttpHandler = jwtHttpHandler; | |||
this.threadLocalUserSession = threadLocalUserSession; | |||
@@ -80,8 +80,8 @@ public class BaseContextFactory { | |||
@Override | |||
public void authenticate(UserIdentity userIdentity) { | |||
UserDto userDto = userIdentityAuthenticator.authenticate( | |||
UserIdentityAuthenticatorParameters.builder() | |||
UserDto userDto = userRegistrar.register( | |||
UserRegistration.builder() | |||
.setUserIdentity(userIdentity) | |||
.setProvider(identityProvider) | |||
.setSource(Source.external(identityProvider)) |
@@ -37,8 +37,8 @@ import org.sonar.api.server.authentication.UserIdentity; | |||
import org.sonar.api.utils.log.Logger; | |||
import org.sonar.api.utils.log.Loggers; | |||
import org.sonar.db.user.UserDto; | |||
import org.sonar.server.authentication.UserIdentityAuthenticatorParameters.ExistingEmailStrategy; | |||
import org.sonar.server.authentication.UserIdentityAuthenticatorParameters.UpdateLoginStrategy; | |||
import org.sonar.server.authentication.UserRegistration.ExistingEmailStrategy; | |||
import org.sonar.server.authentication.UserRegistration.UpdateLoginStrategy; | |||
import org.sonar.server.authentication.event.AuthenticationEvent; | |||
import org.sonar.server.authentication.event.AuthenticationEvent.Source; | |||
import org.sonar.server.authentication.event.AuthenticationException; | |||
@@ -58,7 +58,7 @@ public class CredentialsExternalAuthentication implements Startable { | |||
private final Configuration config; | |||
private final SecurityRealmFactory securityRealmFactory; | |||
private final UserIdentityAuthenticator userIdentityAuthenticator; | |||
private final UserRegistrar userRegistrar; | |||
private final AuthenticationEvent authenticationEvent; | |||
private SecurityRealm realm; | |||
@@ -67,10 +67,10 @@ public class CredentialsExternalAuthentication implements Startable { | |||
private ExternalGroupsProvider externalGroupsProvider; | |||
public CredentialsExternalAuthentication(Configuration config, SecurityRealmFactory securityRealmFactory, | |||
UserIdentityAuthenticator userIdentityAuthenticator, AuthenticationEvent authenticationEvent) { | |||
UserRegistrar userRegistrar, AuthenticationEvent authenticationEvent) { | |||
this.config = config; | |||
this.securityRealmFactory = securityRealmFactory; | |||
this.userIdentityAuthenticator = userIdentityAuthenticator; | |||
this.userRegistrar = userRegistrar; | |||
this.authenticationEvent = authenticationEvent; | |||
} | |||
@@ -143,8 +143,8 @@ public class CredentialsExternalAuthentication implements Startable { | |||
Collection<String> groups = externalGroupsProvider.doGetGroups(context); | |||
userIdentityBuilder.setGroups(new HashSet<>(groups)); | |||
} | |||
return userIdentityAuthenticator.authenticate( | |||
UserIdentityAuthenticatorParameters.builder() | |||
return userRegistrar.register( | |||
UserRegistration.builder() | |||
.setUserIdentity(userIdentityBuilder.build()) | |||
.setProvider(new ExternalIdentityProvider()) | |||
.setSource(realmEventSource(method)) |
@@ -42,8 +42,8 @@ import org.sonar.api.utils.log.Logger; | |||
import org.sonar.api.utils.log.Loggers; | |||
import org.sonar.db.user.UserDto; | |||
import org.sonar.process.ProcessProperties; | |||
import org.sonar.server.authentication.UserIdentityAuthenticatorParameters.ExistingEmailStrategy; | |||
import org.sonar.server.authentication.UserIdentityAuthenticatorParameters.UpdateLoginStrategy; | |||
import org.sonar.server.authentication.UserRegistration.ExistingEmailStrategy; | |||
import org.sonar.server.authentication.UserRegistration.UpdateLoginStrategy; | |||
import org.sonar.server.authentication.event.AuthenticationEvent; | |||
import org.sonar.server.authentication.event.AuthenticationEvent.Source; | |||
import org.sonar.server.authentication.event.AuthenticationException; | |||
@@ -70,7 +70,7 @@ public class HttpHeadersAuthentication implements Startable { | |||
private static final String LAST_REFRESH_TIME_TOKEN_PARAM = "ssoLastRefreshTime"; | |||
private static final EnumSet<ProcessProperties.Property> SETTINGS = EnumSet.of( | |||
private static final EnumSet<ProcessProperties.Property> PROPERTIES = EnumSet.of( | |||
SONAR_WEB_SSO_LOGIN_HEADER, | |||
SONAR_WEB_SSO_NAME_HEADER, | |||
SONAR_WEB_SSO_EMAIL_HEADER, | |||
@@ -79,18 +79,18 @@ public class HttpHeadersAuthentication implements Startable { | |||
private final System2 system2; | |||
private final Configuration config; | |||
private final UserIdentityAuthenticator userIdentityAuthenticator; | |||
private final UserRegistrar userRegistrar; | |||
private final JwtHttpHandler jwtHttpHandler; | |||
private final AuthenticationEvent authenticationEvent; | |||
private final Map<String, String> settingsByKey = new HashMap<>(); | |||
private boolean enabled = false; | |||
private Map<String, String> settingsByKey = new HashMap<>(); | |||
public HttpHeadersAuthentication(System2 system2, Configuration config, UserIdentityAuthenticator userIdentityAuthenticator, | |||
public HttpHeadersAuthentication(System2 system2, Configuration config, UserRegistrar userRegistrar, | |||
JwtHttpHandler jwtHttpHandler, AuthenticationEvent authenticationEvent) { | |||
this.system2 = system2; | |||
this.config = config; | |||
this.userIdentityAuthenticator = userIdentityAuthenticator; | |||
this.userRegistrar = userRegistrar; | |||
this.jwtHttpHandler = jwtHttpHandler; | |||
this.authenticationEvent = authenticationEvent; | |||
} | |||
@@ -100,7 +100,7 @@ public class HttpHeadersAuthentication implements Startable { | |||
if (config.getBoolean(SONAR_WEB_SSO_ENABLE.getKey()).orElse(false)) { | |||
LOG.info("HTTP headers authentication enabled"); | |||
enabled = true; | |||
SETTINGS.forEach(entry -> settingsByKey.put(entry.getKey(), config.get(entry.getKey()).orElse(entry.getDefaultValue()))); | |||
PROPERTIES.forEach(entry -> settingsByKey.put(entry.getKey(), config.get(entry.getKey()).orElse(entry.getDefaultValue()))); | |||
} | |||
} | |||
@@ -166,8 +166,8 @@ public class HttpHeadersAuthentication implements Startable { | |||
String groupsValue = getHeaderValue(headerValuesByNames, SONAR_WEB_SSO_GROUPS_HEADER.getKey()); | |||
userIdentityBuilder.setGroups(groupsValue == null ? Collections.emptySet() : new HashSet<>(COMA_SPLITTER.splitToList(groupsValue))); | |||
} | |||
return userIdentityAuthenticator.authenticate( | |||
UserIdentityAuthenticatorParameters.builder() | |||
return userRegistrar.register( | |||
UserRegistration.builder() | |||
.setUserIdentity(userIdentityBuilder.build()) | |||
.setProvider(new SsoIdentityProvider()) | |||
.setSource(Source.sso()) |
@@ -28,8 +28,8 @@ import org.sonar.api.server.ServerSide; | |||
import org.sonar.api.server.authentication.OAuth2IdentityProvider; | |||
import org.sonar.api.server.authentication.UserIdentity; | |||
import org.sonar.db.user.UserDto; | |||
import org.sonar.server.authentication.UserIdentityAuthenticatorParameters.ExistingEmailStrategy; | |||
import org.sonar.server.authentication.UserIdentityAuthenticatorParameters.UpdateLoginStrategy; | |||
import org.sonar.server.authentication.UserRegistration.ExistingEmailStrategy; | |||
import org.sonar.server.authentication.UserRegistration.UpdateLoginStrategy; | |||
import org.sonar.server.authentication.event.AuthenticationEvent; | |||
import org.sonar.server.user.ThreadLocalUserSession; | |||
import org.sonar.server.user.UserSessionFactory; | |||
@@ -41,17 +41,17 @@ import static org.sonar.server.authentication.OAuth2CallbackFilter.CALLBACK_PATH | |||
public class OAuth2ContextFactory { | |||
private final ThreadLocalUserSession threadLocalUserSession; | |||
private final UserIdentityAuthenticator userIdentityAuthenticator; | |||
private final UserRegistrar userRegistrar; | |||
private final Server server; | |||
private final OAuthCsrfVerifier csrfVerifier; | |||
private final JwtHttpHandler jwtHttpHandler; | |||
private final UserSessionFactory userSessionFactory; | |||
private final OAuth2AuthenticationParameters oAuthParameters; | |||
public OAuth2ContextFactory(ThreadLocalUserSession threadLocalUserSession, UserIdentityAuthenticator userIdentityAuthenticator, Server server, | |||
OAuthCsrfVerifier csrfVerifier, JwtHttpHandler jwtHttpHandler, UserSessionFactory userSessionFactory, OAuth2AuthenticationParameters oAuthParameters) { | |||
public OAuth2ContextFactory(ThreadLocalUserSession threadLocalUserSession, UserRegistrar userRegistrar, Server server, | |||
OAuthCsrfVerifier csrfVerifier, JwtHttpHandler jwtHttpHandler, UserSessionFactory userSessionFactory, OAuth2AuthenticationParameters oAuthParameters) { | |||
this.threadLocalUserSession = threadLocalUserSession; | |||
this.userIdentityAuthenticator = userIdentityAuthenticator; | |||
this.userRegistrar = userRegistrar; | |||
this.server = server; | |||
this.csrfVerifier = csrfVerifier; | |||
this.jwtHttpHandler = jwtHttpHandler; | |||
@@ -133,8 +133,8 @@ public class OAuth2ContextFactory { | |||
public void authenticate(UserIdentity userIdentity) { | |||
Boolean allowEmailShift = oAuthParameters.getAllowEmailShift(request).orElse(false); | |||
Boolean allowUpdateLogin = oAuthParameters.getAllowUpdateLogin(request).orElse(false); | |||
UserDto userDto = userIdentityAuthenticator.authenticate( | |||
UserIdentityAuthenticatorParameters.builder() | |||
UserDto userDto = userRegistrar.register( | |||
UserRegistration.builder() | |||
.setUserIdentity(userIdentity) | |||
.setProvider(identityProvider) | |||
.setSource(AuthenticationEvent.Source.oauth2(identityProvider)) |
@@ -22,8 +22,8 @@ package org.sonar.server.authentication; | |||
import org.sonar.db.user.UserDto; | |||
public interface UserIdentityAuthenticator { | |||
public interface UserRegistrar { | |||
UserDto authenticate(UserIdentityAuthenticatorParameters authenticatorParameters); | |||
UserDto register(UserRegistration registration); | |||
} |
@@ -40,7 +40,7 @@ import org.sonar.db.organization.OrganizationDto; | |||
import org.sonar.db.user.GroupDto; | |||
import org.sonar.db.user.UserDto; | |||
import org.sonar.db.user.UserGroupDto; | |||
import org.sonar.server.authentication.UserIdentityAuthenticatorParameters.ExistingEmailStrategy; | |||
import org.sonar.server.authentication.UserRegistration.ExistingEmailStrategy; | |||
import org.sonar.server.authentication.event.AuthenticationException; | |||
import org.sonar.server.authentication.exception.EmailAlreadyExistsRedirectionException; | |||
import org.sonar.server.authentication.exception.UpdateLoginRedirectionException; | |||
@@ -59,11 +59,11 @@ import static java.lang.String.format; | |||
import static java.util.Collections.singletonList; | |||
import static java.util.Objects.requireNonNull; | |||
import static org.sonar.core.util.stream.MoreCollectors.uniqueIndex; | |||
import static org.sonar.server.authentication.UserIdentityAuthenticatorParameters.UpdateLoginStrategy; | |||
import static org.sonar.server.authentication.UserRegistration.UpdateLoginStrategy; | |||
public class UserIdentityAuthenticatorImpl implements UserIdentityAuthenticator { | |||
public class UserRegistrarImpl implements UserRegistrar { | |||
private static final Logger LOGGER = Loggers.get(UserIdentityAuthenticatorImpl.class); | |||
private static final Logger LOGGER = Loggers.get(UserRegistrarImpl.class); | |||
private final DbClient dbClient; | |||
private final UserUpdater userUpdater; | |||
@@ -72,7 +72,7 @@ public class UserIdentityAuthenticatorImpl implements UserIdentityAuthenticator | |||
private final OrganizationUpdater organizationUpdater; | |||
private final DefaultGroupFinder defaultGroupFinder; | |||
public UserIdentityAuthenticatorImpl(DbClient dbClient, UserUpdater userUpdater, DefaultOrganizationProvider defaultOrganizationProvider, OrganizationFlags organizationFlags, | |||
public UserRegistrarImpl(DbClient dbClient, UserUpdater userUpdater, DefaultOrganizationProvider defaultOrganizationProvider, OrganizationFlags organizationFlags, | |||
OrganizationUpdater organizationUpdater, DefaultGroupFinder defaultGroupFinder) { | |||
this.dbClient = dbClient; | |||
this.userUpdater = userUpdater; | |||
@@ -83,16 +83,16 @@ public class UserIdentityAuthenticatorImpl implements UserIdentityAuthenticator | |||
} | |||
@Override | |||
public UserDto authenticate(UserIdentityAuthenticatorParameters authenticatorParameters) { | |||
public UserDto register(UserRegistration registration) { | |||
try (DbSession dbSession = dbClient.openSession(false)) { | |||
UserDto userDto = getUser(dbSession, authenticatorParameters.getUserIdentity(), authenticatorParameters.getProvider()); | |||
UserDto userDto = getUser(dbSession, registration.getUserIdentity(), registration.getProvider()); | |||
if (userDto == null) { | |||
return registerNewUser(dbSession, null, authenticatorParameters); | |||
return registerNewUser(dbSession, null, registration); | |||
} | |||
if (!userDto.isActive()) { | |||
return registerNewUser(dbSession, userDto, authenticatorParameters); | |||
return registerNewUser(dbSession, userDto, registration); | |||
} | |||
return registerExistingUser(dbSession, userDto, authenticatorParameters); | |||
return registerExistingUser(dbSession, userDto, registration); | |||
} | |||
} | |||
@@ -112,7 +112,7 @@ public class UserIdentityAuthenticatorImpl implements UserIdentityAuthenticator | |||
return dbClient.userDao().selectByLogin(dbSession, login); | |||
} | |||
private UserDto registerNewUser(DbSession dbSession, @Nullable UserDto disabledUser, UserIdentityAuthenticatorParameters authenticatorParameters) { | |||
private UserDto registerNewUser(DbSession dbSession, @Nullable UserDto disabledUser, UserRegistration authenticatorParameters) { | |||
Optional<UserDto> otherUserToIndex = detectEmailUpdate(dbSession, authenticatorParameters); | |||
NewUser newUser = createNewUser(authenticatorParameters); | |||
if (disabledUser == null) { | |||
@@ -121,7 +121,7 @@ public class UserIdentityAuthenticatorImpl implements UserIdentityAuthenticator | |||
return userUpdater.reactivateAndCommit(dbSession, disabledUser, newUser, u -> syncGroups(dbSession, authenticatorParameters.getUserIdentity(), u), toArray(otherUserToIndex)); | |||
} | |||
private UserDto registerExistingUser(DbSession dbSession, UserDto userDto, UserIdentityAuthenticatorParameters authenticatorParameters) { | |||
private UserDto registerExistingUser(DbSession dbSession, UserDto userDto, UserRegistration authenticatorParameters) { | |||
UpdateUser update = new UpdateUser() | |||
.setEmail(authenticatorParameters.getUserIdentity().getEmail()) | |||
.setName(authenticatorParameters.getUserIdentity().getName()) | |||
@@ -139,7 +139,7 @@ public class UserIdentityAuthenticatorImpl implements UserIdentityAuthenticator | |||
return userDto; | |||
} | |||
private Optional<UserDto> detectEmailUpdate(DbSession dbSession, UserIdentityAuthenticatorParameters authenticatorParameters) { | |||
private Optional<UserDto> detectEmailUpdate(DbSession dbSession, UserRegistration authenticatorParameters) { | |||
String email = authenticatorParameters.getUserIdentity().getEmail(); | |||
if (email == null) { | |||
return Optional.empty(); | |||
@@ -174,7 +174,7 @@ public class UserIdentityAuthenticatorImpl implements UserIdentityAuthenticator | |||
} | |||
} | |||
private void detectLoginUpdate(DbSession dbSession, UserDto user, UpdateUser update, UserIdentityAuthenticatorParameters authenticatorParameters) { | |||
private void detectLoginUpdate(DbSession dbSession, UserDto user, UpdateUser update, UserRegistration authenticatorParameters) { | |||
String newLogin = update.login(); | |||
if (!update.isLoginChanged() || user.getLogin().equals(newLogin)) { | |||
return; | |||
@@ -248,7 +248,7 @@ public class UserIdentityAuthenticatorImpl implements UserIdentityAuthenticator | |||
return organizationFlags.isEnabled(dbSession) ? Optional.empty() : Optional.of(defaultGroupFinder.findDefaultGroup(dbSession, defaultOrganizationProvider.get().getUuid())); | |||
} | |||
private static NewUser createNewUser(UserIdentityAuthenticatorParameters authenticatorParameters) { | |||
private static NewUser createNewUser(UserRegistration authenticatorParameters) { | |||
String identityProviderKey = authenticatorParameters.getProvider().getKey(); | |||
if (!authenticatorParameters.getProvider().allowsUsersToSignUp()) { | |||
throw AuthenticationException.newBuilder() | |||
@@ -274,7 +274,7 @@ public class UserIdentityAuthenticatorImpl implements UserIdentityAuthenticator | |||
return userDto.map(u -> new UserDto[] {u}).orElse(new UserDto[] {}); | |||
} | |||
private static AuthenticationException generateExistingEmailError(UserIdentityAuthenticatorParameters authenticatorParameters, String email) { | |||
private static AuthenticationException generateExistingEmailError(UserRegistration authenticatorParameters, String email) { | |||
return AuthenticationException.newBuilder() | |||
.setSource(authenticatorParameters.getSource()) | |||
.setLogin(authenticatorParameters.getUserIdentity().getProviderLogin()) |
@@ -26,7 +26,7 @@ import org.sonar.server.authentication.event.AuthenticationEvent; | |||
import static java.util.Objects.requireNonNull; | |||
class UserIdentityAuthenticatorParameters { | |||
class UserRegistration { | |||
/** | |||
* Strategy to be executed when the email of the user is already used by another user | |||
@@ -67,7 +67,7 @@ class UserIdentityAuthenticatorParameters { | |||
private final ExistingEmailStrategy existingEmailStrategy; | |||
private final UpdateLoginStrategy updateLoginStrategy; | |||
UserIdentityAuthenticatorParameters(Builder builder) { | |||
UserRegistration(Builder builder) { | |||
this.userIdentity = builder.userIdentity; | |||
this.provider = builder.provider; | |||
this.source = builder.source; | |||
@@ -95,7 +95,7 @@ class UserIdentityAuthenticatorParameters { | |||
return updateLoginStrategy; | |||
} | |||
static UserIdentityAuthenticatorParameters.Builder builder() { | |||
static UserRegistration.Builder builder() { | |||
return new Builder(); | |||
} | |||
@@ -137,13 +137,13 @@ class UserIdentityAuthenticatorParameters { | |||
return this; | |||
} | |||
public UserIdentityAuthenticatorParameters build() { | |||
public UserRegistration build() { | |||
requireNonNull(userIdentity, "userIdentity must be set"); | |||
requireNonNull(provider, "identityProvider must be set"); | |||
requireNonNull(source, "Source must be set"); | |||
requireNonNull(existingEmailStrategy, "existingEmailStrategy must be set "); | |||
requireNonNull(updateLoginStrategy, "updateLoginStrategy must be set"); | |||
return new UserIdentityAuthenticatorParameters(this); | |||
return new UserRegistration(this); | |||
} | |||
} | |||
} |
@@ -54,7 +54,7 @@ public class BaseContextFactoryTest { | |||
private ThreadLocalUserSession threadLocalUserSession = mock(ThreadLocalUserSession.class); | |||
private TestUserIdentityAuthenticator userIdentityAuthenticator = new TestUserIdentityAuthenticator(); | |||
private TestUserRegistrar userIdentityAuthenticator = new TestUserRegistrar(); | |||
private Server server = mock(Server.class); | |||
private HttpServletRequest request = mock(HttpServletRequest.class); |
@@ -44,7 +44,7 @@ import static org.mockito.Mockito.verify; | |||
import static org.mockito.Mockito.verifyNoMoreInteractions; | |||
import static org.mockito.Mockito.verifyZeroInteractions; | |||
import static org.mockito.Mockito.when; | |||
import static org.sonar.server.authentication.UserIdentityAuthenticatorParameters.ExistingEmailStrategy.FORBID; | |||
import static org.sonar.server.authentication.UserRegistration.ExistingEmailStrategy.FORBID; | |||
import static org.sonar.server.authentication.event.AuthenticationEvent.Method.BASIC; | |||
import static org.sonar.server.authentication.event.AuthenticationEvent.Method.BASIC_TOKEN; | |||
import static org.sonar.server.authentication.event.AuthenticationExceptionMatcher.authenticationException; | |||
@@ -67,7 +67,7 @@ public class CredentialsExternalAuthenticationTest { | |||
private ExternalUsersProvider externalUsersProvider = mock(ExternalUsersProvider.class); | |||
private ExternalGroupsProvider externalGroupsProvider = mock(ExternalGroupsProvider.class); | |||
private TestUserIdentityAuthenticator userIdentityAuthenticator = new TestUserIdentityAuthenticator(); | |||
private TestUserRegistrar userIdentityAuthenticator = new TestUserRegistrar(); | |||
private AuthenticationEvent authenticationEvent = mock(AuthenticationEvent.class); | |||
private HttpServletRequest request = mock(HttpServletRequest.class); |
@@ -103,7 +103,7 @@ public class HttpHeadersAuthenticationTest { | |||
private CredentialsLocalAuthentication localAuthentication = new CredentialsLocalAuthentication(db.getDbClient()); | |||
private UserIndexer userIndexer = new UserIndexer(db.getDbClient(), es.client()); | |||
private UserIdentityAuthenticatorImpl userIdentityAuthenticator = new UserIdentityAuthenticatorImpl( | |||
private UserRegistrarImpl userIdentityAuthenticator = new UserRegistrarImpl( | |||
db.getDbClient(), | |||
new UserUpdater(mock(NewUserNotifier.class), db.getDbClient(), userIndexer, organizationFlags, defaultOrganizationProvider, organizationUpdater, | |||
new DefaultGroupFinder(db.getDbClient()), settings.asConfig(), localAuthentication), |
@@ -32,8 +32,8 @@ import org.sonar.api.platform.Server; | |||
import org.sonar.api.server.authentication.OAuth2IdentityProvider; | |||
import org.sonar.api.server.authentication.UserIdentity; | |||
import org.sonar.db.user.UserDto; | |||
import org.sonar.server.authentication.UserIdentityAuthenticatorParameters.ExistingEmailStrategy; | |||
import org.sonar.server.authentication.UserIdentityAuthenticatorParameters.UpdateLoginStrategy; | |||
import org.sonar.server.authentication.UserRegistration.ExistingEmailStrategy; | |||
import org.sonar.server.authentication.UserRegistration.UpdateLoginStrategy; | |||
import org.sonar.server.user.TestUserSessionFactory; | |||
import org.sonar.server.user.ThreadLocalUserSession; | |||
import org.sonar.server.user.UserSession; | |||
@@ -62,7 +62,7 @@ public class OAuth2ContextFactoryTest { | |||
public ExpectedException thrown = ExpectedException.none(); | |||
private ThreadLocalUserSession threadLocalUserSession = mock(ThreadLocalUserSession.class); | |||
private TestUserIdentityAuthenticator userIdentityAuthenticator = new TestUserIdentityAuthenticator(); | |||
private TestUserRegistrar userIdentityAuthenticator = new TestUserRegistrar(); | |||
private Server server = mock(Server.class); | |||
private OAuthCsrfVerifier csrfVerifier = mock(OAuthCsrfVerifier.class); | |||
private JwtHttpHandler jwtHttpHandler = mock(JwtHttpHandler.class); |
@@ -23,27 +23,27 @@ package org.sonar.server.authentication; | |||
import org.sonar.db.user.UserDto; | |||
import org.sonar.db.user.UserTesting; | |||
public class TestUserIdentityAuthenticator implements UserIdentityAuthenticator { | |||
public class TestUserRegistrar implements UserRegistrar { | |||
private UserIdentityAuthenticatorParameters authenticatorParameters; | |||
private UserRegistration authenticatorParameters; | |||
@Override | |||
public UserDto authenticate(UserIdentityAuthenticatorParameters authenticatorParameters) { | |||
this.authenticatorParameters = authenticatorParameters; | |||
String providerId = authenticatorParameters.getUserIdentity().getProviderId(); | |||
public UserDto register(UserRegistration registration) { | |||
this.authenticatorParameters = registration; | |||
String providerId = registration.getUserIdentity().getProviderId(); | |||
return UserTesting.newUserDto() | |||
.setLocal(false) | |||
.setLogin(authenticatorParameters.getUserIdentity().getLogin()) | |||
.setExternalLogin(authenticatorParameters.getUserIdentity().getProviderLogin()) | |||
.setExternalId(providerId == null ? authenticatorParameters.getUserIdentity().getProviderLogin() : providerId) | |||
.setExternalIdentityProvider(authenticatorParameters.getProvider().getKey()); | |||
.setLogin(registration.getUserIdentity().getLogin()) | |||
.setExternalLogin(registration.getUserIdentity().getProviderLogin()) | |||
.setExternalId(providerId == null ? registration.getUserIdentity().getProviderLogin() : providerId) | |||
.setExternalIdentityProvider(registration.getProvider().getKey()); | |||
} | |||
boolean isAuthenticated() { | |||
return authenticatorParameters != null; | |||
} | |||
UserIdentityAuthenticatorParameters getAuthenticatorParameters() { | |||
UserRegistration getAuthenticatorParameters() { | |||
return authenticatorParameters; | |||
} | |||
} |
@@ -37,8 +37,8 @@ import org.sonar.db.component.ResourceTypesRule; | |||
import org.sonar.db.organization.OrganizationDto; | |||
import org.sonar.db.user.GroupDto; | |||
import org.sonar.db.user.UserDto; | |||
import org.sonar.server.authentication.UserIdentityAuthenticatorParameters.ExistingEmailStrategy; | |||
import org.sonar.server.authentication.UserIdentityAuthenticatorParameters.UpdateLoginStrategy; | |||
import org.sonar.server.authentication.UserRegistration.ExistingEmailStrategy; | |||
import org.sonar.server.authentication.UserRegistration.UpdateLoginStrategy; | |||
import org.sonar.server.authentication.event.AuthenticationEvent; | |||
import org.sonar.server.authentication.event.AuthenticationEvent.Source; | |||
import org.sonar.server.authentication.exception.EmailAlreadyExistsRedirectionException; | |||
@@ -63,11 +63,11 @@ import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.mockito.Mockito.mock; | |||
import static org.sonar.core.config.CorePropertyDefinitions.ONBOARDING_TUTORIAL_SHOW_TO_NEW_USERS; | |||
import static org.sonar.db.user.UserTesting.newUserDto; | |||
import static org.sonar.server.authentication.UserIdentityAuthenticatorParameters.ExistingEmailStrategy.FORBID; | |||
import static org.sonar.server.authentication.UserRegistration.ExistingEmailStrategy.FORBID; | |||
import static org.sonar.server.authentication.event.AuthenticationEvent.Method.BASIC; | |||
import static org.sonar.server.authentication.event.AuthenticationExceptionMatcher.authenticationException; | |||
public class UserIdentityAuthenticatorImplTest { | |||
public class UserRegistrarImplTest { | |||
private static String USER_LOGIN = "github-johndoo"; | |||
@@ -112,7 +112,7 @@ public class UserIdentityAuthenticatorImplTest { | |||
private ResourceTypes resourceTypes = new ResourceTypesRule().setRootQualifiers(Qualifiers.PROJECT); | |||
private PermissionService permissionService = new PermissionServiceImpl(resourceTypes); | |||
private UserIdentityAuthenticatorImpl underTest = new UserIdentityAuthenticatorImpl(db.getDbClient(), userUpdater, defaultOrganizationProvider, organizationFlags, | |||
private UserRegistrarImpl underTest = new UserRegistrarImpl(db.getDbClient(), userUpdater, defaultOrganizationProvider, organizationFlags, | |||
new OrganizationUpdaterImpl(db.getDbClient(), mock(System2.class), UuidFactoryFast.getInstance(), | |||
new OrganizationValidationImpl(), settings.asConfig(), null, null, null, permissionService), | |||
new DefaultGroupFinder(db.getDbClient())); | |||
@@ -121,7 +121,7 @@ public class UserIdentityAuthenticatorImplTest { | |||
public void authenticate_new_user() { | |||
organizationFlags.setEnabled(true); | |||
underTest.authenticate(UserIdentityAuthenticatorParameters.builder() | |||
underTest.register(UserRegistration.builder() | |||
.setUserIdentity(USER_IDENTITY) | |||
.setProvider(IDENTITY_PROVIDER) | |||
.setSource(Source.realm(BASIC, IDENTITY_PROVIDER.getName())) | |||
@@ -145,7 +145,7 @@ public class UserIdentityAuthenticatorImplTest { | |||
public void authenticate_new_user_generate_login_when_no_login_provided() { | |||
organizationFlags.setEnabled(true); | |||
underTest.authenticate(UserIdentityAuthenticatorParameters.builder() | |||
underTest.register(UserRegistration.builder() | |||
.setUserIdentity(UserIdentity.builder() | |||
.setProviderId("ABCD") | |||
.setProviderLogin("johndoo") | |||
@@ -213,7 +213,7 @@ public class UserIdentityAuthenticatorImplTest { | |||
organizationFlags.setEnabled(true); | |||
settings.setProperty(ONBOARDING_TUTORIAL_SHOW_TO_NEW_USERS, true); | |||
underTest.authenticate(UserIdentityAuthenticatorParameters.builder() | |||
underTest.register(UserRegistration.builder() | |||
.setUserIdentity(USER_IDENTITY) | |||
.setProvider(IDENTITY_PROVIDER) | |||
.setSource(Source.local(BASIC)) | |||
@@ -229,7 +229,7 @@ public class UserIdentityAuthenticatorImplTest { | |||
organizationFlags.setEnabled(true); | |||
settings.setProperty(ONBOARDING_TUTORIAL_SHOW_TO_NEW_USERS, false); | |||
underTest.authenticate(UserIdentityAuthenticatorParameters.builder() | |||
underTest.register(UserRegistration.builder() | |||
.setUserIdentity(USER_IDENTITY) | |||
.setProvider(IDENTITY_PROVIDER) | |||
.setSource(Source.local(BASIC)) | |||
@@ -250,7 +250,7 @@ public class UserIdentityAuthenticatorImplTest { | |||
.setName("JOhn") | |||
.build(); | |||
underTest.authenticate(UserIdentityAuthenticatorParameters.builder() | |||
underTest.register(UserRegistration.builder() | |||
.setUserIdentity(newUser) | |||
.setProvider(IDENTITY_PROVIDER) | |||
.setSource(Source.local(BASIC)) | |||
@@ -274,7 +274,7 @@ public class UserIdentityAuthenticatorImplTest { | |||
.setEmail(existingUser.getEmail()) | |||
.build(); | |||
underTest.authenticate(UserIdentityAuthenticatorParameters.builder() | |||
underTest.register(UserRegistration.builder() | |||
.setUserIdentity(newUser) | |||
.setProvider(IDENTITY_PROVIDER) | |||
.setSource(Source.local(BASIC)) | |||
@@ -301,7 +301,7 @@ public class UserIdentityAuthenticatorImplTest { | |||
expectedException.expect(EmailAlreadyExistsRedirectionException.class); | |||
underTest.authenticate(UserIdentityAuthenticatorParameters.builder() | |||
underTest.register(UserRegistration.builder() | |||
.setUserIdentity(newUser) | |||
.setProvider(IDENTITY_PROVIDER) | |||
.setSource(Source.local(BASIC)) | |||
@@ -321,7 +321,7 @@ public class UserIdentityAuthenticatorImplTest { | |||
"This means that you probably already registered with another account.")); | |||
expectedException.expectMessage("Email 'john@email.com' is already used"); | |||
underTest.authenticate(UserIdentityAuthenticatorParameters.builder() | |||
underTest.register(UserRegistration.builder() | |||
.setUserIdentity(USER_IDENTITY) | |||
.setProvider(IDENTITY_PROVIDER) | |||
.setSource(source) | |||
@@ -343,7 +343,7 @@ public class UserIdentityAuthenticatorImplTest { | |||
"This means that you probably already registered with another account.")); | |||
expectedException.expectMessage("Email 'john@email.com' is already used"); | |||
underTest.authenticate(UserIdentityAuthenticatorParameters.builder() | |||
underTest.register(UserRegistration.builder() | |||
.setUserIdentity(USER_IDENTITY) | |||
.setProvider(IDENTITY_PROVIDER) | |||
.setSource(source) | |||
@@ -365,7 +365,7 @@ public class UserIdentityAuthenticatorImplTest { | |||
expectedException.expect(authenticationException().from(source).withLogin(USER_IDENTITY.getProviderLogin()).andPublicMessage("'github' users are not allowed to sign up")); | |||
expectedException.expectMessage("User signup disabled for provider 'github'"); | |||
underTest.authenticate(UserIdentityAuthenticatorParameters.builder() | |||
underTest.register(UserRegistration.builder() | |||
.setUserIdentity(USER_IDENTITY) | |||
.setProvider(identityProvider) | |||
.setSource(source) | |||
@@ -384,7 +384,7 @@ public class UserIdentityAuthenticatorImplTest { | |||
.setExternalLogin("old identity") | |||
.setExternalIdentityProvider("old provide")); | |||
underTest.authenticate(UserIdentityAuthenticatorParameters.builder() | |||
underTest.register(UserRegistration.builder() | |||
.setUserIdentity(USER_IDENTITY) | |||
.setProvider(IDENTITY_PROVIDER) | |||
.setSource(Source.local(BASIC)) | |||
@@ -407,7 +407,7 @@ public class UserIdentityAuthenticatorImplTest { | |||
.setExternalLogin("old identity") | |||
.setExternalIdentityProvider(IDENTITY_PROVIDER.getKey())); | |||
underTest.authenticate(UserIdentityAuthenticatorParameters.builder() | |||
underTest.register(UserRegistration.builder() | |||
.setUserIdentity(USER_IDENTITY) | |||
.setProvider(IDENTITY_PROVIDER) | |||
.setSource(Source.local(BASIC)) | |||
@@ -432,7 +432,7 @@ public class UserIdentityAuthenticatorImplTest { | |||
.setExternalLogin("old identity") | |||
.setExternalIdentityProvider(IDENTITY_PROVIDER.getKey())); | |||
underTest.authenticate(UserIdentityAuthenticatorParameters.builder() | |||
underTest.register(UserRegistration.builder() | |||
.setUserIdentity(USER_IDENTITY) | |||
.setProvider(IDENTITY_PROVIDER) | |||
.setSource(Source.local(BASIC)) | |||
@@ -459,7 +459,7 @@ public class UserIdentityAuthenticatorImplTest { | |||
.setExternalLogin(USER_IDENTITY.getProviderLogin()) | |||
.setExternalIdentityProvider("old identity provider")); | |||
underTest.authenticate(UserIdentityAuthenticatorParameters.builder() | |||
underTest.register(UserRegistration.builder() | |||
.setUserIdentity(USER_IDENTITY) | |||
.setProvider(IDENTITY_PROVIDER) | |||
.setSource(Source.local(BASIC)) | |||
@@ -485,7 +485,7 @@ public class UserIdentityAuthenticatorImplTest { | |||
.setExternalLogin("old identity") | |||
.setExternalIdentityProvider(IDENTITY_PROVIDER.getKey())); | |||
underTest.authenticate(UserIdentityAuthenticatorParameters.builder() | |||
underTest.register(UserRegistration.builder() | |||
.setUserIdentity(UserIdentity.builder() | |||
.setProviderId(null) | |||
.setProviderLogin("johndoo") | |||
@@ -509,7 +509,7 @@ public class UserIdentityAuthenticatorImplTest { | |||
public void authenticate_existing_user_when_login_is_not_provided() { | |||
UserDto user = db.users().insertUser(u -> u.setExternalIdentityProvider(IDENTITY_PROVIDER.getKey())); | |||
underTest.authenticate(UserIdentityAuthenticatorParameters.builder() | |||
underTest.register(UserRegistration.builder() | |||
.setUserIdentity(UserIdentity.builder() | |||
.setProviderId(user.getExternalId()) | |||
.setProviderLogin(user.getExternalLogin()) | |||
@@ -539,7 +539,7 @@ public class UserIdentityAuthenticatorImplTest { | |||
.setExternalLogin("old identity") | |||
.setExternalIdentityProvider(IDENTITY_PROVIDER.getKey())); | |||
underTest.authenticate(UserIdentityAuthenticatorParameters.builder() | |||
underTest.register(UserRegistration.builder() | |||
.setUserIdentity(USER_IDENTITY) | |||
.setProvider(IDENTITY_PROVIDER) | |||
.setSource(Source.local(BASIC)) | |||
@@ -562,7 +562,7 @@ public class UserIdentityAuthenticatorImplTest { | |||
.setExternalIdentityProvider(IDENTITY_PROVIDER.getKey()) | |||
.setOrganizationUuid(null)); | |||
underTest.authenticate(UserIdentityAuthenticatorParameters.builder() | |||
underTest.register(UserRegistration.builder() | |||
.setUserIdentity(USER_IDENTITY) | |||
.setProvider(IDENTITY_PROVIDER) | |||
.setSource(Source.local(BASIC)) | |||
@@ -588,7 +588,7 @@ public class UserIdentityAuthenticatorImplTest { | |||
expectedException.expect(UpdateLoginRedirectionException.class); | |||
underTest.authenticate(UserIdentityAuthenticatorParameters.builder() | |||
underTest.register(UserRegistration.builder() | |||
.setUserIdentity(USER_IDENTITY) | |||
.setProvider(IDENTITY_PROVIDER) | |||
.setSource(Source.local(BASIC)) | |||
@@ -608,7 +608,7 @@ public class UserIdentityAuthenticatorImplTest { | |||
.setExternalIdentityProvider(IDENTITY_PROVIDER.getKey()) | |||
.setOrganizationUuid(personalOrganization.getUuid())); | |||
underTest.authenticate(UserIdentityAuthenticatorParameters.builder() | |||
underTest.register(UserRegistration.builder() | |||
.setUserIdentity(USER_IDENTITY) | |||
.setProvider(IDENTITY_PROVIDER) | |||
.setSource(Source.local(BASIC)) | |||
@@ -636,7 +636,7 @@ public class UserIdentityAuthenticatorImplTest { | |||
expectedException.expect(IllegalStateException.class); | |||
expectedException.expectMessage("Cannot find personal organization uuid 'unknown' for user 'Old login'"); | |||
underTest.authenticate(UserIdentityAuthenticatorParameters.builder() | |||
underTest.register(UserRegistration.builder() | |||
.setUserIdentity(USER_IDENTITY) | |||
.setProvider(IDENTITY_PROVIDER) | |||
.setSource(Source.local(BASIC)) | |||
@@ -657,7 +657,7 @@ public class UserIdentityAuthenticatorImplTest { | |||
.setExternalLogin("old identity") | |||
.setExternalIdentityProvider("old provide")); | |||
underTest.authenticate(UserIdentityAuthenticatorParameters.builder() | |||
underTest.register(UserRegistration.builder() | |||
.setUserIdentity(USER_IDENTITY) | |||
.setProvider(IDENTITY_PROVIDER) | |||
.setSource(Source.local(BASIC)) | |||
@@ -687,7 +687,7 @@ public class UserIdentityAuthenticatorImplTest { | |||
.setEmail("john@email.com") | |||
.build(); | |||
underTest.authenticate(UserIdentityAuthenticatorParameters.builder() | |||
underTest.register(UserRegistration.builder() | |||
.setUserIdentity(userIdentity) | |||
.setProvider(IDENTITY_PROVIDER) | |||
.setSource(Source.local(BASIC)) | |||
@@ -715,7 +715,7 @@ public class UserIdentityAuthenticatorImplTest { | |||
expectedException.expect(EmailAlreadyExistsRedirectionException.class); | |||
underTest.authenticate(UserIdentityAuthenticatorParameters.builder() | |||
underTest.register(UserRegistration.builder() | |||
.setUserIdentity(userIdentity) | |||
.setProvider(IDENTITY_PROVIDER) | |||
.setSource(Source.local(BASIC)) | |||
@@ -742,7 +742,7 @@ public class UserIdentityAuthenticatorImplTest { | |||
"This means that you probably already registered with another account.")); | |||
expectedException.expectMessage("Email 'john@email.com' is already used"); | |||
underTest.authenticate(UserIdentityAuthenticatorParameters.builder() | |||
underTest.register(UserRegistration.builder() | |||
.setUserIdentity(userIdentity) | |||
.setProvider(IDENTITY_PROVIDER) | |||
.setSource(Source.realm(AuthenticationEvent.Method.FORM, IDENTITY_PROVIDER.getName())) | |||
@@ -764,7 +764,7 @@ public class UserIdentityAuthenticatorImplTest { | |||
.setEmail("john@email.com") | |||
.build(); | |||
underTest.authenticate(UserIdentityAuthenticatorParameters.builder() | |||
underTest.register(UserRegistration.builder() | |||
.setUserIdentity(userIdentity) | |||
.setProvider(IDENTITY_PROVIDER) | |||
.setSource(Source.local(BASIC)) | |||
@@ -851,7 +851,7 @@ public class UserIdentityAuthenticatorImplTest { | |||
GroupDto groupInOrg = db.users().insertGroup(org, groupName); | |||
// adding a group with the same name than in non-default organization | |||
underTest.authenticate(UserIdentityAuthenticatorParameters.builder() | |||
underTest.register(UserRegistration.builder() | |||
.setUserIdentity(UserIdentity.builder() | |||
.setProviderLogin("johndoo") | |||
.setLogin(user.getLogin()) | |||
@@ -868,7 +868,7 @@ public class UserIdentityAuthenticatorImplTest { | |||
} | |||
private void authenticate(String login, String... groups) { | |||
underTest.authenticate(UserIdentityAuthenticatorParameters.builder() | |||
underTest.register(UserRegistration.builder() | |||
.setUserIdentity(UserIdentity.builder() | |||
.setProviderLogin("johndoo") | |||
.setLogin(login) |