LDAP support, courtesy of an anonymous donator

docs-web/src/test/java/com/sismics/docs/rest/TestAppResource.java

@@ -1,10 +1,20 @@
 package com.sismics.docs.rest;
 
+import com.google.common.io.Resources;
 import com.icegreen.greenmail.util.GreenMail;
 import com.icegreen.greenmail.util.GreenMailUtil;
 import com.icegreen.greenmail.util.ServerSetup;
 import com.sismics.docs.core.model.context.AppContext;
 import com.sismics.util.filter.TokenBasedSecurityFilter;
+import org.apache.directory.api.ldap.model.name.Dn;
+import org.apache.directory.server.core.api.DirectoryService;
+import org.apache.directory.server.core.api.partition.Partition;
+import org.apache.directory.server.core.factory.DefaultDirectoryServiceFactory;
+import org.apache.directory.server.core.factory.DirectoryServiceFactory;
+import org.apache.directory.server.core.partition.impl.avl.AvlPartition;
+import org.apache.directory.server.ldap.LdapServer;
+import org.apache.directory.server.protocol.shared.store.LdifFileLoader;
+import org.apache.directory.server.protocol.shared.transport.TcpTransport;
 import org.junit.Assert;
 import org.junit.Test;
 
@@ -14,6 +24,7 @@ import javax.ws.rs.client.Entity;
 import javax.ws.rs.core.Form;
 import javax.ws.rs.core.Response;
 import javax.ws.rs.core.Response.Status;
+import java.io.File;
 
 
 /**
@@ -331,4 +342,95 @@ public class TestAppResource extends BaseJerseyTest {
 
         greenMail.stop();
     }
+
+    /**
+     * Test the LDAP authentication.
+     */
+    @Test
+    public void testLdapAuthentication() throws Exception {
+        // Start LDAP server
+        final DirectoryServiceFactory factory = new DefaultDirectoryServiceFactory();
+        factory.init("Test");
+
+        final DirectoryService directoryService = factory.getDirectoryService();
+        directoryService.getChangeLog().setEnabled(false);
+        directoryService.setShutdownHookEnabled(true);
+
+        final Partition partition = new AvlPartition(directoryService.getSchemaManager());
+        partition.setId("Test");
+        partition.setSuffixDn(new Dn(directoryService.getSchemaManager(), "o=TEST"));
+        partition.initialize();
+        directoryService.addPartition(partition);
+
+        final LdapServer ldapServer = new LdapServer();
+        ldapServer.setTransports(new TcpTransport("localhost", 11389));
+        ldapServer.setDirectoryService(directoryService);
+
+        directoryService.startup();
+        ldapServer.start();
+
+        // Load test data in LDAP
+        new LdifFileLoader(directoryService.getAdminSession(), new File(Resources.getResource("test.ldif").getFile()), null).execute();
+
+        // Login admin
+        String adminToken = clientUtil.login("admin", "admin", false);
+
+        // Get the LDAP configuration
+        JsonObject json = target().path("/app/config_ldap").request()
+                .cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken)
+                .get(JsonObject.class);
+        Assert.assertFalse(json.getBoolean("enabled"));
+
+        // Change LDAP configuration
+        target().path("/app/config_ldap").request()
+                .cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken)
+                .post(Entity.form(new Form()
+                        .param("enabled", "true")
+                        .param("host", "localhost")
+                        .param("port", "11389")
+                        .param("admin_dn", "uid=admin,ou=system")
+                        .param("admin_password", "secret")
+                        .param("base_dn", "o=TEST")
+                        .param("filter", "(&(objectclass=inetOrgPerson)(uid=USERNAME))")
+                        .param("default_email", "devnull@teedy.io")
+                        .param("default_storage", "100000000")
+                ), JsonObject.class);
+
+        // Get the LDAP configuration
+        json = target().path("/app/config_ldap").request()
+                .cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken)
+                .get(JsonObject.class);
+        Assert.assertTrue(json.getBoolean("enabled"));
+        Assert.assertEquals("localhost", json.getString("host"));
+        Assert.assertEquals(11389, json.getJsonNumber("port").intValue());
+        Assert.assertEquals("uid=admin,ou=system", json.getString("admin_dn"));
+        Assert.assertEquals("secret", json.getString("admin_password"));
+        Assert.assertEquals("o=TEST", json.getString("base_dn"));
+        Assert.assertEquals("(&(objectclass=inetOrgPerson)(uid=USERNAME))", json.getString("filter"));
+        Assert.assertEquals("devnull@teedy.io", json.getString("default_email"));
+        Assert.assertEquals(100000000L, json.getJsonNumber("default_storage").longValue());
+
+        // Login with a LDAP user
+        String ldapTopen = clientUtil.login("ldap1", "secret", false);
+
+        // Check user informations
+        json = target().path("/user").request()
+                .cookie(TokenBasedSecurityFilter.COOKIE_NAME, ldapTopen)
+                .get(JsonObject.class);
+        Assert.assertEquals("ldap1@teedy.io", json.getString("email"));
+
+        // List all documents
+        json = target().path("/document/list")
+                .queryParam("sort_column", 3)
+                .queryParam("asc", true)
+                .request()
+                .cookie(TokenBasedSecurityFilter.COOKIE_NAME, ldapTopen)
+                .get(JsonObject.class);
+        JsonArray documents = json.getJsonArray("documents");
+        Assert.assertEquals(0, documents.size());
+
+        // Stop LDAP server
+        ldapServer.stop();
+        directoryService.shutdown();
+    }
 }

docs-web/src/test/resources/log4j.properties

@@ -10,3 +10,4 @@ log4j.logger.com.sismics.util.jpa=ERROR
 log4j.logger.org.hibernate=ERROR
 log4j.logger.org.apache.pdfbox=INFO
 log4j.logger.com.mchange=ERROR
+log4j.logger.org.apache.directory=ERROR

docs-web/src/test/resources/test.ldif

@@ -0,0 +1,19 @@
+version: 1
+
+dn: o=TEST
+objectclass: domain
+objectclass: top
+objectclass: extensibleObject
+dc: TEST
+o: TEST
+
+dn: uid=ldap1,o=TEST
+objectClass: top
+objectClass: inetOrgPerson
+objectClass: person
+objectClass: organizationalPerson
+cn: ldap1
+sn: LDAP 1
+uid: ldap1
+userPassword: secret
+mail: ldap1@teedy.io