aboutsummaryrefslogtreecommitdiffstats
path: root/it/it-plugins/security-plugin/src
diff options
context:
space:
mode:
Diffstat (limited to 'it/it-plugins/security-plugin/src')
-rw-r--r--it/it-plugins/security-plugin/src/main/java/FakeAuthenticator.java157
-rw-r--r--it/it-plugins/security-plugin/src/main/java/FakeGroupsProvider.java36
-rw-r--r--it/it-plugins/security-plugin/src/main/java/FakeRealm.java49
-rw-r--r--it/it-plugins/security-plugin/src/main/java/FakeUsersProvider.java36
-rw-r--r--it/it-plugins/security-plugin/src/main/java/SecurityPlugin.java30
-rw-r--r--it/it-plugins/security-plugin/src/test/java/FakeAuthenticatorTest.java126
6 files changed, 434 insertions, 0 deletions
diff --git a/it/it-plugins/security-plugin/src/main/java/FakeAuthenticator.java b/it/it-plugins/security-plugin/src/main/java/FakeAuthenticator.java
new file mode 100644
index 00000000000..6455d260b89
--- /dev/null
+++ b/it/it-plugins/security-plugin/src/main/java/FakeAuthenticator.java
@@ -0,0 +1,157 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2016 SonarSource SA
+ * mailto:contact AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+import com.google.common.annotations.VisibleForTesting;
+import com.google.common.base.Splitter;
+import com.google.common.base.Strings;
+import com.google.common.collect.ImmutableList;
+import com.google.common.collect.Maps;
+import java.util.Collection;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.regex.Pattern;
+import org.apache.commons.lang.StringUtils;
+import org.sonar.api.Properties;
+import org.sonar.api.Property;
+import org.sonar.api.PropertyType;
+import org.sonar.api.config.Settings;
+import org.sonar.api.security.LoginPasswordAuthenticator;
+import org.sonar.api.security.UserDetails;
+import org.sonar.api.utils.log.Logger;
+import org.sonar.api.utils.log.Loggers;
+
+@Properties({
+ @Property(
+ key = FakeAuthenticator.DATA_PROPERTY,
+ name = "Fake Users", type = PropertyType.TEXT
+ )
+})
+public class FakeAuthenticator implements LoginPasswordAuthenticator {
+
+ private static final Logger LOG = Loggers.get(FakeAuthenticator.class);
+
+ /**
+ * Example:
+ * <pre>
+ * evgeny.password=foo
+ * evgeny.name=Evgeny Mandrikov
+ * evgeny.email=evgeny@example.org
+ * evgeny.groups=sonar-users
+ *
+ * simon.password=bar
+ * simon.groups=sonar-users,sonar-developers
+ * </pre>
+ */
+ public static final String DATA_PROPERTY = "sonar.fakeauthenticator.users";
+
+ private final Settings settings;
+
+ private Map<String, String> data;
+
+ public FakeAuthenticator(Settings settings) {
+ this.settings = settings;
+ }
+
+ public boolean authenticate(String username, String password) {
+ // Never touch admin
+ if (isAdmin(username)) {
+ return true;
+ }
+
+ reloadData();
+ checkExistence(username);
+
+ String expectedPassword = data.get(username + ".password");
+ if (StringUtils.equals(password, expectedPassword)) {
+ LOG.info("user {} with password {}", username, password);
+ return true;
+ } else {
+ LOG.info("user " + username + " expected password " + expectedPassword + " , but was " + password);
+ return false;
+ }
+ }
+
+ private void checkExistence(String username) {
+ if (!data.containsKey(username + ".password")) {
+ throw new RuntimeException("No such user");
+ }
+ }
+
+ public UserDetails doGetUserDetails(String username) {
+ // Never touch admin
+ if (isAdmin(username)) {
+ return null;
+ }
+
+ reloadData();
+ checkExistence(username);
+
+ UserDetails result = new UserDetails();
+ result.setName(Strings.nullToEmpty(data.get(username + ".name")));
+ result.setEmail(Strings.nullToEmpty(data.get(username + ".email")));
+ LOG.info("details for user {} : {}", username, result);
+ return result;
+ }
+
+ public Collection<String> doGetGroups(String username) {
+ // Never touch admin
+ if (isAdmin(username)) {
+ return null;
+ }
+
+ reloadData();
+ checkExistence(username);
+
+ Collection<String> result = parseList(data.get(username + ".groups"));
+ LOG.info("groups for user {} : {}", username, result);
+ return result;
+ }
+
+ private static boolean isAdmin(String username) {
+ return StringUtils.equals(username, "admin");
+ }
+
+ private void reloadData() {
+ data = parse(settings.getString(DATA_PROPERTY));
+ }
+
+ private static final Splitter LIST_SPLITTER = Splitter.on(',').omitEmptyStrings().trimResults();
+ private static final Splitter LINE_SPLITTER = Splitter.on(Pattern.compile("\r?\n")).omitEmptyStrings().trimResults();
+
+ @VisibleForTesting
+ static List<String> parseList(String data) {
+ return ImmutableList.copyOf(LIST_SPLITTER.split(Strings.nullToEmpty(data)));
+ }
+
+ @VisibleForTesting
+ static Map<String, String> parse(String data) {
+ Map<String, String> result = Maps.newHashMap();
+ for (String entry : LINE_SPLITTER.split(Strings.nullToEmpty(data))) {
+ Iterator<String> keyValue = Splitter.on('=').split(entry).iterator();
+ result.put(keyValue.next(), keyValue.next());
+ }
+ return result;
+ }
+
+ public void init() {
+ // nothing to do
+ }
+
+}
diff --git a/it/it-plugins/security-plugin/src/main/java/FakeGroupsProvider.java b/it/it-plugins/security-plugin/src/main/java/FakeGroupsProvider.java
new file mode 100644
index 00000000000..9c1666c5423
--- /dev/null
+++ b/it/it-plugins/security-plugin/src/main/java/FakeGroupsProvider.java
@@ -0,0 +1,36 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2016 SonarSource SA
+ * mailto:contact AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+import java.util.Collection;
+import org.sonar.api.security.ExternalGroupsProvider;
+
+public class FakeGroupsProvider extends ExternalGroupsProvider {
+
+ private final FakeAuthenticator instance;
+
+ public FakeGroupsProvider(FakeAuthenticator instance) {
+ this.instance = instance;
+ }
+
+ @Override
+ public Collection<String> doGetGroups(String username) {
+ return instance.doGetGroups(username);
+ }
+
+}
diff --git a/it/it-plugins/security-plugin/src/main/java/FakeRealm.java b/it/it-plugins/security-plugin/src/main/java/FakeRealm.java
new file mode 100644
index 00000000000..4b4dd479836
--- /dev/null
+++ b/it/it-plugins/security-plugin/src/main/java/FakeRealm.java
@@ -0,0 +1,49 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2016 SonarSource SA
+ * mailto:contact AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+import org.sonar.api.config.Settings;
+import org.sonar.api.security.ExternalGroupsProvider;
+import org.sonar.api.security.ExternalUsersProvider;
+import org.sonar.api.security.LoginPasswordAuthenticator;
+import org.sonar.api.security.SecurityRealm;
+
+public class FakeRealm extends SecurityRealm {
+
+ private FakeAuthenticator instance;
+
+ public FakeRealm(Settings settings) {
+ this.instance = new FakeAuthenticator(settings);
+ }
+
+ @Override
+ public LoginPasswordAuthenticator getLoginPasswordAuthenticator() {
+ return instance;
+ }
+
+ @Override
+ public ExternalGroupsProvider getGroupsProvider() {
+ return new FakeGroupsProvider(instance);
+ }
+
+ @Override
+ public ExternalUsersProvider getUsersProvider() {
+ return new FakeUsersProvider(instance);
+ }
+
+}
diff --git a/it/it-plugins/security-plugin/src/main/java/FakeUsersProvider.java b/it/it-plugins/security-plugin/src/main/java/FakeUsersProvider.java
new file mode 100644
index 00000000000..4ebae9deae1
--- /dev/null
+++ b/it/it-plugins/security-plugin/src/main/java/FakeUsersProvider.java
@@ -0,0 +1,36 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2016 SonarSource SA
+ * mailto:contact AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+import org.sonar.api.security.ExternalUsersProvider;
+import org.sonar.api.security.UserDetails;
+
+public class FakeUsersProvider extends ExternalUsersProvider {
+
+ private final FakeAuthenticator instance;
+
+ public FakeUsersProvider(FakeAuthenticator instance) {
+ this.instance = instance;
+ }
+
+ @Override
+ public UserDetails doGetUserDetails(String username) {
+ return instance.doGetUserDetails(username);
+ }
+
+}
diff --git a/it/it-plugins/security-plugin/src/main/java/SecurityPlugin.java b/it/it-plugins/security-plugin/src/main/java/SecurityPlugin.java
new file mode 100644
index 00000000000..c2582893c70
--- /dev/null
+++ b/it/it-plugins/security-plugin/src/main/java/SecurityPlugin.java
@@ -0,0 +1,30 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2016 SonarSource SA
+ * mailto:contact AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+import java.util.Arrays;
+import java.util.List;
+import org.sonar.api.SonarPlugin;
+
+public class SecurityPlugin extends SonarPlugin {
+
+ public List getExtensions() {
+ return Arrays.asList(FakeRealm.class, FakeAuthenticator.class);
+ }
+
+}
diff --git a/it/it-plugins/security-plugin/src/test/java/FakeAuthenticatorTest.java b/it/it-plugins/security-plugin/src/test/java/FakeAuthenticatorTest.java
new file mode 100644
index 00000000000..6a0b1884a05
--- /dev/null
+++ b/it/it-plugins/security-plugin/src/test/java/FakeAuthenticatorTest.java
@@ -0,0 +1,126 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2016 SonarSource SA
+ * mailto:contact AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+import java.util.Map;
+import org.junit.Before;
+import org.junit.Test;
+import org.sonar.api.config.Settings;
+import org.sonar.api.security.UserDetails;
+
+import static org.assertj.core.api.Assertions.assertThat;
+
+
+public class FakeAuthenticatorTest {
+
+ private Settings settings;
+ private FakeAuthenticator authenticator;
+
+ @Before
+ public void setUp() {
+ settings = new Settings();
+ authenticator = new FakeAuthenticator(settings);
+ authenticator.init();
+ }
+
+ @Test
+ public void shouldNeverTouchAdmin() {
+ assertThat(authenticator.authenticate("admin", "admin")).isTrue();
+ assertThat(authenticator.doGetGroups("admin")).isNull();
+ assertThat(authenticator.doGetUserDetails("admin")).isNull();
+ }
+
+ @Test
+ public void shouldAuthenticateFakeUsers() {
+ settings.setProperty(FakeAuthenticator.DATA_PROPERTY, "evgeny.password=foo");
+
+ assertThat(authenticator.authenticate("evgeny", "foo")).isTrue();
+ assertThat(authenticator.authenticate("evgeny", "bar")).isFalse();
+ }
+
+ @Test(expected = RuntimeException.class)
+ public void shouldNotAuthenticateNotExistingUsers() {
+ authenticator.authenticate("evgeny", "foo");
+ }
+
+ @Test
+ public void shouldGetUserDetails() {
+ settings.setProperty(FakeAuthenticator.DATA_PROPERTY, "evgeny.password=foo\n" +
+ "evgeny.name=Tester Testerovich\n" +
+ "evgeny.email=evgeny@example.org");
+
+ UserDetails details = authenticator.doGetUserDetails("evgeny");
+ assertThat(details.getName()).isEqualTo("Tester Testerovich");
+ assertThat(details.getEmail()).isEqualTo("evgeny@example.org");
+ }
+
+ @Test(expected = RuntimeException.class)
+ public void shouldNotReturnDetailsForNotExistingUsers() {
+ authenticator.doGetUserDetails("evgeny");
+ }
+
+ @Test
+ public void shouldGetGroups() {
+ settings.setProperty(FakeAuthenticator.DATA_PROPERTY, "evgeny.password=foo\n" +
+ "evgeny.groups=sonar-users,sonar-developers");
+
+ assertThat(authenticator.doGetGroups("evgeny")).containsOnly("sonar-users", "sonar-developers");
+ }
+
+ @Test(expected = RuntimeException.class)
+ public void shouldNotReturnGroupsForNotExistingUsers() {
+ authenticator.doGetGroups("evgeny");
+ }
+
+ @Test
+ public void shouldParseList() {
+ assertThat(FakeAuthenticator.parseList(null)).isEmpty();
+ assertThat(FakeAuthenticator.parseList("")).isEmpty();
+ assertThat(FakeAuthenticator.parseList(",,,")).isEmpty();
+ assertThat(FakeAuthenticator.parseList("a,b")).containsOnly("a", "b");
+ }
+
+ @Test
+ public void shouldParseMap() {
+ Map<String, String> map = FakeAuthenticator.parse(null);
+ assertThat(map).isEmpty();
+
+ map = FakeAuthenticator.parse("");
+ assertThat(map).isEmpty();
+
+ map = FakeAuthenticator.parse("foo=bar");
+ assertThat(map).hasSize(1);
+ assertThat(map.get("foo")).isEqualTo("bar");
+
+ map = FakeAuthenticator.parse("foo=bar\r\nbaz=qux");
+ assertThat(map).hasSize(2);
+ assertThat(map.get("foo")).isEqualTo("bar");
+ assertThat(map.get("baz")).isEqualTo("qux");
+
+ map = FakeAuthenticator.parse("foo=bar\nbaz=qux");
+ assertThat(map).hasSize(2);
+ assertThat(map.get("foo")).isEqualTo("bar");
+ assertThat(map.get("baz")).isEqualTo("qux");
+
+ map = FakeAuthenticator.parse("foo=bar\n\n\nbaz=qux");
+ assertThat(map).hasSize(2);
+ assertThat(map.get("foo")).isEqualTo("bar");
+ assertThat(map.get("baz")).isEqualTo("qux");
+ }
+
+}