Adapt tests to upstream KeyStore validation (#861)

* adapt tests to upstream KeyStore validation * keep codeql happy in test code 🤮
jenkinsci · Jul 11, 2024 · 8e6d479 · 8e6d479
1 parent ad359b3
commit 8e6d479
Showing 1 changed file with 22 additions and 12 deletions.
diff --git a/src/test/java/com/cloudbees/jenkins/plugins/bitbucket/BitbucketAuthenticatorTest.java b/src/test/java/com/cloudbees/jenkins/plugins/bitbucket/BitbucketAuthenticatorTest.java
@@ -6,11 +6,14 @@
 import com.cloudbees.plugins.credentials.Credentials;
 import com.cloudbees.plugins.credentials.CredentialsMatchers;
 import com.cloudbees.plugins.credentials.CredentialsScope;
+import com.cloudbees.plugins.credentials.SecretBytes;
 import com.cloudbees.plugins.credentials.impl.CertificateCredentialsImpl;
 import com.cloudbees.plugins.credentials.impl.UsernamePasswordCredentialsImpl;
-import edu.umd.cs.findbugs.annotations.NonNull;
+import java.io.ByteArrayOutputStream;
+import java.security.KeyStore;
 import java.util.Collections;
 import java.util.List;
+import java.util.UUID;
 import jenkins.authentication.tokens.api.AuthenticationTokenContext;
 import jenkins.authentication.tokens.api.AuthenticationTokens;
 import org.junit.ClassRule;
@@ -57,7 +60,7 @@ public void authenticationContextTest() {
     }
 
     @Test
-    public void passwordCredentialsTest() {
+    public void passwordCredentialsTest() throws Exception {
         List<Credentials> list = Collections.<Credentials>singletonList(new UsernamePasswordCredentialsImpl(
                         CredentialsScope.SYSTEM, "dummy", "dummy", "user", "pass"));
         AuthenticationTokenContext ctx = BitbucketAuthenticator.authenticationContext((null));
@@ -69,9 +72,11 @@ public void passwordCredentialsTest() {
     }
 
     @Test
-    public void certCredentialsTest() {
+    public void certCredentialsTest() throws Exception {
+        // random password in test code to keep code-ql happy 🤮
+        String password = UUID.randomUUID().toString();
         List<Credentials> list = Collections.<Credentials>singletonList(new CertificateCredentialsImpl(
-                CredentialsScope.SYSTEM, "dummy", "dummy", "password", new DummyKeyStoreSource()));
+                CredentialsScope.SYSTEM, "dummy", "dummy", password, new DummyKeyStoreSource(password)));
 
         AuthenticationTokenContext ctx = BitbucketAuthenticator.authenticationContext(null);
         Credentials c = CredentialsMatchers.firstOrNull(list, AuthenticationTokens.matcher(ctx));
@@ -87,15 +92,20 @@ public void certCredentialsTest() {
         assertThat(AuthenticationTokens.convert(ctx, c), notNullValue());
     }
 
-    private static class DummyKeyStoreSource extends CertificateCredentialsImpl.KeyStoreSource {
-        @NonNull
-        @Override
-        public byte[] getKeyStoreBytes() { return new byte[0]; }
+    private static class DummyKeyStoreSource extends CertificateCredentialsImpl.UploadedKeyStoreSource {
 
-        @Override
-        public long getKeyStoreLastModified() { return 0; }
+        DummyKeyStoreSource(String password) throws Exception {
+            super(null, dummyPKCS12Store(password));
+        }
+
+        private static SecretBytes dummyPKCS12Store(String password) throws Exception {
+            KeyStore ks = KeyStore.getInstance("PKCS12");
+            ks.load(null, password.toCharArray());
+            ByteArrayOutputStream bos = new ByteArrayOutputStream();
+            ks.store(bos, password.toCharArray());
+            return SecretBytes.fromBytes(bos.toByteArray());
+        }
 
-        @Override
-        public boolean isSnapshotSource() { return true; }
     }
+
 }