fixup! Omit scm-username annotation from the PAT secret
Igor Vinokur
parent
3ea02a0791
commit
1edc87c2ca
|
|
@ -78,7 +78,7 @@ public class BitbucketServerPersonalAccessTokenFetcher implements PersonalAccess
|
|||
final String tokenName =
|
||||
format(TOKEN_NAME_TEMPLATE, cheUser.getUserId(), apiEndpoint.getHost());
|
||||
try {
|
||||
BitbucketUser user = bitbucketServerApiClient.getUser(null);
|
||||
BitbucketUser user = bitbucketServerApiClient.getUser();
|
||||
LOG.debug("Current bitbucket user {} ", user);
|
||||
// cleanup existed
|
||||
List<BitbucketPersonalAccessToken> existingTokens =
|
||||
|
|
|
|||
|
|
@ -116,7 +116,7 @@ public class BitbucketServerURLParser {
|
|||
"");
|
||||
// If the user request catches the unauthorised error, it means that the provided url
|
||||
// belongs to Bitbucket.
|
||||
bitbucketServerApiClient.getUser(null);
|
||||
bitbucketServerApiClient.getUser();
|
||||
} catch (ScmItemNotFoundException | ScmCommunicationException e) {
|
||||
return false;
|
||||
} catch (ScmUnauthorizedException e) {
|
||||
|
|
|
|||
|
|
@ -80,7 +80,7 @@ public class BitbucketServerUserDataFetcher implements GitUserDataFetcher {
|
|||
for (String bitbucketServerEndpoint : this.registeredBitbucketEndpoints) {
|
||||
if (bitbucketServerApiClient.isConnected(bitbucketServerEndpoint)) {
|
||||
try {
|
||||
BitbucketUser user = bitbucketServerApiClient.getUser(null);
|
||||
BitbucketUser user = bitbucketServerApiClient.getUser();
|
||||
return new GitUserData(user.getDisplayName(), user.getEmailAddress());
|
||||
} catch (ScmItemNotFoundException e) {
|
||||
throw new ScmCommunicationException(e.getMessage(), e);
|
||||
|
|
|
|||
|
|
@ -37,6 +37,7 @@ import java.net.http.HttpResponse;
|
|||
import java.time.Duration;
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
import java.util.Optional;
|
||||
import java.util.Set;
|
||||
import java.util.concurrent.Executors;
|
||||
import java.util.function.Function;
|
||||
|
|
@ -110,12 +111,18 @@ public class HttpBitbucketServerApiClient implements BitbucketServerApiClient {
|
|||
}
|
||||
|
||||
@Override
|
||||
public BitbucketUser getUser(@Nullable String token)
|
||||
public BitbucketUser getUser(String token)
|
||||
throws ScmItemNotFoundException, ScmUnauthorizedException, ScmCommunicationException {
|
||||
return getUser(getUserSlug(token), token);
|
||||
return getUser(getUserSlug(Optional.of(token)), Optional.of(token));
|
||||
}
|
||||
|
||||
private String getUserSlug(@Nullable String token)
|
||||
@Override
|
||||
public BitbucketUser getUser()
|
||||
throws ScmItemNotFoundException, ScmUnauthorizedException, ScmCommunicationException {
|
||||
return getUser(getUserSlug(Optional.empty()), Optional.empty());
|
||||
}
|
||||
|
||||
private String getUserSlug(Optional<String> token)
|
||||
throws ScmCommunicationException, ScmUnauthorizedException, ScmItemNotFoundException {
|
||||
URI uri;
|
||||
try {
|
||||
|
|
@ -129,8 +136,8 @@ public class HttpBitbucketServerApiClient implements BitbucketServerApiClient {
|
|||
HttpRequest.newBuilder(uri)
|
||||
.headers(
|
||||
"Authorization",
|
||||
token != null
|
||||
? "Bearer " + token
|
||||
token.isPresent()
|
||||
? "Bearer " + token.get()
|
||||
: computeAuthorizationHeader("GET", uri.toString()))
|
||||
.timeout(DEFAULT_HTTP_TIMEOUT)
|
||||
.build();
|
||||
|
|
@ -152,7 +159,7 @@ public class HttpBitbucketServerApiClient implements BitbucketServerApiClient {
|
|||
}
|
||||
}
|
||||
|
||||
private BitbucketUser getUser(String slug, @Nullable String token)
|
||||
private BitbucketUser getUser(String slug, Optional<String> token)
|
||||
throws ScmItemNotFoundException, ScmUnauthorizedException, ScmCommunicationException {
|
||||
URI uri;
|
||||
try {
|
||||
|
|
@ -166,8 +173,8 @@ public class HttpBitbucketServerApiClient implements BitbucketServerApiClient {
|
|||
HttpRequest.newBuilder(uri)
|
||||
.headers(
|
||||
"Authorization",
|
||||
token != null
|
||||
? "Bearer " + token
|
||||
token.isPresent()
|
||||
? "Bearer " + token.get()
|
||||
: computeAuthorizationHeader("GET", uri.toString()))
|
||||
.timeout(DEFAULT_HTTP_TIMEOUT)
|
||||
.build();
|
||||
|
|
@ -255,7 +262,7 @@ public class HttpBitbucketServerApiClient implements BitbucketServerApiClient {
|
|||
ScmItemNotFoundException {
|
||||
BitbucketPersonalAccessToken token =
|
||||
new BitbucketPersonalAccessToken(tokenName, permissions, 90);
|
||||
URI uri = serverUri.resolve("./rest/access-tokens/1.0/users/" + getUserSlug(null));
|
||||
URI uri = serverUri.resolve("./rest/access-tokens/1.0/users/" + getUserSlug(Optional.empty()));
|
||||
|
||||
try {
|
||||
HttpRequest request =
|
||||
|
|
@ -298,7 +305,7 @@ public class HttpBitbucketServerApiClient implements BitbucketServerApiClient {
|
|||
try {
|
||||
return doGetItems(
|
||||
BitbucketPersonalAccessToken.class,
|
||||
"./rest/access-tokens/1.0/users/" + getUserSlug(null),
|
||||
"./rest/access-tokens/1.0/users/" + getUserSlug(Optional.empty()),
|
||||
null);
|
||||
} catch (ScmBadRequestException e) {
|
||||
throw new ScmCommunicationException(e.getMessage(), e);
|
||||
|
|
@ -309,7 +316,8 @@ public class HttpBitbucketServerApiClient implements BitbucketServerApiClient {
|
|||
public BitbucketPersonalAccessToken getPersonalAccessToken(Long tokenId)
|
||||
throws ScmItemNotFoundException, ScmUnauthorizedException, ScmCommunicationException {
|
||||
URI uri =
|
||||
serverUri.resolve("./rest/access-tokens/1.0/users/" + getUserSlug(null) + "/" + tokenId);
|
||||
serverUri.resolve(
|
||||
"./rest/access-tokens/1.0/users/" + getUserSlug(Optional.empty()) + "/" + tokenId);
|
||||
HttpRequest request =
|
||||
HttpRequest.newBuilder(uri)
|
||||
.headers(
|
||||
|
|
|
|||
|
|
@ -17,7 +17,6 @@ import org.eclipse.che.api.factory.server.scm.exception.ScmBadRequestException;
|
|||
import org.eclipse.che.api.factory.server.scm.exception.ScmCommunicationException;
|
||||
import org.eclipse.che.api.factory.server.scm.exception.ScmItemNotFoundException;
|
||||
import org.eclipse.che.api.factory.server.scm.exception.ScmUnauthorizedException;
|
||||
import org.eclipse.che.commons.annotation.Nullable;
|
||||
|
||||
/** Bitbucket Server API client. */
|
||||
public interface BitbucketServerApiClient {
|
||||
|
|
@ -28,13 +27,17 @@ public interface BitbucketServerApiClient {
|
|||
boolean isConnected(String bitbucketServerUrl);
|
||||
|
||||
/**
|
||||
* @param token token to override. Pass {@code null} to use token from the authentication flow.
|
||||
* @return - Retrieve the {@link BitbucketUser} matching the supplied userSlug.
|
||||
* @throws ScmItemNotFoundException
|
||||
* @throws ScmUnauthorizedException
|
||||
* @throws ScmCommunicationException
|
||||
* @param token token to authorise the user request.
|
||||
* @return - authenticated {@link BitbucketUser}.
|
||||
*/
|
||||
BitbucketUser getUser(@Nullable String token)
|
||||
BitbucketUser getUser(String token)
|
||||
throws ScmItemNotFoundException, ScmUnauthorizedException, ScmCommunicationException;
|
||||
|
||||
/**
|
||||
* @return Retrieve the authenticated {@link BitbucketUser} using an OAuth token.
|
||||
* @return - authenticated {@link BitbucketUser}.
|
||||
*/
|
||||
BitbucketUser getUser()
|
||||
throws ScmItemNotFoundException, ScmUnauthorizedException, ScmCommunicationException;
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -17,7 +17,6 @@ import org.eclipse.che.api.factory.server.scm.exception.ScmBadRequestException;
|
|||
import org.eclipse.che.api.factory.server.scm.exception.ScmCommunicationException;
|
||||
import org.eclipse.che.api.factory.server.scm.exception.ScmItemNotFoundException;
|
||||
import org.eclipse.che.api.factory.server.scm.exception.ScmUnauthorizedException;
|
||||
import org.eclipse.che.commons.annotation.Nullable;
|
||||
|
||||
/**
|
||||
* Implementation of @{@link BitbucketServerApiClient} that is going to be deployed in container in
|
||||
|
|
@ -30,7 +29,14 @@ public class NoopBitbucketServerApiClient implements BitbucketServerApiClient {
|
|||
}
|
||||
|
||||
@Override
|
||||
public BitbucketUser getUser(@Nullable String token)
|
||||
public BitbucketUser getUser(String token)
|
||||
throws ScmItemNotFoundException, ScmUnauthorizedException, ScmCommunicationException {
|
||||
throw new RuntimeException(
|
||||
"The fallback noop api client cannot be used for real operation. Make sure Bitbucket OAuth1 is properly configured.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public BitbucketUser getUser()
|
||||
throws ScmItemNotFoundException, ScmUnauthorizedException, ScmCommunicationException {
|
||||
throw new RuntimeException(
|
||||
"The fallback noop api client cannot be used for real operation. Make sure Bitbucket OAuth1 is properly configured.");
|
||||
|
|
|
|||
|
|
@ -14,7 +14,6 @@ package org.eclipse.che.api.factory.server.bitbucket;
|
|||
import static java.lang.String.valueOf;
|
||||
import static org.mockito.ArgumentMatchers.eq;
|
||||
import static org.mockito.Mockito.doThrow;
|
||||
import static org.mockito.Mockito.mock;
|
||||
import static org.mockito.Mockito.verify;
|
||||
import static org.mockito.Mockito.when;
|
||||
import static org.testng.Assert.assertEquals;
|
||||
|
|
@ -29,7 +28,6 @@ import java.net.MalformedURLException;
|
|||
import java.net.URL;
|
||||
import java.util.Collections;
|
||||
import java.util.Optional;
|
||||
import org.eclipse.che.api.auth.shared.dto.OAuthToken;
|
||||
import org.eclipse.che.api.core.BadRequestException;
|
||||
import org.eclipse.che.api.core.ConflictException;
|
||||
import org.eclipse.che.api.core.ForbiddenException;
|
||||
|
|
@ -63,7 +61,7 @@ public class BitbucketServerPersonalAccessTokenFetcherTest {
|
|||
String someBitbucketURL = "https://some.bitbucketserver.com";
|
||||
Subject subject;
|
||||
@Mock BitbucketServerApiClient bitbucketServerApiClient;
|
||||
@Mock PersonalAccessTokenParams personalAccessToken;
|
||||
@Mock PersonalAccessTokenParams personalAccessTokenParams;
|
||||
@Mock OAuthAPI oAuthAPI;
|
||||
BitbucketUser bitbucketUser;
|
||||
BitbucketServerPersonalAccessTokenFetcher fetcher;
|
||||
|
|
@ -134,7 +132,7 @@ public class BitbucketServerPersonalAccessTokenFetcherTest {
|
|||
throws ScmUnauthorizedException, ScmCommunicationException, ScmItemNotFoundException {
|
||||
// given
|
||||
when(bitbucketServerApiClient.isConnected(eq(someNotBitbucketURL))).thenReturn(true);
|
||||
doThrow(exception).when(bitbucketServerApiClient).getUser(null);
|
||||
doThrow(exception).when(bitbucketServerApiClient).getUser();
|
||||
// when
|
||||
fetcher.fetchPersonalAccessToken(subject, someNotBitbucketURL);
|
||||
}
|
||||
|
|
@ -145,7 +143,7 @@ public class BitbucketServerPersonalAccessTokenFetcherTest {
|
|||
ScmBadRequestException {
|
||||
// given
|
||||
when(bitbucketServerApiClient.isConnected(eq(someBitbucketURL))).thenReturn(true);
|
||||
when(bitbucketServerApiClient.getUser(null)).thenReturn(bitbucketUser);
|
||||
when(bitbucketServerApiClient.getUser()).thenReturn(bitbucketUser);
|
||||
when(bitbucketServerApiClient.getPersonalAccessTokens()).thenReturn(Collections.emptyList());
|
||||
|
||||
when(bitbucketServerApiClient.createPersonalAccessTokens(
|
||||
|
|
@ -168,7 +166,7 @@ public class BitbucketServerPersonalAccessTokenFetcherTest {
|
|||
throws ScmUnauthorizedException, ScmCommunicationException, ScmItemNotFoundException,
|
||||
ScmBadRequestException {
|
||||
when(bitbucketServerApiClient.isConnected(eq(someBitbucketURL))).thenReturn(true);
|
||||
when(bitbucketServerApiClient.getUser(null)).thenReturn(bitbucketUser);
|
||||
when(bitbucketServerApiClient.getUser()).thenReturn(bitbucketUser);
|
||||
when(bitbucketServerApiClient.getPersonalAccessTokens())
|
||||
.thenReturn(ImmutableList.of(bitbucketPersonalAccessToken, bitbucketPersonalAccessToken2));
|
||||
when(bitbucketServerApiClient.createPersonalAccessTokens(
|
||||
|
|
@ -191,7 +189,7 @@ public class BitbucketServerPersonalAccessTokenFetcherTest {
|
|||
ScmBadRequestException {
|
||||
// given
|
||||
when(bitbucketServerApiClient.isConnected(eq(someBitbucketURL))).thenReturn(true);
|
||||
when(bitbucketServerApiClient.getUser(null)).thenReturn(bitbucketUser);
|
||||
when(bitbucketServerApiClient.getUser()).thenReturn(bitbucketUser);
|
||||
when(bitbucketServerApiClient.getPersonalAccessTokens()).thenReturn(Collections.emptyList());
|
||||
doThrow(ScmBadRequestException.class)
|
||||
.when(bitbucketServerApiClient)
|
||||
|
|
@ -209,11 +207,11 @@ public class BitbucketServerPersonalAccessTokenFetcherTest {
|
|||
ServerException, ConflictException, UnauthorizedException, NotFoundException,
|
||||
BadRequestException {
|
||||
// given
|
||||
when(oAuthAPI.getToken(eq("bitbucket"))).thenReturn(mock(OAuthToken.class));
|
||||
when(personalAccessToken.getScmProviderUrl()).thenReturn(someNotBitbucketURL);
|
||||
when(personalAccessTokenParams.getToken()).thenReturn("token");
|
||||
when(personalAccessTokenParams.getScmProviderUrl()).thenReturn(someNotBitbucketURL);
|
||||
when(bitbucketServerApiClient.isConnected(eq(someNotBitbucketURL))).thenReturn(false);
|
||||
// when
|
||||
Optional<Pair<Boolean, String>> result = fetcher.isValid(personalAccessToken);
|
||||
Optional<Pair<Boolean, String>> result = fetcher.isValid(personalAccessTokenParams);
|
||||
// then
|
||||
assertTrue(result.isEmpty());
|
||||
}
|
||||
|
|
@ -222,14 +220,14 @@ public class BitbucketServerPersonalAccessTokenFetcherTest {
|
|||
public void shouldBeAbleToValidateToken()
|
||||
throws ScmUnauthorizedException, ScmCommunicationException, ScmItemNotFoundException {
|
||||
// given
|
||||
when(personalAccessToken.getScmProviderUrl()).thenReturn(someBitbucketURL);
|
||||
when(personalAccessToken.getScmTokenId())
|
||||
when(personalAccessTokenParams.getScmProviderUrl()).thenReturn(someBitbucketURL);
|
||||
when(personalAccessTokenParams.getScmTokenId())
|
||||
.thenReturn(Long.toString(bitbucketPersonalAccessToken.getId()));
|
||||
when(bitbucketServerApiClient.isConnected(eq(someBitbucketURL))).thenReturn(true);
|
||||
when(bitbucketServerApiClient.getPersonalAccessToken(eq(bitbucketPersonalAccessToken.getId())))
|
||||
.thenReturn(bitbucketPersonalAccessToken);
|
||||
// when
|
||||
Optional<Pair<Boolean, String>> result = fetcher.isValid(personalAccessToken);
|
||||
Optional<Pair<Boolean, String>> result = fetcher.isValid(personalAccessTokenParams);
|
||||
// then
|
||||
assertFalse(result.isEmpty());
|
||||
assertTrue(result.get().first);
|
||||
|
|
|
|||
|
|
@ -64,7 +64,7 @@ public class BitbucketServerUserDataFetcherTest {
|
|||
ScmBadRequestException, ScmConfigurationPersistenceException {
|
||||
// given
|
||||
when(bitbucketServerApiClient.isConnected(eq(someBitbucketURL))).thenReturn(true);
|
||||
when(bitbucketServerApiClient.getUser(null)).thenReturn(bitbucketUser);
|
||||
when(bitbucketServerApiClient.getUser()).thenReturn(bitbucketUser);
|
||||
// when
|
||||
GitUserData gitUserData = fetcher.fetchGitUserData();
|
||||
// then
|
||||
|
|
|
|||
|
|
@ -121,7 +121,7 @@ public class HttpBitbucketServerApiClientTest {
|
|||
.withHeader("Content-Type", "application/json; charset=utf-8")
|
||||
.withBodyFile("bitbucket/rest/api/1.0/users/ksmster/response.json")));
|
||||
|
||||
BitbucketUser user = bitbucketServer.getUser(null);
|
||||
BitbucketUser user = bitbucketServer.getUser();
|
||||
assertNotNull(user);
|
||||
}
|
||||
|
||||
|
|
@ -338,7 +338,7 @@ public class HttpBitbucketServerApiClientTest {
|
|||
.withBodyFile("bitbucket/rest/api/1.0/users/ksmster/response.json")));
|
||||
|
||||
// when
|
||||
bitbucketServer.getUser(null);
|
||||
bitbucketServer.getUser();
|
||||
|
||||
// then
|
||||
verify(oAuthAPI, times(2)).getToken(eq("bitbucket"));
|
||||
|
|
|
|||
Loading…
Reference in New Issue