Java Code Examples for hudson.model.User#addProperty()
The following examples show how to use
hudson.model.User#addProperty() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: GithubScmContentProviderTest.java From blueocean-plugin with MIT License | 6 votes |
|
@Test
public void unauthorizedAccessToContentForMbpShouldFail() throws UnirestException, IOException {
User alice = User.get("alice");
alice.setFullName("Alice Cooper");
alice.addProperty(new Mailer.UserProperty("[email protected]"));
String aliceCredentialId = createGithubCredential(alice);
StaplerRequest staplerRequest = mockStapler(GithubEnterpriseScm.ID);
MultiBranchProject mbp = mockMbp(aliceCredentialId, alice, GithubEnterpriseScm.DOMAIN_NAME);
try {
//Bob trying to access content but his credential is not setup so should fail
new GithubScmContentProvider().getContent(staplerRequest, mbp);
}catch (ServiceException.PreconditionRequired e){
assertEquals("Can't access content from github: no credential found", e.getMessage());
return;
}
fail("Should have failed with PreConditionException");
}
Example 2
| Source File: TestGitRepo.java From flaky-test-handler-plugin with Apache License 2.0 | 6 votes |
|
public TestGitRepo(String name, File tmpDir, TaskListener listener) throws IOException, InterruptedException {
this.name = name;
this.listener = listener;
envVars = new EnvVars();
gitDir = tmpDir;
User john = User.get(johnDoe.getName(), true);
UserProperty johnsMailerProperty = new Mailer.UserProperty(johnDoe.getEmailAddress());
john.addProperty(johnsMailerProperty);
User jane = User.get(janeDoe.getName(), true);
UserProperty janesMailerProperty = new Mailer.UserProperty(janeDoe.getEmailAddress());
jane.addProperty(janesMailerProperty);
// initialize the git interface.
gitDirPath = new FilePath(gitDir);
git = Git.with(listener, envVars).in(gitDir).getClient();
// finally: initialize the repo
git.init();
}
Example 3
| Source File: GithubScmContentProviderTest.java From blueocean-plugin with MIT License | 6 votes |
|
@Test
public void unauthorizedAccessToContentForMbpGHEShouldFail() throws UnirestException, IOException {
User alice = User.get("alice");
alice.setFullName("Alice Cooper");
alice.addProperty(new Mailer.UserProperty("[email protected]"));
String aliceCredentialId = createGithubEnterpriseCredential(alice);
StaplerRequest staplerRequest = mockStapler(GithubEnterpriseScm.ID);
MultiBranchProject mbp = mockMbp(aliceCredentialId, alice, GithubEnterpriseScm.DOMAIN_NAME);
try {
//Bob trying to access content but his credential is not setup so should fail
new GithubScmContentProvider().getContent(staplerRequest, mbp);
}catch (ServiceException.PreconditionRequired e){
assertEquals("Can't access content from github: no credential found", e.getMessage());
return;
}
fail("Should have failed with PreConditionException");
}
Example 4
| Source File: GithubScmContentProviderTest.java From blueocean-plugin with MIT License | 6 votes |
|
@Test
public void unauthorizedAccessToContentForOrgFolderGHEShouldFail() throws UnirestException, IOException {
User alice = User.get("alice");
alice.setFullName("Alice Cooper");
alice.addProperty(new Mailer.UserProperty("[email protected]"));
String aliceCredentialId = createGithubEnterpriseCredential(alice);
StaplerRequest staplerRequest = mockStapler(GithubEnterpriseScm.ID);
MultiBranchProject mbp = mockMbp(aliceCredentialId, user, GithubEnterpriseScm.DOMAIN_NAME);
try {
//Bob trying to access content but his credential is not setup so should fail
new GithubScmContentProvider().getContent(staplerRequest, mbp);
}catch (ServiceException.PreconditionRequired e){
assertEquals("Can't access content from github: no credential found", e.getMessage());
return;
}
fail("Should have failed with PreConditionException");
}
Example 5
| Source File: GithubScmContentProviderTest.java From blueocean-plugin with MIT License | 6 votes |
|
@Test
public void unauthorizedAccessToContentForOrgFolderShouldFail() throws UnirestException, IOException {
User alice = User.get("alice");
alice.setFullName("Alice Cooper");
alice.addProperty(new Mailer.UserProperty("[email protected]"));
String aliceCredentialId = createGithubCredential(alice);
StaplerRequest staplerRequest = mockStapler();
MultiBranchProject mbp = mockMbp(aliceCredentialId, user, GithubScm.DOMAIN_NAME);
try {
//Bob trying to access content but his credential is not setup so should fail
new GithubScmContentProvider().getContent(staplerRequest, mbp);
}catch (ServiceException.PreconditionRequired e){
assertEquals("Can't access content from github: no credential found", e.getMessage());
return;
}
fail("Should have failed with PreConditionException");
}
Example 6
| Source File: BitbucketServerScmContentProviderTest.java From blueocean-plugin with MIT License | 6 votes |
|
@Test
public void unauthorizedAccessToContentShouldFail() throws UnirestException, IOException {
User alice = User.get("alice");
alice.setFullName("Alice Cooper");
alice.addProperty(new Mailer.UserProperty("[email protected]"));
String aliceCredentialId = createCredential(BitbucketServerScm.ID, alice);
StaplerRequest staplerRequest = mockStapler();
MultiBranchProject mbp = mockMbp(aliceCredentialId, alice);
try {
//Bob trying to access content but his credential is not setup so should fail
new BitbucketServerScmContentProvider().getContent(staplerRequest, mbp);
} catch (ServiceException.PreconditionRequired e) {
assertEquals("Can't access content from Bitbucket: no credential found", e.getMessage());
return;
}
fail("Should have failed with PreConditionException");
}
Example 7
| Source File: BitbucketCloudScmContentProviderTest.java From blueocean-plugin with MIT License | 6 votes |
|
@Test
public void unauthorizedAccessToContentShouldFail() throws UnirestException, IOException {
User alice = User.get("alice");
alice.setFullName("Alice Cooper");
alice.addProperty(new Mailer.UserProperty("[email protected]"));
String aliceCredentialId = createCredential(BitbucketCloudScm.ID, "cloud", alice);
StaplerRequest staplerRequest = mockStapler();
MultiBranchProject mbp = mockMbp(aliceCredentialId, alice);
try {
//Bob trying to access content but his credential is not setup so should fail
new BitbucketCloudScmContentProvider().getContent(staplerRequest, mbp);
} catch (ServiceException.PreconditionRequired e) {
assertEquals("Can't access content from Bitbucket: no credential found", e.getMessage());
return;
}
fail("Should have failed with PreConditionException");
}
Example 8
| Source File: BitbucketServerScmContentProviderTest.java From blueocean-plugin with MIT License | 5 votes |
|
@Test
public void unauthorizedSaveContentShouldFail() throws UnirestException, IOException {
User alice = User.get("alice");
alice.setFullName("Alice Cooper");
alice.addProperty(new Mailer.UserProperty("[email protected]"));
String aliceCredentialId = createCredential(BitbucketServerScm.ID, alice);
StaplerRequest staplerRequest = mockStapler();
MultiBranchProject mbp = mockMbp(aliceCredentialId, alice);
GitContent content = new GitContent.Builder().autoCreateBranch(true).base64Data("bm9kZXsKICBlY2hvICdoZWxsbyB3b3JsZCEnCn0K")
.branch("master").message("new commit").owner("TESTP").path("README.md").repo("pipeline-demo-test").build();
when(staplerRequest.bindJSON(Mockito.eq(BitbucketScmSaveFileRequest.class), Mockito.any(JSONObject.class))).thenReturn(new BitbucketScmSaveFileRequest(content));
String request = "{\n" +
" \"content\" : {\n" +
" \"message\" : \"new commit\",\n" +
" \"path\" : \"README.md\",\n" +
" \"branch\" : \"master\",\n" +
" \"repo\" : \"pipeline-demo-test\",\n" +
" \"base64Data\" : " + "\"bm9kZXsKICBlY2hvICdoZWxsbyB3b3JsZCEnCn0K\"" +
" }\n" +
"}";
when(staplerRequest.getReader()).thenReturn(new BufferedReader(new StringReader(request), request.length()));
try {
new BitbucketServerScmContentProvider().saveContent(staplerRequest, mbp);
} catch (ServiceException.PreconditionRequired e) {
assertEquals("Can't access content from Bitbucket: no credential found", e.getMessage());
return;
}
fail("Should have failed with PreConditionException");
}
Example 9
| Source File: BitbucketCloudScmContentProviderTest.java From blueocean-plugin with MIT License | 5 votes |
|
@Test
public void unauthorizedSaveContentShouldFail() throws UnirestException, IOException {
User alice = User.get("alice");
alice.setFullName("Alice Cooper");
alice.addProperty(new Mailer.UserProperty("[email protected]"));
String aliceCredentialId = createCredential(BitbucketCloudScm.ID, alice);
StaplerRequest staplerRequest = mockStapler();
MultiBranchProject mbp = mockMbp(aliceCredentialId, alice);
GitContent content = new GitContent.Builder().autoCreateBranch(true).base64Data("bm9kZXsKICBlY2hvICdoZWxsbyB3b3JsZCEnCn0K")
.branch("master").message("new commit").owner("TESTP").path("README.md").repo("pipeline-demo-test").build();
when(staplerRequest.bindJSON(Mockito.eq(BitbucketScmSaveFileRequest.class), Mockito.any(JSONObject.class))).thenReturn(new BitbucketScmSaveFileRequest(content));
String request = "{\n" +
" \"content\" : {\n" +
" \"message\" : \"new commit\",\n" +
" \"path\" : \"README.md\",\n" +
" \"branch\" : \"master\",\n" +
" \"repo\" : \"pipeline-demo-test\",\n" +
" \"base64Data\" : " + "\"bm9kZXsKICBlY2hvICdoZWxsbyB3b3JsZCEnCn0K\"" +
" }\n" +
"}";
when(staplerRequest.getReader()).thenReturn(new BufferedReader(new StringReader(request), request.length()));
try {
new BitbucketCloudScmContentProvider().saveContent(staplerRequest, mbp);
} catch (ServiceException.PreconditionRequired e) {
assertEquals("Can't access content from Bitbucket: no credential found", e.getMessage());
return;
}
fail("Should have failed with PreConditionException");
}
Example 10
| Source File: HudsonPrivateSecurityRealmConfigurator.java From configuration-as-code-plugin with MIT License | 5 votes |
|
private static void setter(HudsonPrivateSecurityRealm target, Collection<UserWithPassword> value) throws IOException {
for (UserWithPassword user : value) {
User updatedUser = createAccount(target, user);
updatedUser.setFullName(user.name);
updatedUser.setDescription(user.description);
if (user.getProperties() != null) {
for (UserProperty property : user.getProperties()) {
updatedUser.addProperty(property);
}
}
}
}
Example 11
| Source File: GithubScmContentProviderTest.java From blueocean-plugin with MIT License | 5 votes |
|
@Test
public void unauthorizedSaveContentToOrgFolderShouldFail() throws UnirestException, IOException {
User alice = User.get("alice");
alice.setFullName("Alice Cooper");
alice.addProperty(new Mailer.UserProperty("[email protected]"));
String aliceCredentialId = createGithubCredential(alice);
StaplerRequest staplerRequest = mockStapler();
GitContent content = new GitContent.Builder().autoCreateBranch(true).base64Data("c2xlZXAgMTUKbm9kZSB7CiAgY2hlY2tvdXQgc2NtCiAgc2ggJ2xzIC1sJwp9\\nCnNsZWVwIDE1Cg==\\n")
.branch("test1").message("another commit").owner("cloudbeers").path("Jankinsfile").repo("PR-demo").sha("e23b8ef5c2c4244889bf94db6c05cc08ea138aef").build();
when(staplerRequest.bindJSON(Mockito.eq(GithubScmSaveFileRequest.class), Mockito.any(JSONObject.class))).thenReturn(new GithubScmSaveFileRequest(content));
MultiBranchProject mbp = mockMbp(aliceCredentialId, user, GithubScm.DOMAIN_NAME);
String request = "{\n" +
" \"content\" : {\n" +
" \"message\" : \"first commit\",\n" +
" \"path\" : \"Jenkinsfile\",\n" +
" \"branch\" : \"test1\",\n" +
" \"repo\" : \"PR-demo\",\n" +
" \"sha\" : \"e23b8ef5c2c4244889bf94db6c05cc08ea138aef\",\n" +
" \"base64Data\" : "+"\"c2xlZXAgMTUKbm9kZSB7CiAgY2hlY2tvdXQgc2NtCiAgc2ggJ2xzIC1sJwp9\\nCnNsZWVwIDE1Cg==\\n\""+
" }\n" +
"}";
when(staplerRequest.getReader()).thenReturn(new BufferedReader(new StringReader(request), request.length()));
try {
//Bob trying to access content but his credential is not setup so should fail
new GithubScmContentProvider().saveContent(staplerRequest, mbp);
}catch (ServiceException.PreconditionRequired e){
assertEquals("Can't access content from github: no credential found", e.getMessage());
return;
}
fail("Should have failed with PreConditionException");
}
Example 12
| Source File: GithubScmContentProviderTest.java From blueocean-plugin with MIT License | 5 votes |
|
@Test
public void unauthorizedSaveContentToOrgFolderGHEShouldFail() throws UnirestException, IOException {
User alice = User.get("alice");
alice.setFullName("Alice Cooper");
alice.addProperty(new Mailer.UserProperty("[email protected]"));
String aliceCredentialId = createGithubEnterpriseCredential(alice);
StaplerRequest staplerRequest = mockStapler(GithubEnterpriseScm.ID);
GitContent content = new GitContent.Builder().autoCreateBranch(true).base64Data("c2xlZXAgMTUKbm9kZSB7CiAgY2hlY2tvdXQgc2NtCiAgc2ggJ2xzIC1sJwp9\\nCnNsZWVwIDE1Cg==\\n")
.branch("test1").message("another commit").owner("cloudbeers").path("Jankinsfile").repo("PR-demo").sha("e23b8ef5c2c4244889bf94db6c05cc08ea138aef").build();
when(staplerRequest.bindJSON(Mockito.eq(GithubScmSaveFileRequest.class), Mockito.any(JSONObject.class))).thenReturn(new GithubScmSaveFileRequest(content));
MultiBranchProject mbp = mockMbp(aliceCredentialId, user, GithubEnterpriseScm.DOMAIN_NAME);
String request = "{\n" +
" \"content\" : {\n" +
" \"message\" : \"first commit\",\n" +
" \"path\" : \"Jenkinsfile\",\n" +
" \"branch\" : \"test1\",\n" +
" \"repo\" : \"PR-demo\",\n" +
" \"sha\" : \"e23b8ef5c2c4244889bf94db6c05cc08ea138aef\",\n" +
" \"base64Data\" : "+"\"c2xlZXAgMTUKbm9kZSB7CiAgY2hlY2tvdXQgc2NtCiAgc2ggJ2xzIC1sJwp9\\nCnNsZWVwIDE1Cg==\\n\""+
" }\n" +
"}";
when(staplerRequest.getReader()).thenReturn(new BufferedReader(new StringReader(request), request.length()));
try {
//Bob trying to access content but his credential is not setup so should fail
new GithubScmContentProvider().saveContent(staplerRequest, mbp);
}catch (ServiceException.PreconditionRequired e){
assertEquals("Can't access content from github: no credential found", e.getMessage());
return;
}
fail("Should have failed with PreConditionException");
}
Example 13
| Source File: GithubScmContentProviderTest.java From blueocean-plugin with MIT License | 5 votes |
|
@Test
public void unauthorizedSaveContentToMbpShouldFail() throws UnirestException, IOException {
User alice = User.get("alice");
alice.setFullName("Alice Cooper");
alice.addProperty(new Mailer.UserProperty("[email protected]"));
String aliceCredentialId = createGithubCredential(alice);
StaplerRequest staplerRequest = mockStapler();
GitContent content = new GitContent.Builder().autoCreateBranch(true).base64Data("c2xlZXAgMTUKbm9kZSB7CiAgY2hlY2tvdXQgc2NtCiAgc2ggJ2xzIC1sJwp9\\nCnNsZWVwIDE1Cg==\\n")
.branch("test1").message("another commit").owner("cloudbeers").path("Jankinsfile").repo("PR-demo").sha("e23b8ef5c2c4244889bf94db6c05cc08ea138aef").build();
when(staplerRequest.bindJSON(Mockito.eq(GithubScmSaveFileRequest.class), Mockito.any(JSONObject.class))).thenReturn(new GithubScmSaveFileRequest(content));
MultiBranchProject mbp = mockMbp(aliceCredentialId, user, GithubScm.DOMAIN_NAME);
String request = "{\n" +
" \"content\" : {\n" +
" \"message\" : \"first commit\",\n" +
" \"path\" : \"Jenkinsfile\",\n" +
" \"branch\" : \"test1\",\n" +
" \"repo\" : \"PR-demo\",\n" +
" \"sha\" : \"e23b8ef5c2c4244889bf94db6c05cc08ea138aef\",\n" +
" \"base64Data\" : "+"\"c2xlZXAgMTUKbm9kZSB7CiAgY2hlY2tvdXQgc2NtCiAgc2ggJ2xzIC1sJwp9\\nCnNsZWVwIDE1Cg==\\n\""+
" }\n" +
"}";
when(staplerRequest.getReader()).thenReturn(new BufferedReader(new StringReader(request), request.length()));
try {
//Bob trying to access content but his credential is not setup so should fail
new GithubScmContentProvider().saveContent(staplerRequest, mbp);
}catch (ServiceException.PreconditionRequired e){
assertEquals("Can't access content from github: no credential found", e.getMessage());
return;
}
fail("Should have failed with PreConditionException");
}
Example 14
| Source File: GithubScmContentProviderTest.java From blueocean-plugin with MIT License | 5 votes |
|
@Test
public void unauthorizedSaveContentToMbpGHEShouldFail() throws UnirestException, IOException {
User alice = User.get("alice");
alice.setFullName("Alice Cooper");
alice.addProperty(new Mailer.UserProperty("[email protected]"));
String aliceCredentialId = createGithubEnterpriseCredential(alice);
StaplerRequest staplerRequest = mockStapler(GithubEnterpriseScm.ID);
GitContent content = new GitContent.Builder().autoCreateBranch(true).base64Data("c2xlZXAgMTUKbm9kZSB7CiAgY2hlY2tvdXQgc2NtCiAgc2ggJ2xzIC1sJwp9\\nCnNsZWVwIDE1Cg==\\n")
.branch("test1").message("another commit").owner("cloudbeers").path("Jankinsfile").repo("PR-demo").sha("e23b8ef5c2c4244889bf94db6c05cc08ea138aef").build();
when(staplerRequest.bindJSON(Mockito.eq(GithubScmSaveFileRequest.class), Mockito.any(JSONObject.class))).thenReturn(new GithubScmSaveFileRequest(content));
MultiBranchProject mbp = mockMbp(aliceCredentialId, user, GithubEnterpriseScm.DOMAIN_NAME);
String request = "{\n" +
" \"content\" : {\n" +
" \"message\" : \"first commit\",\n" +
" \"path\" : \"Jenkinsfile\",\n" +
" \"branch\" : \"test1\",\n" +
" \"repo\" : \"PR-demo\",\n" +
" \"sha\" : \"e23b8ef5c2c4244889bf94db6c05cc08ea138aef\",\n" +
" \"base64Data\" : "+"\"c2xlZXAgMTUKbm9kZSB7CiAgY2hlY2tvdXQgc2NtCiAgc2ggJ2xzIC1sJwp9\\nCnNsZWVwIDE1Cg==\\n\""+
" }\n" +
"}";
when(staplerRequest.getReader()).thenReturn(new BufferedReader(new StringReader(request), request.length()));
try {
//Bob trying to access content but his credential is not setup so should fail
new GithubScmContentProvider().saveContent(staplerRequest, mbp);
}catch (ServiceException.PreconditionRequired e){
assertEquals("Can't access content from github: no credential found", e.getMessage());
return;
}
fail("Should have failed with PreConditionException");
}
Example 15
| Source File: OicSecurityRealm.java From oic-auth-plugin with MIT License | 5 votes |
|
private UsernamePasswordAuthenticationToken loginAndSetUserData(String userName, IdToken idToken, GenericJson userInfo) throws IOException {
GrantedAuthority[] grantedAuthorities = determineAuthorities(idToken, userInfo);
if(LOGGER.isLoggable(Level.FINEST)) {
StringBuilder grantedAuthoritiesAsString = new StringBuilder("(");
for(GrantedAuthority grantedAuthority : grantedAuthorities) {
grantedAuthoritiesAsString.append(" ").append(grantedAuthority.getAuthority());
}
grantedAuthoritiesAsString.append(" )");
LOGGER.finest("GrantedAuthorities:" + grantedAuthoritiesAsString);
}
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(userName, "", grantedAuthorities);
SecurityContextHolder.getContext().setAuthentication(token);
User user = User.get(token.getName());
// Store the list of groups in a OicUserProperty so it can be retrieved later for the UserDetails object.
user.addProperty(new OicUserProperty(userName, grantedAuthorities));
if(emailFieldName!=null) {
String email = userInfo == null ? getField(idToken, emailFieldName) : (String) getField(userInfo, emailFieldName);
if (email != null) {
user.addProperty(new Mailer.UserProperty(email));
}
}
if(fullNameFieldName!=null) {
String fullName = userInfo == null ? getField(idToken, fullNameFieldName) : (String) getField(userInfo, fullNameFieldName);
if (fullName != null) {
user.setFullName(fullName);
}
}
OicUserDetails userDetails = new OicUserDetails(userName, grantedAuthorities);
SecurityListener.fireAuthenticated(userDetails);
return token;
}
Example 16
| Source File: GithubScm.java From blueocean-plugin with MIT License | 4 votes |
|
@Override
public HttpResponse validateAndCreate(@JsonBody JSONObject request) {
String accessToken = (String) request.get("accessToken");
if(accessToken == null){
throw new ServiceException.BadRequestException("accessToken is required");
}
accessToken = accessToken.trim();
try {
User authenticatedUser = getAuthenticatedUser();
HttpURLConnection connection = connect(String.format("%s/%s", getUri(), "user"),accessToken);
validateAccessTokenScopes(connection);
String data = IOUtils.toString(HttpRequest.getInputStream(connection));
GHUser user = GithubScm.getMappingObjectReader().forType(GHUser.class).readValue(data);
if(user.getEmail() != null){
Mailer.UserProperty p = authenticatedUser.getProperty(Mailer.UserProperty.class);
//XXX: If there is already email address of this user, should we update it with
// the one from Github?
if (p==null){
authenticatedUser.addProperty(new Mailer.UserProperty(user.getEmail()));
}
}
//Now we know the token is valid. Lets find credential
String credentialId = createCredentialId(getUri());
StandardUsernamePasswordCredentials githubCredential = CredentialsUtils.findCredential(credentialId, StandardUsernamePasswordCredentials.class, new BlueOceanDomainRequirement());
final StandardUsernamePasswordCredentials credential = new UsernamePasswordCredentialsImpl(CredentialsScope.USER, credentialId, getCredentialDescription(), authenticatedUser.getId(), accessToken);
if(githubCredential == null) {
CredentialsUtils.createCredentialsInUserStore(
credential, authenticatedUser, getCredentialDomainName(),
ImmutableList.<DomainSpecification>of(new BlueOceanDomainSpecification()));
}else{
CredentialsUtils.updateCredentialsInUserStore(
githubCredential, credential, authenticatedUser, getCredentialDomainName(),
ImmutableList.<DomainSpecification>of(new BlueOceanDomainSpecification()));
}
return createResponse(credential.getId());
} catch (IOException e) {
if (e instanceof MalformedURLException || e instanceof UnknownHostException) {
throw new ServiceException.BadRequestException(
new ErrorMessage(400, "Invalid apiUrl").add(
new ErrorMessage.Error("apiUrl", ErrorMessage.Error.ErrorCodes.INVALID.toString(), e.getMessage())
)
);
}
throw new ServiceException.UnexpectedErrorException(e.getMessage());
}
}
Example 17
| Source File: GitLabSecurityRealm.java From gitlab-oauth-plugin with MIT License | 4 votes |
|
/**
* This is where the user comes back to at the end of the OpenID redirect
* ping-pong.
*/
public HttpResponse doFinishLogin(StaplerRequest request) throws IOException {
String code = request.getParameter("code");
if (StringUtils.isBlank(code)) {
Log.info("doFinishLogin: missing code or private_token.");
return HttpResponses.redirectToContextRoot();
}
String state = request.getParameter("state");
HttpPost httpPost = new HttpPost(gitlabWebUri + "/oauth/token");
List<NameValuePair> parameters = new ArrayList<NameValuePair>();
parameters.add(new BasicNameValuePair("client_id", clientID));
parameters.add(new BasicNameValuePair("client_secret", clientSecret));
parameters.add(new BasicNameValuePair("code", code));
parameters.add(new BasicNameValuePair("grant_type", "authorization_code"));
parameters.add(new BasicNameValuePair("redirect_uri", buildRedirectUrl(request, state)));
httpPost.setEntity(new UrlEncodedFormEntity(parameters, StandardCharsets.UTF_8));
CloseableHttpClient httpclient = HttpClients.createDefault();
HttpHost proxy = getProxy(httpPost);
if (proxy != null) {
RequestConfig config = RequestConfig.custom()
.setProxy(proxy)
.build();
httpPost.setConfig(config);
}
org.apache.http.HttpResponse response = httpclient.execute(httpPost);
HttpEntity entity = response.getEntity();
String content = EntityUtils.toString(entity);
// When HttpClient instance is no longer needed,
// shut down the connection manager to ensure
// immediate deallocation of all system resources
httpclient.close();
String accessToken = extractToken(content);
if (StringUtils.isNotBlank(accessToken)) {
// only set the access token if it exists.
GitLabAuthenticationToken auth = new GitLabAuthenticationToken(accessToken, getGitlabApiUri(), TokenType.ACCESS_TOKEN);
HttpSession session = request.getSession(false);
if (session != null) {
// avoid session fixation
session.invalidate();
}
request.getSession(true);
SecurityContextHolder.getContext().setAuthentication(auth);
GitlabUser self = auth.getMyself();
User user = User.current();
if (user != null) {
user.setFullName(self.getName());
// Set email from gitlab only if empty
if (!user.getProperty(Mailer.UserProperty.class).hasExplicitlyConfiguredAddress()) {
user.addProperty(new Mailer.UserProperty(auth.getMyself().getEmail()));
}
}
SecurityListener.fireAuthenticated(new GitLabOAuthUserDetails(self, auth.getAuthorities()));
} else {
Log.info("Gitlab did not return an access token.");
}
if (StringUtils.isNotBlank(state)) {
return HttpResponses.redirectTo(state);
}
return HttpResponses.redirectToContextRoot();
}
Example 18
| Source File: JwtAuthenticationServiceImplTest.java From blueocean-plugin with MIT License | 2 votes |
|
@Test
public void getToken() throws Exception {
j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
User user = User.get("alice");
user.setFullName("Alice Cooper");
user.addProperty(new Mailer.UserProperty("[email protected]"));
JenkinsRule.WebClient webClient = j.createWebClient();
webClient.login("alice");
String token = getToken(webClient);
Assert.assertNotNull(token);
JsonWebStructure jsonWebStructure = JsonWebStructure.fromCompactSerialization(token);
Assert.assertTrue(jsonWebStructure instanceof JsonWebSignature);
JsonWebSignature jsw = (JsonWebSignature) jsonWebStructure;
System.out.println(token);
System.out.println(jsw.toString());
String kid = jsw.getHeader("kid");
Assert.assertNotNull(kid);
Page page = webClient.goTo("jwt-auth/jwks/"+kid+"/", "application/json");
// for(NameValuePair valuePair: page.getWebResponse().getResponseHeaders()){
// System.out.println(valuePair);
// }
JSONObject jsonObject = JSONObject.fromObject(page.getWebResponse().getContentAsString());
System.out.println(jsonObject.toString());
RsaJsonWebKey rsaJsonWebKey = new RsaJsonWebKey(jsonObject,null);
JwtConsumer jwtConsumer = new JwtConsumerBuilder()
.setRequireExpirationTime() // the JWT must have an expiration time
.setAllowedClockSkewInSeconds(30) // allow some leeway in validating time based claims to account for clock skew
.setRequireSubject() // the JWT must have a subject claim
.setVerificationKey(rsaJsonWebKey.getKey()) // verify the sign with the public key
.build(); // create the JwtConsumer instance
JwtClaims claims = jwtConsumer.processToClaims(token);
Assert.assertEquals("alice",claims.getSubject());
Map<String,Object> claimMap = claims.getClaimsMap();
Map<String,Object> context = (Map<String, Object>) claimMap.get("context");
Map<String,String> userContext = (Map<String, String>) context.get("user");
Assert.assertEquals("alice", userContext.get("id"));
Assert.assertEquals("Alice Cooper", userContext.get("fullName"));
Assert.assertEquals("[email protected]", userContext.get("email"));
}
