mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 237 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
36371 Commits
59 Branches
Tree: ce849ff5f2
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'ce849ff5f2'
${ noResults }
sonarqube/sonar-scanner-engine/src/test/java/org/sonar/scanner/http/DefaultScannerWsClientTest....

DefaultScannerWsClientTest.java 10KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240 
  1. /*

  2.  * SonarQube

  3.  * Copyright (C) 2009-2024 SonarSource SA

  4.  * mailto:info AT sonarsource DOT com

  5.  *

  6.  * This program is free software; you can redistribute it and/or

  7.  * modify it under the terms of the GNU Lesser General Public

  8.  * License as published by the Free Software Foundation; either

  9.  * version 3 of the License, or (at your option) any later version.

  10.  *

  11.  * This program is distributed in the hope that it will be useful,

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  14.  * Lesser General Public License for more details.

  15.  *

  16.  * You should have received a copy of the GNU Lesser General Public License

  17.  * along with this program; if not, write to the Free Software Foundation,

  18.  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19.  */

  20. package org.sonar.scanner.http;

  21. 

  22. import java.time.LocalDateTime;

  23. import java.time.ZoneOffset;

  24. import java.time.format.DateTimeFormatter;

  25. import java.util.Collections;

  26. import java.util.List;

  27. import org.apache.commons.lang3.StringUtils;

  28. import org.junit.Rule;

  29. import org.junit.Test;

  30. import org.mockito.Mockito;

  31. import org.slf4j.event.Level;

  32. import org.sonar.api.notifications.AnalysisWarnings;

  33. import org.sonar.api.testfixtures.log.LogTester;

  34. import org.sonar.api.utils.MessageException;

  35. import org.sonar.api.utils.log.LoggerLevel;

  36. import org.sonar.scanner.bootstrap.GlobalAnalysisMode;

  37. import org.sonar.scanner.bootstrap.ScannerProperties;

  38. import org.sonarqube.ws.client.GetRequest;

  39. import org.sonarqube.ws.client.HttpException;

  40. import org.sonarqube.ws.client.MockWsResponse;

  41. import org.sonarqube.ws.client.WsClient;

  42. import org.sonarqube.ws.client.WsRequest;

  43. import org.sonarqube.ws.client.WsResponse;

  44. 

  45. import static org.assertj.core.api.Assertions.assertThat;

  46. import static org.assertj.core.api.Assertions.assertThatThrownBy;

  47. import static org.mockito.Mockito.mock;

  48. import static org.mockito.Mockito.when;

  49. import static org.sonar.api.utils.DateUtils.DATETIME_FORMAT;

  50. 

  51. public class DefaultScannerWsClientTest {

  52. 

  53.   @Rule

  54.   public LogTester logTester = new LogTester();

  55. 

  56.   private final WsClient wsClient = mock(WsClient.class, Mockito.RETURNS_DEEP_STUBS);

  57. 

  58.   private final AnalysisWarnings analysisWarnings = mock(AnalysisWarnings.class);

  59. 

  60.   @Test

  61.   public void call_whenDebugLevel_shouldLogAndProfileRequest() {

  62.     WsRequest request = newRequest();

  63.     WsResponse response = newResponse().setRequestUrl("https://local/api/issues/search");

  64.     when(wsClient.wsConnector().call(request)).thenReturn(response);

  65. 

  66.     logTester.setLevel(LoggerLevel.DEBUG);

  67.     DefaultScannerWsClient underTest = new DefaultScannerWsClient(wsClient, false, new GlobalAnalysisMode(new ScannerProperties(Collections.emptyMap())), analysisWarnings);

  68. 

  69.     WsResponse result = underTest.call(request);

  70. 

  71.     // do not fail the execution -> interceptor returns the response

  72.     assertThat(result).isSameAs(response);

  73. 

  74.     // check logs

  75.     List<String> debugLogs = logTester.logs(Level.DEBUG);

  76.     assertThat(debugLogs).hasSize(1);

  77.     assertThat(debugLogs.get(0)).contains("GET 200 https://local/api/issues/search | time=");

  78.   }

  79. 

  80.   @Test

  81.   public void createErrorMessage_whenJsonError_shouldCreateErrorMsg() {

  82.     String content = "{\"errors\":[{\"msg\":\"missing scan permission\"}, {\"msg\":\"missing another permission\"}]}";

  83.     assertThat(DefaultScannerWsClient.createErrorMessage(new HttpException("url", 400, content))).isEqualTo("missing scan permission, missing another permission");

  84.   }

  85. 

  86.   @Test

  87.   public void createErrorMessage_whenHtml_shouldCreateErrorMsg() {

  88.     String content = "<!DOCTYPE html><html>something</html>";

  89.     assertThat(DefaultScannerWsClient.createErrorMessage(new HttpException("url", 400, content))).isEqualTo("HTTP code 400");

  90.   }

  91. 

  92.   @Test

  93.   public void createErrorMessage_whenLongContent_shouldCreateErrorMsg() {

  94.     String content = StringUtils.repeat("mystring", 1000);

  95.     assertThat(DefaultScannerWsClient.createErrorMessage(new HttpException("url", 400, content))).hasSize(15 + 128);

  96.   }

  97. 

  98.   @Test

  99.   public void call_whenUnauthorizedAndDebugEnabled_shouldLogResponseDetails() {

  100.     WsRequest request = newRequest();

  101.     WsResponse response = newResponse()

  102.       .setContent("Missing credentials")

  103.       .setHeader("Authorization: ", "Bearer ImNotAValidToken")

  104.       .setCode(403);

  105. 

  106.     logTester.setLevel(LoggerLevel.DEBUG);

  107. 

  108.     when(wsClient.wsConnector().call(request)).thenReturn(response);

  109. 

  110.     DefaultScannerWsClient client = new DefaultScannerWsClient(wsClient, false,

  111.       new GlobalAnalysisMode(new ScannerProperties(Collections.emptyMap())), analysisWarnings);

  112.     assertThatThrownBy(() -> client.call(request))

  113.       .isInstanceOf(MessageException.class)

  114.       .hasMessage(

  115.         "You're not authorized to analyze this project or the project doesn't exist on SonarQube and you're not authorized to create it. Please contact an administrator.");

  116. 

  117.     List<String> debugLogs = logTester.logs(Level.DEBUG);

  118.     assertThat(debugLogs).hasSize(2);

  119.     assertThat(debugLogs.get(1)).contains("Error response content: Missing credentials, headers: {Authorization: =[Bearer ImNotAValidToken]}");

  120.   }

  121. 

  122.   @Test

  123.   public void call_whenUnauthenticatedAndDebugEnabled_shouldLogResponseDetails() {

  124.     WsRequest request = newRequest();

  125.     WsResponse response = newResponse()

  126.       .setContent("Missing authentication")

  127.       .setHeader("X-Test-Header: ", "ImATestHeader")

  128.       .setCode(401);

  129. 

  130.     logTester.setLevel(LoggerLevel.DEBUG);

  131. 

  132.     when(wsClient.wsConnector().call(request)).thenReturn(response);

  133. 

  134.     DefaultScannerWsClient client = new DefaultScannerWsClient(wsClient, false,

  135.       new GlobalAnalysisMode(new ScannerProperties(Collections.emptyMap())), analysisWarnings);

  136.     assertThatThrownBy(() -> client.call(request))

  137.       .isInstanceOf(MessageException.class)

  138.       .hasMessage("Not authorized. Analyzing this project requires authentication. Please check the user token in the property 'sonar.token' " +

  139.         "or the credentials in the properties 'sonar.login' and 'sonar.password'.");

  140. 

  141.     List<String> debugLogs = logTester.logs(Level.DEBUG);

  142.     assertThat(debugLogs).hasSize(2);

  143.     assertThat(debugLogs.get(1)).contains("Error response content: Missing authentication, headers: {X-Test-Header: =[ImATestHeader]}");

  144.   }

  145. 

  146.   @Test

  147.   public void call_whenMissingCredentials_shouldFailWithMsg() {

  148.     WsRequest request = newRequest();

  149.     WsResponse response = newResponse()

  150.       .setContent("Missing authentication")

  151.       .setCode(401);

  152.     when(wsClient.wsConnector().call(request)).thenReturn(response);

  153. 

  154.     DefaultScannerWsClient client = new DefaultScannerWsClient(wsClient, false,

  155.       new GlobalAnalysisMode(new ScannerProperties(Collections.emptyMap())), analysisWarnings);

  156.     assertThatThrownBy(() -> client.call(request))

  157.       .isInstanceOf(MessageException.class)

  158.       .hasMessage("Not authorized. Analyzing this project requires authentication. Please check the user token in the property 'sonar.token' " +

  159.         "or the credentials in the properties 'sonar.login' and 'sonar.password'.");

  160.   }

  161. 

  162.   @Test

  163.   public void call_whenInvalidCredentials_shouldFailWithMsg() {

  164.     WsRequest request = newRequest();

  165.     WsResponse response = newResponse()

  166.       .setContent("Invalid credentials")

  167.       .setCode(401);

  168.     when(wsClient.wsConnector().call(request)).thenReturn(response);

  169. 

  170.     DefaultScannerWsClient client = new DefaultScannerWsClient(wsClient, /* credentials are configured */true,

  171.       new GlobalAnalysisMode(new ScannerProperties(Collections.emptyMap())), analysisWarnings);

  172.     assertThatThrownBy(() -> client.call(request))

  173.       .isInstanceOf(MessageException.class)

  174.       .hasMessage("Not authorized. Please check the user token in the property 'sonar.token' or the credentials in the properties 'sonar.login' and 'sonar.password'.");

  175.   }

  176. 

  177.   @Test

  178.   public void call_whenMissingPermissions_shouldFailWithMsg() {

  179.     WsRequest request = newRequest();

  180.     WsResponse response = newResponse()

  181.       .setContent("Unauthorized")

  182.       .setCode(403);

  183.     when(wsClient.wsConnector().call(request)).thenReturn(response);

  184. 

  185.     DefaultScannerWsClient client = new DefaultScannerWsClient(wsClient, true,

  186.       new GlobalAnalysisMode(new ScannerProperties(Collections.emptyMap())), analysisWarnings);

  187.     assertThatThrownBy(() -> client.call(request))

  188.       .isInstanceOf(MessageException.class)

  189.       .hasMessage(

  190.         "You're not authorized to analyze this project or the project doesn't exist on SonarQube and you're not authorized to create it. Please contact an administrator.");

  191.   }

  192. 

  193.   @Test

  194.   public void call_whenTokenExpirationApproaches_shouldLogWarnings() {

  195.     WsRequest request = newRequest();

  196.     var fiveDaysLatter = LocalDateTime.now().atZone(ZoneOffset.UTC).plusDays(5);

  197.     String expirationDate = DateTimeFormatter

  198.       .ofPattern(DATETIME_FORMAT)

  199.       .format(fiveDaysLatter);

  200.     WsResponse response = newResponse()

  201.       .setCode(200)

  202.       .setExpirationDate(expirationDate);

  203.     when(wsClient.wsConnector().call(request)).thenReturn(response);

  204. 

  205.     logTester.setLevel(LoggerLevel.DEBUG);

  206.     DefaultScannerWsClient underTest = new DefaultScannerWsClient(wsClient, false, new GlobalAnalysisMode(new ScannerProperties(Collections.emptyMap())), analysisWarnings);

  207.     underTest.call(request);

  208.     // the second call should not add the same warning twice

  209.     underTest.call(request);

  210. 

  211.     // check logs

  212.     List<String> warningLogs = logTester.logs(Level.WARN);

  213.     assertThat(warningLogs).hasSize(2);

  214.     assertThat(warningLogs.get(0)).contains("The token used for this analysis will expire on: " + fiveDaysLatter.format(DateTimeFormatter.ofPattern("MMMM dd, yyyy")));

  215.     assertThat(warningLogs.get(1)).contains("Analysis executed with this token will fail after the expiration date.");

  216.   }

  217. 

  218.   @Test

  219.   public void call_whenBadRequest_shouldFailWithMessage() {

  220.     WsRequest request = newRequest();

  221.     WsResponse response = newResponse()

  222.       .setCode(400)

  223.       .setContent("{\"errors\":[{\"msg\":\"Boo! bad request! bad!\"}]}");

  224.     when(wsClient.wsConnector().call(request)).thenReturn(response);

  225. 

  226.     DefaultScannerWsClient client = new DefaultScannerWsClient(wsClient, true,

  227.       new GlobalAnalysisMode(new ScannerProperties(Collections.emptyMap())), analysisWarnings);

  228.     assertThatThrownBy(() -> client.call(request))

  229.       .isInstanceOf(MessageException.class)

  230.       .hasMessage("Boo! bad request! bad!");

  231.   }

  232. 

  233.   private MockWsResponse newResponse() {

  234.     return new MockWsResponse().setRequestUrl("https://local/api/issues/search");

  235.   }

  236. 

  237.   private WsRequest newRequest() {

  238.     return new GetRequest("api/issues/search");

  239.   }

  240. }