From 6bbb2b6e85d4f5740867432eb1c2dd62500ab75c Mon Sep 17 00:00:00 2001 From: Bhupendrakumar Piprava Date: Wed, 6 Mar 2019 20:33:54 +0530 Subject: [PATCH] User personal access token to fetch users private organization. --- .../authorization/github/GitHubAuthenticator.java | 2 +- .../authorization/github/GitHubClientBuilder.java | 15 ++++++++++----- .../authorization/github/MembershipChecker.java | 4 ++-- .../github/executors/GetRolesExecutor.java | 2 +- .../executors/SearchUsersRequestExecutor.java | 2 +- .../executors/ValidateUserRequestExecutor.java | 2 +- .../github/GitHubAuthenticatorTest.java | 6 +++--- .../github/MembershipCheckerTest.java | 2 +- .../github/executors/GetRolesExecutorTest.java | 10 +++++----- .../executors/SearchUsersRequestExecutorTest.java | 4 ++-- .../ValidateUserRequestExecutorTest.java | 4 ++-- 11 files changed, 29 insertions(+), 24 deletions(-) diff --git a/src/main/java/cd/go/authorization/github/GitHubAuthenticator.java b/src/main/java/cd/go/authorization/github/GitHubAuthenticator.java index cc0766b..154b292 100644 --- a/src/main/java/cd/go/authorization/github/GitHubAuthenticator.java +++ b/src/main/java/cd/go/authorization/github/GitHubAuthenticator.java @@ -41,7 +41,7 @@ public GitHubAuthenticator() { } public LoggedInUserInfo authenticate(TokenInfo tokenInfo, AuthConfig authConfig) throws IOException { - final GitHub gitHub = gitHubClientBuilder.build(tokenInfo.accessToken(), authConfig.gitHubConfiguration()); + final GitHub gitHub = gitHubClientBuilder.fromAccessToken(tokenInfo.accessToken(),authConfig.gitHubConfiguration()); final List allowedOrganizations = authConfig.gitHubConfiguration().organizationsAllowed(); final LoggedInUserInfo loggedInUserInfo = new LoggedInUserInfo(gitHub); diff --git a/src/main/java/cd/go/authorization/github/GitHubClientBuilder.java b/src/main/java/cd/go/authorization/github/GitHubClientBuilder.java index 0cc73fe..ca87d2a 100644 --- a/src/main/java/cd/go/authorization/github/GitHubClientBuilder.java +++ b/src/main/java/cd/go/authorization/github/GitHubClientBuilder.java @@ -28,17 +28,22 @@ public class GitHubClientBuilder { - public GitHub build(String usersAccessToken, GitHubConfiguration gitHubConfiguration) throws IOException { - return createGitHub(usersAccessToken, gitHubConfiguration); + public GitHub from(GitHubConfiguration gitHubConfiguration) throws IOException { + return clientFor(gitHubConfiguration.personalAccessToken(), gitHubConfiguration); } - private GitHub createGitHub(String accessToken, GitHubConfiguration gitHubConfiguration) throws IOException { + public GitHub fromAccessToken(String accessToken, GitHubConfiguration gitHubConfiguration) throws IOException { + return clientFor(accessToken, gitHubConfiguration); + } + + private GitHub clientFor(String personalAccessTokenOrUsersAccessToken, GitHubConfiguration gitHubConfiguration) throws IOException { if (gitHubConfiguration.authenticateWith() == AuthenticateWith.GITHUB_ENTERPRISE) { LOG.debug("Create GitHub connection to enterprise GitHub with token"); - return GitHub.connectToEnterprise(gitHubConfiguration.gitHubEnterpriseUrl(), accessToken); + return GitHub.connectToEnterprise(gitHubConfiguration.gitHubEnterpriseUrl(), gitHubConfiguration.personalAccessToken()); } else { LOG.debug("Create GitHub connection to public GitHub with token"); - return new GitHubBuilder().withOAuthToken(accessToken).withRateLimitHandler(RateLimitHandler.FAIL).build(); + return new GitHubBuilder() + .withOAuthToken(personalAccessTokenOrUsersAccessToken).withRateLimitHandler(RateLimitHandler.FAIL).build(); } } } diff --git a/src/main/java/cd/go/authorization/github/MembershipChecker.java b/src/main/java/cd/go/authorization/github/MembershipChecker.java index 4d38820..15ef6d6 100644 --- a/src/main/java/cd/go/authorization/github/MembershipChecker.java +++ b/src/main/java/cd/go/authorization/github/MembershipChecker.java @@ -51,7 +51,7 @@ public boolean isAMemberOfAtLeastOneOrganization(GHUser ghUser, AuthConfig authC } private boolean checkMembershipUsingPersonalAccessToken(GHUser ghUser, AuthConfig authConfig, List organizationsAllowed) throws IOException { - final GitHub gitHubForPersonalAccessToken = clientBuilder.build(null, authConfig.gitHubConfiguration()); + final GitHub gitHubForPersonalAccessToken = clientBuilder.from(authConfig.gitHubConfiguration()); for (String organizationName : organizationsAllowed) { final GHOrganization organization = gitHubForPersonalAccessToken.getOrganization(organizationName); @@ -74,7 +74,7 @@ public boolean isAMemberOfAtLeastOneTeamOfOrganization(GHUser ghUser, AuthConfig } private boolean checkTeamMembershipUsingPersonalAccessToken(GHUser ghUser, AuthConfig authConfig, Map> organizationAndTeamsAllowed) throws IOException { - final GitHub gitHubForPersonalAccessToken = clientBuilder.build(null, authConfig.gitHubConfiguration()); + final GitHub gitHubForPersonalAccessToken = clientBuilder.from(authConfig.gitHubConfiguration()); for (String organizationName : organizationAndTeamsAllowed.keySet()) { final GHOrganization organization = gitHubForPersonalAccessToken.getOrganization(organizationName); diff --git a/src/main/java/cd/go/authorization/github/executors/GetRolesExecutor.java b/src/main/java/cd/go/authorization/github/executors/GetRolesExecutor.java index 1aea967..85aee44 100644 --- a/src/main/java/cd/go/authorization/github/executors/GetRolesExecutor.java +++ b/src/main/java/cd/go/authorization/github/executors/GetRolesExecutor.java @@ -53,7 +53,7 @@ public GoPluginApiResponse execute() throws IOException { return DefaultGoPluginApiResponse.success("[]"); } - GitHub gitHub = clientBuilder.build(null, request.getAuthConfig().gitHubConfiguration()); + GitHub gitHub = clientBuilder.from(request.getAuthConfig().gitHubConfiguration()); GHUser user = gitHub.getUser(request.getUsername()); if (user == null) { diff --git a/src/main/java/cd/go/authorization/github/executors/SearchUsersRequestExecutor.java b/src/main/java/cd/go/authorization/github/executors/SearchUsersRequestExecutor.java index 7c2bc93..d8c035a 100644 --- a/src/main/java/cd/go/authorization/github/executors/SearchUsersRequestExecutor.java +++ b/src/main/java/cd/go/authorization/github/executors/SearchUsersRequestExecutor.java @@ -62,7 +62,7 @@ private Set searchUsers(String searchTerm, List authConfigs) { private Set search(String searchText, AuthConfig authConfig) throws IOException { Set users = new HashSet<>(); long start = System.currentTimeMillis(); - GitHub client = gitHubClientBuilder.build(authConfig.gitHubConfiguration().personalAccessToken(), authConfig.gitHubConfiguration()); + GitHub client = gitHubClientBuilder.from(authConfig.gitHubConfiguration()); PagedSearchIterable ghUsers = client.searchUsers().q(searchText).list(); long afterRequest = System.currentTimeMillis(); LOG.debug("Time for request: " + (afterRequest - start) + "ms"); diff --git a/src/main/java/cd/go/authorization/github/executors/ValidateUserRequestExecutor.java b/src/main/java/cd/go/authorization/github/executors/ValidateUserRequestExecutor.java index eceab10..d54ea4c 100644 --- a/src/main/java/cd/go/authorization/github/executors/ValidateUserRequestExecutor.java +++ b/src/main/java/cd/go/authorization/github/executors/ValidateUserRequestExecutor.java @@ -41,7 +41,7 @@ public ValidateUserRequestExecutor(ValidateUserRequest request) { @Override public GoPluginApiResponse execute() throws Exception { - GitHub gitHub = clientBuilder.build(null, request.getAuthConfig().gitHubConfiguration()); + GitHub gitHub = clientBuilder.from(request.getAuthConfig().gitHubConfiguration()); GHUser user = gitHub.getUser(request.getUsername()); if (user == null) { LOG.error(format("[Is Valid User] User %s does not exist in GitHub.", request.getUsername())); diff --git a/src/test/java/cd/go/authorization/github/GitHubAuthenticatorTest.java b/src/test/java/cd/go/authorization/github/GitHubAuthenticatorTest.java index 697acff..0d23cd6 100644 --- a/src/test/java/cd/go/authorization/github/GitHubAuthenticatorTest.java +++ b/src/test/java/cd/go/authorization/github/GitHubAuthenticatorTest.java @@ -41,7 +41,6 @@ public class GitHubAuthenticatorTest { private MembershipChecker membershipChecker; private AuthConfig authConfig; private GitHubConfiguration gitHubConfiguration; - private GitHubClientBuilder gitHubClientBuilder; private TokenInfo tokenInfo; @Before @@ -51,10 +50,11 @@ public void setUp() throws Exception { gitHubConfiguration = mock(GitHubConfiguration.class); tokenInfo = mock(TokenInfo.class); membershipChecker = mock(MembershipChecker.class); - gitHubClientBuilder = mock(GitHubClientBuilder.class); + GitHubClientBuilder gitHubClientBuilder = mock(GitHubClientBuilder.class); + when(tokenInfo.accessToken()).thenReturn("some-token"); when(authConfig.gitHubConfiguration()).thenReturn(gitHubConfiguration); - when(gitHubClientBuilder.build(tokenInfo.accessToken(), gitHubConfiguration)).thenReturn(gitHub); + when(gitHubClientBuilder.fromAccessToken(tokenInfo.accessToken(), gitHubConfiguration)).thenReturn(gitHub); authenticator = new GitHubAuthenticator(membershipChecker, gitHubClientBuilder); } diff --git a/src/test/java/cd/go/authorization/github/MembershipCheckerTest.java b/src/test/java/cd/go/authorization/github/MembershipCheckerTest.java index 7f894b0..dc3e296 100644 --- a/src/test/java/cd/go/authorization/github/MembershipCheckerTest.java +++ b/src/test/java/cd/go/authorization/github/MembershipCheckerTest.java @@ -52,7 +52,7 @@ public void setUp() throws IOException { final GitHubClientBuilder clientBuilder = mock(GitHubClientBuilder.class); when(authConfig.gitHubConfiguration()).thenReturn(gitHubConfiguration); - when(clientBuilder.build(null, gitHubConfiguration)).thenReturn(gitHub); + when(clientBuilder.from(gitHubConfiguration)).thenReturn(gitHub); membershipChecker = new MembershipChecker(clientBuilder); } diff --git a/src/test/java/cd/go/authorization/github/executors/GetRolesExecutorTest.java b/src/test/java/cd/go/authorization/github/executors/GetRolesExecutorTest.java index b578679..e888295 100644 --- a/src/test/java/cd/go/authorization/github/executors/GetRolesExecutorTest.java +++ b/src/test/java/cd/go/authorization/github/executors/GetRolesExecutorTest.java @@ -62,7 +62,7 @@ public void setUp() { @Test public void shouldReturnEmptyResponseIfThereAreNoRolesProvidedFromRequest() throws Exception { - when(clientBuilder.build(null, request.getAuthConfig().gitHubConfiguration())).thenReturn(mock(GitHub.class)); + when(clientBuilder.from(request.getAuthConfig().gitHubConfiguration())).thenReturn(mock(GitHub.class)); GoPluginApiResponse response = executor.execute(); @@ -77,7 +77,7 @@ public void shouldReturnSuccessResponseWithRoles() throws IOException, JSONExcep GitHub gitHub = mock(GitHub.class); GHUser ghUser = mock(GHUser.class); - when(clientBuilder.build(null, request.getAuthConfig().gitHubConfiguration())).thenReturn(gitHub); + when(clientBuilder.from(request.getAuthConfig().gitHubConfiguration())).thenReturn(gitHub); when(gitHub.getUser("bob")).thenReturn(ghUser); when(request.getRoles()).thenReturn(rolesWithName("blackbird", "super-admin", "view")); when(authorizer.authorize(ghUser, request.getAuthConfig(), request.getRoles())).thenReturn(Arrays.asList("blackbird", "super-admin")); @@ -88,7 +88,7 @@ public void shouldReturnSuccessResponseWithRoles() throws IOException, JSONExcep JSONAssert.assertEquals("[\"blackbird\",\"super-admin\"]", response.responseBody(), true); InOrder inOrder = inOrder(clientBuilder, gitHub, authorizer); - inOrder.verify(clientBuilder).build(null, request.getAuthConfig().gitHubConfiguration()); + inOrder.verify(clientBuilder).from(request.getAuthConfig().gitHubConfiguration()); inOrder.verify(gitHub).getUser(request.getUsername()); inOrder.verify(authorizer).authorize(ghUser, request.getAuthConfig(), request.getRoles()); } @@ -97,7 +97,7 @@ public void shouldReturnSuccessResponseWithRoles() throws IOException, JSONExcep public void shouldReturnErrorResponseWhenUserWithProvidedUsernameNotFound() throws IOException { GitHub gitHub = mock(GitHub.class); - when(clientBuilder.build(null, request.getAuthConfig().gitHubConfiguration())).thenReturn(gitHub); + when(clientBuilder.from(request.getAuthConfig().gitHubConfiguration())).thenReturn(gitHub); when(gitHub.getUser("bob")).thenReturn(null); when(request.getRoles()).thenReturn(rolesWithName("blackbird", "super-admin", "view")); @@ -106,7 +106,7 @@ public void shouldReturnErrorResponseWhenUserWithProvidedUsernameNotFound() thro assertThat(response.responseCode(), is(500)); InOrder inOrder = inOrder(clientBuilder, gitHub); - inOrder.verify(clientBuilder).build(null, request.getAuthConfig().gitHubConfiguration()); + inOrder.verify(clientBuilder).from(request.getAuthConfig().gitHubConfiguration()); inOrder.verify(gitHub).getUser(request.getUsername()); verifyZeroInteractions(authorizer); } diff --git a/src/test/java/cd/go/authorization/github/executors/SearchUsersRequestExecutorTest.java b/src/test/java/cd/go/authorization/github/executors/SearchUsersRequestExecutorTest.java index 8cb7b26..ece340d 100644 --- a/src/test/java/cd/go/authorization/github/executors/SearchUsersRequestExecutorTest.java +++ b/src/test/java/cd/go/authorization/github/executors/SearchUsersRequestExecutorTest.java @@ -43,7 +43,7 @@ public void shouldSearchForUsersThatMatchTheSearchTerm() throws Exception { when(request.getSearchTerm()).thenReturn("tom"); when(request.getAuthConfigs()).thenReturn(singletonList(authConfig)); - when(clientBuilder.build(null, request.getAuthConfigs().get(0).gitHubConfiguration())) + when(clientBuilder.from(request.getAuthConfigs().get(0).gitHubConfiguration())) .thenReturn(gitHub); when(gitHub.searchUsers()).thenReturn(userSearchBuilder); when(userSearchBuilder.q("tom")).thenReturn(userSearchBuilder); @@ -70,7 +70,7 @@ public void shouldNotPerformSearchIfAuthConfigsIsEmpty() throws Exception { GoPluginApiResponse response = executor.execute(); - verify(clientBuilder, never()).build(anyString(), any()); + verify(clientBuilder, never()).from(any()); assertThat(response.responseCode(), is(200)); JSONAssert.assertEquals("[]", response.responseBody(), false); } diff --git a/src/test/java/cd/go/authorization/github/executors/ValidateUserRequestExecutorTest.java b/src/test/java/cd/go/authorization/github/executors/ValidateUserRequestExecutorTest.java index 0eec33d..e7230be 100644 --- a/src/test/java/cd/go/authorization/github/executors/ValidateUserRequestExecutorTest.java +++ b/src/test/java/cd/go/authorization/github/executors/ValidateUserRequestExecutorTest.java @@ -53,7 +53,7 @@ public void setUp() { @Test public void shouldReturnSuccessResponseWhenUserIsAValidUser() throws Exception { GitHub gitHub = mock(GitHub.class); - when(clientBuilder.build(null, request.getAuthConfig().gitHubConfiguration())) + when(clientBuilder.from(request.getAuthConfig().gitHubConfiguration())) .thenReturn(gitHub); when(request.getUsername()).thenReturn("bob"); when(gitHub.getUser("bob")).thenReturn(mock(GHUser.class)); @@ -67,7 +67,7 @@ public void shouldReturnSuccessResponseWhenUserIsAValidUser() throws Exception { @Test public void shouldReturnErrorResponseWhenUserIsNotAValidUser() throws Exception { GitHub gitHub = mock(GitHub.class); - when(clientBuilder.build(null, request.getAuthConfig().gitHubConfiguration())) + when(clientBuilder.from(request.getAuthConfig().gitHubConfiguration())) .thenReturn(gitHub); when(request.getUsername()).thenReturn("bob"); when(gitHub.getUser("bob")).thenReturn(null);