[SECURITY-2053] Remove Basic/Digest authentication

src/main/java/jenkins/plugins/http_request/HttpRequest.java

@@ -42,7 +42,6 @@
 import hudson.util.ListBoxModel;
 import hudson.util.ListBoxModel.Option;
 
-import jenkins.plugins.http_request.auth.BasicDigestAuthentication;
 import jenkins.plugins.http_request.auth.FormAuthentication;
 import jenkins.plugins.http_request.util.HttpClientUtil;
 import jenkins.plugins.http_request.util.HttpRequestFormDataPart;
@@ -536,10 +535,6 @@ public static ListBoxModel fillAuthenticationItems(Item project, String url) {
 			}
 
 			List<Option> options = new ArrayList<>();
-			for (BasicDigestAuthentication basic : HttpRequestGlobalConfig.get().getBasicDigestAuthentications()) {
-				options.add(new Option("(deprecated - use Jenkins Credentials) " +
-						basic.getKeyName(), basic.getKeyName()));
-            }
 
             for (FormAuthentication formAuthentication : HttpRequestGlobalConfig.get().getFormAuthentications()) {
 				options.add(new Option(formAuthentication.getKeyName()));

src/main/java/jenkins/plugins/http_request/HttpRequestGlobalConfig.java

@@ -18,7 +18,6 @@
 import jenkins.model.Jenkins;
 
 import jenkins.plugins.http_request.auth.Authenticator;
-import jenkins.plugins.http_request.auth.BasicDigestAuthentication;
 import jenkins.plugins.http_request.auth.FormAuthentication;
 import jenkins.plugins.http_request.util.HttpRequestNameValuePair;
 
@@ -28,7 +27,6 @@
 @Extension
 public class HttpRequestGlobalConfig extends GlobalConfiguration {
 
-    private List<BasicDigestAuthentication> basicDigestAuthentications = new ArrayList<>();
     private List<FormAuthentication> formAuthentications = new ArrayList<>();
 
     private static final XStream2 XSTREAM2 = new XStream2();
@@ -78,15 +76,6 @@ public static HttpRequestGlobalConfig get() {
         return GlobalConfiguration.all().get(HttpRequestGlobalConfig.class);
     }
 
-    public List<BasicDigestAuthentication> getBasicDigestAuthentications() {
-        return basicDigestAuthentications;
-    }
-
-    public void setBasicDigestAuthentications(
-            List<BasicDigestAuthentication> basicDigestAuthentications) {
-        this.basicDigestAuthentications = basicDigestAuthentications;
-    }
-
     public List<FormAuthentication> getFormAuthentications() {
         return formAuthentications;
     }
@@ -96,12 +85,9 @@ public void setFormAuthentications(
         this.formAuthentications = formAuthentications;
     }
 
-    public List<Authenticator> getAuthentications() {
-        List<Authenticator> list = new ArrayList<>();
-        list.addAll(basicDigestAuthentications);
-        list.addAll(formAuthentications);
-        return list;
-    }
+	public List<Authenticator> getAuthentications() {
+		return new ArrayList<>(formAuthentications);
+	}
 
     public Authenticator getAuthentication(String keyName) {
         for (Authenticator authenticator : getAuthentications()) {

src/main/resources/jenkins/plugins/http_request/HttpRequestGlobalConfig/config.jelly

@@ -18,27 +18,6 @@
 		</d:tag>
 	</d:taglib>
     <f:section title="HTTP Request">
-    	<f:entry title="DEPRECATED (use Jenkins credentials) Basic/Digest Authentication">
-            <f:repeatable field="basicDigestAuthentications">
-				<local:blockWrapper>
-                    <f:entry title="Key Name" field="keyName" help="/plugin/http_request/help-keyName.html">
-                        <f:textbox />
-                    </f:entry>
-                    <f:entry title="Username" field="userName" help="/plugin/http_request/help-userName.html">
-                        <f:textbox />
-                    </f:entry>
-                    <f:entry title="Password" field="password" help="/plugin/http_request/help-password.html">
-                        <f:password />
-                    </f:entry>
-                    <f:entry title="">
-                        <div align="right">
-                            <f:repeatableDeleteButton />
-                        </div>
-                    </f:entry>
-				</local:blockWrapper>
-            </f:repeatable>
-        </f:entry>
-
         <f:entry title="Form Authentication">
             <f:repeatable field="formAuthentications">
                 <local:blockWrapper>

src/test/java/jenkins/plugins/http_request/HttpRequestBackwardCompatibilityTest.java

@@ -15,7 +15,6 @@
 import hudson.model.FreeStyleProject;
 import hudson.tasks.Builder;
 
-import jenkins.plugins.http_request.auth.BasicDigestAuthentication;
 import jenkins.plugins.http_request.auth.FormAuthentication;
 import jenkins.plugins.http_request.util.HttpRequestNameValuePair;
 import jenkins.plugins.http_request.util.RequestAction;
@@ -33,7 +32,6 @@ public class HttpRequestBackwardCompatibilityTest {
     public void defaultGlobalConfig() {
         // Test that config from 1.8.6 can be loaded
         HttpRequestGlobalConfig cfg = HttpRequestGlobalConfig.get();
-        assertEquals(Collections.emptyList(), cfg.getBasicDigestAuthentications());
         assertEquals(Collections.emptyList(), cfg.getFormAuthentications());
         assertEquals("jenkins.plugins.http_request.HttpRequest.xml", cfg.getConfigFile().getFile().getName());
     }
@@ -46,18 +44,6 @@ public void populatedGlobalConfig() {
         // and the HttpRequestGlobalConfig.getConfigFile() method
         HttpRequestGlobalConfig cfg = HttpRequestGlobalConfig.get();
 
-        List<BasicDigestAuthentication> bdas = cfg.getBasicDigestAuthentications();
-        assertEquals(2,bdas.size());
-		Iterator<BasicDigestAuthentication> itr = bdas.iterator();
-		BasicDigestAuthentication bda = itr.next();
-		assertEquals("k1",bda.getKeyName());
-        assertEquals("u1",bda.getUserName());
-        assertEquals("p1",bda.getPassword());
-		bda = itr.next();
-		assertEquals("k2",bda.getKeyName());
-        assertEquals("u2",bda.getUserName());
-        assertEquals("p2",bda.getPassword());
-
         List<FormAuthentication> fas = cfg.getFormAuthentications();
         assertEquals(1,fas.size());
 

src/test/java/jenkins/plugins/http_request/HttpRequestRoundTripTest.java

@@ -10,7 +10,6 @@
 import java.util.ArrayList;
 import java.util.List;
 
-import jenkins.plugins.http_request.auth.BasicDigestAuthentication;
 import jenkins.plugins.http_request.auth.FormAuthentication;
 import jenkins.plugins.http_request.util.HttpRequestNameValuePair;
 import jenkins.plugins.http_request.util.RequestAction;
@@ -62,12 +61,6 @@ public void configRoundtripGroup2() throws Exception {
 
     @Test
     public void configRoundtripGroup3() throws Exception {
-        List<BasicDigestAuthentication> bda = new ArrayList<>();
-        bda.add(new BasicDigestAuthentication("keyname1","username1","password1"));
-        bda.add(new BasicDigestAuthentication("keyname2","username2","password2"));
-        HttpRequestGlobalConfig.get().setBasicDigestAuthentications(bda);
-        configRoundTrip(before);
-
         List<HttpRequestNameValuePair> params = new ArrayList<>();
         params.add(new HttpRequestNameValuePair("param1","value1"));
         params.add(new HttpRequestNameValuePair("param2","value2"));
@@ -117,18 +110,6 @@ private void configRoundTrip(HttpRequest before) throws Exception {
           assertEquals(bnvp.getValue(),anvp.getValue());
         }
 
-        // Basic authentication check
-        List<BasicDigestAuthentication> beforeBdas = HttpRequestGlobalConfig.get().getBasicDigestAuthentications();
-        List<BasicDigestAuthentication> afterBdas  = HttpRequestGlobalConfig.get().getBasicDigestAuthentications();
-        assertEquals(beforeBdas.size(), afterBdas.size());
-        for (int idx = 0; idx < beforeBdas.size(); idx++) {
-            BasicDigestAuthentication beforeBda = beforeBdas.get(idx);
-            BasicDigestAuthentication afterBda = afterBdas.get(idx);
-            assertEquals(beforeBda.getKeyName(), afterBda.getKeyName());
-            assertEquals(beforeBda.getUserName(),afterBda.getUserName());
-            assertEquals(beforeBda.getPassword(),afterBda.getPassword());
-        }
-
         // Form authentication check
         List<FormAuthentication> beforeFas = HttpRequestGlobalConfig.get().getFormAuthentications();
         List<FormAuthentication> afterFas  = HttpRequestGlobalConfig.get().getFormAuthentications();

src/test/java/jenkins/plugins/http_request/HttpRequestStepRoundTripTest.java

@@ -4,7 +4,6 @@
 import java.util.ArrayList;
 import java.util.List;
 
-import jenkins.plugins.http_request.auth.BasicDigestAuthentication;
 import jenkins.plugins.http_request.auth.FormAuthentication;
 import jenkins.plugins.http_request.util.HttpRequestNameValuePair;
 import jenkins.plugins.http_request.util.RequestAction;
@@ -54,12 +53,6 @@ public void configRoundtripGroup2() throws Exception {
 
     @Test
     public void configRoundtripGroup3() throws Exception {
-        List<BasicDigestAuthentication> bda = new ArrayList<>();
-        bda.add(new BasicDigestAuthentication("keyname1","username1","password1"));
-        bda.add(new BasicDigestAuthentication("keyname2","username2","password2"));
-        HttpRequestGlobalConfig.get().setBasicDigestAuthentications(bda);
-        configRoundTrip(before);
-
         List<HttpRequestNameValuePair> params = new ArrayList<>();
         params.add(new HttpRequestNameValuePair("param1","value1"));
         params.add(new HttpRequestNameValuePair("param2","value2"));
@@ -112,18 +105,6 @@ private void configRoundTrip(HttpRequestStep before) throws Exception {
           assertEquals(bnvp.getValue(),anvp.getValue());
         }
 
-        // Basic authentication check
-        List<BasicDigestAuthentication> beforeBdas = HttpRequestGlobalConfig.get().getBasicDigestAuthentications();
-        List<BasicDigestAuthentication> afterBdas  = HttpRequestGlobalConfig.get().getBasicDigestAuthentications();
-        assertEquals(beforeBdas.size(), afterBdas.size());
-        for (int idx = 0; idx < beforeBdas.size(); idx++) {
-            BasicDigestAuthentication beforeBda = beforeBdas.get(idx);
-            BasicDigestAuthentication afterBda = afterBdas.get(idx);
-            assertEquals(beforeBda.getKeyName(), afterBda.getKeyName());
-            assertEquals(beforeBda.getUserName(),afterBda.getUserName());
-            assertEquals(beforeBda.getPassword(),afterBda.getPassword());
-        }
-
         // Form authentication check
         List<FormAuthentication> beforeFas = HttpRequestGlobalConfig.get().getFormAuthentications();
         List<FormAuthentication> afterFas  = HttpRequestGlobalConfig.get().getFormAuthentications();