Fetch oauth tokens from kubernetes secrets
ivinokur
parent
9422bf86ac
commit
71b21e37f5
|
|
@ -51,10 +51,6 @@
|
|||
<groupId>jakarta.ws.rs</groupId>
|
||||
<artifactId>jakarta.ws.rs-api</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.eclipse.che.core</groupId>
|
||||
<artifactId>che-core-api-auth</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.eclipse.che.core</groupId>
|
||||
<artifactId>che-core-api-core</artifactId>
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2012-2023 Red Hat, Inc.
|
||||
* Copyright (c) 2012-2024 Red Hat, Inc.
|
||||
* This program and the accompanying materials are made
|
||||
* available under the terms of the Eclipse Public License 2.0
|
||||
* which is available at https://www.eclipse.org/legal/epl-2.0/
|
||||
|
|
@ -15,7 +15,6 @@ import com.google.inject.AbstractModule;
|
|||
import org.eclipse.che.api.factory.server.scm.kubernetes.KubernetesAuthorisationRequestManager;
|
||||
import org.eclipse.che.api.factory.server.scm.kubernetes.KubernetesGitCredentialManager;
|
||||
import org.eclipse.che.api.factory.server.scm.kubernetes.KubernetesPersonalAccessTokenManager;
|
||||
import org.eclipse.che.security.oauth.AuthorisationRequestManager;
|
||||
|
||||
public class KubernetesScmModule extends AbstractModule {
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2012-2023 Red Hat, Inc.
|
||||
* Copyright (c) 2012-2024 Red Hat, Inc.
|
||||
* This program and the accompanying materials are made
|
||||
* available under the terms of the Eclipse Public License 2.0
|
||||
* which is available at https://www.eclipse.org/legal/epl-2.0/
|
||||
|
|
@ -28,10 +28,10 @@ import java.util.List;
|
|||
import java.util.Map;
|
||||
import javax.inject.Inject;
|
||||
import javax.inject.Singleton;
|
||||
import org.eclipse.che.api.factory.server.scm.AuthorisationRequestManager;
|
||||
import org.eclipse.che.api.factory.server.scm.exception.ScmConfigurationPersistenceException;
|
||||
import org.eclipse.che.api.factory.server.scm.exception.UnsatisfiedScmPreconditionException;
|
||||
import org.eclipse.che.api.workspace.server.spi.InfrastructureException;
|
||||
import org.eclipse.che.security.oauth.AuthorisationRequestManager;
|
||||
import org.eclipse.che.workspace.infrastructure.kubernetes.CheServerKubernetesClientFactory;
|
||||
import org.eclipse.che.workspace.infrastructure.kubernetes.api.shared.KubernetesNamespaceMeta;
|
||||
import org.eclipse.che.workspace.infrastructure.kubernetes.namespace.KubernetesNamespaceFactory;
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2012-2023 Red Hat, Inc.
|
||||
* Copyright (c) 2012-2024 Red Hat, Inc.
|
||||
* This program and the accompanying materials are made
|
||||
* available under the terms of the Eclipse Public License 2.0
|
||||
* which is available at https://www.eclipse.org/legal/epl-2.0/
|
||||
|
|
@ -142,8 +142,7 @@ public class KubernetesPersonalAccessTokenManager implements PersonalAccessToken
|
|||
|
||||
@Override
|
||||
public Optional<PersonalAccessToken> get(Subject cheUser, String scmServerUrl)
|
||||
throws ScmConfigurationPersistenceException, ScmUnauthorizedException,
|
||||
ScmCommunicationException {
|
||||
throws ScmConfigurationPersistenceException {
|
||||
return doGetPersonalAccessToken(cheUser, null, scmServerUrl);
|
||||
}
|
||||
|
||||
|
|
@ -165,15 +164,13 @@ public class KubernetesPersonalAccessTokenManager implements PersonalAccessToken
|
|||
@Override
|
||||
public Optional<PersonalAccessToken> get(
|
||||
Subject cheUser, String oAuthProviderName, @Nullable String scmServerUrl)
|
||||
throws ScmConfigurationPersistenceException, ScmUnauthorizedException,
|
||||
ScmCommunicationException {
|
||||
throws ScmConfigurationPersistenceException {
|
||||
return doGetPersonalAccessToken(cheUser, oAuthProviderName, scmServerUrl);
|
||||
}
|
||||
|
||||
private Optional<PersonalAccessToken> doGetPersonalAccessToken(
|
||||
Subject cheUser, @Nullable String oAuthProviderName, @Nullable String scmServerUrl)
|
||||
throws ScmConfigurationPersistenceException, ScmUnauthorizedException,
|
||||
ScmCommunicationException {
|
||||
throws ScmConfigurationPersistenceException {
|
||||
try {
|
||||
for (KubernetesNamespaceMeta namespaceMeta : namespaceFactory.list()) {
|
||||
List<Secret> secrets =
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2012-2023 Red Hat, Inc.
|
||||
* Copyright (c) 2012-2024 Red Hat, Inc.
|
||||
* This program and the accompanying materials are made
|
||||
* available under the terms of the Eclipse Public License 2.0
|
||||
* which is available at https://www.eclipse.org/legal/epl-2.0/
|
||||
|
|
@ -17,9 +17,7 @@ import javax.inject.Inject;
|
|||
import javax.inject.Singleton;
|
||||
import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenFetcher;
|
||||
import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager;
|
||||
import org.eclipse.che.api.factory.server.scm.exception.ScmCommunicationException;
|
||||
import org.eclipse.che.api.factory.server.scm.exception.ScmConfigurationPersistenceException;
|
||||
import org.eclipse.che.api.factory.server.scm.exception.ScmUnauthorizedException;
|
||||
import org.eclipse.che.api.workspace.server.spi.InfrastructureException;
|
||||
import org.eclipse.che.api.workspace.server.spi.NamespaceResolutionContext;
|
||||
import org.eclipse.che.commons.env.EnvironmentContext;
|
||||
|
|
@ -76,9 +74,7 @@ public class OAuthTokenSecretsConfigurator implements NamespaceConfigurator {
|
|||
Subject cheSubject = EnvironmentContext.getCurrent().getSubject();
|
||||
personalAccessTokenManager.get(
|
||||
cheSubject, s.getMetadata().getAnnotations().get(ANNOTATION_SCM_URL));
|
||||
} catch (ScmCommunicationException
|
||||
| ScmConfigurationPersistenceException
|
||||
| ScmUnauthorizedException e) {
|
||||
} catch (ScmConfigurationPersistenceException e) {
|
||||
throw new RuntimeException(e);
|
||||
}
|
||||
});
|
||||
|
|
|
|||
|
|
@ -59,6 +59,10 @@
|
|||
<groupId>org.eclipse.che.core</groupId>
|
||||
<artifactId>che-core-api-dto</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.eclipse.che.core</groupId>
|
||||
<artifactId>che-core-api-factory</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.eclipse.che.core</groupId>
|
||||
<artifactId>che-core-commons-annotations</artifactId>
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2012-2023 Red Hat, Inc.
|
||||
* Copyright (c) 2012-2024 Red Hat, Inc.
|
||||
* This program and the accompanying materials are made
|
||||
* available under the terms of the Eclipse Public License 2.0
|
||||
* which is available at https://www.eclipse.org/legal/epl-2.0/
|
||||
|
|
@ -40,6 +40,9 @@ import org.eclipse.che.api.core.UnauthorizedException;
|
|||
import org.eclipse.che.api.core.rest.shared.dto.Link;
|
||||
import org.eclipse.che.api.core.rest.shared.dto.LinkParameter;
|
||||
import org.eclipse.che.api.core.util.LinksHelper;
|
||||
import org.eclipse.che.api.factory.server.scm.PersonalAccessToken;
|
||||
import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager;
|
||||
import org.eclipse.che.api.factory.server.scm.exception.ScmConfigurationPersistenceException;
|
||||
import org.eclipse.che.commons.env.EnvironmentContext;
|
||||
import org.eclipse.che.commons.subject.Subject;
|
||||
import org.eclipse.che.security.oauth.shared.dto.OAuthAuthenticatorDescriptor;
|
||||
|
|
@ -62,6 +65,7 @@ public class EmbeddedOAuthAPI implements OAuthAPI {
|
|||
|
||||
@Inject protected OAuthAuthenticatorProvider oauth2Providers;
|
||||
@Inject protected org.eclipse.che.security.oauth1.OAuthAuthenticatorProvider oauth1Providers;
|
||||
@Inject private PersonalAccessTokenManager personalAccessTokenManager;
|
||||
private String redirectAfterLogin;
|
||||
|
||||
@Override
|
||||
|
|
@ -176,6 +180,19 @@ public class EmbeddedOAuthAPI implements OAuthAPI {
|
|||
}
|
||||
if (token != null) {
|
||||
return token;
|
||||
} else {
|
||||
Optional<PersonalAccessToken> tokenOptional;
|
||||
try {
|
||||
tokenOptional = personalAccessTokenManager.get(subject, oauthProvider, null);
|
||||
if (tokenOptional.isEmpty()) {
|
||||
tokenOptional = personalAccessTokenManager.get(subject, provider.getEndpointUrl());
|
||||
}
|
||||
if (tokenOptional.isPresent()) {
|
||||
return newDto(OAuthToken.class).withToken(tokenOptional.get().getToken());
|
||||
}
|
||||
} catch (ScmConfigurationPersistenceException e) {
|
||||
throw new RuntimeException(e);
|
||||
}
|
||||
}
|
||||
throw new UnauthorizedException(
|
||||
"OAuth token for user " + subject.getUserId() + " was not found");
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2012-2023 Red Hat, Inc.
|
||||
* Copyright (c) 2012-2024 Red Hat, Inc.
|
||||
* This program and the accompanying materials are made
|
||||
* available under the terms of the Eclipse Public License 2.0
|
||||
* which is available at https://www.eclipse.org/legal/epl-2.0/
|
||||
|
|
@ -29,6 +29,7 @@ import org.eclipse.che.api.auth.shared.dto.OAuthToken;
|
|||
import org.eclipse.che.api.core.*;
|
||||
import org.eclipse.che.api.core.rest.Service;
|
||||
import org.eclipse.che.api.core.rest.annotations.Required;
|
||||
import org.eclipse.che.api.factory.server.scm.AuthorisationRequestManager;
|
||||
import org.eclipse.che.security.oauth.shared.dto.OAuthAuthenticatorDescriptor;
|
||||
|
||||
/** RESTful wrapper for OAuthAuthenticator. */
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2012-2023 Red Hat, Inc.
|
||||
* Copyright (c) 2012-2024 Red Hat, Inc.
|
||||
* This program and the accompanying materials are made
|
||||
* available under the terms of the Eclipse Public License 2.0
|
||||
* which is available at https://www.eclipse.org/legal/epl-2.0/
|
||||
|
|
@ -23,6 +23,7 @@ import javax.inject.Singleton;
|
|||
import org.eclipse.che.api.core.ApiException;
|
||||
import org.eclipse.che.api.factory.server.BaseFactoryParameterResolver;
|
||||
import org.eclipse.che.api.factory.server.FactoryParametersResolver;
|
||||
import org.eclipse.che.api.factory.server.scm.AuthorisationRequestManager;
|
||||
import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager;
|
||||
import org.eclipse.che.api.factory.server.urlfactory.ProjectConfigDtoMerger;
|
||||
import org.eclipse.che.api.factory.server.urlfactory.RemoteFactoryUrl;
|
||||
|
|
@ -37,7 +38,6 @@ import org.eclipse.che.api.workspace.shared.dto.ProjectConfigDto;
|
|||
import org.eclipse.che.api.workspace.shared.dto.SourceStorageDto;
|
||||
import org.eclipse.che.api.workspace.shared.dto.devfile.ProjectDto;
|
||||
import org.eclipse.che.api.workspace.shared.dto.devfile.SourceDto;
|
||||
import org.eclipse.che.security.oauth.AuthorisationRequestManager;
|
||||
|
||||
/**
|
||||
* Provides Factory Parameters resolver for Azure DevOps repositories.
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2012-2023 Red Hat, Inc.
|
||||
* Copyright (c) 2012-2024 Red Hat, Inc.
|
||||
* This program and the accompanying materials are made
|
||||
* available under the terms of the Eclipse Public License 2.0
|
||||
* which is available at https://www.eclipse.org/legal/epl-2.0/
|
||||
|
|
@ -15,7 +15,6 @@ import static org.eclipse.che.api.factory.server.azure.devops.AzureDevOps.getAut
|
|||
|
||||
import javax.inject.Inject;
|
||||
import javax.inject.Named;
|
||||
import org.eclipse.che.api.auth.shared.dto.OAuthToken;
|
||||
import org.eclipse.che.api.factory.server.scm.AbstractGitUserDataFetcher;
|
||||
import org.eclipse.che.api.factory.server.scm.GitUserData;
|
||||
import org.eclipse.che.api.factory.server.scm.PersonalAccessToken;
|
||||
|
|
@ -23,7 +22,6 @@ import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager;
|
|||
import org.eclipse.che.api.factory.server.scm.exception.ScmBadRequestException;
|
||||
import org.eclipse.che.api.factory.server.scm.exception.ScmCommunicationException;
|
||||
import org.eclipse.che.api.factory.server.scm.exception.ScmItemNotFoundException;
|
||||
import org.eclipse.che.security.oauth.OAuthAPI;
|
||||
|
||||
/**
|
||||
* Azure DevOps user data fetcher.
|
||||
|
|
@ -37,21 +35,21 @@ public class AzureDevOpsUserDataFetcher extends AbstractGitUserDataFetcher {
|
|||
|
||||
@Inject
|
||||
public AzureDevOpsUserDataFetcher(
|
||||
OAuthAPI oAuthTokenFetcher,
|
||||
PersonalAccessTokenManager personalAccessTokenManager,
|
||||
AzureDevOpsApiClient azureDevOpsApiClient,
|
||||
@Named("che.api") String cheApiEndpoint,
|
||||
@Named("che.integration.azure.devops.scm.api_endpoint") String azureDevOpsScmApiEndpoint,
|
||||
@Named("che.integration.azure.devops.application_scopes") String[] scopes) {
|
||||
super(AzureDevOps.PROVIDER_NAME, personalAccessTokenManager, oAuthTokenFetcher);
|
||||
super(AzureDevOps.PROVIDER_NAME, azureDevOpsScmApiEndpoint, personalAccessTokenManager);
|
||||
this.scopes = scopes;
|
||||
this.cheApiEndpoint = cheApiEndpoint;
|
||||
this.azureDevOpsApiClient = azureDevOpsApiClient;
|
||||
}
|
||||
|
||||
@Override
|
||||
protected GitUserData fetchGitUserDataWithOAuthToken(OAuthToken oAuthToken)
|
||||
protected GitUserData fetchGitUserDataWithOAuthToken(String token)
|
||||
throws ScmItemNotFoundException, ScmCommunicationException, ScmBadRequestException {
|
||||
AzureDevOpsUser user = azureDevOpsApiClient.getUserWithOAuthToken(oAuthToken.getToken());
|
||||
AzureDevOpsUser user = azureDevOpsApiClient.getUserWithOAuthToken(token);
|
||||
return new GitUserData(user.getDisplayName(), user.getEmailAddress());
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2012-2023 Red Hat, Inc.
|
||||
* Copyright (c) 2012-2024 Red Hat, Inc.
|
||||
* This program and the accompanying materials are made
|
||||
* available under the terms of the Eclipse Public License 2.0
|
||||
* which is available at https://www.eclipse.org/legal/epl-2.0/
|
||||
|
|
@ -22,6 +22,7 @@ import org.eclipse.che.api.core.ApiException;
|
|||
import org.eclipse.che.api.core.BadRequestException;
|
||||
import org.eclipse.che.api.factory.server.BaseFactoryParameterResolver;
|
||||
import org.eclipse.che.api.factory.server.FactoryParametersResolver;
|
||||
import org.eclipse.che.api.factory.server.scm.AuthorisationRequestManager;
|
||||
import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager;
|
||||
import org.eclipse.che.api.factory.server.urlfactory.RemoteFactoryUrl;
|
||||
import org.eclipse.che.api.factory.server.urlfactory.URLFactoryBuilder;
|
||||
|
|
@ -33,7 +34,6 @@ import org.eclipse.che.api.factory.shared.dto.ScmInfoDto;
|
|||
import org.eclipse.che.api.workspace.server.devfile.URLFetcher;
|
||||
import org.eclipse.che.api.workspace.shared.dto.devfile.ProjectDto;
|
||||
import org.eclipse.che.api.workspace.shared.dto.devfile.SourceDto;
|
||||
import org.eclipse.che.security.oauth.AuthorisationRequestManager;
|
||||
|
||||
/**
|
||||
* Provides Factory Parameters resolver for both public and private bitbucket repositories.
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2012-2023 Red Hat, Inc.
|
||||
* Copyright (c) 2012-2024 Red Hat, Inc.
|
||||
* This program and the accompanying materials are made
|
||||
* available under the terms of the Eclipse Public License 2.0
|
||||
* which is available at https://www.eclipse.org/legal/epl-2.0/
|
||||
|
|
@ -95,9 +95,7 @@ public class BitbucketServerURLParser {
|
|||
Optional<PersonalAccessToken> token =
|
||||
personalAccessTokenManager.get(EnvironmentContext.getCurrent().getSubject(), serverUrl);
|
||||
return token.isPresent() && token.get().getScmTokenName().equals(OAUTH_PROVIDER_NAME);
|
||||
} catch (ScmConfigurationPersistenceException
|
||||
| ScmUnauthorizedException
|
||||
| ScmCommunicationException exception) {
|
||||
} catch (ScmConfigurationPersistenceException exception) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2012-2023 Red Hat, Inc.
|
||||
* Copyright (c) 2012-2024 Red Hat, Inc.
|
||||
* This program and the accompanying materials are made
|
||||
* available under the terms of the Eclipse Public License 2.0
|
||||
* which is available at https://www.eclipse.org/legal/epl-2.0/
|
||||
|
|
@ -35,6 +35,7 @@ import java.util.Map;
|
|||
import java.util.Optional;
|
||||
import org.eclipse.che.api.core.ApiException;
|
||||
import org.eclipse.che.api.core.model.factory.ScmInfo;
|
||||
import org.eclipse.che.api.factory.server.scm.AuthorisationRequestManager;
|
||||
import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager;
|
||||
import org.eclipse.che.api.factory.server.urlfactory.DevfileFilenamesProvider;
|
||||
import org.eclipse.che.api.factory.server.urlfactory.RemoteFactoryUrl;
|
||||
|
|
@ -45,7 +46,6 @@ import org.eclipse.che.api.workspace.server.devfile.URLFetcher;
|
|||
import org.eclipse.che.api.workspace.shared.dto.devfile.DevfileDto;
|
||||
import org.eclipse.che.api.workspace.shared.dto.devfile.MetadataDto;
|
||||
import org.eclipse.che.api.workspace.shared.dto.devfile.SourceDto;
|
||||
import org.eclipse.che.security.oauth.AuthorisationRequestManager;
|
||||
import org.eclipse.che.security.oauth.OAuthAPI;
|
||||
import org.mockito.Mock;
|
||||
import org.mockito.testng.MockitoTestNGListener;
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2012-2023 Red Hat, Inc.
|
||||
* Copyright (c) 2012-2024 Red Hat, Inc.
|
||||
* This program and the accompanying materials are made
|
||||
* available under the terms of the Eclipse Public License 2.0
|
||||
* which is available at https://www.eclipse.org/legal/epl-2.0/
|
||||
|
|
@ -22,6 +22,7 @@ import org.eclipse.che.api.core.ApiException;
|
|||
import org.eclipse.che.api.core.BadRequestException;
|
||||
import org.eclipse.che.api.factory.server.BaseFactoryParameterResolver;
|
||||
import org.eclipse.che.api.factory.server.FactoryParametersResolver;
|
||||
import org.eclipse.che.api.factory.server.scm.AuthorisationRequestManager;
|
||||
import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager;
|
||||
import org.eclipse.che.api.factory.server.urlfactory.ProjectConfigDtoMerger;
|
||||
import org.eclipse.che.api.factory.server.urlfactory.RemoteFactoryUrl;
|
||||
|
|
@ -34,7 +35,6 @@ import org.eclipse.che.api.factory.shared.dto.ScmInfoDto;
|
|||
import org.eclipse.che.api.workspace.server.devfile.URLFetcher;
|
||||
import org.eclipse.che.api.workspace.shared.dto.ProjectConfigDto;
|
||||
import org.eclipse.che.api.workspace.shared.dto.devfile.ProjectDto;
|
||||
import org.eclipse.che.security.oauth.AuthorisationRequestManager;
|
||||
|
||||
/** Provides Factory Parameters resolver for bitbucket repositories. */
|
||||
@Singleton
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2012-2023 Red Hat, Inc.
|
||||
* Copyright (c) 2012-2024 Red Hat, Inc.
|
||||
* This program and the accompanying materials are made
|
||||
* available under the terms of the Eclipse Public License 2.0
|
||||
* which is available at https://www.eclipse.org/legal/epl-2.0/
|
||||
|
|
@ -36,6 +36,7 @@ import java.util.Map;
|
|||
import java.util.Optional;
|
||||
import org.eclipse.che.api.core.ApiException;
|
||||
import org.eclipse.che.api.core.model.factory.ScmInfo;
|
||||
import org.eclipse.che.api.factory.server.scm.AuthorisationRequestManager;
|
||||
import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager;
|
||||
import org.eclipse.che.api.factory.server.urlfactory.DevfileFilenamesProvider;
|
||||
import org.eclipse.che.api.factory.server.urlfactory.ProjectConfigDtoMerger;
|
||||
|
|
@ -49,7 +50,6 @@ import org.eclipse.che.api.workspace.shared.dto.devfile.DevfileDto;
|
|||
import org.eclipse.che.api.workspace.shared.dto.devfile.MetadataDto;
|
||||
import org.eclipse.che.api.workspace.shared.dto.devfile.ProjectDto;
|
||||
import org.eclipse.che.api.workspace.shared.dto.devfile.SourceDto;
|
||||
import org.eclipse.che.security.oauth.AuthorisationRequestManager;
|
||||
import org.mockito.ArgumentCaptor;
|
||||
import org.mockito.Captor;
|
||||
import org.mockito.Mock;
|
||||
|
|
|
|||
|
|
@ -34,10 +34,6 @@
|
|||
<groupId>jakarta.validation</groupId>
|
||||
<artifactId>jakarta.validation-api</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.eclipse.che.core</groupId>
|
||||
<artifactId>che-core-api-auth</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.eclipse.che.core</groupId>
|
||||
<artifactId>che-core-api-core</artifactId>
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2012-2023 Red Hat, Inc.
|
||||
* Copyright (c) 2012-2024 Red Hat, Inc.
|
||||
* This program and the accompanying materials are made
|
||||
* available under the terms of the Eclipse Public License 2.0
|
||||
* which is available at https://www.eclipse.org/legal/epl-2.0/
|
||||
|
|
@ -24,6 +24,7 @@ import org.eclipse.che.api.core.ApiException;
|
|||
import org.eclipse.che.api.factory.server.BaseFactoryParameterResolver;
|
||||
import org.eclipse.che.api.factory.server.FactoryParametersResolver;
|
||||
import org.eclipse.che.api.factory.server.FactoryResolverPriority;
|
||||
import org.eclipse.che.api.factory.server.scm.AuthorisationRequestManager;
|
||||
import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager;
|
||||
import org.eclipse.che.api.factory.server.urlfactory.RemoteFactoryUrl;
|
||||
import org.eclipse.che.api.factory.server.urlfactory.URLFactoryBuilder;
|
||||
|
|
@ -35,7 +36,6 @@ import org.eclipse.che.api.factory.shared.dto.ScmInfoDto;
|
|||
import org.eclipse.che.api.workspace.server.devfile.URLFetcher;
|
||||
import org.eclipse.che.api.workspace.shared.dto.devfile.ProjectDto;
|
||||
import org.eclipse.che.api.workspace.shared.dto.devfile.SourceDto;
|
||||
import org.eclipse.che.security.oauth.AuthorisationRequestManager;
|
||||
|
||||
/**
|
||||
* Provides Factory Parameters resolver for Git Ssh repositories.
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2012-2023 Red Hat, Inc.
|
||||
* Copyright (c) 2012-2024 Red Hat, Inc.
|
||||
* This program and the accompanying materials are made
|
||||
* available under the terms of the Eclipse Public License 2.0
|
||||
* which is available at https://www.eclipse.org/legal/epl-2.0/
|
||||
|
|
@ -21,6 +21,7 @@ import org.eclipse.che.api.core.ApiException;
|
|||
import org.eclipse.che.api.core.BadRequestException;
|
||||
import org.eclipse.che.api.factory.server.BaseFactoryParameterResolver;
|
||||
import org.eclipse.che.api.factory.server.FactoryParametersResolver;
|
||||
import org.eclipse.che.api.factory.server.scm.AuthorisationRequestManager;
|
||||
import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager;
|
||||
import org.eclipse.che.api.factory.server.urlfactory.ProjectConfigDtoMerger;
|
||||
import org.eclipse.che.api.factory.server.urlfactory.RemoteFactoryUrl;
|
||||
|
|
@ -29,7 +30,6 @@ import org.eclipse.che.api.factory.shared.dto.*;
|
|||
import org.eclipse.che.api.workspace.server.devfile.URLFetcher;
|
||||
import org.eclipse.che.api.workspace.shared.dto.ProjectConfigDto;
|
||||
import org.eclipse.che.api.workspace.shared.dto.devfile.ProjectDto;
|
||||
import org.eclipse.che.security.oauth.AuthorisationRequestManager;
|
||||
|
||||
/**
|
||||
* Provides Factory Parameters resolver for github repositories.
|
||||
|
|
|
|||
|
|
@ -108,9 +108,7 @@ public abstract class AbstractGithubURLParser {
|
|||
PersonalAccessToken accessToken = token.get();
|
||||
return accessToken.getScmTokenName().equals(providerName);
|
||||
}
|
||||
} catch (ScmConfigurationPersistenceException
|
||||
| ScmUnauthorizedException
|
||||
| ScmCommunicationException exception) {
|
||||
} catch (ScmConfigurationPersistenceException exception) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2012-2023 Red Hat, Inc.
|
||||
* Copyright (c) 2012-2024 Red Hat, Inc.
|
||||
* This program and the accompanying materials are made
|
||||
* available under the terms of the Eclipse Public License 2.0
|
||||
* which is available at https://www.eclipse.org/legal/epl-2.0/
|
||||
|
|
@ -16,7 +16,6 @@ import static com.google.common.base.Strings.isNullOrEmpty;
|
|||
import com.google.common.base.Joiner;
|
||||
import com.google.common.collect.ImmutableSet;
|
||||
import java.util.Set;
|
||||
import org.eclipse.che.api.auth.shared.dto.OAuthToken;
|
||||
import org.eclipse.che.api.factory.server.scm.AbstractGitUserDataFetcher;
|
||||
import org.eclipse.che.api.factory.server.scm.GitUserData;
|
||||
import org.eclipse.che.api.factory.server.scm.PersonalAccessToken;
|
||||
|
|
@ -24,7 +23,6 @@ import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager;
|
|||
import org.eclipse.che.api.factory.server.scm.exception.ScmBadRequestException;
|
||||
import org.eclipse.che.api.factory.server.scm.exception.ScmCommunicationException;
|
||||
import org.eclipse.che.api.factory.server.scm.exception.ScmItemNotFoundException;
|
||||
import org.eclipse.che.security.oauth.OAuthAPI;
|
||||
|
||||
/** GitHub user data retriever. */
|
||||
public abstract class AbstractGithubUserDataFetcher extends AbstractGitUserDataFetcher {
|
||||
|
|
@ -44,20 +42,19 @@ public abstract class AbstractGithubUserDataFetcher extends AbstractGitUserDataF
|
|||
/** Constructor used for testing only. */
|
||||
public AbstractGithubUserDataFetcher(
|
||||
String apiEndpoint,
|
||||
OAuthAPI oAuthTokenFetcher,
|
||||
PersonalAccessTokenManager personalAccessTokenManager,
|
||||
GithubApiClient githubApiClient,
|
||||
String providerName) {
|
||||
super(providerName, personalAccessTokenManager, oAuthTokenFetcher);
|
||||
super(providerName, githubApiClient.getServerUrl(), personalAccessTokenManager);
|
||||
this.providerName = providerName;
|
||||
this.githubApiClient = githubApiClient;
|
||||
this.apiEndpoint = apiEndpoint;
|
||||
}
|
||||
|
||||
@Override
|
||||
protected GitUserData fetchGitUserDataWithOAuthToken(OAuthToken oAuthToken)
|
||||
protected GitUserData fetchGitUserDataWithOAuthToken(String token)
|
||||
throws ScmItemNotFoundException, ScmCommunicationException, ScmBadRequestException {
|
||||
GithubUser user = githubApiClient.getUser(oAuthToken.getToken());
|
||||
GithubUser user = githubApiClient.getUser(token);
|
||||
if (isNullOrEmpty(user.getName()) || isNullOrEmpty(user.getEmail())) {
|
||||
throw new ScmItemNotFoundException(NO_USERNAME_AND_EMAIL_ERROR_MESSAGE);
|
||||
} else {
|
||||
|
|
|
|||
|
|
@ -235,6 +235,11 @@ public class GithubApiClient {
|
|||
});
|
||||
}
|
||||
|
||||
/** Returns the GitHub endpoint URL. */
|
||||
public String getServerUrl() {
|
||||
return this.scmServerUrl.toString();
|
||||
}
|
||||
|
||||
/**
|
||||
* Builds and returns HttpRequest to acces the GitHub API.
|
||||
*
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2012-2023 Red Hat, Inc.
|
||||
* Copyright (c) 2012-2024 Red Hat, Inc.
|
||||
* This program and the accompanying materials are made
|
||||
* available under the terms of the Eclipse Public License 2.0
|
||||
* which is available at https://www.eclipse.org/legal/epl-2.0/
|
||||
|
|
@ -13,11 +13,11 @@ package org.eclipse.che.api.factory.server.github;
|
|||
|
||||
import javax.inject.Inject;
|
||||
import javax.inject.Singleton;
|
||||
import org.eclipse.che.api.factory.server.scm.AuthorisationRequestManager;
|
||||
import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager;
|
||||
import org.eclipse.che.api.factory.server.urlfactory.ProjectConfigDtoMerger;
|
||||
import org.eclipse.che.api.factory.server.urlfactory.URLFactoryBuilder;
|
||||
import org.eclipse.che.api.workspace.server.devfile.URLFetcher;
|
||||
import org.eclipse.che.security.oauth.AuthorisationRequestManager;
|
||||
|
||||
/**
|
||||
* Provides Factory Parameters resolver for github repositories.
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2012-2023 Red Hat, Inc.
|
||||
* Copyright (c) 2012-2024 Red Hat, Inc.
|
||||
* This program and the accompanying materials are made
|
||||
* available under the terms of the Eclipse Public License 2.0
|
||||
* which is available at https://www.eclipse.org/legal/epl-2.0/
|
||||
|
|
@ -13,11 +13,11 @@ package org.eclipse.che.api.factory.server.github;
|
|||
|
||||
import javax.inject.Inject;
|
||||
import javax.inject.Singleton;
|
||||
import org.eclipse.che.api.factory.server.scm.AuthorisationRequestManager;
|
||||
import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager;
|
||||
import org.eclipse.che.api.factory.server.urlfactory.ProjectConfigDtoMerger;
|
||||
import org.eclipse.che.api.factory.server.urlfactory.URLFactoryBuilder;
|
||||
import org.eclipse.che.api.workspace.server.devfile.URLFetcher;
|
||||
import org.eclipse.che.security.oauth.AuthorisationRequestManager;
|
||||
|
||||
/**
|
||||
* Provides Factory Parameters resolver for github repositories.
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2012-2023 Red Hat, Inc.
|
||||
* Copyright (c) 2012-2024 Red Hat, Inc.
|
||||
* This program and the accompanying materials are made
|
||||
* available under the terms of the Eclipse Public License 2.0
|
||||
* which is available at https://www.eclipse.org/legal/epl-2.0/
|
||||
|
|
@ -15,7 +15,6 @@ import javax.inject.Inject;
|
|||
import javax.inject.Named;
|
||||
import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager;
|
||||
import org.eclipse.che.commons.annotation.Nullable;
|
||||
import org.eclipse.che.security.oauth.OAuthAPI;
|
||||
|
||||
/** GitHub user data retriever. */
|
||||
public class GithubUserDataFetcher extends AbstractGithubUserDataFetcher {
|
||||
|
|
@ -26,11 +25,9 @@ public class GithubUserDataFetcher extends AbstractGithubUserDataFetcher {
|
|||
public GithubUserDataFetcher(
|
||||
@Named("che.api") String apiEndpoint,
|
||||
@Nullable @Named("che.integration.github.oauth_endpoint") String oauthEndpoint,
|
||||
OAuthAPI oAuthTokenFetcher,
|
||||
PersonalAccessTokenManager personalAccessTokenManager) {
|
||||
super(
|
||||
apiEndpoint,
|
||||
oAuthTokenFetcher,
|
||||
personalAccessTokenManager,
|
||||
new GithubApiClient(oauthEndpoint),
|
||||
OAUTH_PROVIDER_NAME);
|
||||
|
|
@ -38,14 +35,8 @@ public class GithubUserDataFetcher extends AbstractGithubUserDataFetcher {
|
|||
|
||||
GithubUserDataFetcher(
|
||||
String apiEndpoint,
|
||||
OAuthAPI oAuthTokenFetcher,
|
||||
PersonalAccessTokenManager personalAccessTokenManager,
|
||||
GithubApiClient githubApiClient) {
|
||||
super(
|
||||
apiEndpoint,
|
||||
oAuthTokenFetcher,
|
||||
personalAccessTokenManager,
|
||||
githubApiClient,
|
||||
OAUTH_PROVIDER_NAME);
|
||||
super(apiEndpoint, personalAccessTokenManager, githubApiClient, OAUTH_PROVIDER_NAME);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2012-2023 Red Hat, Inc.
|
||||
* Copyright (c) 2012-2024 Red Hat, Inc.
|
||||
* This program and the accompanying materials are made
|
||||
* available under the terms of the Eclipse Public License 2.0
|
||||
* which is available at https://www.eclipse.org/legal/epl-2.0/
|
||||
|
|
@ -15,7 +15,6 @@ import javax.inject.Inject;
|
|||
import javax.inject.Named;
|
||||
import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager;
|
||||
import org.eclipse.che.commons.annotation.Nullable;
|
||||
import org.eclipse.che.security.oauth.OAuthAPI;
|
||||
|
||||
/** GitHub user data retriever. */
|
||||
public class GithubUserDataFetcherSecond extends AbstractGithubUserDataFetcher {
|
||||
|
|
@ -26,11 +25,9 @@ public class GithubUserDataFetcherSecond extends AbstractGithubUserDataFetcher {
|
|||
public GithubUserDataFetcherSecond(
|
||||
@Named("che.api") String apiEndpoint,
|
||||
@Nullable @Named("che.integration.github.oauth_endpoint_2") String oauthEndpoint,
|
||||
OAuthAPI oAuthTokenFetcher,
|
||||
PersonalAccessTokenManager personalAccessTokenManager) {
|
||||
super(
|
||||
apiEndpoint,
|
||||
oAuthTokenFetcher,
|
||||
personalAccessTokenManager,
|
||||
new GithubApiClient(oauthEndpoint),
|
||||
OAUTH_PROVIDER_NAME);
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2012-2023 Red Hat, Inc.
|
||||
* Copyright (c) 2012-2024 Red Hat, Inc.
|
||||
* This program and the accompanying materials are made
|
||||
* available under the terms of the Eclipse Public License 2.0
|
||||
* which is available at https://www.eclipse.org/legal/epl-2.0/
|
||||
|
|
@ -38,6 +38,7 @@ import java.util.Map;
|
|||
import java.util.Optional;
|
||||
import org.eclipse.che.api.core.ApiException;
|
||||
import org.eclipse.che.api.core.model.factory.ScmInfo;
|
||||
import org.eclipse.che.api.factory.server.scm.AuthorisationRequestManager;
|
||||
import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager;
|
||||
import org.eclipse.che.api.factory.server.urlfactory.DevfileFilenamesProvider;
|
||||
import org.eclipse.che.api.factory.server.urlfactory.ProjectConfigDtoMerger;
|
||||
|
|
@ -51,7 +52,6 @@ import org.eclipse.che.api.workspace.shared.dto.devfile.DevfileDto;
|
|||
import org.eclipse.che.api.workspace.shared.dto.devfile.MetadataDto;
|
||||
import org.eclipse.che.api.workspace.shared.dto.devfile.ProjectDto;
|
||||
import org.eclipse.che.api.workspace.shared.dto.devfile.SourceDto;
|
||||
import org.eclipse.che.security.oauth.AuthorisationRequestManager;
|
||||
import org.mockito.ArgumentCaptor;
|
||||
import org.mockito.Captor;
|
||||
import org.mockito.Mock;
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2012-2023 Red Hat, Inc.
|
||||
* Copyright (c) 2012-2024 Red Hat, Inc.
|
||||
* This program and the accompanying materials are made
|
||||
* available under the terms of the Eclipse Public License 2.0
|
||||
* which is available at https://www.eclipse.org/legal/epl-2.0/
|
||||
|
|
@ -17,8 +17,9 @@ import static com.github.tomakehurst.wiremock.client.WireMock.get;
|
|||
import static com.github.tomakehurst.wiremock.client.WireMock.stubFor;
|
||||
import static com.github.tomakehurst.wiremock.client.WireMock.urlEqualTo;
|
||||
import static com.github.tomakehurst.wiremock.core.WireMockConfiguration.wireMockConfig;
|
||||
import static org.eclipse.che.dto.server.DtoFactory.newDto;
|
||||
import static org.mockito.ArgumentMatchers.anyString;
|
||||
import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.ArgumentMatchers.eq;
|
||||
import static org.mockito.Mockito.mock;
|
||||
import static org.mockito.Mockito.when;
|
||||
import static org.testng.Assert.assertEquals;
|
||||
|
||||
|
|
@ -26,9 +27,11 @@ import com.github.tomakehurst.wiremock.WireMockServer;
|
|||
import com.github.tomakehurst.wiremock.client.WireMock;
|
||||
import com.github.tomakehurst.wiremock.common.Slf4jNotifier;
|
||||
import com.google.common.net.HttpHeaders;
|
||||
import org.eclipse.che.api.auth.shared.dto.OAuthToken;
|
||||
import java.util.Optional;
|
||||
import org.eclipse.che.api.factory.server.scm.GitUserData;
|
||||
import org.eclipse.che.api.factory.server.scm.PersonalAccessToken;
|
||||
import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager;
|
||||
import org.eclipse.che.commons.subject.Subject;
|
||||
import org.eclipse.che.security.oauth.OAuthAPI;
|
||||
import org.mockito.Mock;
|
||||
import org.mockito.testng.MockitoTestNGListener;
|
||||
|
|
@ -60,7 +63,6 @@ public class GithubGitUserDataFetcherTest {
|
|||
githubGUDFetcher =
|
||||
new GithubUserDataFetcher(
|
||||
"http://che.api",
|
||||
oAuthTokenFetcher,
|
||||
personalAccessTokenManager,
|
||||
new GithubApiClient(wireMockServer.url("/")));
|
||||
stubFor(
|
||||
|
|
@ -80,8 +82,11 @@ public class GithubGitUserDataFetcherTest {
|
|||
|
||||
@Test
|
||||
public void shouldFetchGitUserData() throws Exception {
|
||||
OAuthToken oAuthToken = newDto(OAuthToken.class).withToken(githubOauthToken).withScope("repo");
|
||||
when(oAuthTokenFetcher.getToken(anyString())).thenReturn(oAuthToken);
|
||||
PersonalAccessToken token = mock(PersonalAccessToken.class);
|
||||
when(token.getToken()).thenReturn(githubOauthToken);
|
||||
when(token.getScmProviderUrl()).thenReturn(wireMockServer.url("/"));
|
||||
when(personalAccessTokenManager.get(any(Subject.class), eq("github"), eq(null)))
|
||||
.thenReturn(Optional.of(token));
|
||||
|
||||
GitUserData gitUserData = githubGUDFetcher.fetchGitUserData();
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2012-2023 Red Hat, Inc.
|
||||
* Copyright (c) 2012-2024 Red Hat, Inc.
|
||||
* This program and the accompanying materials are made
|
||||
* available under the terms of the Eclipse Public License 2.0
|
||||
* which is available at https://www.eclipse.org/legal/epl-2.0/
|
||||
|
|
@ -22,6 +22,7 @@ import org.eclipse.che.api.core.ApiException;
|
|||
import org.eclipse.che.api.core.BadRequestException;
|
||||
import org.eclipse.che.api.factory.server.BaseFactoryParameterResolver;
|
||||
import org.eclipse.che.api.factory.server.FactoryParametersResolver;
|
||||
import org.eclipse.che.api.factory.server.scm.AuthorisationRequestManager;
|
||||
import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager;
|
||||
import org.eclipse.che.api.factory.server.urlfactory.RemoteFactoryUrl;
|
||||
import org.eclipse.che.api.factory.server.urlfactory.URLFactoryBuilder;
|
||||
|
|
@ -33,7 +34,6 @@ import org.eclipse.che.api.factory.shared.dto.ScmInfoDto;
|
|||
import org.eclipse.che.api.workspace.server.devfile.URLFetcher;
|
||||
import org.eclipse.che.api.workspace.shared.dto.devfile.ProjectDto;
|
||||
import org.eclipse.che.api.workspace.shared.dto.devfile.SourceDto;
|
||||
import org.eclipse.che.security.oauth.AuthorisationRequestManager;
|
||||
|
||||
/**
|
||||
* Provides Factory Parameters resolver for Gitlab repositories.
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2012-2023 Red Hat, Inc.
|
||||
* Copyright (c) 2012-2024 Red Hat, Inc.
|
||||
* This program and the accompanying materials are made
|
||||
* available under the terms of the Eclipse Public License 2.0
|
||||
* which is available at https://www.eclipse.org/legal/epl-2.0/
|
||||
|
|
@ -31,7 +31,6 @@ import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager;
|
|||
import org.eclipse.che.api.factory.server.scm.exception.ScmCommunicationException;
|
||||
import org.eclipse.che.api.factory.server.scm.exception.ScmConfigurationPersistenceException;
|
||||
import org.eclipse.che.api.factory.server.scm.exception.ScmItemNotFoundException;
|
||||
import org.eclipse.che.api.factory.server.scm.exception.ScmUnauthorizedException;
|
||||
import org.eclipse.che.api.factory.server.urlfactory.DevfileFilenamesProvider;
|
||||
import org.eclipse.che.commons.annotation.Nullable;
|
||||
import org.eclipse.che.commons.env.EnvironmentContext;
|
||||
|
|
@ -91,9 +90,7 @@ public class GitlabUrlParser {
|
|||
PersonalAccessToken accessToken = token.get();
|
||||
return accessToken.getScmTokenName().equals(OAUTH_PROVIDER_NAME);
|
||||
}
|
||||
} catch (ScmConfigurationPersistenceException
|
||||
| ScmUnauthorizedException
|
||||
| ScmCommunicationException exception) {
|
||||
} catch (ScmConfigurationPersistenceException exception) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2012-2023 Red Hat, Inc.
|
||||
* Copyright (c) 2012-2024 Red Hat, Inc.
|
||||
* This program and the accompanying materials are made
|
||||
* available under the terms of the Eclipse Public License 2.0
|
||||
* which is available at https://www.eclipse.org/legal/epl-2.0/
|
||||
|
|
@ -11,6 +11,7 @@
|
|||
*/
|
||||
package org.eclipse.che.api.factory.server.gitlab;
|
||||
|
||||
import static com.google.common.base.Strings.isNullOrEmpty;
|
||||
import static java.util.stream.Collectors.toList;
|
||||
|
||||
import com.google.common.base.Joiner;
|
||||
|
|
@ -21,7 +22,6 @@ import java.util.List;
|
|||
import java.util.Set;
|
||||
import javax.inject.Inject;
|
||||
import javax.inject.Named;
|
||||
import org.eclipse.che.api.auth.shared.dto.OAuthToken;
|
||||
import org.eclipse.che.api.factory.server.scm.*;
|
||||
import org.eclipse.che.api.factory.server.scm.exception.ScmBadRequestException;
|
||||
import org.eclipse.che.api.factory.server.scm.exception.ScmCommunicationException;
|
||||
|
|
@ -29,7 +29,6 @@ import org.eclipse.che.api.factory.server.scm.exception.ScmItemNotFoundException
|
|||
import org.eclipse.che.commons.annotation.Nullable;
|
||||
import org.eclipse.che.commons.lang.StringUtils;
|
||||
import org.eclipse.che.inject.ConfigurationException;
|
||||
import org.eclipse.che.security.oauth.OAuthAPI;
|
||||
|
||||
/** Gitlab OAuth token retriever. */
|
||||
public class GitlabUserDataFetcher extends AbstractGitUserDataFetcher {
|
||||
|
|
@ -48,9 +47,11 @@ public class GitlabUserDataFetcher extends AbstractGitUserDataFetcher {
|
|||
@Nullable @Named("che.integration.gitlab.server_endpoints") String gitlabEndpoints,
|
||||
@Nullable @Named("che.integration.gitlab.oauth_endpoint") String oauthEndpoint,
|
||||
@Named("che.api") String apiEndpoint,
|
||||
PersonalAccessTokenManager personalAccessTokenManager,
|
||||
OAuthAPI oAuthTokenFetcher) {
|
||||
super(OAUTH_PROVIDER_NAME, personalAccessTokenManager, oAuthTokenFetcher);
|
||||
PersonalAccessTokenManager personalAccessTokenManager) {
|
||||
super(
|
||||
OAUTH_PROVIDER_NAME,
|
||||
isNullOrEmpty(gitlabEndpoints) ? "https://gitlab.com" : gitlabEndpoints,
|
||||
personalAccessTokenManager);
|
||||
this.apiEndpoint = apiEndpoint;
|
||||
if (gitlabEndpoints != null) {
|
||||
this.registeredGitlabEndpoints =
|
||||
|
|
@ -70,10 +71,10 @@ public class GitlabUserDataFetcher extends AbstractGitUserDataFetcher {
|
|||
}
|
||||
|
||||
@Override
|
||||
protected GitUserData fetchGitUserDataWithOAuthToken(OAuthToken oAuthToken)
|
||||
protected GitUserData fetchGitUserDataWithOAuthToken(String token)
|
||||
throws ScmItemNotFoundException, ScmCommunicationException, ScmBadRequestException {
|
||||
for (String gitlabServerEndpoint : this.registeredGitlabEndpoints) {
|
||||
GitlabUser user = new GitlabApiClient(gitlabServerEndpoint).getUser(oAuthToken.getToken());
|
||||
GitlabUser user = new GitlabApiClient(gitlabServerEndpoint).getUser(token);
|
||||
return new GitUserData(user.getName(), user.getEmail());
|
||||
}
|
||||
throw new ScmCommunicationException("Failed to retrieve git user data from Gitlab");
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2012-2023 Red Hat, Inc.
|
||||
* Copyright (c) 2012-2024 Red Hat, Inc.
|
||||
* This program and the accompanying materials are made
|
||||
* available under the terms of the Eclipse Public License 2.0
|
||||
* which is available at https://www.eclipse.org/legal/epl-2.0/
|
||||
|
|
@ -35,6 +35,7 @@ import java.util.Map;
|
|||
import java.util.Optional;
|
||||
import org.eclipse.che.api.core.ApiException;
|
||||
import org.eclipse.che.api.core.model.factory.ScmInfo;
|
||||
import org.eclipse.che.api.factory.server.scm.AuthorisationRequestManager;
|
||||
import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager;
|
||||
import org.eclipse.che.api.factory.server.urlfactory.DevfileFilenamesProvider;
|
||||
import org.eclipse.che.api.factory.server.urlfactory.RemoteFactoryUrl;
|
||||
|
|
@ -45,7 +46,6 @@ import org.eclipse.che.api.workspace.server.devfile.URLFetcher;
|
|||
import org.eclipse.che.api.workspace.shared.dto.devfile.DevfileDto;
|
||||
import org.eclipse.che.api.workspace.shared.dto.devfile.MetadataDto;
|
||||
import org.eclipse.che.api.workspace.shared.dto.devfile.SourceDto;
|
||||
import org.eclipse.che.security.oauth.AuthorisationRequestManager;
|
||||
import org.mockito.Mock;
|
||||
import org.mockito.testng.MockitoTestNGListener;
|
||||
import org.testng.annotations.BeforeMethod;
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2012-2023 Red Hat, Inc.
|
||||
* Copyright (c) 2012-2024 Red Hat, Inc.
|
||||
* This program and the accompanying materials are made
|
||||
* available under the terms of the Eclipse Public License 2.0
|
||||
* which is available at https://www.eclipse.org/legal/epl-2.0/
|
||||
|
|
@ -17,8 +17,9 @@ import static com.github.tomakehurst.wiremock.client.WireMock.get;
|
|||
import static com.github.tomakehurst.wiremock.client.WireMock.stubFor;
|
||||
import static com.github.tomakehurst.wiremock.client.WireMock.urlEqualTo;
|
||||
import static com.github.tomakehurst.wiremock.core.WireMockConfiguration.wireMockConfig;
|
||||
import static org.eclipse.che.dto.server.DtoFactory.newDto;
|
||||
import static org.mockito.ArgumentMatchers.anyString;
|
||||
import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.ArgumentMatchers.eq;
|
||||
import static org.mockito.Mockito.mock;
|
||||
import static org.mockito.Mockito.when;
|
||||
import static org.testng.Assert.assertEquals;
|
||||
|
||||
|
|
@ -26,9 +27,11 @@ import com.github.tomakehurst.wiremock.WireMockServer;
|
|||
import com.github.tomakehurst.wiremock.client.WireMock;
|
||||
import com.github.tomakehurst.wiremock.common.Slf4jNotifier;
|
||||
import com.google.common.net.HttpHeaders;
|
||||
import org.eclipse.che.api.auth.shared.dto.OAuthToken;
|
||||
import java.util.Optional;
|
||||
import org.eclipse.che.api.factory.server.scm.GitUserData;
|
||||
import org.eclipse.che.api.factory.server.scm.PersonalAccessToken;
|
||||
import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager;
|
||||
import org.eclipse.che.commons.subject.Subject;
|
||||
import org.eclipse.che.security.oauth.OAuthAPI;
|
||||
import org.mockito.Mock;
|
||||
import org.mockito.testng.MockitoTestNGListener;
|
||||
|
|
@ -60,8 +63,7 @@ public class GitlabUserDataFetcherTest {
|
|||
wireMockServer.url("/"),
|
||||
wireMockServer.url("/"),
|
||||
"http://che.api",
|
||||
personalAccessTokenManager,
|
||||
oAuthTokenFetcher);
|
||||
personalAccessTokenManager);
|
||||
|
||||
stubFor(
|
||||
get(urlEqualTo("/api/v4/user"))
|
||||
|
|
@ -79,9 +81,11 @@ public class GitlabUserDataFetcherTest {
|
|||
|
||||
@Test
|
||||
public void shouldFetchGitUserData() throws Exception {
|
||||
OAuthToken oAuthToken =
|
||||
newDto(OAuthToken.class).withToken("oauthtoken").withScope("api write_repository openid");
|
||||
when(oAuthTokenFetcher.getToken(anyString())).thenReturn(oAuthToken);
|
||||
PersonalAccessToken token = mock(PersonalAccessToken.class);
|
||||
when(token.getToken()).thenReturn("oauthtoken");
|
||||
when(token.getScmProviderUrl()).thenReturn(wireMockServer.url("/"));
|
||||
when(personalAccessTokenManager.get(any(Subject.class), eq("gitlab"), eq(null)))
|
||||
.thenReturn(Optional.of(token));
|
||||
|
||||
GitUserData gitUserData = gitlabUserDataFetcher.fetchGitUserData();
|
||||
assertEquals(gitUserData.getScmUsername(), "John Smith");
|
||||
|
|
|
|||
|
|
@ -62,14 +62,6 @@
|
|||
<groupId>jakarta.ws.rs</groupId>
|
||||
<artifactId>jakarta.ws.rs-api</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.eclipse.che.core</groupId>
|
||||
<artifactId>che-core-api-auth</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.eclipse.che.core</groupId>
|
||||
<artifactId>che-core-api-auth-shared</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.eclipse.che.core</groupId>
|
||||
<artifactId>che-core-api-core</artifactId>
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2012-2023 Red Hat, Inc.
|
||||
* Copyright (c) 2012-2024 Red Hat, Inc.
|
||||
* This program and the accompanying materials are made
|
||||
* available under the terms of the Eclipse Public License 2.0
|
||||
* which is available at https://www.eclipse.org/legal/epl-2.0/
|
||||
|
|
@ -21,6 +21,7 @@ import java.util.Map;
|
|||
import java.util.function.Consumer;
|
||||
import java.util.function.Supplier;
|
||||
import org.eclipse.che.api.core.ApiException;
|
||||
import org.eclipse.che.api.factory.server.scm.AuthorisationRequestManager;
|
||||
import org.eclipse.che.api.factory.server.urlfactory.RemoteFactoryUrl;
|
||||
import org.eclipse.che.api.factory.server.urlfactory.URLFactoryBuilder;
|
||||
import org.eclipse.che.api.factory.shared.dto.FactoryDto;
|
||||
|
|
@ -29,7 +30,6 @@ import org.eclipse.che.api.factory.shared.dto.FactoryVisitor;
|
|||
import org.eclipse.che.api.workspace.server.devfile.FileContentProvider;
|
||||
import org.eclipse.che.api.workspace.shared.dto.devfile.DevfileDto;
|
||||
import org.eclipse.che.api.workspace.shared.dto.devfile.ProjectDto;
|
||||
import org.eclipse.che.security.oauth.AuthorisationRequestManager;
|
||||
|
||||
public class BaseFactoryParameterResolver {
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2012-2023 Red Hat, Inc.
|
||||
* Copyright (c) 2012-2024 Red Hat, Inc.
|
||||
* This program and the accompanying materials are made
|
||||
* available under the terms of the Eclipse Public License 2.0
|
||||
* which is available at https://www.eclipse.org/legal/epl-2.0/
|
||||
|
|
@ -35,6 +35,7 @@ import javax.inject.Inject;
|
|||
import org.eclipse.che.api.core.ApiException;
|
||||
import org.eclipse.che.api.core.BadRequestException;
|
||||
import org.eclipse.che.api.core.rest.Service;
|
||||
import org.eclipse.che.api.factory.server.scm.AuthorisationRequestManager;
|
||||
import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager;
|
||||
import org.eclipse.che.api.factory.server.scm.exception.ScmCommunicationException;
|
||||
import org.eclipse.che.api.factory.server.scm.exception.ScmConfigurationPersistenceException;
|
||||
|
|
@ -42,7 +43,6 @@ import org.eclipse.che.api.factory.server.scm.exception.ScmUnauthorizedException
|
|||
import org.eclipse.che.api.factory.server.scm.exception.UnknownScmProviderException;
|
||||
import org.eclipse.che.api.factory.server.scm.exception.UnsatisfiedScmPreconditionException;
|
||||
import org.eclipse.che.api.factory.shared.dto.FactoryMetaDto;
|
||||
import org.eclipse.che.security.oauth.AuthorisationRequestManager;
|
||||
|
||||
/**
|
||||
* Defines Factory REST API.
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2012-2023 Red Hat, Inc.
|
||||
* Copyright (c) 2012-2024 Red Hat, Inc.
|
||||
* This program and the accompanying materials are made
|
||||
* available under the terms of the Eclipse Public License 2.0
|
||||
* which is available at https://www.eclipse.org/legal/epl-2.0/
|
||||
|
|
@ -12,12 +12,9 @@
|
|||
package org.eclipse.che.api.factory.server.scm;
|
||||
|
||||
import java.util.Optional;
|
||||
import org.eclipse.che.api.auth.shared.dto.OAuthToken;
|
||||
import org.eclipse.che.api.core.*;
|
||||
import org.eclipse.che.api.factory.server.scm.exception.*;
|
||||
import org.eclipse.che.commons.env.EnvironmentContext;
|
||||
import org.eclipse.che.commons.subject.Subject;
|
||||
import org.eclipse.che.security.oauth.OAuthAPI;
|
||||
|
||||
/**
|
||||
* Abstraction to fetch git user data from the specific git provider using OAuth 2.0 or personal
|
||||
|
|
@ -27,48 +24,38 @@ import org.eclipse.che.security.oauth.OAuthAPI;
|
|||
*/
|
||||
public abstract class AbstractGitUserDataFetcher implements GitUserDataFetcher {
|
||||
protected final String oAuthProviderName;
|
||||
private final String oAuthProviderUrl;
|
||||
protected final PersonalAccessTokenManager personalAccessTokenManager;
|
||||
protected final OAuthAPI oAuthTokenFetcher;
|
||||
|
||||
public AbstractGitUserDataFetcher(
|
||||
String oAuthProviderName,
|
||||
PersonalAccessTokenManager personalAccessTokenManager,
|
||||
OAuthAPI oAuthTokenFetcher) {
|
||||
String oAuthProviderUrl,
|
||||
PersonalAccessTokenManager personalAccessTokenManager) {
|
||||
this.oAuthProviderName = oAuthProviderName;
|
||||
this.oAuthProviderUrl = oAuthProviderUrl;
|
||||
this.personalAccessTokenManager = personalAccessTokenManager;
|
||||
this.oAuthTokenFetcher = oAuthTokenFetcher;
|
||||
}
|
||||
|
||||
public GitUserData fetchGitUserData()
|
||||
throws ScmUnauthorizedException, ScmCommunicationException,
|
||||
ScmConfigurationPersistenceException, ScmItemNotFoundException, ScmBadRequestException {
|
||||
Subject cheSubject = EnvironmentContext.getCurrent().getSubject();
|
||||
try {
|
||||
OAuthToken oAuthToken = oAuthTokenFetcher.getToken(oAuthProviderName);
|
||||
return fetchGitUserDataWithOAuthToken(oAuthToken);
|
||||
} catch (UnauthorizedException e) {
|
||||
throw new ScmUnauthorizedException(
|
||||
cheSubject.getUserName()
|
||||
+ " is not authorized in "
|
||||
+ oAuthProviderName
|
||||
+ " OAuth provider.",
|
||||
oAuthProviderName,
|
||||
"2.0",
|
||||
getLocalAuthenticateUrl());
|
||||
} catch (NotFoundException e) {
|
||||
Optional<PersonalAccessToken> personalAccessToken =
|
||||
personalAccessTokenManager.get(cheSubject, oAuthProviderName, null);
|
||||
if (personalAccessToken.isPresent()) {
|
||||
return fetchGitUserDataWithPersonalAccessToken(personalAccessToken.get());
|
||||
Optional<PersonalAccessToken> tokenOptional =
|
||||
personalAccessTokenManager.get(cheSubject, oAuthProviderName, null);
|
||||
if (tokenOptional.isPresent()) {
|
||||
return fetchGitUserDataWithPersonalAccessToken(tokenOptional.get());
|
||||
} else {
|
||||
Optional<PersonalAccessToken> oAuthTokenOptional =
|
||||
personalAccessTokenManager.get(cheSubject, oAuthProviderUrl);
|
||||
if (oAuthTokenOptional.isPresent()) {
|
||||
return fetchGitUserDataWithOAuthToken(oAuthTokenOptional.get().getToken());
|
||||
}
|
||||
throw new ScmCommunicationException(
|
||||
"There are no tokes for the user " + cheSubject.getUserId());
|
||||
} catch (ServerException | ForbiddenException | BadRequestException | ConflictException e) {
|
||||
throw new ScmCommunicationException(e.getMessage(), e);
|
||||
}
|
||||
throw new ScmCommunicationException(
|
||||
"There are no tokes for the user " + cheSubject.getUserId());
|
||||
}
|
||||
|
||||
protected abstract GitUserData fetchGitUserDataWithOAuthToken(OAuthToken oAuthToken)
|
||||
protected abstract GitUserData fetchGitUserDataWithOAuthToken(String token)
|
||||
throws ScmItemNotFoundException, ScmCommunicationException, ScmBadRequestException;
|
||||
|
||||
protected abstract GitUserData fetchGitUserDataWithPersonalAccessToken(
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2012-2023 Red Hat, Inc.
|
||||
* Copyright (c) 2012-2024 Red Hat, Inc.
|
||||
* This program and the accompanying materials are made
|
||||
* available under the terms of the Eclipse Public License 2.0
|
||||
* which is available at https://www.eclipse.org/legal/epl-2.0/
|
||||
|
|
@ -9,7 +9,7 @@
|
|||
* Contributors:
|
||||
* Red Hat, Inc. - initial API and implementation
|
||||
*/
|
||||
package org.eclipse.che.security.oauth;
|
||||
package org.eclipse.che.api.factory.server.scm;
|
||||
|
||||
import jakarta.ws.rs.core.UriInfo;
|
||||
import java.util.List;
|
||||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2012-2023 Red Hat, Inc.
|
||||
* Copyright (c) 2012-2024 Red Hat, Inc.
|
||||
* This program and the accompanying materials are made
|
||||
* available under the terms of the Eclipse Public License 2.0
|
||||
* which is available at https://www.eclipse.org/legal/epl-2.0/
|
||||
|
|
@ -50,8 +50,7 @@ public interface PersonalAccessTokenManager {
|
|||
* permanent storage.
|
||||
*/
|
||||
Optional<PersonalAccessToken> get(Subject cheUser, String scmServerUrl)
|
||||
throws ScmConfigurationPersistenceException, ScmUnauthorizedException,
|
||||
ScmCommunicationException;
|
||||
throws ScmConfigurationPersistenceException;
|
||||
|
||||
/**
|
||||
* Gets {@link PersonalAccessToken} from permanent storage.
|
||||
|
|
@ -80,13 +79,10 @@ public interface PersonalAccessTokenManager {
|
|||
* @return personal access token
|
||||
* @throws ScmConfigurationPersistenceException - problem occurred during communication with
|
||||
* permanent storage.
|
||||
* @throws ScmUnauthorizedException - scm authorization required.
|
||||
* @throws ScmCommunicationException - problem occurred during communication with scm provider.
|
||||
*/
|
||||
Optional<PersonalAccessToken> get(
|
||||
Subject cheUser, String oAuthProviderName, @Nullable String scmServerUrl)
|
||||
throws ScmConfigurationPersistenceException, ScmUnauthorizedException,
|
||||
ScmCommunicationException;
|
||||
throws ScmConfigurationPersistenceException;
|
||||
|
||||
/**
|
||||
* Gets {@link PersonalAccessToken} from permanent storage. If the token is not found try to fetch
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2012-2023 Red Hat, Inc.
|
||||
* Copyright (c) 2012-2024 Red Hat, Inc.
|
||||
* This program and the accompanying materials are made
|
||||
* available under the terms of the Eclipse Public License 2.0
|
||||
* which is available at https://www.eclipse.org/legal/epl-2.0/
|
||||
|
|
@ -81,7 +81,7 @@ public class ScmPersonalAccessTokenFetcher {
|
|||
* fetchers return an scm username, return it. Otherwise, return null.
|
||||
*/
|
||||
public Optional<String> getScmUsername(PersonalAccessTokenParams params)
|
||||
throws UnknownScmProviderException, ScmUnauthorizedException, ScmCommunicationException {
|
||||
throws UnknownScmProviderException {
|
||||
for (PersonalAccessTokenFetcher fetcher : personalAccessTokenFetchers) {
|
||||
Optional<Pair<Boolean, String>> isValid = fetcher.isValid(params);
|
||||
if (isValid.isPresent() && isValid.get().first) {
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2012-2023 Red Hat, Inc.
|
||||
* Copyright (c) 2012-2024 Red Hat, Inc.
|
||||
* This program and the accompanying materials are made
|
||||
* available under the terms of the Eclipse Public License 2.0
|
||||
* which is available at https://www.eclipse.org/legal/epl-2.0/
|
||||
|
|
@ -18,8 +18,8 @@ import static org.testng.Assert.assertFalse;
|
|||
import static org.testng.Assert.assertTrue;
|
||||
|
||||
import java.util.Map;
|
||||
import org.eclipse.che.api.factory.server.scm.AuthorisationRequestManager;
|
||||
import org.eclipse.che.api.factory.server.urlfactory.URLFactoryBuilder;
|
||||
import org.eclipse.che.security.oauth.AuthorisationRequestManager;
|
||||
import org.mockito.Mock;
|
||||
import org.mockito.testng.MockitoTestNGListener;
|
||||
import org.testng.annotations.BeforeMethod;
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright (c) 2012-2023 Red Hat, Inc.
|
||||
* Copyright (c) 2012-2024 Red Hat, Inc.
|
||||
* This program and the accompanying materials are made
|
||||
* available under the terms of the Eclipse Public License 2.0
|
||||
* which is available at https://www.eclipse.org/legal/epl-2.0/
|
||||
|
|
@ -54,6 +54,7 @@ import org.eclipse.che.api.core.rest.shared.dto.ServiceError;
|
|||
import org.eclipse.che.api.factory.server.FactoryService.FactoryParametersResolverHolder;
|
||||
import org.eclipse.che.api.factory.server.builder.FactoryBuilder;
|
||||
import org.eclipse.che.api.factory.server.impl.SourceStorageParametersValidator;
|
||||
import org.eclipse.che.api.factory.server.scm.AuthorisationRequestManager;
|
||||
import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager;
|
||||
import org.eclipse.che.api.factory.server.urlfactory.RemoteFactoryUrl;
|
||||
import org.eclipse.che.api.factory.shared.dto.FactoryDto;
|
||||
|
|
@ -63,7 +64,6 @@ import org.eclipse.che.api.user.server.model.impl.UserImpl;
|
|||
import org.eclipse.che.commons.env.EnvironmentContext;
|
||||
import org.eclipse.che.commons.subject.SubjectImpl;
|
||||
import org.eclipse.che.dto.server.DtoFactory;
|
||||
import org.eclipse.che.security.oauth.AuthorisationRequestManager;
|
||||
import org.everrest.assured.EverrestJetty;
|
||||
import org.everrest.core.Filter;
|
||||
import org.everrest.core.GenericContainerRequest;
|
||||
|
|
|
|||
Loading…
Reference in New Issue