Merge branch 'develop' into bugfix/plugin_dependency_context

scm-webapp/src/test/java/sonia/scm/PushStateDispatcherProviderTest.java

@@ -21,7 +21,7 @@
  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
  * SOFTWARE.
  */
-    
+
 package sonia.scm;
 
 import com.google.inject.util.Providers;
@@ -39,8 +39,11 @@ public class PushStateDispatcherProviderTest {
   @Mock
   private TemplateEngine templateEngine;
 
+  @Mock
+  private SCMContextProvider context;
+
   private PushStateDispatcherProvider provider = new PushStateDispatcherProvider(
-    Providers.of(new TemplatingPushStateDispatcher(templateEngine))
+    Providers.of(new TemplatingPushStateDispatcher(templateEngine, context))
   );
 
   @Test

scm-webapp/src/test/java/sonia/scm/TemplatingPushStateDispatcherTest.java

@@ -21,7 +21,7 @@
  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
  * SOFTWARE.
  */
-    
+
 package sonia.scm;
 
 import org.junit.Before;
@@ -61,18 +61,24 @@ public class TemplatingPushStateDispatcherTest {
   @Mock
   private Template template;
 
+  @Mock
+  private SCMContextProvider context;
+
   private TemplatingPushStateDispatcher dispatcher;
 
   @Before
   public void setUpMocks() {
-    dispatcher = new TemplatingPushStateDispatcher(templateEngine);
+    dispatcher = new TemplatingPushStateDispatcher(templateEngine, context);
   }
 
   @Test
   public void testDispatch() throws IOException {
+    when(context.getStage()).thenReturn(Stage.DEVELOPMENT);
+
     TemplatingPushStateDispatcher.IndexHtmlModel model = dispatch();
     assertEquals("/scm", model.getContextPath());
     assertNull(model.getLiveReloadURL());
+    assertEquals("DEVELOPMENT", model.getScmStage());
   }
 
   @Test

scm-webapp/src/test/java/sonia/scm/api/v2/resources/AuthenticationResourceTest.java

@@ -139,7 +139,6 @@ public class AuthenticationResourceTest {
     dispatcher.addSingletonResource(authenticationResource);
 
     AccessToken accessToken = mock(AccessToken.class);
-    when(accessToken.getExpiration()).thenReturn(new Date(Long.MAX_VALUE));
     when(accessTokenBuilder.build()).thenReturn(accessToken);
 
     when(accessTokenBuilderFactory.create()).thenReturn(accessTokenBuilder);

scm-webapp/src/test/java/sonia/scm/security/DefaultAccessTokenCookieIssuerTest.java

@@ -121,8 +121,6 @@ public class DefaultAccessTokenCookieIssuerTest {
   }
 
   private Cookie authenticate() {
-    when(accessToken.getExpiration()).thenReturn(new Date());
-
     issuer.authenticate(request, response, accessToken);
 
     verify(response).addCookie(cookieArgumentCaptor.capture());

scm-webapp/src/test/java/sonia/scm/security/ScmAtLeastOneSuccessfulStrategyTest.java

@@ -0,0 +1,107 @@
+/*
+ * MIT License
+ *
+ * Copyright (c) 2020-present Cloudogu GmbH and Contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+
+package sonia.scm.security;
+
+import org.apache.shiro.authc.AuthenticationException;
+import org.apache.shiro.authc.AuthenticationInfo;
+import org.apache.shiro.authc.AuthenticationToken;
+import org.apache.shiro.authc.MergableAuthenticationInfo;
+import org.apache.shiro.realm.Realm;
+import org.apache.shiro.subject.PrincipalCollection;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.Mock;
+import org.mockito.junit.MockitoJUnitRunner;
+
+import java.util.ArrayList;
+
+import static java.util.Collections.singletonList;
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.mockito.Mockito.when;
+
+@RunWith(MockitoJUnitRunner.class)
+public class ScmAtLeastOneSuccessfulStrategyTest {
+
+  @Mock
+  private Realm realm;
+
+  @Mock
+  private AuthenticationToken token;
+
+  @Mock
+  MergableAuthenticationInfo singleRealmInfo;
+
+  @Mock
+  MergableAuthenticationInfo aggregateInfo;
+
+  @Mock
+  TokenExpiredException tokenExpiredException;
+
+  @Mock
+  AuthenticationException authenticationException;
+
+  @Mock
+  PrincipalCollection principalCollection;
+
+  @Test
+  public void shouldAddNonNullThrowableToList() {
+    final ScmAtLeastOneSuccessfulStrategy strategy = new ScmAtLeastOneSuccessfulStrategy();
+    strategy.threadLocal.set(new ArrayList<>());
+
+    strategy.afterAttempt(realm, token, singleRealmInfo, aggregateInfo, tokenExpiredException);
+
+    assertThat(strategy.threadLocal.get()).hasSize(1);
+    assertThat(strategy.threadLocal.get().get(0)).isEqualTo(tokenExpiredException);
+  }
+
+  @Test(expected = TokenExpiredException.class)
+  public void shouldRethrowException() {
+    final ScmAtLeastOneSuccessfulStrategy strategy = new ScmAtLeastOneSuccessfulStrategy();
+    strategy.threadLocal.set(singletonList(tokenExpiredException));
+
+    strategy.afterAllAttempts(token, aggregateInfo);
+  }
+
+  @Test(expected = AuthenticationException.class)
+  public void shouldThrowGenericErrorIfNonTokenExpiredExceptionWasCaught() {
+    final ScmAtLeastOneSuccessfulStrategy strategy = new ScmAtLeastOneSuccessfulStrategy();
+    strategy.threadLocal.set(singletonList(authenticationException));
+
+    strategy.afterAllAttempts(token, aggregateInfo);
+  }
+
+  @Test()
+  public void shouldNotRethrowExceptionIfAuthenticationSuccessful() {
+    final ScmAtLeastOneSuccessfulStrategy strategy = new ScmAtLeastOneSuccessfulStrategy();
+    strategy.threadLocal.set(singletonList(tokenExpiredException));
+    when(aggregateInfo.getPrincipals()).thenReturn(principalCollection);
+    when(principalCollection.isEmpty()).thenReturn(false);
+
+    final AuthenticationInfo authenticationInfo = strategy.afterAllAttempts(token, aggregateInfo);
+
+    assertThat(authenticationInfo).isNotNull();
+  }
+
+}

scm-webapp/src/test/java/sonia/scm/security/TokenExpiredFilterTest.java

@@ -0,0 +1,80 @@
+/*
+ * MIT License
+ *
+ * Copyright (c) 2020-present Cloudogu GmbH and Contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+
+package sonia.scm.security;
+
+import com.fasterxml.jackson.databind.ObjectMapper;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.Mock;
+import org.mockito.junit.MockitoJUnitRunner;
+import sonia.scm.api.v2.resources.ErrorDto;
+import sonia.scm.web.VndMediaType;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.ServletOutputStream;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+import static org.junit.Assert.assertEquals;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.ArgumentMatchers.argThat;
+import static org.mockito.Mockito.atLeastOnce;
+import static org.mockito.Mockito.doThrow;
+import static org.mockito.Mockito.verify;
+import static sonia.scm.security.TokenExpiredFilter.TOKEN_EXPIRED_ERROR_CODE;
+
+@RunWith(MockitoJUnitRunner.class)
+public class TokenExpiredFilterTest {
+
+  @Mock
+  private FilterChain chain;
+  @Mock
+  private HttpServletRequest request;
+  @Mock
+  private HttpServletResponse response;
+  @Mock
+  private ObjectMapper objectMapper;
+  @Mock
+  private AccessTokenCookieIssuer accessTokenCookieIssuer;
+
+  @Test
+  public void shouldReturnSpecificErrorResponseAndInvalidateCookie() throws IOException, ServletException {
+    final TokenExpiredFilter filter = new TokenExpiredFilter(accessTokenCookieIssuer, objectMapper);
+    doThrow(TokenExpiredException.class).when(chain).doFilter(request, response);
+
+    filter.doFilter(request, response, chain);
+
+    verify(chain, atLeastOnce()).doFilter(request, response);
+    verify(accessTokenCookieIssuer, atLeastOnce()).invalidate(request, response);
+    verify(response, atLeastOnce()).setContentType(VndMediaType.ERROR_TYPE);
+    verify(objectMapper).writeValue((ServletOutputStream) any(), argThat((ErrorDto errorDto) -> {
+      assertEquals(TOKEN_EXPIRED_ERROR_CODE, errorDto.getErrorCode());
+      return true;
+    }));
+  }
+
+}