源码类别
热门源码
 当前位置:源码 > Java源码 >

Java源码示例:hudson.security.SecurityRealm

示例1
@Before
public void setup() throws Exception {
    mockStatic(Jenkins.class);

    when(Jenkins.getInstance()).thenReturn(jenkins);
    when(Jenkins.getInstanceOrNull()).thenReturn(jenkins);
    when(Jenkins.getAuthentication()).thenReturn(authentication);
    GrantedAuthority[] grantedAuthorities = Lists.newArrayList(SecurityRealm.AUTHENTICATED_AUTHORITY).toArray(new GrantedAuthority[1]);

    Mockito.when(authentication.getAuthorities()).thenReturn(grantedAuthorities);
    Mockito.when(authentication.getPrincipal()).thenReturn("joe");
    mockStatic(User.class);

    when(user.getId()).thenReturn("joe");
    when(user.getFullName()).thenReturn("joe smith");
    when(user.getDisplayName()).thenReturn("joe smith");
    when(User.class, method(User.class, "get", Authentication.class)).withArguments(authentication).thenReturn(user);
    when(User.current()).thenReturn(user);
}
示例2
@Test
public void testConfig() {
    SecurityRealm realm = j.jenkins.getSecurityRealm();

    assertTrue(realm instanceof OicSecurityRealm);
    OicSecurityRealm oicSecurityRealm = (OicSecurityRealm) realm;

    assertEquals("http://localhost", oicSecurityRealm.getAuthorizationServerUrl());
    assertEquals("clientId", oicSecurityRealm.getClientId());
    assertEquals("clientSecret", oicSecurityRealm.getClientSecret().getPlainText());
    assertTrue(oicSecurityRealm.isDisableSslVerification());
    assertEquals("emailFieldName", oicSecurityRealm.getEmailFieldName());
    assertTrue(oicSecurityRealm.isEscapeHatchEnabled());
    assertEquals("escapeHatchGroup", oicSecurityRealm.getEscapeHatchGroup());
    assertEquals("escapeHatchSecret", oicSecurityRealm.getEscapeHatchSecret().getPlainText());
    assertEquals("escapeHatchUsername", oicSecurityRealm.getEscapeHatchUsername());
    assertEquals("fullNameFieldName", oicSecurityRealm.getFullNameFieldName());
    assertEquals("groupsFieldName", oicSecurityRealm.getGroupsFieldName());
    assertTrue(oicSecurityRealm.isLogoutFromOpenidProvider());
    assertEquals("scopes", oicSecurityRealm.getScopes());
    assertEquals("http://localhost", oicSecurityRealm.getTokenServerUrl());
    assertEquals("userNameField", oicSecurityRealm.getUserNameField());
}
示例3
@Test
@ConfiguredWithReadme("crowd2/README.md")
public void configure_artifact_manager() throws Exception {
    SecurityRealm realm = Jenkins.get().getSecurityRealm();
    assertThat(realm, instanceOf(CrowdSecurityRealm.class));
    CrowdSecurityRealm securityRealm = (CrowdSecurityRealm) realm;
    assertThat(securityRealm.applicationName, is("jenkins"));
    assertThat(securityRealm.group, is("jenkins-users"));
    assertThat(securityRealm.url, is("http://crowd.company.io"));
    assertThat(securityRealm.password, hasPlainText(PASSWORD_123));
}
示例4
@Test
@ConfiguredWithReadme("keycloak/README.md")
public void configure_artifact_manager() throws Exception {
    SecurityRealm realm = j.jenkins.get().getSecurityRealm();
    assertThat(realm, instanceOf(KeycloakSecurityRealm.class));
    KeycloakSecurityRealm securityRealm = (KeycloakSecurityRealm)realm;
    assertThat(securityRealm.getKeycloakJson(), containsString("\"auth-server-url\": \"https://my-keycloak-url/auth\""));
}
示例5
@Test
@ConfiguredWithReadme("github-oauth/README.md")
public void testSampleVersionForOAuth() {
    SecurityRealm realm = Jenkins.get().getSecurityRealm();
    assertThat(realm, instanceOf(GithubSecurityRealm.class));
    GithubSecurityRealm gsh = (GithubSecurityRealm)realm;
    assertEquals("someId", gsh.getClientID());
    assertEquals("https://api.github.com", gsh.getGithubApiUri());
    assertEquals("https://github.com", gsh.getGithubWebUri());
    assertEquals("j985j8fhfhh377", gsh.getClientSecret().getPlainText());
    assertEquals("read:org,user:email", gsh.getOauthScopes());
}
示例6
@Before
public void init() throws URISyntaxException
{
    User user = User.getById("admin", true);

    assertNotNull(user);

    String token = ((ApiTokenProperty) user.getProperty(ApiTokenProperty.class)).getApiToken();

    assertNotNull(j.jenkins.getRootUrl());

    j.jenkins.setSecurityRealm(SecurityRealm.NO_AUTHENTICATION);
    blue = new Jenkins(new URI(j.jenkins.getRootUrl()), user.getId(), token).getBlueOcean();
}
示例7
@Before
public void setup() throws URISyntaxException
{
    User user = User.getById("admin", true);

    assertNotNull(user);

    String token = ((ApiTokenProperty) user.getProperty(ApiTokenProperty.class)).getApiToken();

    assertNotNull(j.jenkins.getRootUrl());

    j.jenkins.setSecurityRealm(SecurityRealm.NO_AUTHENTICATION);
    views = new Jenkins(new URI(j.jenkins.getRootUrl()), user.getId(), token).getViews();
}
示例8
@Before
public void init() throws URISyntaxException
{
    User user = User.getById("admin", true);

    assertNotNull(user);

    String token = ((ApiTokenProperty) user.getProperty(ApiTokenProperty.class)).getApiToken();

    assertNotNull(j.jenkins.getRootUrl());

    j.jenkins.setSecurityRealm(SecurityRealm.NO_AUTHENTICATION);
    workflows = new Jenkins(new URI(j.jenkins.getRootUrl()), user.getId(), token).getWorkflows();
}
示例9
@Before
public void init() throws URISyntaxException
{
    User user = User.getById("admin", true);

    assertNotNull(user);

    String token = ((ApiTokenProperty) user.getProperty(ApiTokenProperty.class)).getApiToken();

    assertNotNull(j.jenkins.getRootUrl());

    j.jenkins.setSecurityRealm(SecurityRealm.NO_AUTHENTICATION);
    labels = new Jenkins(new URI(j.jenkins.getRootUrl()), user.getId(), token).getLabels();
}
示例10
@Before
public void init() throws URISyntaxException
{
    User user = User.getById("admin", true);

    assertNotNull(user);

    String token = ((ApiTokenProperty) user.getProperty(ApiTokenProperty.class)).getApiToken();

    assertNotNull(j.jenkins.getRootUrl());

    j.jenkins.setSecurityRealm(SecurityRealm.NO_AUTHENTICATION);
    computers = new Jenkins(new URI(j.jenkins.getRootUrl()), user.getId(), token).getComputers();
}
示例11
@Before
public void init() throws URISyntaxException
{
    User user = User.getById("admin", true);

    assertNotNull(user);

    String token = ((ApiTokenProperty) user.getProperty(ApiTokenProperty.class)).getApiToken();

    assertNotNull(j.jenkins.getRootUrl());

    j.jenkins.setSecurityRealm(SecurityRealm.NO_AUTHENTICATION);
    folders = new Jenkins(new URI(j.jenkins.getRootUrl()), user.getId(), token).getFolders();
}
示例12
@Before
public void init() throws URISyntaxException
{
    User user = User.getById("admin", true);

    assertNotNull(user);

    String token = ((ApiTokenProperty) user.getProperty(ApiTokenProperty.class)).getApiToken();

    assertNotNull(j.jenkins.getRootUrl());

    j.jenkins.setSecurityRealm(SecurityRealm.NO_AUTHENTICATION);
    queues = new Jenkins(new URI(j.jenkins.getRootUrl()), user.getId(), token).getQueues();
}
示例13
public HttpResponse doEscapeHatch(@QueryParameter("j_username") String username, @QueryParameter("j_password") String password) {
    randomWait(); // to slowdown brute forcing
    if(!isEscapeHatchEnabled()) {
        return HttpResponses.redirectViaContextPath("loginError");
    }
    if(this.escapeHatchUsername == null || this.escapeHatchSecret == null) {
        return HttpResponses.redirectViaContextPath("loginError");
    }
    if(escapeHatchUsername.equalsIgnoreCase(username) && escapeHatchSecret.getPlainText().equals(password)) {
        List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
        authorities.add(SecurityRealm.AUTHENTICATED_AUTHORITY);
        if(isNotBlank(escapeHatchGroup)) {
            authorities.add(new GrantedAuthorityImpl(escapeHatchGroup));
        }
        String userName = "escape-hatch-admin";
        GrantedAuthority[] grantedAuthorities = authorities.toArray(new GrantedAuthority[authorities.size()]);
        UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(
        		userName,
                "",
                grantedAuthorities
        );
        SecurityContextHolder.getContext().setAuthentication(token);
        OicUserDetails userDetails = new OicUserDetails(userName, grantedAuthorities);
        SecurityListener.fireAuthenticated(userDetails);
        return HttpRedirect.CONTEXT_ROOT;
    }
    return HttpResponses.redirectViaContextPath("loginError");
}
示例14
@Override
public Class<SecurityRealm> getTarget() {
    return SecurityRealm.class;
}
示例15
@NonNull
@Override
public SecurityRealm configure(CNode config, ConfigurationContext context) throws ConfiguratorException {
    return SecurityRealm.NO_AUTHENTICATION;
}
示例16
@Override
public SecurityRealm check(CNode config, ConfigurationContext context) {
    return SecurityRealm.NO_AUTHENTICATION;
}
示例17
@CheckForNull
@Override
public CNode describe(SecurityRealm instance, ConfigurationContext context) throws Exception {
    return null;
}
示例18
@NonNull
@Override
public Set<Attribute<SecurityRealm,?>> describe() {
    return Collections.emptySet();
}
示例19
@Test
@Issue("JENKINS-53188")
public void getCredentialsWhenUserExistedButNotAccessible() {
    PowerMockito.mockStatic(Jenkins.class);
    PowerMockito.when(Jenkins.get()).thenReturn(jenkins);
    PowerMockito.when(Jenkins.getInstance()).thenReturn(jenkins);
    PowerMockito.when(Jenkins.getActiveInstance()).thenReturn(jenkins);
    when(jenkins.getSecurityRealm()).thenReturn(SecurityRealm.NO_AUTHENTICATION);

    PowerMockito.mockStatic(User.class);
    // Make sure we return a user, cause it did once exist
    PowerMockito.when(User.get(anyString(), anyBoolean(), any())).thenReturn(user);

    Domain domain = BlueOceanCredentialsProvider.createDomain("api.github.com");
    BlueOceanCredentialsProvider blueOceanCredentialsProvider = new BlueOceanCredentialsProvider();
    BlueOceanCredentialsProvider.FolderPropertyImpl prop = new BlueOceanCredentialsProvider.FolderPropertyImpl(
        "halkeye",
        "halkeye",
        domain
    );
    when(folder.getProperties()).thenReturn(describableList);
    when(describableList.get(BlueOceanCredentialsProvider.FolderPropertyImpl.class)).thenReturn(prop);

    // Should be empty when trying to impersonate and grab credentials though
    List<StandardUsernameCredentials> credentials = blueOceanCredentialsProvider.getCredentials(
        StandardUsernameCredentials.class,
        (ItemGroup) folder,
        ACL.SYSTEM,
        new ArrayList<DomainRequirement>(Arrays.asList(
            new SchemeRequirement("https"),
            new HostnameRequirement("api.github.com"),
            new PathRequirement("/")
        ))
    );
    assertEquals(Collections.emptyList(), credentials);

    List<Credentials> storeCredentials = prop.getStore().getCredentials(domain);
    assertEquals(Collections.emptyList(), storeCredentials);


}
示例20
/**
 * {@inheritDoc}
 */
@Override
public String getStateJson() {
    StringWriter writer = new StringWriter();
    Jenkins jenkins = Jenkins.getInstance();
    VersionNumber versionNumber = Jenkins.getVersion();
    String version = versionNumber != null ? versionNumber.toString() : Jenkins.VERSION;

    AuthorizationStrategy authorizationStrategy = jenkins.getAuthorizationStrategy();
    boolean allowAnonymousRead = true;
    if(authorizationStrategy instanceof FullControlOnceLoggedInAuthorizationStrategy){
        allowAnonymousRead = ((FullControlOnceLoggedInAuthorizationStrategy) authorizationStrategy).isAllowAnonymousRead();
    }

    String jwtTokenEndpointHostUrl = Jenkins.getInstance().getRootUrl();
    JwtTokenServiceEndpoint jwtTokenServiceEndpoint = JwtTokenServiceEndpoint.first();
    if(jwtTokenServiceEndpoint != null){
        jwtTokenEndpointHostUrl = jwtTokenServiceEndpoint.getHostUrl();
    }
    addFeatures(new JSONBuilder(writer)
        .object()
            .key("version").value(getBlueOceanPluginVersion())
            .key("jenkinsConfig")
            .object()
                .key("analytics").value(Analytics.isAnalyticsEnabled())
                .key("version").value(version)
                .key("security")
                .object()
                    .key("enabled").value(jenkins.isUseSecurity())
                    .key("loginUrl").value(jenkins.getSecurityRealm() == SecurityRealm.NO_AUTHENTICATION ? null : jenkins.getSecurityRealm().getLoginUrl())
                    .key("authorizationStrategy").object()
                        .key("allowAnonymousRead").value(allowAnonymousRead)
                    .endObject()
                    .key("enableJWT").value(BlueOceanConfigProperties.BLUEOCEAN_FEATURE_JWT_AUTHENTICATION)
                    .key("jwtServiceHostUrl").value(jwtTokenEndpointHostUrl)
                .endObject()
            .endObject()
            ) // addFeatures here
        .endObject();

    return writer.toString();
}
示例21
public DescriptorImpl(Class<? extends SecurityRealm> clazz) {
    super(clazz);
}
示例22
@SuppressFBWarnings("NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE")
public boolean isAuto() {
    SecurityRealm realm = Jenkins.getInstance().getSecurityRealm();
    return realm instanceof OicSecurityRealm &&
           StringUtils.isNotBlank(((OicSecurityRealm)realm).getWellKnownOpenIDConfigurationUrl());
}
示例23
@Before
public void setup() throws Exception {
    User user = User.getById("admin", true);

    assertNotNull(user);

    String token = ((ApiTokenProperty) user.getProperty(ApiTokenProperty.class)).getApiToken();

    assertNotNull(j.jenkins.getRootUrl());

    j.jenkins.setSecurityRealm(SecurityRealm.NO_AUTHENTICATION);
    plugins = new Jenkins(new URI(j.jenkins.getRootUrl()), user.getId(), token).getPlugins();
}
示例24
@Before
public void setup() throws Exception {
    User user = User.getById("admin", true);

    assertNotNull(user);

    String token = ((ApiTokenProperty) user.getProperty(ApiTokenProperty.class)).getApiToken();

    assertNotNull(j.jenkins.getRootUrl());

    j.jenkins.setSecurityRealm(SecurityRealm.NO_AUTHENTICATION);
    jobs = new Jenkins(new URI(j.jenkins.getRootUrl()), user.getId(), token).getJobs();
}
示例25
@Before
public void init() throws URISyntaxException {
    User user = User.getById("admin", true);

    assertNotNull(user);

    String token = ((ApiTokenProperty) user.getProperty(ApiTokenProperty.class)).getApiToken();

    assertNotNull(j.jenkins.getRootUrl());

    j.jenkins.setSecurityRealm(SecurityRealm.NO_AUTHENTICATION);
    credentials = new Jenkins(new URI(j.jenkins.getRootUrl()), user.getId(), token).getCredentials();
}