Skip to content

Commit 70983d1

Browse files
gavinfishdaniel-beck
gavinfish
authored and
daniel-beck
committed
[SECURITY-1390]
1 parent 381cf8a commit 70983d1

File tree

3 files changed

+74
-1
lines changed

3 files changed

+74
-1
lines changed

pom.xml

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -132,6 +132,12 @@
132132
<version>4.5.7</version>
133133
</dependency>
134134

135+
<dependency>
136+
<groupId>junit</groupId>
137+
<artifactId>junit</artifactId>
138+
<version>4.12</version>
139+
<scope>test</scope>
140+
</dependency>
135141
<!--fix the requireUpperBounds errors-->
136142
<dependency>
137143
<groupId>commons-codec</groupId>

src/main/java/com/microsoft/jenkins/azuread/AzureSecurityRealm.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -305,7 +305,7 @@ public void marshal(Object source, HierarchicalStreamWriter writer, MarshallingC
305305
writer.endNode();
306306

307307
writer.startNode("clientsecret");
308-
writer.setValue(realm.getClientSecret());
308+
writer.setValue(realm.getClientSecretSecret());
309309
writer.endNode();
310310

311311
writer.startNode("tenant");

src/test/java/com/microsoft/jenkins/azuread/AzureSecurityRealmTest.java

Lines changed: 67 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,71 @@
11
package com.microsoft.jenkins.azuread;
22

3+
import com.thoughtworks.xstream.io.binary.BinaryStreamReader;
4+
import com.thoughtworks.xstream.io.binary.BinaryStreamWriter;
5+
import org.apache.commons.io.output.ByteArrayOutputStream;
6+
import org.junit.Assert;
7+
import org.junit.Before;
8+
import org.junit.Rule;
9+
import org.junit.Test;
10+
import org.jvnet.hudson.test.JenkinsRule;
11+
12+
import java.io.ByteArrayInputStream;
13+
import java.io.IOException;
14+
import java.util.concurrent.ExecutionException;
15+
316
public class AzureSecurityRealmTest {
17+
@Rule
18+
public JenkinsRule j = new JenkinsRule();
19+
20+
@Before
21+
public void init() throws Exception {
22+
j.recipe();
23+
}
24+
25+
@Test
26+
public void testConverter() throws InterruptedException, ExecutionException, IOException {
27+
BinaryStreamWriter writer = null;
28+
BinaryStreamReader reader = null;
29+
try {
30+
AzureSecurityRealm securityRealm = new AzureSecurityRealm("tenant", "clientId", "secret");
31+
AzureSecurityRealm.ConverterImpl converter = new AzureSecurityRealm.ConverterImpl();
32+
ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
33+
writer = new BinaryStreamWriter(outputStream);
34+
writer.startNode("parentNode");
35+
converter.marshal(securityRealm, writer, null);
36+
writer.endNode();
37+
byte[] bytes = outputStream.toByteArray();
38+
reader = new BinaryStreamReader(new ByteArrayInputStream(bytes));
39+
AzureSecurityRealm result = (AzureSecurityRealm) converter.unmarshal(reader, null);
40+
41+
Assert.assertEquals(securityRealm.getTenant(), result.getTenant());
42+
Assert.assertEquals(securityRealm.getClientId(), result.getClientId());
43+
Assert.assertEquals(securityRealm.getClientSecret(), result.getClientSecret());
44+
} finally {
45+
if (writer != null) {
46+
writer.close();
47+
}
48+
if (reader != null) {
49+
reader.close();
50+
}
51+
}
52+
}
53+
54+
@Test
55+
public void testSavedConfig() throws InterruptedException, ExecutionException, IOException {
56+
BinaryStreamWriter writer = null;
57+
try {
58+
String secretString = "thisIsSpecialSecret";
59+
AzureSecurityRealm securityRealm = new AzureSecurityRealm("tenant", "clientId", secretString);
60+
AzureSecurityRealm.ConverterImpl converter = new AzureSecurityRealm.ConverterImpl();
61+
ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
62+
writer = new BinaryStreamWriter(outputStream);
63+
converter.marshal(securityRealm, writer, null);
64+
Assert.assertFalse(outputStream.toString().contains(secretString));
65+
} finally {
66+
if (writer != null) {
67+
writer.close();
68+
}
69+
}
70+
}
471
}

0 commit comments

Comments
 (0)