diff options
| author | Matteo Mara <matteo.mara@sonarsource.com> | 2022-10-05 15:55:52 +0200 |
|---|---|---|
| committer | sonartech <sonartech@sonarsource.com> | 2022-10-10 20:03:09 +0000 |
| commit | f09de6aa56a805127e9f3c169b9fab7d50cd48fc (patch) | |
| tree | a29c418db4c24bb4c843b4f658d52339ab4ecdda /server/sonar-auth-saml/src | |
| parent | c67a5758a704837dce2f403db1e64ce704079e3c (diff) | |
| download | sonarqube-f09de6aa56a805127e9f3c169b9fab7d50cd48fc.tar.gz sonarqube-f09de6aa56a805127e9f3c169b9fab7d50cd48fc.zip | |
SONAR-17296 improved handling of SAML Authentication errors preventing the handshake to start.
Diffstat (limited to 'server/sonar-auth-saml/src')
4 files changed, 65 insertions, 2 deletions
diff --git a/server/sonar-auth-saml/src/main/java/org/sonar/auth/saml/SamlAuthenticator.java b/server/sonar-auth-saml/src/main/java/org/sonar/auth/saml/SamlAuthenticator.java index 584d95950e9..dba3c5b170f 100644 --- a/server/sonar-auth-saml/src/main/java/org/sonar/auth/saml/SamlAuthenticator.java +++ b/server/sonar-auth-saml/src/main/java/org/sonar/auth/saml/SamlAuthenticator.java @@ -209,8 +209,12 @@ public class SamlAuthenticator { } public String getAuthenticationStatusPage(HttpServletRequest request, HttpServletResponse response) { - Auth auth = this.initSamlAuth(request, response); - return getSamlAuthStatusHtml(getSamlAuthenticationStatus(auth, samlSettings)); + try { + Auth auth = this.initSamlAuth(request, response); + return getSamlAuthStatusHtml(getSamlAuthenticationStatus(auth, samlSettings)); + } catch (IllegalStateException e) { + return getSamlAuthStatusHtml(getSamlAuthenticationStatus(String.format("%s due to: %s", e.getMessage(), e.getCause().getMessage()))); + } } } diff --git a/server/sonar-auth-saml/src/main/java/org/sonar/auth/saml/SamlStatusChecker.java b/server/sonar-auth-saml/src/main/java/org/sonar/auth/saml/SamlStatusChecker.java index 337f061a299..d47394582e5 100644 --- a/server/sonar-auth-saml/src/main/java/org/sonar/auth/saml/SamlStatusChecker.java +++ b/server/sonar-auth-saml/src/main/java/org/sonar/auth/saml/SamlStatusChecker.java @@ -67,6 +67,14 @@ public final class SamlStatusChecker { } + public static SamlAuthenticationStatus getSamlAuthenticationStatus(String errorMessage) { + SamlAuthenticationStatus samlAuthenticationStatus = new SamlAuthenticationStatus(); + samlAuthenticationStatus.getErrors().add(errorMessage); + samlAuthenticationStatus.setStatus("error"); + + return samlAuthenticationStatus; + } + private static Map<String, Collection<String>> getAttributesMapping(Auth auth, SamlSettings samlSettings) { Map<String, Collection<String>> attributesMapping = new HashMap<>(); diff --git a/server/sonar-auth-saml/src/test/java/org/sonar/auth/saml/SamlAuthenticatorTest.java b/server/sonar-auth-saml/src/test/java/org/sonar/auth/saml/SamlAuthenticatorTest.java new file mode 100644 index 00000000000..84ca8b0f333 --- /dev/null +++ b/server/sonar-auth-saml/src/test/java/org/sonar/auth/saml/SamlAuthenticatorTest.java @@ -0,0 +1,41 @@ +/* + * SonarQube + * Copyright (C) 2009-2022 SonarSource SA + * mailto:info AT sonarsource DOT com + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 3 of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this program; if not, write to the Free Software Foundation, + * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + */ +package org.sonar.auth.saml; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import org.junit.Test; + +import static org.junit.Assert.*; +import static org.mockito.Mockito.mock; + +public class SamlAuthenticatorTest { + + @Test + public void authentication_status_with_errors_returned_when_init_fails() { + SamlAuthenticator samlAuthenticator = new SamlAuthenticator(mock(SamlSettings.class), mock(SamlMessageIdChecker.class)); + HttpServletRequest request = mock(HttpServletRequest.class); + HttpServletResponse response = mock(HttpServletResponse.class); + + String authenticationStatus = samlAuthenticator.getAuthenticationStatusPage(request, response); + + assertFalse(authenticationStatus.isEmpty()); + } +} diff --git a/server/sonar-auth-saml/src/test/java/org/sonar/auth/saml/SamlStatusCheckerTest.java b/server/sonar-auth-saml/src/test/java/org/sonar/auth/saml/SamlStatusCheckerTest.java index f76529d3095..fd286fbae4d 100644 --- a/server/sonar-auth-saml/src/test/java/org/sonar/auth/saml/SamlStatusCheckerTest.java +++ b/server/sonar-auth-saml/src/test/java/org/sonar/auth/saml/SamlStatusCheckerTest.java @@ -65,6 +65,16 @@ public class SamlStatusCheckerTest { } @Test + public void authentication_status_has_errors_when_no_idp_certificate_is_provided() { + + samlAuthenticationStatus = getSamlAuthenticationStatus("error message"); + + assertEquals("error", samlAuthenticationStatus.getStatus()); + assertFalse(samlAuthenticationStatus.getErrors().isEmpty()); + assertEquals("error message", samlAuthenticationStatus.getErrors().get(0)); + } + + @Test public void authentication_status_is_success_when_no_errors() { setSettings(); |