SONAR-9740 refactor UserSessionInitializer

author: Simon Brandhof <simon.brandhof@sonarsource.com> 2017-09-12 17:05:57 +0200
committer: Sébastien Lesaint <sebastien.lesaint@sonarsource.com> 2017-09-13 15:50:55 +0200
commit: 1d5992601787c395f23bc82d658fe15adbe9a146 (patch)
tree: 55c05a61c98e46eb3166b82c9fe1f0580eac847b /server
parent: 46cea1eed83a0abe5b1fd7f50efb6f3b367ed43b (diff)
download: sonarqube-1d5992601787c395f23bc82d658fe15adbe9a146.tar.gz
sonarqube-1d5992601787c395f23bc82d658fe15adbe9a146.zip
8 files changed, 213 insertions, 123 deletions
diff --git a/server/sonar-server/src/main/java/org/sonar/server/authentication/AuthenticationModule.java b/server/sonar-server/src/main/java/org/sonar/server/authentication/AuthenticationModule.java
index ec0a6e9ab38..e905fe87ed4 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/authentication/AuthenticationModule.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/authentication/AuthenticationModule.java
@@ -49,6 +49,7 @@ public class AuthenticationModule extends Module {
       RealmAuthenticator.class,
       BasicAuthenticator.class,
       ValidateAction.class,
-      SsoAuthenticator.class);
+      SsoAuthenticator.class,
+      AuthenticatorsImpl.class);
   }
 }
diff --git a/server/sonar-server/src/main/java/org/sonar/server/authentication/Authenticators.java b/server/sonar-server/src/main/java/org/sonar/server/authentication/Authenticators.java
new file mode 100644
index 00000000000..150568a605d
--- /dev/null
+++ b/server/sonar-server/src/main/java/org/sonar/server/authentication/Authenticators.java
@@ -0,0 +1,31 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2017 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+package org.sonar.server.authentication;
+
+import java.util.Optional;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import org.sonar.db.user.UserDto;
+
+public interface Authenticators {
+
+  Optional<UserDto> authenticate(HttpServletRequest request, HttpServletResponse response);
+
+}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/authentication/AuthenticatorsImpl.java b/server/sonar-server/src/main/java/org/sonar/server/authentication/AuthenticatorsImpl.java
new file mode 100644
index 00000000000..d338d182797
--- /dev/null
+++ b/server/sonar-server/src/main/java/org/sonar/server/authentication/AuthenticatorsImpl.java
@@ -0,0 +1,53 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2017 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+package org.sonar.server.authentication;
+
+import java.util.Optional;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import org.sonar.db.user.UserDto;
+
+public class AuthenticatorsImpl implements Authenticators {
+
+  private final JwtHttpHandler jwtHttpHandler;
+  private final BasicAuthenticator basicAuthenticator;
+  private final SsoAuthenticator ssoAuthenticator;
+
+  public AuthenticatorsImpl(JwtHttpHandler jwtHttpHandler, BasicAuthenticator basicAuthenticator, SsoAuthenticator ssoAuthenticator) {
+    this.jwtHttpHandler = jwtHttpHandler;
+    this.basicAuthenticator = basicAuthenticator;
+    this.ssoAuthenticator = ssoAuthenticator;
+  }
+
+  // Try first to authenticate from SSO, then JWT token, then try from basic http header
+  @Override
+  public Optional<UserDto> authenticate(HttpServletRequest request, HttpServletResponse response) {
+    // SSO authentication should come first in order to update JWT if user from header is not the same is user from JWT
+    Optional<UserDto> user = ssoAuthenticator.authenticate(request, response);
+    if (user.isPresent()) {
+      return user;
+    }
+    user = jwtHttpHandler.validateToken(request, response);
+    if (user.isPresent()) {
+      return user;
+    }
+    return basicAuthenticator.authenticate(request);
+  }
+}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/authentication/UserSessionInitializer.java b/server/sonar-server/src/main/java/org/sonar/server/authentication/UserSessionInitializer.java
index 4cedd539219..0046c09510f 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/authentication/UserSessionInitializer.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/authentication/UserSessionInitializer.java
@@ -37,6 +37,7 @@ import org.sonar.server.user.UserSession;
 import org.sonar.server.user.UserSessionFactory;
 
 import static java.net.HttpURLConnection.HTTP_UNAUTHORIZED;
+import static org.apache.commons.lang.StringUtils.defaultString;
 import static org.sonar.api.CoreProperties.CORE_FORCE_AUTHENTICATION_PROPERTY;
 import static org.sonar.api.web.ServletFilter.UrlPattern.Builder.staticResourcePatterns;
 import static org.sonar.server.authentication.AuthenticationError.handleAuthenticationError;
@@ -52,7 +53,7 @@ public class UserSessionInitializer {
    * in logs/access.log. The pattern to be configured
    * in property sonar.web.accessLogs.pattern is "%reqAttribute{LOGIN}"
    */
-  public static final String ACCESS_LOG_LOGIN = "LOGIN";
+  private static final String ACCESS_LOG_LOGIN = "LOGIN";
 
   // SONAR-6546 these urls should be get from WebService
   private static final Set<String> SKIPPED_URLS = ImmutableSet.of(
@@ -71,33 +72,27 @@ public class UserSessionInitializer {
     .build();
 
   private final Configuration config;
-  private final JwtHttpHandler jwtHttpHandler;
-  private final BasicAuthenticator basicAuthenticator;
-  private final SsoAuthenticator ssoAuthenticator;
   private final ThreadLocalUserSession threadLocalSession;
   private final AuthenticationEvent authenticationEvent;
   private final UserSessionFactory userSessionFactory;
+  private final Authenticators authenticators;
 
-  public UserSessionInitializer(Configuration config, JwtHttpHandler jwtHttpHandler, BasicAuthenticator basicAuthenticator,
-    SsoAuthenticator ssoAuthenticator, ThreadLocalUserSession threadLocalSession, AuthenticationEvent authenticationEvent,
-    UserSessionFactory userSessionFactory) {
+  public UserSessionInitializer(Configuration config, ThreadLocalUserSession threadLocalSession, AuthenticationEvent authenticationEvent,
+    UserSessionFactory userSessionFactory, Authenticators authenticators) {
     this.config = config;
-    this.jwtHttpHandler = jwtHttpHandler;
-    this.basicAuthenticator = basicAuthenticator;
-    this.ssoAuthenticator = ssoAuthenticator;
     this.threadLocalSession = threadLocalSession;
     this.authenticationEvent = authenticationEvent;
     this.userSessionFactory = userSessionFactory;
+    this.authenticators = authenticators;
   }
 
   public boolean initUserSession(HttpServletRequest request, HttpServletResponse response) {
     String path = request.getRequestURI().replaceFirst(request.getContextPath(), "");
     try {
       // Do not set user session when url is excluded
-      if (!URL_PATTERN.matches(path)) {
-        return true;
+      if (URL_PATTERN.matches(path)) {
+        loadUserSession(request, response);
       }
-      setUserSession(request, response);
       return true;
     } catch (AuthenticationException e) {
       authenticationEvent.loginFailure(request, e);
@@ -120,44 +115,33 @@ public class UserSessionInitializer {
     return provider != AuthenticationEvent.Provider.LOCAL && provider != AuthenticationEvent.Provider.JWT;
   }
 
-  private void setUserSession(HttpServletRequest request, HttpServletResponse response) {
-    Optional<UserDto> user = authenticate(request, response);
+  private void loadUserSession(HttpServletRequest request, HttpServletResponse response) {
+    UserSession session;
+    Optional<UserDto> user = authenticators.authenticate(request, response);
     if (user.isPresent()) {
-      UserSession session = userSessionFactory.create(user.get());
-      threadLocalSession.set(session);
-      request.setAttribute(ACCESS_LOG_LOGIN, session.getLogin());
+      session = userSessionFactory.create(user.get());
     } else {
-      if (config.getBoolean(CORE_FORCE_AUTHENTICATION_PROPERTY).orElse(false)) {
-        throw AuthenticationException.newBuilder()
-          .setSource(Source.local(Method.BASIC))
-          .setMessage("User must be authenticated")
-          .build();
-      }
-      threadLocalSession.set(userSessionFactory.createAnonymous());
-      request.setAttribute(ACCESS_LOG_LOGIN, "-");
+      failIfAuthenticationIsRequired();
+      session = userSessionFactory.createAnonymous();
     }
+    threadLocalSession.set(session);
+    request.setAttribute(ACCESS_LOG_LOGIN, defaultString(session.getLogin(), "-"));
   }
 
-  public void removeUserSession() {
-    threadLocalSession.unload();
+  private void failIfAuthenticationIsRequired() {
+    if (config.getBoolean(CORE_FORCE_AUTHENTICATION_PROPERTY).orElse(false)) {
+      throw AuthenticationException.newBuilder()
+        .setSource(Source.local(Method.BASIC))
+        .setMessage("User must be authenticated")
+        .build();
+    }
   }
 
-  // Try first to authenticate from SSO, then JWT token, then try from basic http header
-  private Optional<UserDto> authenticate(HttpServletRequest request, HttpServletResponse response) {
-    // SSO authentication should come first in order to update JWT if user from header is not the same is user from JWT
-    Optional<UserDto> user = ssoAuthenticator.authenticate(request, response);
-    if (user.isPresent()) {
-      return user;
-    }
-    user = jwtHttpHandler.validateToken(request, response);
-    if (user.isPresent()) {
-      return user;
-    }
-    return basicAuthenticator.authenticate(request);
+  public void removeUserSession() {
+    threadLocalSession.unload();
   }
 
   private static boolean isWsUrl(String path) {
     return path.startsWith("/batch/") || path.startsWith("/api/");
   }
-
 }
diff --git a/server/sonar-server/src/main/java/org/sonar/server/platform/WebServer.java b/server/sonar-server/src/main/java/org/sonar/server/platform/WebServer.java
index 367a73c1614..9caff166f49 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/platform/WebServer.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/platform/WebServer.java
@@ -22,7 +22,7 @@ package org.sonar.server.platform;
 public interface WebServer {
 
   /**
-   * WebServer is standalone when property {@link org.sonar.process.ProcessProperties#CLUSTER_ENABLED} is {@code false} or
+   * WebServer is standalone when property {@link org.sonar.cluster.ClusterProperties#CLUSTER_ENABLED} is {@code false} or
    * undefined.
    */
   boolean isStandalone();
diff --git a/server/sonar-server/src/test/java/org/sonar/server/authentication/AuthenticationModuleTest.java b/server/sonar-server/src/test/java/org/sonar/server/authentication/AuthenticationModuleTest.java
index 838da6da741..75e5a123ea7 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/authentication/AuthenticationModuleTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/authentication/AuthenticationModuleTest.java
@@ -30,7 +30,7 @@ public class AuthenticationModuleTest {
   public void verify_count_of_added_components() {
     ComponentContainer container = new ComponentContainer();
     new AuthenticationModule().configure(container);
-    assertThat(container.size()).isEqualTo(2 + 20);
+    assertThat(container.size()).isEqualTo(2 + 21);
   }
 
 }
diff --git a/server/sonar-server/src/test/java/org/sonar/server/authentication/AuthenticatorsImplTest.java b/server/sonar-server/src/test/java/org/sonar/server/authentication/AuthenticatorsImplTest.java
new file mode 100644
index 00000000000..f6a841ab2f1
--- /dev/null
+++ b/server/sonar-server/src/test/java/org/sonar/server/authentication/AuthenticatorsImplTest.java
@@ -0,0 +1,89 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2017 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+package org.sonar.server.authentication;
+
+import java.util.Optional;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import org.junit.Test;
+import org.sonar.db.user.UserDto;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.mockito.Matchers.anyInt;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.never;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
+import static org.sonar.db.user.UserTesting.newUserDto;
+
+public class AuthenticatorsImplTest {
+
+  private UserDto user = newUserDto();
+  private HttpServletRequest request = mock(HttpServletRequest.class);
+  private HttpServletResponse response = mock(HttpServletResponse.class);
+  private JwtHttpHandler jwtHttpHandler = mock(JwtHttpHandler.class);
+  private BasicAuthenticator basicAuthenticator = mock(BasicAuthenticator.class);
+  private SsoAuthenticator ssoAuthenticator = mock(SsoAuthenticator.class);
+  private Authenticators underTest = new AuthenticatorsImpl(jwtHttpHandler, basicAuthenticator, ssoAuthenticator);
+
+  @Test
+  public void authenticate_from_jwt_token() throws Exception {
+    when(ssoAuthenticator.authenticate(request, response)).thenReturn(Optional.empty());
+    when(jwtHttpHandler.validateToken(request, response)).thenReturn(Optional.of(user));
+
+    assertThat(underTest.authenticate(request, response)).hasValue(user);
+    verify(response, never()).setStatus(anyInt());
+  }
+
+  @Test
+  public void authenticate_from_basic_header() throws Exception {
+    when(basicAuthenticator.authenticate(request)).thenReturn(Optional.of(user));
+    when(ssoAuthenticator.authenticate(request, response)).thenReturn(Optional.empty());
+    when(jwtHttpHandler.validateToken(request, response)).thenReturn(Optional.empty());
+
+    assertThat(underTest.authenticate(request, response)).hasValue(user);
+
+    verify(jwtHttpHandler).validateToken(request, response);
+    verify(basicAuthenticator).authenticate(request);
+    verify(response, never()).setStatus(anyInt());
+  }
+
+  @Test
+  public void authenticate_from_sso() throws Exception {
+    when(ssoAuthenticator.authenticate(request, response)).thenReturn(Optional.of(user));
+    when(jwtHttpHandler.validateToken(request, response)).thenReturn(Optional.empty());
+
+    assertThat(underTest.authenticate(request, response)).hasValue(user);
+
+    verify(ssoAuthenticator).authenticate(request, response);
+    verify(jwtHttpHandler, never()).validateToken(request, response);
+    verify(response, never()).setStatus(anyInt());
+  }
+
+  @Test
+  public void return_empty_if_not_authenticated() throws Exception {
+    when(jwtHttpHandler.validateToken(request, response)).thenReturn(Optional.empty());
+    when(ssoAuthenticator.authenticate(request, response)).thenReturn(Optional.empty());
+    when(basicAuthenticator.authenticate(request)).thenReturn(Optional.empty());
+
+    assertThat(underTest.authenticate(request, response)).isEmpty();
+    verify(response, never()).setStatus(anyInt());
+  }
+}
diff --git a/server/sonar-server/src/test/java/org/sonar/server/authentication/UserSessionInitializerTest.java b/server/sonar-server/src/test/java/org/sonar/server/authentication/UserSessionInitializerTest.java
index b8fcf9fd7ce..318046092e9 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/authentication/UserSessionInitializerTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/authentication/UserSessionInitializerTest.java
@@ -37,18 +37,15 @@ import org.sonar.server.authentication.event.AuthenticationEvent;
 import org.sonar.server.authentication.event.AuthenticationEvent.Method;
 import org.sonar.server.authentication.event.AuthenticationEvent.Source;
 import org.sonar.server.authentication.event.AuthenticationException;
-import org.sonar.server.user.ServerUserSession;
 import org.sonar.server.user.TestUserSessionFactory;
 import org.sonar.server.user.ThreadLocalUserSession;
 import org.sonar.server.user.UserSession;
 
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.mockito.Matchers.any;
-import static org.mockito.Matchers.anyInt;
 import static org.mockito.Matchers.eq;
 import static org.mockito.Mockito.doThrow;
 import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.never;
 import static org.mockito.Mockito.reset;
 import static org.mockito.Mockito.verify;
 import static org.mockito.Mockito.verifyZeroInteractions;
@@ -68,18 +65,12 @@ public class UserSessionInitializerTest {
 
   private HttpServletRequest request = mock(HttpServletRequest.class);
   private HttpServletResponse response = mock(HttpServletResponse.class);
-
-  private JwtHttpHandler jwtHttpHandler = mock(JwtHttpHandler.class);
-  private BasicAuthenticator basicAuthenticator = mock(BasicAuthenticator.class);
-  private SsoAuthenticator ssoAuthenticator = mock(SsoAuthenticator.class);
+  private Authenticators authenticators = mock(Authenticators.class);
   private AuthenticationEvent authenticationEvent = mock(AuthenticationEvent.class);
   private TestUserSessionFactory userSessionFactory = TestUserSessionFactory.standalone();
   private MapSettings settings = new MapSettings();
-
   private UserDto user = newUserDto();
-
-  private UserSessionInitializer underTest = new UserSessionInitializer(settings.asConfig(), jwtHttpHandler, basicAuthenticator,
-    ssoAuthenticator, userSession, authenticationEvent, userSessionFactory);
+  private UserSessionInitializer underTest = new UserSessionInitializer(settings.asConfig(), userSession, authenticationEvent, userSessionFactory, authenticators);
 
   @Before
   public void setUp() throws Exception {
@@ -122,64 +113,10 @@ public class UserSessionInitializerTest {
   }
 
   @Test
-  public void validate_session_from_token() throws Exception {
-    when(userSession.isLoggedIn()).thenReturn(true);
-    when(ssoAuthenticator.authenticate(request, response)).thenReturn(Optional.empty());
-    when(jwtHttpHandler.validateToken(request, response)).thenReturn(Optional.of(user));
-
-    assertThat(underTest.initUserSession(request, response)).isTrue();
-
-    verify(jwtHttpHandler).validateToken(request, response);
-    verify(response, never()).setStatus(anyInt());
-  }
-
-  @Test
-  public void validate_session_from_basic_authentication() throws Exception {
-    when(userSession.isLoggedIn()).thenReturn(false).thenReturn(true);
-    when(basicAuthenticator.authenticate(request)).thenReturn(Optional.of(user));
-    when(ssoAuthenticator.authenticate(request, response)).thenReturn(Optional.empty());
-    when(jwtHttpHandler.validateToken(request, response)).thenReturn(Optional.empty());
-
-    assertThat(underTest.initUserSession(request, response)).isTrue();
-
-    verify(jwtHttpHandler).validateToken(request, response);
-    verify(basicAuthenticator).authenticate(request);
-    verify(userSession).set(any(ServerUserSession.class));
-    verify(response, never()).setStatus(anyInt());
-  }
-
-  @Test
-  public void validate_session_from_sso() throws Exception {
-    when(userSession.isLoggedIn()).thenReturn(true);
-    when(ssoAuthenticator.authenticate(request, response)).thenReturn(Optional.of(user));
-    when(jwtHttpHandler.validateToken(request, response)).thenReturn(Optional.empty());
-
-    assertThat(underTest.initUserSession(request, response)).isTrue();
-
-    verify(ssoAuthenticator).authenticate(request, response);
-    verify(jwtHttpHandler, never()).validateToken(request, response);
-    verify(response, never()).setStatus(anyInt());
-  }
-
-  @Test
-  public void return_code_401_when_invalid_token_exception() throws Exception {
-    when(ssoAuthenticator.authenticate(request, response)).thenReturn(Optional.empty());
-    AuthenticationException authenticationException = AuthenticationException.newBuilder().setSource(Source.jwt()).setMessage("Token id hasn't been found").build();
-    doThrow(authenticationException).when(jwtHttpHandler).validateToken(request, response);
-
-    assertThat(underTest.initUserSession(request, response)).isTrue();
-
-    verify(authenticationEvent).loginFailure(request, authenticationException);
-    verifyZeroInteractions(response, userSession);
-  }
-
-  @Test
   public void return_code_401_when_not_authenticated_and_with_force_authentication() throws Exception {
     ArgumentCaptor<AuthenticationException> exceptionArgumentCaptor = ArgumentCaptor.forClass(AuthenticationException.class);
     when(userSession.isLoggedIn()).thenReturn(false);
-    when(basicAuthenticator.authenticate(request)).thenReturn(Optional.empty());
-    when(ssoAuthenticator.authenticate(request, response)).thenReturn(Optional.empty());
-    when(jwtHttpHandler.validateToken(request, response)).thenReturn(Optional.empty());
+    when(authenticators.authenticate(request, response)).thenReturn(Optional.empty());
     settings.setProperty("sonar.forceAuthentication", true);
 
     assertThat(underTest.initUserSession(request, response)).isTrue();
@@ -197,9 +134,8 @@ public class UserSessionInitializerTest {
   @Test
   public void return_401_and_stop_on_ws() throws Exception {
     when(request.getRequestURI()).thenReturn("/api/issues");
-    when(ssoAuthenticator.authenticate(request, response)).thenReturn(Optional.empty());
     AuthenticationException authenticationException = AuthenticationException.newBuilder().setSource(Source.jwt()).setMessage("Token id hasn't been found").build();
-    doThrow(authenticationException).when(jwtHttpHandler).validateToken(request, response);
+    doThrow(authenticationException).when(authenticators).authenticate(request, response);
 
     assertThat(underTest.initUserSession(request, response)).isFalse();
 
@@ -211,9 +147,8 @@ public class UserSessionInitializerTest {
   @Test
   public void return_401_and_stop_on_batch_ws() throws Exception {
     when(request.getRequestURI()).thenReturn("/batch/global");
-    when(ssoAuthenticator.authenticate(request, response)).thenReturn(Optional.empty());
     doThrow(AuthenticationException.newBuilder().setSource(Source.jwt()).setMessage("Token id hasn't been found").build())
-      .when(jwtHttpHandler).validateToken(request, response);
+      .when(authenticators).authenticate(request, response);
 
     assertThat(underTest.initUserSession(request, response)).isFalse();
 
@@ -223,9 +158,8 @@ public class UserSessionInitializerTest {
 
   @Test
   public void return_to_session_unauthorized_when_error_on_from_external_provider() throws Exception {
-    when(ssoAuthenticator.authenticate(request, response)).thenReturn(Optional.empty());
     doThrow(AuthenticationException.newBuilder().setSource(Source.external(newBasicIdentityProvider("failing"))).setPublicMessage("Token id hasn't been found").build())
-      .when(jwtHttpHandler).validateToken(request, response);
+      .when(authenticators).authenticate(request, response);
 
     assertThat(underTest.initUserSession(request, response)).isFalse();
 
@@ -235,9 +169,8 @@ public class UserSessionInitializerTest {
   @Test
   public void return_to_session_unauthorized_when_error_on_from_external_provider_with_context_path() throws Exception {
     when(request.getContextPath()).thenReturn("/sonarqube");
-    when(ssoAuthenticator.authenticate(request, response)).thenReturn(Optional.empty());
     doThrow(AuthenticationException.newBuilder().setSource(Source.external(newBasicIdentityProvider("failing"))).setPublicMessage("Token id hasn't been found").build())
-      .when(jwtHttpHandler).validateToken(request, response);
+      .when(authenticators).authenticate(request, response);
 
     assertThat(underTest.initUserSession(request, response)).isFalse();
 
@@ -249,19 +182,18 @@ public class UserSessionInitializerTest {
 
     assertThat(underTest.initUserSession(request, response)).isTrue();
 
-    verifyZeroInteractions(userSession, jwtHttpHandler, basicAuthenticator);
-    reset(userSession, jwtHttpHandler, basicAuthenticator);
+    verifyZeroInteractions(userSession, authenticators);
+    reset(userSession, authenticators);
   }
 
   private void assertPathIsNotIgnored(String path) {
     when(request.getRequestURI()).thenReturn(path);
-    when(ssoAuthenticator.authenticate(request, response)).thenReturn(Optional.empty());
-    when(jwtHttpHandler.validateToken(request, response)).thenReturn(Optional.of(user));
+    when(authenticators.authenticate(request, response)).thenReturn(Optional.of(user));
 
     assertThat(underTest.initUserSession(request, response)).isTrue();
 
     verify(userSession).set(any(UserSession.class));
-    reset(userSession, jwtHttpHandler, basicAuthenticator);
+    reset(userSession, authenticators);
   }
 
   private static BaseIdentityProvider newBasicIdentityProvider(String name) {
author	Simon Brandhof <simon.brandhof@sonarsource.com>	2017-09-12 17:05:57 +0200
committer	Sébastien Lesaint <sebastien.lesaint@sonarsource.com>	2017-09-13 15:50:55 +0200
commit	1d5992601787c395f23bc82d658fe15adbe9a146 (patch)
tree	55c05a61c98e46eb3166b82c9fe1f0580eac847b /server
parent	46cea1eed83a0abe5b1fd7f50efb6f3b367ed43b (diff)
download	sonarqube-1d5992601787c395f23bc82d658fe15adbe9a146.tar.gz sonarqube-1d5992601787c395f23bc82d658fe15adbe9a146.zip