diff --git a/README.md b/README.md index 5258cff..b7475fc 100644 --- a/README.md +++ b/README.md @@ -50,3 +50,7 @@ Copy Application Id and Secret in Settings of Sonarqube. | sonar.auth.gitlab.applicationId | Application ID provided by GitLab when registering the application | | sonar.auth.gitlab.secret | Token of the user who can make reports on the project, either global or per project | | sonar.auth.gitlab.allowUsersToSignUp | Allow new users to authenticate. When set to 'false', only existing users will be able to authenticate to the server | + +# Sonarqube + +https://sonarqube.com/dashboard?id=com.talanlabs%3Asonar-auth-gitlab-plugin \ No newline at end of file diff --git a/src/main/java/com/talanlabs/sonar/plugins/gitlab/auth/GsonUser.java b/src/main/java/com/talanlabs/sonar/plugins/gitlab/auth/GsonUser.java index 8e5a6ea..2ca068b 100644 --- a/src/main/java/com/talanlabs/sonar/plugins/gitlab/auth/GsonUser.java +++ b/src/main/java/com/talanlabs/sonar/plugins/gitlab/auth/GsonUser.java @@ -33,29 +33,14 @@ public String getUsername() { return username; } - public GsonUser setUsername(String username) { - this.username = username; - return this; - } - public String getName() { return name; } - public GsonUser setName(String name) { - this.name = name; - return this; - } - public String getEmail() { return email; } - public GsonUser setEmail(String email) { - this.email = email; - return this; - } - public static GsonUser parse(String json) { Gson gson = new Gson(); return gson.fromJson(json, GsonUser.class); diff --git a/src/test/java/com/talanlabs/sonar/plugins/gitlab/auth/CallbackTest.java b/src/test/java/com/talanlabs/sonar/plugins/gitlab/auth/CallbackTest.java new file mode 100644 index 0000000..3335d7a --- /dev/null +++ b/src/test/java/com/talanlabs/sonar/plugins/gitlab/auth/CallbackTest.java @@ -0,0 +1,54 @@ +package com.talanlabs.sonar.plugins.gitlab.auth; + +import com.squareup.okhttp.mockwebserver.MockResponse; +import com.squareup.okhttp.mockwebserver.MockWebServer; +import org.assertj.core.api.Assertions; +import org.junit.Rule; +import org.junit.Test; +import org.mockito.ArgumentCaptor; +import org.mockito.Mockito; +import org.sonar.api.server.authentication.OAuth2IdentityProvider; +import org.sonar.api.server.authentication.UserIdentity; + +import javax.servlet.http.HttpServletRequest; + +public class CallbackTest { + + @Rule + public MockWebServer gitlab = new MockWebServer(); + + @Test + public void testCallback() { + GitLabConfiguration configuration = Mockito.mock(GitLabConfiguration.class); + Mockito.when(configuration.isEnabled()).thenReturn(true); + Mockito.when(configuration.allowUsersToSignUp()).thenReturn(true); + Mockito.when(configuration.applicationId()).thenReturn("123"); + Mockito.when(configuration.secret()).thenReturn("456"); + Mockito.when(configuration.url()).thenReturn(String.format("http://%s:%d", gitlab.getHostName(), gitlab.getPort())); + GitLabIdentityProvider gitLabIdentityProvider = new GitLabIdentityProvider(configuration); + + OAuth2IdentityProvider.CallbackContext callbackContext = Mockito.mock(OAuth2IdentityProvider.CallbackContext.class); + Mockito.when(callbackContext.getCallbackUrl()).thenReturn("http://server/callback"); + + HttpServletRequest httpServletRequest = Mockito.mock(HttpServletRequest.class); + Mockito.when(httpServletRequest.getParameter("code")).thenReturn("789"); + + Mockito.when(callbackContext.getRequest()).thenReturn(httpServletRequest); + + gitlab.enqueue(new MockResponse().setBody( + "{\n" + " \"access_token\": \"de6780bc506a0446309bd9362820ba8aed28aa506c71eedbe1c5c4f9dd350e54\",\n" + " \"token_type\": \"bearer\",\n" + " \"expires_in\": 7200,\n" + + " \"refresh_token\": \"8257e65c97202ed1726cf9571600918f3bffb2544b26e00a61df9897668c33a1\"\n" + "}")); + gitlab.enqueue(new MockResponse().setBody("{\"username\":\"toto\", \"name\":\"Toto Toto\",\"email\":\"toto@toto.com\"}")); + + gitLabIdentityProvider.callback(callbackContext); + + ArgumentCaptor argument = ArgumentCaptor.forClass(UserIdentity.class); + Mockito.verify(callbackContext).authenticate(argument.capture()); + Assertions.assertThat(argument.getValue()).isNotNull(); + Assertions.assertThat(argument.getValue().getProviderLogin()).isEqualTo("toto"); + Assertions.assertThat(argument.getValue().getLogin()).isEqualTo("toto"); + Assertions.assertThat(argument.getValue().getName()).isEqualTo("Toto Toto"); + Assertions.assertThat(argument.getValue().getEmail()).isEqualTo("toto@toto.com"); + Mockito.verify(callbackContext).redirectToRequestedPage(); + } +} diff --git a/src/test/java/com/talanlabs/sonar/plugins/gitlab/auth/GitLabApiTest.java b/src/test/java/com/talanlabs/sonar/plugins/gitlab/auth/GitLabApiTest.java new file mode 100644 index 0000000..dd34676 --- /dev/null +++ b/src/test/java/com/talanlabs/sonar/plugins/gitlab/auth/GitLabApiTest.java @@ -0,0 +1,32 @@ +package com.talanlabs.sonar.plugins.gitlab.auth; + +import com.github.scribejava.core.extractors.JsonTokenExtractor; +import com.github.scribejava.core.model.OAuthConfig; +import com.github.scribejava.core.model.Verb; +import org.assertj.core.api.Assertions; +import org.junit.Test; +import org.mockito.Mockito; + +public class GitLabApiTest { + + @Test + public void testFields() { + GitLabApi gitLabApi = new GitLabApi("http://server"); + + Assertions.assertThat(gitLabApi.getAccessTokenEndpoint()).isEqualTo("http://server/oauth/token"); + Assertions.assertThat(gitLabApi.getAccessTokenVerb()).isEqualTo(Verb.POST); + Assertions.assertThat(gitLabApi.getAccessTokenExtractor()).isInstanceOf(JsonTokenExtractor.class); + } + + @Test + public void testUrl() { + GitLabApi gitLabApi = new GitLabApi("http://server"); + + OAuthConfig oAuthConfig = Mockito.mock(OAuthConfig.class); + Mockito.when(oAuthConfig.getCallback()).thenReturn("http://server"); + Mockito.when(oAuthConfig.hasScope()).thenReturn(true); + Mockito.when(oAuthConfig.getScope()).thenReturn("read_user"); + Mockito.when(oAuthConfig.getApiKey()).thenReturn("123"); + Assertions.assertThat(gitLabApi.getAuthorizationUrl(oAuthConfig)).isEqualTo("http://server/oauth/authorize?client_id=123&redirect_uri=http%3A%2F%2Fserver&response_type=code&scope=read_user"); + } +} diff --git a/src/test/java/com/talanlabs/sonar/plugins/gitlab/auth/GitLabAuthPluginTest.java b/src/test/java/com/talanlabs/sonar/plugins/gitlab/auth/GitLabAuthPluginTest.java new file mode 100644 index 0000000..9e776dd --- /dev/null +++ b/src/test/java/com/talanlabs/sonar/plugins/gitlab/auth/GitLabAuthPluginTest.java @@ -0,0 +1,37 @@ +/* + * SonarQube :: GitLab Plugin + * Copyright (C) 2016-2017 Talanlabs + * gabriel.allaigre@talanlabs.com + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 3 of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this program; if not, write to the Free Software Foundation, + * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + */ +package com.talanlabs.sonar.plugins.gitlab.auth; + +import org.junit.Test; +import org.sonar.api.Plugin; +import org.sonar.api.utils.Version; + +import static org.assertj.core.api.Assertions.assertThat; + +public class GitLabAuthPluginTest { + + @Test + public void uselessTest() { + Plugin.Context context = new Plugin.Context(Version.parse("5.6")); + new GitLabAuthPlugin().define(context); + assertThat(context.getExtensions().size()).isGreaterThan(1); + } + +} diff --git a/src/test/java/com/talanlabs/sonar/plugins/gitlab/auth/GitLabConfigurationTest.java b/src/test/java/com/talanlabs/sonar/plugins/gitlab/auth/GitLabConfigurationTest.java new file mode 100644 index 0000000..e768309 --- /dev/null +++ b/src/test/java/com/talanlabs/sonar/plugins/gitlab/auth/GitLabConfigurationTest.java @@ -0,0 +1,65 @@ +/* + * SonarQube :: GitLab Plugin + * Copyright (C) 2016-2017 Talanlabs + * gabriel.allaigre@talanlabs.com + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 3 of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this program; if not, write to the Free Software Foundation, + * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + */ +package com.talanlabs.sonar.plugins.gitlab.auth; + +import org.assertj.core.api.Assertions; +import org.junit.Before; +import org.junit.Rule; +import org.junit.Test; +import org.junit.rules.ExpectedException; +import org.sonar.api.config.PropertyDefinitions; +import org.sonar.api.config.Settings; + +public class GitLabConfigurationTest { + + @Rule + public ExpectedException thrown = ExpectedException.none(); + + private Settings settings; + private GitLabConfiguration config; + + @Before + public void prepare() { + settings = new Settings(new PropertyDefinitions(GitLabAuthPlugin.definitions())); + config = new GitLabConfiguration(settings); + } + + @Test + public void global() { + Assertions.assertThat(config.url()).isEqualTo("https://gitlab.com"); + settings.setProperty(GitLabAuthPlugin.GITLAB_AUTH_URL, "https://gitlab.talanlabs.com/api"); + Assertions.assertThat(config.url()).isEqualTo("https://gitlab.talanlabs.com/api"); + + Assertions.assertThat(config.isEnabled()).isFalse(); + settings.setProperty(GitLabAuthPlugin.GITLAB_AUTH_ENABLED, "true"); + Assertions.assertThat(config.isEnabled()).isFalse(); + settings.setProperty(GitLabAuthPlugin.GITLAB_AUTH_APPLICATIONID, "1234"); + Assertions.assertThat(config.isEnabled()).isFalse(); + settings.setProperty(GitLabAuthPlugin.GITLAB_AUTH_SECRET, "5678"); + Assertions.assertThat(config.isEnabled()).isTrue(); + + Assertions.assertThat(config.applicationId()).isEqualTo("1234"); + Assertions.assertThat(config.secret()).isEqualTo("5678"); + + Assertions.assertThat(config.allowUsersToSignUp()).isTrue(); + settings.setProperty(GitLabAuthPlugin.GITLAB_AUTH_ALLOWUSERSTOSIGNUP, "false"); + Assertions.assertThat(config.allowUsersToSignUp()).isFalse(); + } +} diff --git a/src/test/java/com/talanlabs/sonar/plugins/gitlab/auth/GitLabIdentityProviderTest.java b/src/test/java/com/talanlabs/sonar/plugins/gitlab/auth/GitLabIdentityProviderTest.java new file mode 100644 index 0000000..e3697d3 --- /dev/null +++ b/src/test/java/com/talanlabs/sonar/plugins/gitlab/auth/GitLabIdentityProviderTest.java @@ -0,0 +1,44 @@ +package com.talanlabs.sonar.plugins.gitlab.auth; + +import org.assertj.core.api.Assertions; +import org.junit.Test; +import org.mockito.Mockito; +import org.sonar.api.server.authentication.Display; +import org.sonar.api.server.authentication.OAuth2IdentityProvider; + +public class GitLabIdentityProviderTest { + + @Test + public void testFields() { + GitLabConfiguration configuration = Mockito.mock(GitLabConfiguration.class); + Mockito.when(configuration.isEnabled()).thenReturn(true); + Mockito.when(configuration.allowUsersToSignUp()).thenReturn(true); + GitLabIdentityProvider gitLabIdentityProvider = new GitLabIdentityProvider(configuration); + + Assertions.assertThat(gitLabIdentityProvider.getKey()).isEqualTo("gitlab"); + Assertions.assertThat(gitLabIdentityProvider.getName()).isEqualTo("GitLab"); + Display display = gitLabIdentityProvider.getDisplay(); + Assertions.assertThat(display.getIconPath()).isEqualTo("/static/authgitlab/gitlab.svg"); + Assertions.assertThat(display.getBackgroundColor()).isEqualTo("#333c47"); + Assertions.assertThat(gitLabIdentityProvider.isEnabled()).isTrue(); + Assertions.assertThat(gitLabIdentityProvider.allowsUsersToSignUp()).isTrue(); + } + + @Test + public void testInit() { + GitLabConfiguration configuration = Mockito.mock(GitLabConfiguration.class); + Mockito.when(configuration.isEnabled()).thenReturn(true); + Mockito.when(configuration.allowUsersToSignUp()).thenReturn(true); + Mockito.when(configuration.applicationId()).thenReturn("123"); + Mockito.when(configuration.secret()).thenReturn("456"); + Mockito.when(configuration.url()).thenReturn("http://server"); + GitLabIdentityProvider gitLabIdentityProvider = new GitLabIdentityProvider(configuration); + + OAuth2IdentityProvider.InitContext initContext = Mockito.mock(OAuth2IdentityProvider.InitContext.class); + Mockito.when(initContext.getCallbackUrl()).thenReturn("http://server/callback"); + + gitLabIdentityProvider.init(initContext); + + Mockito.verify(initContext).redirectTo("http://server/oauth/authorize?client_id=123&redirect_uri=http%3A%2F%2Fserver%2Fcallback&response_type=code&scope=read_user"); + } +} diff --git a/src/test/java/com/talanlabs/sonar/plugins/gitlab/auth/GsonUserTest.java b/src/test/java/com/talanlabs/sonar/plugins/gitlab/auth/GsonUserTest.java new file mode 100644 index 0000000..113ee90 --- /dev/null +++ b/src/test/java/com/talanlabs/sonar/plugins/gitlab/auth/GsonUserTest.java @@ -0,0 +1,17 @@ +package com.talanlabs.sonar.plugins.gitlab.auth; + +import org.assertj.core.api.Assertions; +import org.junit.Test; + +public class GsonUserTest { + + @Test + public void testParse() { + GsonUser gsonUser = GsonUser.parse("{ \"username\":\"toto\",\"name\":\"Toto Toto\",\"email\":\"toto@toto.com\"}"); + + Assertions.assertThat(gsonUser).isNotNull(); + Assertions.assertThat(gsonUser.getUsername()).isEqualTo("toto"); + Assertions.assertThat(gsonUser.getName()).isEqualTo("Toto Toto"); + Assertions.assertThat(gsonUser.getEmail()).isEqualTo("toto@toto.com"); + } +}