Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Login modifier reads from env #583

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

Login modifier reads from env #583

wants to merge 3 commits into from

Conversation

malaskowski
Copy link
Contributor

Description

Login modifier can read login and password from environment variables.

Motivation and Context

Fixes #512

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)

Checklist:

  • My code follows the code style of this project.
  • I have reviewed (and updated if needed) the documentation regarding this change

I hereby agree to the terms of the AET Contributor License Agreement.

@malaskowski malaskowski force-pushed the feature/login-modifier-password-from-env branch 2 times, most recently from 519da53 to 36ac96e Compare October 19, 2020 07:22
@malaskowski malaskowski mentioned this pull request Oct 19, 2020
Merged
toniedzwiedz
toniedzwiedz reviewed Oct 19, 2020
View reviewed changes
...jobs/src/test/java/com/cognifide/aet/job/common/modifiers/login/LoginModifierConfigTest.java

import com.cognifide.aet.job.api.exceptions.ParametersException;
import com.googlecode.zohhak.api.TestWith;
import com.googlecode.zohhak.api.runners.ZohhakRunner;
Copy link
Contributor

@toniedzwiedz toniedzwiedz Oct 19, 2020
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's a completely separate conversation but, out of curiosity, have you considered migrating to JUnit 5? Something I could help with?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sure, generally this is good idea to migrate to JUnit 5 - but there was never time for that.
This is definitely the thing you could help with and create a PR 😃

toniedzwiedz
toniedzwiedz reviewed Oct 19, 2020
View reviewed changes
...jobs/src/test/java/com/cognifide/aet/job/common/modifiers/login/LoginModifierConfigTest.java Outdated
Map<String, String> params = new HashMap<>();
params.put(LOGIN_PAGE_PARAM, "whatever");
params.put(PASSWORD_PARAM, "${MY_SECRET_PASSWORD}");
environmentVariables.set("MY_SECRET_PASSWORD", "pass-form-env");
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Typo?

Suggested change
environmentVariables.set("MY_SECRET_PASSWORD", "pass-form-env");
environmentVariables.set("MY_SECRET_PASSWORD", "pass-from-env");

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, that's typo I will fix that in IDE together with assertion. Thanks for spotting.

core/jobs/src/main/java/com/cognifide/aet/job/common/modifiers/login/LoginModifierConfig.java
@@ -36,11 +37,11 @@

private static final String DEFAULT_LOGIN_TOKEN = "login-token";

private static final String LOGIN_PARAM = "login";
static final String LOGIN_PARAM = "login";
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not sure I'm reading this right but if this is literally going to be the name of the Environment variable to set, how about prefixing it with something more explicit?At the moment, it's quite generic and not immediately associated with AET, a kind of thing that might get users and administrators confusing.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This constant is the name of a param that is passed via XML suite definition. The actual environment variable name is configured through that param, see the example:

<login login="${LOGIN_EXAMPLE_ADMIN_PANEL}"
                password="${PASS_EXAMPLE_ADMIN_PANEL}"
                login-page="/login.html"
                login-input-selector="//input[@name='j_username']"
                password-input-selector="//input[@name='j_password']"
                submit-button-selector="//*[@type='submit']" />

@malaskowski malaskowski force-pushed the feature/login-modifier-password-from-env branch from 36ac96e to f73bed6 Compare October 19, 2020 14:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@toniedzwiedz toniedzwiedz toniedzwiedz left review comments

@tkaik tkaik tkaik approved these changes

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Secure login mechanism
4 participants
@malaskowski @tkaik @toniedzwiedz @radeklawgmin