I have a custom feature to implement in SonarQube 5.5.
I have a plugin which is basically a fork of the Sonar Open ID Plugin to reflect our company's SSO authentication. It is working fine and it uses cookie based authentication to authenticate users and bring them back into Sonar once validated successfully.
There is one more change that I have been told to make. When the user gets authenticated successfuly by the external authentication provider ( Company's SSO service ) and the user is created ( if not present already), then I need to validate the user. On the basis of the user's validation, I need to add the user to a specific group. If the validation passes, then add this user to group A( Sonar group). If not, then add him to group B( Sonar group).
I cannot use the default group behaviour as in both cases, I need them to be added to some Sonar Group.
This is to be done in a Sonar Plugin for SonarQube 5.5. Can someone tell me how to do that using their Extension Points using the OpenID PLugin as a starting point? Do note that all the existing features of the OpenID Plugin ( auto creation of users if not existing) need to be retained.
Some sample code on how to do this would be really helpful.
THanks in advance!
Since SonarQube 5.4, an API exists in order to be able to authenticate a user using an external provider :
Since 5.5, you can also associate groups from the provider on the user.
Please have a look at the GitHub Authentication plugin which allowing users to authenticate from GitHub and to associate GitHub groups to SonarQube groups.