hudson.security.SecurityRealm Java Examples
The following examples show how to use
hudson.security.SecurityRealm.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: ConfigurationAsCodeTest.java From oic-auth-plugin with MIT License | 6 votes |
|
@Test
public void testConfig() {
SecurityRealm realm = j.jenkins.getSecurityRealm();
assertTrue(realm instanceof OicSecurityRealm);
OicSecurityRealm oicSecurityRealm = (OicSecurityRealm) realm;
assertEquals("http://localhost", oicSecurityRealm.getAuthorizationServerUrl());
assertEquals("clientId", oicSecurityRealm.getClientId());
assertEquals("clientSecret", oicSecurityRealm.getClientSecret().getPlainText());
assertTrue(oicSecurityRealm.isDisableSslVerification());
assertEquals("emailFieldName", oicSecurityRealm.getEmailFieldName());
assertTrue(oicSecurityRealm.isEscapeHatchEnabled());
assertEquals("escapeHatchGroup", oicSecurityRealm.getEscapeHatchGroup());
assertEquals("escapeHatchSecret", oicSecurityRealm.getEscapeHatchSecret().getPlainText());
assertEquals("escapeHatchUsername", oicSecurityRealm.getEscapeHatchUsername());
assertEquals("fullNameFieldName", oicSecurityRealm.getFullNameFieldName());
assertEquals("groupsFieldName", oicSecurityRealm.getGroupsFieldName());
assertTrue(oicSecurityRealm.isLogoutFromOpenidProvider());
assertEquals("scopes", oicSecurityRealm.getScopes());
assertEquals("http://localhost", oicSecurityRealm.getTokenServerUrl());
assertEquals("userNameField", oicSecurityRealm.getUserNameField());
}
Example #2
| Source File: GithubScmTest.java From blueocean-plugin with MIT License | 6 votes |
|
@Before
public void setup() throws Exception {
mockStatic(Jenkins.class);
when(Jenkins.getInstance()).thenReturn(jenkins);
when(Jenkins.getInstanceOrNull()).thenReturn(jenkins);
when(Jenkins.getAuthentication()).thenReturn(authentication);
GrantedAuthority[] grantedAuthorities = Lists.newArrayList(SecurityRealm.AUTHENTICATED_AUTHORITY).toArray(new GrantedAuthority[1]);
Mockito.when(authentication.getAuthorities()).thenReturn(grantedAuthorities);
Mockito.when(authentication.getPrincipal()).thenReturn("joe");
mockStatic(User.class);
when(user.getId()).thenReturn("joe");
when(user.getFullName()).thenReturn("joe smith");
when(user.getDisplayName()).thenReturn("joe smith");
when(User.class, method(User.class, "get", Authentication.class)).withArguments(authentication).thenReturn(user);
when(User.current()).thenReturn(user);
}
Example #3
| Source File: WorkflowsTest.java From jenkins-client-java with MIT License | 5 votes |
|
@Before
public void init() throws URISyntaxException
{
User user = User.getById("admin", true);
assertNotNull(user);
String token = ((ApiTokenProperty) user.getProperty(ApiTokenProperty.class)).getApiToken();
assertNotNull(j.jenkins.getRootUrl());
j.jenkins.setSecurityRealm(SecurityRealm.NO_AUTHENTICATION);
workflows = new Jenkins(new URI(j.jenkins.getRootUrl()), user.getId(), token).getWorkflows();
}
Example #4
| Source File: OicSecurityRealm.java From oic-auth-plugin with MIT License | 5 votes |
|
public HttpResponse doEscapeHatch(@QueryParameter("j_username") String username, @QueryParameter("j_password") String password) {
randomWait(); // to slowdown brute forcing
if(!isEscapeHatchEnabled()) {
return HttpResponses.redirectViaContextPath("loginError");
}
if(this.escapeHatchUsername == null || this.escapeHatchSecret == null) {
return HttpResponses.redirectViaContextPath("loginError");
}
if(escapeHatchUsername.equalsIgnoreCase(username) && escapeHatchSecret.getPlainText().equals(password)) {
List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
authorities.add(SecurityRealm.AUTHENTICATED_AUTHORITY);
if(isNotBlank(escapeHatchGroup)) {
authorities.add(new GrantedAuthorityImpl(escapeHatchGroup));
}
String userName = "escape-hatch-admin";
GrantedAuthority[] grantedAuthorities = authorities.toArray(new GrantedAuthority[authorities.size()]);
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(
userName,
"",
grantedAuthorities
);
SecurityContextHolder.getContext().setAuthentication(token);
OicUserDetails userDetails = new OicUserDetails(userName, grantedAuthorities);
SecurityListener.fireAuthenticated(userDetails);
return HttpRedirect.CONTEXT_ROOT;
}
return HttpResponses.redirectViaContextPath("loginError");
}
Example #5
| Source File: QueuesTest.java From jenkins-client-java with MIT License | 5 votes |
|
@Before
public void init() throws URISyntaxException
{
User user = User.getById("admin", true);
assertNotNull(user);
String token = ((ApiTokenProperty) user.getProperty(ApiTokenProperty.class)).getApiToken();
assertNotNull(j.jenkins.getRootUrl());
j.jenkins.setSecurityRealm(SecurityRealm.NO_AUTHENTICATION);
queues = new Jenkins(new URI(j.jenkins.getRootUrl()), user.getId(), token).getQueues();
}
Example #6
| Source File: FoldersTest.java From jenkins-client-java with MIT License | 5 votes |
|
@Before
public void init() throws URISyntaxException
{
User user = User.getById("admin", true);
assertNotNull(user);
String token = ((ApiTokenProperty) user.getProperty(ApiTokenProperty.class)).getApiToken();
assertNotNull(j.jenkins.getRootUrl());
j.jenkins.setSecurityRealm(SecurityRealm.NO_AUTHENTICATION);
folders = new Jenkins(new URI(j.jenkins.getRootUrl()), user.getId(), token).getFolders();
}
Example #7
| Source File: ComputersTest.java From jenkins-client-java with MIT License | 5 votes |
|
@Before
public void init() throws URISyntaxException
{
User user = User.getById("admin", true);
assertNotNull(user);
String token = ((ApiTokenProperty) user.getProperty(ApiTokenProperty.class)).getApiToken();
assertNotNull(j.jenkins.getRootUrl());
j.jenkins.setSecurityRealm(SecurityRealm.NO_AUTHENTICATION);
computers = new Jenkins(new URI(j.jenkins.getRootUrl()), user.getId(), token).getComputers();
}
Example #8
| Source File: LabelsTest.java From jenkins-client-java with MIT License | 5 votes |
|
@Before
public void init() throws URISyntaxException
{
User user = User.getById("admin", true);
assertNotNull(user);
String token = ((ApiTokenProperty) user.getProperty(ApiTokenProperty.class)).getApiToken();
assertNotNull(j.jenkins.getRootUrl());
j.jenkins.setSecurityRealm(SecurityRealm.NO_AUTHENTICATION);
labels = new Jenkins(new URI(j.jenkins.getRootUrl()), user.getId(), token).getLabels();
}
Example #9
| Source File: ViewsTest.java From jenkins-client-java with MIT License | 5 votes |
|
@Before
public void setup() throws URISyntaxException
{
User user = User.getById("admin", true);
assertNotNull(user);
String token = ((ApiTokenProperty) user.getProperty(ApiTokenProperty.class)).getApiToken();
assertNotNull(j.jenkins.getRootUrl());
j.jenkins.setSecurityRealm(SecurityRealm.NO_AUTHENTICATION);
views = new Jenkins(new URI(j.jenkins.getRootUrl()), user.getId(), token).getViews();
}
Example #10
| Source File: BlueOceanTest.java From jenkins-client-java with MIT License | 5 votes |
|
@Before
public void init() throws URISyntaxException
{
User user = User.getById("admin", true);
assertNotNull(user);
String token = ((ApiTokenProperty) user.getProperty(ApiTokenProperty.class)).getApiToken();
assertNotNull(j.jenkins.getRootUrl());
j.jenkins.setSecurityRealm(SecurityRealm.NO_AUTHENTICATION);
blue = new Jenkins(new URI(j.jenkins.getRootUrl()), user.getId(), token).getBlueOcean();
}
Example #11
| Source File: GithubOAuthTest.java From configuration-as-code-plugin with MIT License | 5 votes |
|
@Test
@ConfiguredWithReadme("github-oauth/README.md")
public void testSampleVersionForOAuth() {
SecurityRealm realm = Jenkins.get().getSecurityRealm();
assertThat(realm, instanceOf(GithubSecurityRealm.class));
GithubSecurityRealm gsh = (GithubSecurityRealm)realm;
assertEquals("someId", gsh.getClientID());
assertEquals("https://api.github.com", gsh.getGithubApiUri());
assertEquals("https://github.com", gsh.getGithubWebUri());
assertEquals("j985j8fhfhh377", gsh.getClientSecret().getPlainText());
assertEquals("read:org,user:email", gsh.getOauthScopes());
}
Example #12
| Source File: KeycloakTest.java From configuration-as-code-plugin with MIT License | 5 votes |
|
@Test
@ConfiguredWithReadme("keycloak/README.md")
public void configure_artifact_manager() throws Exception {
SecurityRealm realm = j.jenkins.get().getSecurityRealm();
assertThat(realm, instanceOf(KeycloakSecurityRealm.class));
KeycloakSecurityRealm securityRealm = (KeycloakSecurityRealm)realm;
assertThat(securityRealm.getKeycloakJson(), containsString("\"auth-server-url\": \"https://my-keycloak-url/auth\""));
}
Example #13
| Source File: Crowd2Test.java From configuration-as-code-plugin with MIT License | 5 votes |
|
@Test
@ConfiguredWithReadme("crowd2/README.md")
public void configure_artifact_manager() throws Exception {
SecurityRealm realm = Jenkins.get().getSecurityRealm();
assertThat(realm, instanceOf(CrowdSecurityRealm.class));
CrowdSecurityRealm securityRealm = (CrowdSecurityRealm) realm;
assertThat(securityRealm.applicationName, is("jenkins"));
assertThat(securityRealm.group, is("jenkins-users"));
assertThat(securityRealm.url, is("http://crowd.company.io"));
assertThat(securityRealm.password, hasPlainText(PASSWORD_123));
}
Example #14
| Source File: NoneSecurityRealmConfigurator.java From configuration-as-code-plugin with MIT License | 4 votes |
|
@Override
public Class<SecurityRealm> getTarget() {
return SecurityRealm.class;
}
Example #15
| Source File: NoneSecurityRealmConfigurator.java From configuration-as-code-plugin with MIT License | 4 votes |
|
@NonNull
@Override
public Set<Attribute<SecurityRealm,?>> describe() {
return Collections.emptySet();
}
Example #16
| Source File: NoneSecurityRealmConfigurator.java From configuration-as-code-plugin with MIT License | 4 votes |
|
@CheckForNull
@Override
public CNode describe(SecurityRealm instance, ConfigurationContext context) throws Exception {
return null;
}
Example #17
| Source File: BlueOceanCredentialsProviderTest.java From blueocean-plugin with MIT License | 4 votes |
|
@Test
@Issue("JENKINS-53188")
public void getCredentialsWhenUserExistedButNotAccessible() {
PowerMockito.mockStatic(Jenkins.class);
PowerMockito.when(Jenkins.get()).thenReturn(jenkins);
PowerMockito.when(Jenkins.getInstance()).thenReturn(jenkins);
PowerMockito.when(Jenkins.getActiveInstance()).thenReturn(jenkins);
when(jenkins.getSecurityRealm()).thenReturn(SecurityRealm.NO_AUTHENTICATION);
PowerMockito.mockStatic(User.class);
// Make sure we return a user, cause it did once exist
PowerMockito.when(User.get(anyString(), anyBoolean(), any())).thenReturn(user);
Domain domain = BlueOceanCredentialsProvider.createDomain("api.github.com");
BlueOceanCredentialsProvider blueOceanCredentialsProvider = new BlueOceanCredentialsProvider();
BlueOceanCredentialsProvider.FolderPropertyImpl prop = new BlueOceanCredentialsProvider.FolderPropertyImpl(
"halkeye",
"halkeye",
domain
);
when(folder.getProperties()).thenReturn(describableList);
when(describableList.get(BlueOceanCredentialsProvider.FolderPropertyImpl.class)).thenReturn(prop);
// Should be empty when trying to impersonate and grab credentials though
List<StandardUsernameCredentials> credentials = blueOceanCredentialsProvider.getCredentials(
StandardUsernameCredentials.class,
(ItemGroup) folder,
ACL.SYSTEM,
new ArrayList<DomainRequirement>(Arrays.asList(
new SchemeRequirement("https"),
new HostnameRequirement("api.github.com"),
new PathRequirement("/")
))
);
assertEquals(Collections.emptyList(), credentials);
List<Credentials> storeCredentials = prop.getStore().getCredentials(domain);
assertEquals(Collections.emptyList(), storeCredentials);
}
Example #18
| Source File: BlueOceanConfigStatePreloader.java From blueocean-plugin with MIT License | 4 votes |
|
/**
* {@inheritDoc}
*/
@Override
public String getStateJson() {
StringWriter writer = new StringWriter();
Jenkins jenkins = Jenkins.getInstance();
VersionNumber versionNumber = Jenkins.getVersion();
String version = versionNumber != null ? versionNumber.toString() : Jenkins.VERSION;
AuthorizationStrategy authorizationStrategy = jenkins.getAuthorizationStrategy();
boolean allowAnonymousRead = true;
if(authorizationStrategy instanceof FullControlOnceLoggedInAuthorizationStrategy){
allowAnonymousRead = ((FullControlOnceLoggedInAuthorizationStrategy) authorizationStrategy).isAllowAnonymousRead();
}
String jwtTokenEndpointHostUrl = Jenkins.getInstance().getRootUrl();
JwtTokenServiceEndpoint jwtTokenServiceEndpoint = JwtTokenServiceEndpoint.first();
if(jwtTokenServiceEndpoint != null){
jwtTokenEndpointHostUrl = jwtTokenServiceEndpoint.getHostUrl();
}
addFeatures(new JSONBuilder(writer)
.object()
.key("version").value(getBlueOceanPluginVersion())
.key("jenkinsConfig")
.object()
.key("analytics").value(Analytics.isAnalyticsEnabled())
.key("version").value(version)
.key("security")
.object()
.key("enabled").value(jenkins.isUseSecurity())
.key("loginUrl").value(jenkins.getSecurityRealm() == SecurityRealm.NO_AUTHENTICATION ? null : jenkins.getSecurityRealm().getLoginUrl())
.key("authorizationStrategy").object()
.key("allowAnonymousRead").value(allowAnonymousRead)
.endObject()
.key("enableJWT").value(BlueOceanConfigProperties.BLUEOCEAN_FEATURE_JWT_AUTHENTICATION)
.key("jwtServiceHostUrl").value(jwtTokenEndpointHostUrl)
.endObject()
.endObject()
) // addFeatures here
.endObject();
return writer.toString();
}
Example #19
| Source File: GitLabSecurityRealm.java From gitlab-oauth-plugin with MIT License | 4 votes |
|
public DescriptorImpl(Class<? extends SecurityRealm> clazz) {
super(clazz);
}
Example #20
| Source File: NoneSecurityRealmConfigurator.java From configuration-as-code-plugin with MIT License | 4 votes |
|
@Override
public SecurityRealm check(CNode config, ConfigurationContext context) {
return SecurityRealm.NO_AUTHENTICATION;
}
Example #21
| Source File: OicSecurityRealm.java From oic-auth-plugin with MIT License | 4 votes |
|
@SuppressFBWarnings("NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE")
public boolean isAuto() {
SecurityRealm realm = Jenkins.getInstance().getSecurityRealm();
return realm instanceof OicSecurityRealm &&
StringUtils.isNotBlank(((OicSecurityRealm)realm).getWellKnownOpenIDConfigurationUrl());
}
Example #22
| Source File: NoneSecurityRealmConfigurator.java From configuration-as-code-plugin with MIT License | 4 votes |
|
@NonNull
@Override
public SecurityRealm configure(CNode config, ConfigurationContext context) throws ConfiguratorException {
return SecurityRealm.NO_AUTHENTICATION;
}
Example #23
| Source File: PluginsTest.java From jenkins-client-java with MIT License | 3 votes |
|
@Before
public void setup() throws Exception {
User user = User.getById("admin", true);
assertNotNull(user);
String token = ((ApiTokenProperty) user.getProperty(ApiTokenProperty.class)).getApiToken();
assertNotNull(j.jenkins.getRootUrl());
j.jenkins.setSecurityRealm(SecurityRealm.NO_AUTHENTICATION);
plugins = new Jenkins(new URI(j.jenkins.getRootUrl()), user.getId(), token).getPlugins();
}
Example #24
| Source File: JobsTest.java From jenkins-client-java with MIT License | 3 votes |
|
@Before
public void setup() throws Exception {
User user = User.getById("admin", true);
assertNotNull(user);
String token = ((ApiTokenProperty) user.getProperty(ApiTokenProperty.class)).getApiToken();
assertNotNull(j.jenkins.getRootUrl());
j.jenkins.setSecurityRealm(SecurityRealm.NO_AUTHENTICATION);
jobs = new Jenkins(new URI(j.jenkins.getRootUrl()), user.getId(), token).getJobs();
}
Example #25
| Source File: CredentialsTest.java From jenkins-client-java with MIT License | 3 votes |
|
@Before
public void init() throws URISyntaxException {
User user = User.getById("admin", true);
assertNotNull(user);
String token = ((ApiTokenProperty) user.getProperty(ApiTokenProperty.class)).getApiToken();
assertNotNull(j.jenkins.getRootUrl());
j.jenkins.setSecurityRealm(SecurityRealm.NO_AUTHENTICATION);
credentials = new Jenkins(new URI(j.jenkins.getRootUrl()), user.getId(), token).getCredentials();
}
