private void executeAuthenticate(String login) { when(authenticator.doAuthenticate(any(Authenticator.Context.class))).thenReturn(true); UserDetails userDetails = new UserDetails(); userDetails.setName("name"); when(externalUsersProvider.doGetUserDetails(any(ExternalUsersProvider.Context.class))).thenReturn(userDetails); underTest.authenticate(new Credentials(login, PASSWORD), request, BASIC); }
@Test public void getLoginPasswordAuthenticator_deprecated_method_replaced_by_getAuthenticator() { final LoginPasswordAuthenticator deprecatedAuthenticator = mock(LoginPasswordAuthenticator.class); SecurityRealm realm = new SecurityRealm() { @Override public LoginPasswordAuthenticator getLoginPasswordAuthenticator() { return deprecatedAuthenticator; } }; Authenticator proxy = realm.doGetAuthenticator(); Authenticator.Context context = new Authenticator.Context("foo", "bar", mock(HttpServletRequest.class)); proxy.doAuthenticate(context); verify(deprecatedAuthenticator).authenticate("foo", "bar"); } }
@Test public void use_login_if_user_details_contains_no_name() { executeStartWithoutGroupSync(); when(authenticator.doAuthenticate(any(Authenticator.Context.class))).thenReturn(true); UserDetails userDetails = new UserDetails(); userDetails.setName(null); when(externalUsersProvider.doGetUserDetails(any(ExternalUsersProvider.Context.class))).thenReturn(userDetails); underTest.authenticate(new Credentials(LOGIN, PASSWORD), request, BASIC); assertThat(userIdentityAuthenticator.isAuthenticated()).isTrue(); assertThat(userIdentityAuthenticator.getAuthenticatorParameters().getUserIdentity().getName()).isEqualTo(LOGIN); verify(authenticationEvent).loginSuccess(request, LOGIN, Source.realm(BASIC, REALM_NAME)); }
@Test public void login_is_used_when_no_name_provided() { executeStartWithoutGroupSync(); when(authenticator.doAuthenticate(any(Authenticator.Context.class))).thenReturn(true); UserDetails userDetails = new UserDetails(); userDetails.setEmail("email"); when(externalUsersProvider.doGetUserDetails(any(ExternalUsersProvider.Context.class))).thenReturn(userDetails); underTest.authenticate(new Credentials(LOGIN, PASSWORD), request, BASIC); assertThat(userIdentityAuthenticator.getAuthenticatorParameters().getProvider().getName()).isEqualTo("sonarqube"); verify(authenticationEvent).loginSuccess(request, LOGIN, Source.realm(BASIC, REALM_NAME)); }
@Test public void fail_to_authenticate_when_user_details_are_null() { executeStartWithoutGroupSync(); when(authenticator.doAuthenticate(any(Authenticator.Context.class))).thenReturn(true); when(externalUsersProvider.doGetUserDetails(any(ExternalUsersProvider.Context.class))).thenReturn(null); expectedException.expect(authenticationException().from(Source.realm(BASIC, REALM_NAME)).withLogin(LOGIN).andNoPublicMessage()); expectedException.expectMessage("No user details"); try { underTest.authenticate(new Credentials(LOGIN, PASSWORD), request, BASIC); } finally { verifyZeroInteractions(authenticationEvent); } }
@Test public void fail_to_authenticate_when_external_authentication_fails() { executeStartWithoutGroupSync(); when(externalUsersProvider.doGetUserDetails(any(ExternalUsersProvider.Context.class))).thenReturn(new UserDetails()); when(authenticator.doAuthenticate(any(Authenticator.Context.class))).thenReturn(false); expectedException.expect(authenticationException().from(Source.realm(BASIC, REALM_NAME)).withLogin(LOGIN).andNoPublicMessage()); expectedException.expectMessage("Realm returned authenticate=false"); try { underTest.authenticate(new Credentials(LOGIN, PASSWORD), request, BASIC); } finally { verifyZeroInteractions(authenticationEvent); } }
@Test public void fail_to_authenticate_when_any_exception_is_thrown() { executeStartWithoutGroupSync(); String expectedMessage = "emulating exception in doAuthenticate"; doThrow(new IllegalArgumentException(expectedMessage)).when(authenticator).doAuthenticate(any(Authenticator.Context.class)); when(externalUsersProvider.doGetUserDetails(any(ExternalUsersProvider.Context.class))).thenReturn(new UserDetails()); expectedException.expect(authenticationException().from(Source.realm(BASIC_TOKEN, REALM_NAME)).withLogin(LOGIN).andNoPublicMessage()); expectedException.expectMessage(expectedMessage); try { underTest.authenticate(new Credentials(LOGIN, PASSWORD), request, BASIC_TOKEN); } finally { verifyZeroInteractions(authenticationEvent); } }
@Test public void authenticate_with_sonarqube_identity_provider() { executeStartWithoutGroupSync(); when(authenticator.doAuthenticate(any(Authenticator.Context.class))).thenReturn(true); UserDetails userDetails = new UserDetails(); userDetails.setName("name"); userDetails.setEmail("email"); when(externalUsersProvider.doGetUserDetails(any(ExternalUsersProvider.Context.class))).thenReturn(userDetails); underTest.authenticate(new Credentials(LOGIN, PASSWORD), request, BASIC); assertThat(userIdentityAuthenticator.isAuthenticated()).isTrue(); assertThat(userIdentityAuthenticator.getAuthenticatorParameters().getProvider().getKey()).isEqualTo("sonarqube"); assertThat(userIdentityAuthenticator.getAuthenticatorParameters().getProvider().getName()).isEqualTo("sonarqube"); assertThat(userIdentityAuthenticator.getAuthenticatorParameters().getProvider().getDisplay()).isNull(); assertThat(userIdentityAuthenticator.getAuthenticatorParameters().getProvider().isEnabled()).isTrue(); verify(authenticationEvent).loginSuccess(request, LOGIN, Source.realm(BASIC, REALM_NAME)); }
@Test public void authenticate() { executeStartWithoutGroupSync(); when(authenticator.doAuthenticate(any(Authenticator.Context.class))).thenReturn(true); UserDetails userDetails = new UserDetails(); userDetails.setName("name"); userDetails.setEmail("email"); when(externalUsersProvider.doGetUserDetails(any(ExternalUsersProvider.Context.class))).thenReturn(userDetails); underTest.authenticate(new Credentials(LOGIN, PASSWORD), request, BASIC); assertThat(userIdentityAuthenticator.isAuthenticated()).isTrue(); assertThat(userIdentityAuthenticator.getAuthenticatorParameters().getExistingEmailStrategy()).isEqualTo(FORBID); assertThat(userIdentityAuthenticator.getAuthenticatorParameters().getUserIdentity().getLogin()).isEqualTo(LOGIN); assertThat(userIdentityAuthenticator.getAuthenticatorParameters().getUserIdentity().getProviderLogin()).isEqualTo(LOGIN); assertThat(userIdentityAuthenticator.getAuthenticatorParameters().getUserIdentity().getProviderId()).isNull(); assertThat(userIdentityAuthenticator.getAuthenticatorParameters().getUserIdentity().getName()).isEqualTo("name"); assertThat(userIdentityAuthenticator.getAuthenticatorParameters().getUserIdentity().getEmail()).isEqualTo("email"); assertThat(userIdentityAuthenticator.getAuthenticatorParameters().getUserIdentity().shouldSyncGroups()).isFalse(); verify(authenticationEvent).loginSuccess(request, LOGIN, Source.realm(BASIC, REALM_NAME)); }
boolean status = authenticator.doAuthenticate(authenticatorContext); if (!status) { throw AuthenticationException.newBuilder()
boolean status = authenticator.doAuthenticate(authenticatorContext); if (!status) { throw AuthenticationException.newBuilder()