diff options
Diffstat (limited to 'it/it-plugins/security-plugin/src')
6 files changed, 434 insertions, 0 deletions
diff --git a/it/it-plugins/security-plugin/src/main/java/FakeAuthenticator.java b/it/it-plugins/security-plugin/src/main/java/FakeAuthenticator.java new file mode 100644 index 00000000000..6455d260b89 --- /dev/null +++ b/it/it-plugins/security-plugin/src/main/java/FakeAuthenticator.java @@ -0,0 +1,157 @@ +/* + * SonarQube + * Copyright (C) 2009-2016 SonarSource SA + * mailto:contact AT sonarsource DOT com + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 3 of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this program; if not, write to the Free Software Foundation, + * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + */ +import com.google.common.annotations.VisibleForTesting; +import com.google.common.base.Splitter; +import com.google.common.base.Strings; +import com.google.common.collect.ImmutableList; +import com.google.common.collect.Maps; +import java.util.Collection; +import java.util.Iterator; +import java.util.List; +import java.util.Map; +import java.util.regex.Pattern; +import org.apache.commons.lang.StringUtils; +import org.sonar.api.Properties; +import org.sonar.api.Property; +import org.sonar.api.PropertyType; +import org.sonar.api.config.Settings; +import org.sonar.api.security.LoginPasswordAuthenticator; +import org.sonar.api.security.UserDetails; +import org.sonar.api.utils.log.Logger; +import org.sonar.api.utils.log.Loggers; + +@Properties({ + @Property( + key = FakeAuthenticator.DATA_PROPERTY, + name = "Fake Users", type = PropertyType.TEXT + ) +}) +public class FakeAuthenticator implements LoginPasswordAuthenticator { + + private static final Logger LOG = Loggers.get(FakeAuthenticator.class); + + /** + * Example: + * <pre> + * evgeny.password=foo + * evgeny.name=Evgeny Mandrikov + * evgeny.email=evgeny@example.org + * evgeny.groups=sonar-users + * + * simon.password=bar + * simon.groups=sonar-users,sonar-developers + * </pre> + */ + public static final String DATA_PROPERTY = "sonar.fakeauthenticator.users"; + + private final Settings settings; + + private Map<String, String> data; + + public FakeAuthenticator(Settings settings) { + this.settings = settings; + } + + public boolean authenticate(String username, String password) { + // Never touch admin + if (isAdmin(username)) { + return true; + } + + reloadData(); + checkExistence(username); + + String expectedPassword = data.get(username + ".password"); + if (StringUtils.equals(password, expectedPassword)) { + LOG.info("user {} with password {}", username, password); + return true; + } else { + LOG.info("user " + username + " expected password " + expectedPassword + " , but was " + password); + return false; + } + } + + private void checkExistence(String username) { + if (!data.containsKey(username + ".password")) { + throw new RuntimeException("No such user"); + } + } + + public UserDetails doGetUserDetails(String username) { + // Never touch admin + if (isAdmin(username)) { + return null; + } + + reloadData(); + checkExistence(username); + + UserDetails result = new UserDetails(); + result.setName(Strings.nullToEmpty(data.get(username + ".name"))); + result.setEmail(Strings.nullToEmpty(data.get(username + ".email"))); + LOG.info("details for user {} : {}", username, result); + return result; + } + + public Collection<String> doGetGroups(String username) { + // Never touch admin + if (isAdmin(username)) { + return null; + } + + reloadData(); + checkExistence(username); + + Collection<String> result = parseList(data.get(username + ".groups")); + LOG.info("groups for user {} : {}", username, result); + return result; + } + + private static boolean isAdmin(String username) { + return StringUtils.equals(username, "admin"); + } + + private void reloadData() { + data = parse(settings.getString(DATA_PROPERTY)); + } + + private static final Splitter LIST_SPLITTER = Splitter.on(',').omitEmptyStrings().trimResults(); + private static final Splitter LINE_SPLITTER = Splitter.on(Pattern.compile("\r?\n")).omitEmptyStrings().trimResults(); + + @VisibleForTesting + static List<String> parseList(String data) { + return ImmutableList.copyOf(LIST_SPLITTER.split(Strings.nullToEmpty(data))); + } + + @VisibleForTesting + static Map<String, String> parse(String data) { + Map<String, String> result = Maps.newHashMap(); + for (String entry : LINE_SPLITTER.split(Strings.nullToEmpty(data))) { + Iterator<String> keyValue = Splitter.on('=').split(entry).iterator(); + result.put(keyValue.next(), keyValue.next()); + } + return result; + } + + public void init() { + // nothing to do + } + +} diff --git a/it/it-plugins/security-plugin/src/main/java/FakeGroupsProvider.java b/it/it-plugins/security-plugin/src/main/java/FakeGroupsProvider.java new file mode 100644 index 00000000000..9c1666c5423 --- /dev/null +++ b/it/it-plugins/security-plugin/src/main/java/FakeGroupsProvider.java @@ -0,0 +1,36 @@ +/* + * SonarQube + * Copyright (C) 2009-2016 SonarSource SA + * mailto:contact AT sonarsource DOT com + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 3 of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this program; if not, write to the Free Software Foundation, + * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + */ +import java.util.Collection; +import org.sonar.api.security.ExternalGroupsProvider; + +public class FakeGroupsProvider extends ExternalGroupsProvider { + + private final FakeAuthenticator instance; + + public FakeGroupsProvider(FakeAuthenticator instance) { + this.instance = instance; + } + + @Override + public Collection<String> doGetGroups(String username) { + return instance.doGetGroups(username); + } + +} diff --git a/it/it-plugins/security-plugin/src/main/java/FakeRealm.java b/it/it-plugins/security-plugin/src/main/java/FakeRealm.java new file mode 100644 index 00000000000..4b4dd479836 --- /dev/null +++ b/it/it-plugins/security-plugin/src/main/java/FakeRealm.java @@ -0,0 +1,49 @@ +/* + * SonarQube + * Copyright (C) 2009-2016 SonarSource SA + * mailto:contact AT sonarsource DOT com + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 3 of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this program; if not, write to the Free Software Foundation, + * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + */ +import org.sonar.api.config.Settings; +import org.sonar.api.security.ExternalGroupsProvider; +import org.sonar.api.security.ExternalUsersProvider; +import org.sonar.api.security.LoginPasswordAuthenticator; +import org.sonar.api.security.SecurityRealm; + +public class FakeRealm extends SecurityRealm { + + private FakeAuthenticator instance; + + public FakeRealm(Settings settings) { + this.instance = new FakeAuthenticator(settings); + } + + @Override + public LoginPasswordAuthenticator getLoginPasswordAuthenticator() { + return instance; + } + + @Override + public ExternalGroupsProvider getGroupsProvider() { + return new FakeGroupsProvider(instance); + } + + @Override + public ExternalUsersProvider getUsersProvider() { + return new FakeUsersProvider(instance); + } + +} diff --git a/it/it-plugins/security-plugin/src/main/java/FakeUsersProvider.java b/it/it-plugins/security-plugin/src/main/java/FakeUsersProvider.java new file mode 100644 index 00000000000..4ebae9deae1 --- /dev/null +++ b/it/it-plugins/security-plugin/src/main/java/FakeUsersProvider.java @@ -0,0 +1,36 @@ +/* + * SonarQube + * Copyright (C) 2009-2016 SonarSource SA + * mailto:contact AT sonarsource DOT com + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 3 of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this program; if not, write to the Free Software Foundation, + * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + */ +import org.sonar.api.security.ExternalUsersProvider; +import org.sonar.api.security.UserDetails; + +public class FakeUsersProvider extends ExternalUsersProvider { + + private final FakeAuthenticator instance; + + public FakeUsersProvider(FakeAuthenticator instance) { + this.instance = instance; + } + + @Override + public UserDetails doGetUserDetails(String username) { + return instance.doGetUserDetails(username); + } + +} diff --git a/it/it-plugins/security-plugin/src/main/java/SecurityPlugin.java b/it/it-plugins/security-plugin/src/main/java/SecurityPlugin.java new file mode 100644 index 00000000000..c2582893c70 --- /dev/null +++ b/it/it-plugins/security-plugin/src/main/java/SecurityPlugin.java @@ -0,0 +1,30 @@ +/* + * SonarQube + * Copyright (C) 2009-2016 SonarSource SA + * mailto:contact AT sonarsource DOT com + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 3 of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this program; if not, write to the Free Software Foundation, + * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + */ +import java.util.Arrays; +import java.util.List; +import org.sonar.api.SonarPlugin; + +public class SecurityPlugin extends SonarPlugin { + + public List getExtensions() { + return Arrays.asList(FakeRealm.class, FakeAuthenticator.class); + } + +} diff --git a/it/it-plugins/security-plugin/src/test/java/FakeAuthenticatorTest.java b/it/it-plugins/security-plugin/src/test/java/FakeAuthenticatorTest.java new file mode 100644 index 00000000000..6a0b1884a05 --- /dev/null +++ b/it/it-plugins/security-plugin/src/test/java/FakeAuthenticatorTest.java @@ -0,0 +1,126 @@ +/* + * SonarQube + * Copyright (C) 2009-2016 SonarSource SA + * mailto:contact AT sonarsource DOT com + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 3 of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this program; if not, write to the Free Software Foundation, + * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + */ +import java.util.Map; +import org.junit.Before; +import org.junit.Test; +import org.sonar.api.config.Settings; +import org.sonar.api.security.UserDetails; + +import static org.assertj.core.api.Assertions.assertThat; + + +public class FakeAuthenticatorTest { + + private Settings settings; + private FakeAuthenticator authenticator; + + @Before + public void setUp() { + settings = new Settings(); + authenticator = new FakeAuthenticator(settings); + authenticator.init(); + } + + @Test + public void shouldNeverTouchAdmin() { + assertThat(authenticator.authenticate("admin", "admin")).isTrue(); + assertThat(authenticator.doGetGroups("admin")).isNull(); + assertThat(authenticator.doGetUserDetails("admin")).isNull(); + } + + @Test + public void shouldAuthenticateFakeUsers() { + settings.setProperty(FakeAuthenticator.DATA_PROPERTY, "evgeny.password=foo"); + + assertThat(authenticator.authenticate("evgeny", "foo")).isTrue(); + assertThat(authenticator.authenticate("evgeny", "bar")).isFalse(); + } + + @Test(expected = RuntimeException.class) + public void shouldNotAuthenticateNotExistingUsers() { + authenticator.authenticate("evgeny", "foo"); + } + + @Test + public void shouldGetUserDetails() { + settings.setProperty(FakeAuthenticator.DATA_PROPERTY, "evgeny.password=foo\n" + + "evgeny.name=Tester Testerovich\n" + + "evgeny.email=evgeny@example.org"); + + UserDetails details = authenticator.doGetUserDetails("evgeny"); + assertThat(details.getName()).isEqualTo("Tester Testerovich"); + assertThat(details.getEmail()).isEqualTo("evgeny@example.org"); + } + + @Test(expected = RuntimeException.class) + public void shouldNotReturnDetailsForNotExistingUsers() { + authenticator.doGetUserDetails("evgeny"); + } + + @Test + public void shouldGetGroups() { + settings.setProperty(FakeAuthenticator.DATA_PROPERTY, "evgeny.password=foo\n" + + "evgeny.groups=sonar-users,sonar-developers"); + + assertThat(authenticator.doGetGroups("evgeny")).containsOnly("sonar-users", "sonar-developers"); + } + + @Test(expected = RuntimeException.class) + public void shouldNotReturnGroupsForNotExistingUsers() { + authenticator.doGetGroups("evgeny"); + } + + @Test + public void shouldParseList() { + assertThat(FakeAuthenticator.parseList(null)).isEmpty(); + assertThat(FakeAuthenticator.parseList("")).isEmpty(); + assertThat(FakeAuthenticator.parseList(",,,")).isEmpty(); + assertThat(FakeAuthenticator.parseList("a,b")).containsOnly("a", "b"); + } + + @Test + public void shouldParseMap() { + Map<String, String> map = FakeAuthenticator.parse(null); + assertThat(map).isEmpty(); + + map = FakeAuthenticator.parse(""); + assertThat(map).isEmpty(); + + map = FakeAuthenticator.parse("foo=bar"); + assertThat(map).hasSize(1); + assertThat(map.get("foo")).isEqualTo("bar"); + + map = FakeAuthenticator.parse("foo=bar\r\nbaz=qux"); + assertThat(map).hasSize(2); + assertThat(map.get("foo")).isEqualTo("bar"); + assertThat(map.get("baz")).isEqualTo("qux"); + + map = FakeAuthenticator.parse("foo=bar\nbaz=qux"); + assertThat(map).hasSize(2); + assertThat(map.get("foo")).isEqualTo("bar"); + assertThat(map.get("baz")).isEqualTo("qux"); + + map = FakeAuthenticator.parse("foo=bar\n\n\nbaz=qux"); + assertThat(map).hasSize(2); + assertThat(map.get("foo")).isEqualTo("bar"); + assertThat(map.get("baz")).isEqualTo("qux"); + } + +} |