From 71b21e37f58cf4954a6756bc5e549557d43cdb2d Mon Sep 17 00:00:00 2001 From: ivinokur Date: Thu, 1 Feb 2024 15:11:18 +0200 Subject: [PATCH] Fetch oauth tokens from kubernetes secrets --- .../infrastructure-factory/pom.xml | 4 -- .../server/scm/KubernetesScmModule.java | 3 +- ...KubernetesAuthorisationRequestManager.java | 4 +- .../KubernetesPersonalAccessTokenManager.java | 11 ++--- .../OAuthTokenSecretsConfigurator.java | 8 +--- wsmaster/che-core-api-auth/pom.xml | 4 ++ .../che/security/oauth/EmbeddedOAuthAPI.java | 19 +++++++- .../oauth/OAuthAuthenticationService.java | 3 +- .../AzureDevOpsFactoryParametersResolver.java | 4 +- .../devops/AzureDevOpsUserDataFetcher.java | 12 ++--- ...rAuthorizingFactoryParametersResolver.java | 4 +- .../bitbucket/BitbucketServerURLParser.java | 6 +-- ...horizingFactoryParametersResolverTest.java | 4 +- .../BitbucketFactoryParametersResolver.java | 4 +- ...itbucketFactoryParametersResolverTest.java | 4 +- wsmaster/che-core-api-factory-git-ssh/pom.xml | 4 -- .../ssh/GitSshFactoryParametersResolver.java | 4 +- ...stractGithubFactoryParametersResolver.java | 4 +- .../github/AbstractGithubURLParser.java | 4 +- .../github/AbstractGithubUserDataFetcher.java | 11 ++--- .../server/github/GithubApiClient.java | 5 ++ .../GithubFactoryParametersResolver.java | 4 +- ...GithubFactoryParametersResolverSecond.java | 4 +- .../server/github/GithubUserDataFetcher.java | 13 +---- .../github/GithubUserDataFetcherSecond.java | 5 +- .../GithubFactoryParametersResolverTest.java | 4 +- .../github/GithubGitUserDataFetcherTest.java | 19 +++++--- .../GitlabFactoryParametersResolver.java | 4 +- .../server/gitlab/GitlabUrlParser.java | 7 +-- .../server/gitlab/GitlabUserDataFetcher.java | 17 +++---- .../GitlabFactoryParametersResolverTest.java | 4 +- .../gitlab/GitlabUserDataFetcherTest.java | 22 +++++---- wsmaster/che-core-api-factory/pom.xml | 8 ---- .../server/BaseFactoryParameterResolver.java | 4 +- .../api/factory/server/FactoryService.java | 4 +- .../scm/AbstractGitUserDataFetcher.java | 47 +++++++------------ .../scm}/AuthorisationRequestManager.java | 4 +- .../scm/PersonalAccessTokenManager.java | 10 ++-- .../scm/ScmPersonalAccessTokenFetcher.java | 4 +- .../BaseFactoryParameterResolverTest.java | 4 +- .../factory/server/FactoryServiceTest.java | 4 +- 41 files changed, 145 insertions(+), 173 deletions(-) rename wsmaster/{che-core-api-auth/src/main/java/org/eclipse/che/security/oauth => che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm}/AuthorisationRequestManager.java (93%) diff --git a/infrastructures/infrastructure-factory/pom.xml b/infrastructures/infrastructure-factory/pom.xml index 5ed6b03f83..b4647fdf9b 100644 --- a/infrastructures/infrastructure-factory/pom.xml +++ b/infrastructures/infrastructure-factory/pom.xml @@ -51,10 +51,6 @@ jakarta.ws.rs jakarta.ws.rs-api - - org.eclipse.che.core - che-core-api-auth - org.eclipse.che.core che-core-api-core diff --git a/infrastructures/infrastructure-factory/src/main/java/org/eclipse/che/api/factory/server/scm/KubernetesScmModule.java b/infrastructures/infrastructure-factory/src/main/java/org/eclipse/che/api/factory/server/scm/KubernetesScmModule.java index c7e0f79dd4..b77def55b6 100644 --- a/infrastructures/infrastructure-factory/src/main/java/org/eclipse/che/api/factory/server/scm/KubernetesScmModule.java +++ b/infrastructures/infrastructure-factory/src/main/java/org/eclipse/che/api/factory/server/scm/KubernetesScmModule.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -15,7 +15,6 @@ import com.google.inject.AbstractModule; import org.eclipse.che.api.factory.server.scm.kubernetes.KubernetesAuthorisationRequestManager; import org.eclipse.che.api.factory.server.scm.kubernetes.KubernetesGitCredentialManager; import org.eclipse.che.api.factory.server.scm.kubernetes.KubernetesPersonalAccessTokenManager; -import org.eclipse.che.security.oauth.AuthorisationRequestManager; public class KubernetesScmModule extends AbstractModule { @Override diff --git a/infrastructures/infrastructure-factory/src/main/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesAuthorisationRequestManager.java b/infrastructures/infrastructure-factory/src/main/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesAuthorisationRequestManager.java index 44356d006d..8af694936e 100644 --- a/infrastructures/infrastructure-factory/src/main/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesAuthorisationRequestManager.java +++ b/infrastructures/infrastructure-factory/src/main/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesAuthorisationRequestManager.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -28,10 +28,10 @@ import java.util.List; import java.util.Map; import javax.inject.Inject; import javax.inject.Singleton; +import org.eclipse.che.api.factory.server.scm.AuthorisationRequestManager; import org.eclipse.che.api.factory.server.scm.exception.ScmConfigurationPersistenceException; import org.eclipse.che.api.factory.server.scm.exception.UnsatisfiedScmPreconditionException; import org.eclipse.che.api.workspace.server.spi.InfrastructureException; -import org.eclipse.che.security.oauth.AuthorisationRequestManager; import org.eclipse.che.workspace.infrastructure.kubernetes.CheServerKubernetesClientFactory; import org.eclipse.che.workspace.infrastructure.kubernetes.api.shared.KubernetesNamespaceMeta; import org.eclipse.che.workspace.infrastructure.kubernetes.namespace.KubernetesNamespaceFactory; diff --git a/infrastructures/infrastructure-factory/src/main/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesPersonalAccessTokenManager.java b/infrastructures/infrastructure-factory/src/main/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesPersonalAccessTokenManager.java index 15ce7e16e2..f122cbddb8 100644 --- a/infrastructures/infrastructure-factory/src/main/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesPersonalAccessTokenManager.java +++ b/infrastructures/infrastructure-factory/src/main/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesPersonalAccessTokenManager.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -142,8 +142,7 @@ public class KubernetesPersonalAccessTokenManager implements PersonalAccessToken @Override public Optional get(Subject cheUser, String scmServerUrl) - throws ScmConfigurationPersistenceException, ScmUnauthorizedException, - ScmCommunicationException { + throws ScmConfigurationPersistenceException { return doGetPersonalAccessToken(cheUser, null, scmServerUrl); } @@ -165,15 +164,13 @@ public class KubernetesPersonalAccessTokenManager implements PersonalAccessToken @Override public Optional get( Subject cheUser, String oAuthProviderName, @Nullable String scmServerUrl) - throws ScmConfigurationPersistenceException, ScmUnauthorizedException, - ScmCommunicationException { + throws ScmConfigurationPersistenceException { return doGetPersonalAccessToken(cheUser, oAuthProviderName, scmServerUrl); } private Optional doGetPersonalAccessToken( Subject cheUser, @Nullable String oAuthProviderName, @Nullable String scmServerUrl) - throws ScmConfigurationPersistenceException, ScmUnauthorizedException, - ScmCommunicationException { + throws ScmConfigurationPersistenceException { try { for (KubernetesNamespaceMeta namespaceMeta : namespaceFactory.list()) { List secrets = diff --git a/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/namespace/configurator/OAuthTokenSecretsConfigurator.java b/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/namespace/configurator/OAuthTokenSecretsConfigurator.java index d68978ccbd..0ab31f7122 100644 --- a/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/namespace/configurator/OAuthTokenSecretsConfigurator.java +++ b/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/namespace/configurator/OAuthTokenSecretsConfigurator.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -17,9 +17,7 @@ import javax.inject.Inject; import javax.inject.Singleton; import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenFetcher; import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager; -import org.eclipse.che.api.factory.server.scm.exception.ScmCommunicationException; import org.eclipse.che.api.factory.server.scm.exception.ScmConfigurationPersistenceException; -import org.eclipse.che.api.factory.server.scm.exception.ScmUnauthorizedException; import org.eclipse.che.api.workspace.server.spi.InfrastructureException; import org.eclipse.che.api.workspace.server.spi.NamespaceResolutionContext; import org.eclipse.che.commons.env.EnvironmentContext; @@ -76,9 +74,7 @@ public class OAuthTokenSecretsConfigurator implements NamespaceConfigurator { Subject cheSubject = EnvironmentContext.getCurrent().getSubject(); personalAccessTokenManager.get( cheSubject, s.getMetadata().getAnnotations().get(ANNOTATION_SCM_URL)); - } catch (ScmCommunicationException - | ScmConfigurationPersistenceException - | ScmUnauthorizedException e) { + } catch (ScmConfigurationPersistenceException e) { throw new RuntimeException(e); } }); diff --git a/wsmaster/che-core-api-auth/pom.xml b/wsmaster/che-core-api-auth/pom.xml index 33b184449b..4c299bd11d 100644 --- a/wsmaster/che-core-api-auth/pom.xml +++ b/wsmaster/che-core-api-auth/pom.xml @@ -59,6 +59,10 @@ org.eclipse.che.core che-core-api-dto + + org.eclipse.che.core + che-core-api-factory + org.eclipse.che.core che-core-commons-annotations diff --git a/wsmaster/che-core-api-auth/src/main/java/org/eclipse/che/security/oauth/EmbeddedOAuthAPI.java b/wsmaster/che-core-api-auth/src/main/java/org/eclipse/che/security/oauth/EmbeddedOAuthAPI.java index 2620f753d1..28886d58e3 100644 --- a/wsmaster/che-core-api-auth/src/main/java/org/eclipse/che/security/oauth/EmbeddedOAuthAPI.java +++ b/wsmaster/che-core-api-auth/src/main/java/org/eclipse/che/security/oauth/EmbeddedOAuthAPI.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -40,6 +40,9 @@ import org.eclipse.che.api.core.UnauthorizedException; import org.eclipse.che.api.core.rest.shared.dto.Link; import org.eclipse.che.api.core.rest.shared.dto.LinkParameter; import org.eclipse.che.api.core.util.LinksHelper; +import org.eclipse.che.api.factory.server.scm.PersonalAccessToken; +import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager; +import org.eclipse.che.api.factory.server.scm.exception.ScmConfigurationPersistenceException; import org.eclipse.che.commons.env.EnvironmentContext; import org.eclipse.che.commons.subject.Subject; import org.eclipse.che.security.oauth.shared.dto.OAuthAuthenticatorDescriptor; @@ -62,6 +65,7 @@ public class EmbeddedOAuthAPI implements OAuthAPI { @Inject protected OAuthAuthenticatorProvider oauth2Providers; @Inject protected org.eclipse.che.security.oauth1.OAuthAuthenticatorProvider oauth1Providers; + @Inject private PersonalAccessTokenManager personalAccessTokenManager; private String redirectAfterLogin; @Override @@ -176,6 +180,19 @@ public class EmbeddedOAuthAPI implements OAuthAPI { } if (token != null) { return token; + } else { + Optional tokenOptional; + try { + tokenOptional = personalAccessTokenManager.get(subject, oauthProvider, null); + if (tokenOptional.isEmpty()) { + tokenOptional = personalAccessTokenManager.get(subject, provider.getEndpointUrl()); + } + if (tokenOptional.isPresent()) { + return newDto(OAuthToken.class).withToken(tokenOptional.get().getToken()); + } + } catch (ScmConfigurationPersistenceException e) { + throw new RuntimeException(e); + } } throw new UnauthorizedException( "OAuth token for user " + subject.getUserId() + " was not found"); diff --git a/wsmaster/che-core-api-auth/src/main/java/org/eclipse/che/security/oauth/OAuthAuthenticationService.java b/wsmaster/che-core-api-auth/src/main/java/org/eclipse/che/security/oauth/OAuthAuthenticationService.java index eb135c99b9..cf2cfe0f71 100644 --- a/wsmaster/che-core-api-auth/src/main/java/org/eclipse/che/security/oauth/OAuthAuthenticationService.java +++ b/wsmaster/che-core-api-auth/src/main/java/org/eclipse/che/security/oauth/OAuthAuthenticationService.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -29,6 +29,7 @@ import org.eclipse.che.api.auth.shared.dto.OAuthToken; import org.eclipse.che.api.core.*; import org.eclipse.che.api.core.rest.Service; import org.eclipse.che.api.core.rest.annotations.Required; +import org.eclipse.che.api.factory.server.scm.AuthorisationRequestManager; import org.eclipse.che.security.oauth.shared.dto.OAuthAuthenticatorDescriptor; /** RESTful wrapper for OAuthAuthenticator. */ diff --git a/wsmaster/che-core-api-factory-azure-devops/src/main/java/org/eclipse/che/api/factory/server/azure/devops/AzureDevOpsFactoryParametersResolver.java b/wsmaster/che-core-api-factory-azure-devops/src/main/java/org/eclipse/che/api/factory/server/azure/devops/AzureDevOpsFactoryParametersResolver.java index 60f307ad1a..6b3654d384 100644 --- a/wsmaster/che-core-api-factory-azure-devops/src/main/java/org/eclipse/che/api/factory/server/azure/devops/AzureDevOpsFactoryParametersResolver.java +++ b/wsmaster/che-core-api-factory-azure-devops/src/main/java/org/eclipse/che/api/factory/server/azure/devops/AzureDevOpsFactoryParametersResolver.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -23,6 +23,7 @@ import javax.inject.Singleton; import org.eclipse.che.api.core.ApiException; import org.eclipse.che.api.factory.server.BaseFactoryParameterResolver; import org.eclipse.che.api.factory.server.FactoryParametersResolver; +import org.eclipse.che.api.factory.server.scm.AuthorisationRequestManager; import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager; import org.eclipse.che.api.factory.server.urlfactory.ProjectConfigDtoMerger; import org.eclipse.che.api.factory.server.urlfactory.RemoteFactoryUrl; @@ -37,7 +38,6 @@ import org.eclipse.che.api.workspace.shared.dto.ProjectConfigDto; import org.eclipse.che.api.workspace.shared.dto.SourceStorageDto; import org.eclipse.che.api.workspace.shared.dto.devfile.ProjectDto; import org.eclipse.che.api.workspace.shared.dto.devfile.SourceDto; -import org.eclipse.che.security.oauth.AuthorisationRequestManager; /** * Provides Factory Parameters resolver for Azure DevOps repositories. diff --git a/wsmaster/che-core-api-factory-azure-devops/src/main/java/org/eclipse/che/api/factory/server/azure/devops/AzureDevOpsUserDataFetcher.java b/wsmaster/che-core-api-factory-azure-devops/src/main/java/org/eclipse/che/api/factory/server/azure/devops/AzureDevOpsUserDataFetcher.java index 5e8f23ac51..b594687eed 100644 --- a/wsmaster/che-core-api-factory-azure-devops/src/main/java/org/eclipse/che/api/factory/server/azure/devops/AzureDevOpsUserDataFetcher.java +++ b/wsmaster/che-core-api-factory-azure-devops/src/main/java/org/eclipse/che/api/factory/server/azure/devops/AzureDevOpsUserDataFetcher.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -15,7 +15,6 @@ import static org.eclipse.che.api.factory.server.azure.devops.AzureDevOps.getAut import javax.inject.Inject; import javax.inject.Named; -import org.eclipse.che.api.auth.shared.dto.OAuthToken; import org.eclipse.che.api.factory.server.scm.AbstractGitUserDataFetcher; import org.eclipse.che.api.factory.server.scm.GitUserData; import org.eclipse.che.api.factory.server.scm.PersonalAccessToken; @@ -23,7 +22,6 @@ import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager; import org.eclipse.che.api.factory.server.scm.exception.ScmBadRequestException; import org.eclipse.che.api.factory.server.scm.exception.ScmCommunicationException; import org.eclipse.che.api.factory.server.scm.exception.ScmItemNotFoundException; -import org.eclipse.che.security.oauth.OAuthAPI; /** * Azure DevOps user data fetcher. @@ -37,21 +35,21 @@ public class AzureDevOpsUserDataFetcher extends AbstractGitUserDataFetcher { @Inject public AzureDevOpsUserDataFetcher( - OAuthAPI oAuthTokenFetcher, PersonalAccessTokenManager personalAccessTokenManager, AzureDevOpsApiClient azureDevOpsApiClient, @Named("che.api") String cheApiEndpoint, + @Named("che.integration.azure.devops.scm.api_endpoint") String azureDevOpsScmApiEndpoint, @Named("che.integration.azure.devops.application_scopes") String[] scopes) { - super(AzureDevOps.PROVIDER_NAME, personalAccessTokenManager, oAuthTokenFetcher); + super(AzureDevOps.PROVIDER_NAME, azureDevOpsScmApiEndpoint, personalAccessTokenManager); this.scopes = scopes; this.cheApiEndpoint = cheApiEndpoint; this.azureDevOpsApiClient = azureDevOpsApiClient; } @Override - protected GitUserData fetchGitUserDataWithOAuthToken(OAuthToken oAuthToken) + protected GitUserData fetchGitUserDataWithOAuthToken(String token) throws ScmItemNotFoundException, ScmCommunicationException, ScmBadRequestException { - AzureDevOpsUser user = azureDevOpsApiClient.getUserWithOAuthToken(oAuthToken.getToken()); + AzureDevOpsUser user = azureDevOpsApiClient.getUserWithOAuthToken(token); return new GitUserData(user.getDisplayName(), user.getEmailAddress()); } diff --git a/wsmaster/che-core-api-factory-bitbucket-server/src/main/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketServerAuthorizingFactoryParametersResolver.java b/wsmaster/che-core-api-factory-bitbucket-server/src/main/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketServerAuthorizingFactoryParametersResolver.java index e53a93b40c..37c61bbe38 100644 --- a/wsmaster/che-core-api-factory-bitbucket-server/src/main/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketServerAuthorizingFactoryParametersResolver.java +++ b/wsmaster/che-core-api-factory-bitbucket-server/src/main/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketServerAuthorizingFactoryParametersResolver.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -22,6 +22,7 @@ import org.eclipse.che.api.core.ApiException; import org.eclipse.che.api.core.BadRequestException; import org.eclipse.che.api.factory.server.BaseFactoryParameterResolver; import org.eclipse.che.api.factory.server.FactoryParametersResolver; +import org.eclipse.che.api.factory.server.scm.AuthorisationRequestManager; import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager; import org.eclipse.che.api.factory.server.urlfactory.RemoteFactoryUrl; import org.eclipse.che.api.factory.server.urlfactory.URLFactoryBuilder; @@ -33,7 +34,6 @@ import org.eclipse.che.api.factory.shared.dto.ScmInfoDto; import org.eclipse.che.api.workspace.server.devfile.URLFetcher; import org.eclipse.che.api.workspace.shared.dto.devfile.ProjectDto; import org.eclipse.che.api.workspace.shared.dto.devfile.SourceDto; -import org.eclipse.che.security.oauth.AuthorisationRequestManager; /** * Provides Factory Parameters resolver for both public and private bitbucket repositories. diff --git a/wsmaster/che-core-api-factory-bitbucket-server/src/main/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketServerURLParser.java b/wsmaster/che-core-api-factory-bitbucket-server/src/main/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketServerURLParser.java index f275b6b5f3..e50fa9dd41 100644 --- a/wsmaster/che-core-api-factory-bitbucket-server/src/main/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketServerURLParser.java +++ b/wsmaster/che-core-api-factory-bitbucket-server/src/main/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketServerURLParser.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -95,9 +95,7 @@ public class BitbucketServerURLParser { Optional token = personalAccessTokenManager.get(EnvironmentContext.getCurrent().getSubject(), serverUrl); return token.isPresent() && token.get().getScmTokenName().equals(OAUTH_PROVIDER_NAME); - } catch (ScmConfigurationPersistenceException - | ScmUnauthorizedException - | ScmCommunicationException exception) { + } catch (ScmConfigurationPersistenceException exception) { return false; } } diff --git a/wsmaster/che-core-api-factory-bitbucket-server/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketServerAuthorizingFactoryParametersResolverTest.java b/wsmaster/che-core-api-factory-bitbucket-server/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketServerAuthorizingFactoryParametersResolverTest.java index 664d0749d2..86e5d9a8b3 100644 --- a/wsmaster/che-core-api-factory-bitbucket-server/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketServerAuthorizingFactoryParametersResolverTest.java +++ b/wsmaster/che-core-api-factory-bitbucket-server/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketServerAuthorizingFactoryParametersResolverTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -35,6 +35,7 @@ import java.util.Map; import java.util.Optional; import org.eclipse.che.api.core.ApiException; import org.eclipse.che.api.core.model.factory.ScmInfo; +import org.eclipse.che.api.factory.server.scm.AuthorisationRequestManager; import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager; import org.eclipse.che.api.factory.server.urlfactory.DevfileFilenamesProvider; import org.eclipse.che.api.factory.server.urlfactory.RemoteFactoryUrl; @@ -45,7 +46,6 @@ import org.eclipse.che.api.workspace.server.devfile.URLFetcher; import org.eclipse.che.api.workspace.shared.dto.devfile.DevfileDto; import org.eclipse.che.api.workspace.shared.dto.devfile.MetadataDto; import org.eclipse.che.api.workspace.shared.dto.devfile.SourceDto; -import org.eclipse.che.security.oauth.AuthorisationRequestManager; import org.eclipse.che.security.oauth.OAuthAPI; import org.mockito.Mock; import org.mockito.testng.MockitoTestNGListener; diff --git a/wsmaster/che-core-api-factory-bitbucket/src/main/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketFactoryParametersResolver.java b/wsmaster/che-core-api-factory-bitbucket/src/main/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketFactoryParametersResolver.java index 9c67f50f22..7e828904f7 100644 --- a/wsmaster/che-core-api-factory-bitbucket/src/main/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketFactoryParametersResolver.java +++ b/wsmaster/che-core-api-factory-bitbucket/src/main/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketFactoryParametersResolver.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -22,6 +22,7 @@ import org.eclipse.che.api.core.ApiException; import org.eclipse.che.api.core.BadRequestException; import org.eclipse.che.api.factory.server.BaseFactoryParameterResolver; import org.eclipse.che.api.factory.server.FactoryParametersResolver; +import org.eclipse.che.api.factory.server.scm.AuthorisationRequestManager; import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager; import org.eclipse.che.api.factory.server.urlfactory.ProjectConfigDtoMerger; import org.eclipse.che.api.factory.server.urlfactory.RemoteFactoryUrl; @@ -34,7 +35,6 @@ import org.eclipse.che.api.factory.shared.dto.ScmInfoDto; import org.eclipse.che.api.workspace.server.devfile.URLFetcher; import org.eclipse.che.api.workspace.shared.dto.ProjectConfigDto; import org.eclipse.che.api.workspace.shared.dto.devfile.ProjectDto; -import org.eclipse.che.security.oauth.AuthorisationRequestManager; /** Provides Factory Parameters resolver for bitbucket repositories. */ @Singleton diff --git a/wsmaster/che-core-api-factory-bitbucket/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketFactoryParametersResolverTest.java b/wsmaster/che-core-api-factory-bitbucket/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketFactoryParametersResolverTest.java index 7d6e2ae754..9137d32823 100644 --- a/wsmaster/che-core-api-factory-bitbucket/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketFactoryParametersResolverTest.java +++ b/wsmaster/che-core-api-factory-bitbucket/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketFactoryParametersResolverTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -36,6 +36,7 @@ import java.util.Map; import java.util.Optional; import org.eclipse.che.api.core.ApiException; import org.eclipse.che.api.core.model.factory.ScmInfo; +import org.eclipse.che.api.factory.server.scm.AuthorisationRequestManager; import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager; import org.eclipse.che.api.factory.server.urlfactory.DevfileFilenamesProvider; import org.eclipse.che.api.factory.server.urlfactory.ProjectConfigDtoMerger; @@ -49,7 +50,6 @@ import org.eclipse.che.api.workspace.shared.dto.devfile.DevfileDto; import org.eclipse.che.api.workspace.shared.dto.devfile.MetadataDto; import org.eclipse.che.api.workspace.shared.dto.devfile.ProjectDto; import org.eclipse.che.api.workspace.shared.dto.devfile.SourceDto; -import org.eclipse.che.security.oauth.AuthorisationRequestManager; import org.mockito.ArgumentCaptor; import org.mockito.Captor; import org.mockito.Mock; diff --git a/wsmaster/che-core-api-factory-git-ssh/pom.xml b/wsmaster/che-core-api-factory-git-ssh/pom.xml index cf943b0623..3fd7c9ed96 100644 --- a/wsmaster/che-core-api-factory-git-ssh/pom.xml +++ b/wsmaster/che-core-api-factory-git-ssh/pom.xml @@ -34,10 +34,6 @@ jakarta.validation jakarta.validation-api - - org.eclipse.che.core - che-core-api-auth - org.eclipse.che.core che-core-api-core diff --git a/wsmaster/che-core-api-factory-git-ssh/src/main/java/org/eclipse/che/api/factory/server/git/ssh/GitSshFactoryParametersResolver.java b/wsmaster/che-core-api-factory-git-ssh/src/main/java/org/eclipse/che/api/factory/server/git/ssh/GitSshFactoryParametersResolver.java index 97698512d9..cc5ae1058a 100644 --- a/wsmaster/che-core-api-factory-git-ssh/src/main/java/org/eclipse/che/api/factory/server/git/ssh/GitSshFactoryParametersResolver.java +++ b/wsmaster/che-core-api-factory-git-ssh/src/main/java/org/eclipse/che/api/factory/server/git/ssh/GitSshFactoryParametersResolver.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -24,6 +24,7 @@ import org.eclipse.che.api.core.ApiException; import org.eclipse.che.api.factory.server.BaseFactoryParameterResolver; import org.eclipse.che.api.factory.server.FactoryParametersResolver; import org.eclipse.che.api.factory.server.FactoryResolverPriority; +import org.eclipse.che.api.factory.server.scm.AuthorisationRequestManager; import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager; import org.eclipse.che.api.factory.server.urlfactory.RemoteFactoryUrl; import org.eclipse.che.api.factory.server.urlfactory.URLFactoryBuilder; @@ -35,7 +36,6 @@ import org.eclipse.che.api.factory.shared.dto.ScmInfoDto; import org.eclipse.che.api.workspace.server.devfile.URLFetcher; import org.eclipse.che.api.workspace.shared.dto.devfile.ProjectDto; import org.eclipse.che.api.workspace.shared.dto.devfile.SourceDto; -import org.eclipse.che.security.oauth.AuthorisationRequestManager; /** * Provides Factory Parameters resolver for Git Ssh repositories. diff --git a/wsmaster/che-core-api-factory-github-common/src/main/java/org/eclipse/che/api/factory/server/github/AbstractGithubFactoryParametersResolver.java b/wsmaster/che-core-api-factory-github-common/src/main/java/org/eclipse/che/api/factory/server/github/AbstractGithubFactoryParametersResolver.java index 2a4652ec55..0aed63b492 100644 --- a/wsmaster/che-core-api-factory-github-common/src/main/java/org/eclipse/che/api/factory/server/github/AbstractGithubFactoryParametersResolver.java +++ b/wsmaster/che-core-api-factory-github-common/src/main/java/org/eclipse/che/api/factory/server/github/AbstractGithubFactoryParametersResolver.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -21,6 +21,7 @@ import org.eclipse.che.api.core.ApiException; import org.eclipse.che.api.core.BadRequestException; import org.eclipse.che.api.factory.server.BaseFactoryParameterResolver; import org.eclipse.che.api.factory.server.FactoryParametersResolver; +import org.eclipse.che.api.factory.server.scm.AuthorisationRequestManager; import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager; import org.eclipse.che.api.factory.server.urlfactory.ProjectConfigDtoMerger; import org.eclipse.che.api.factory.server.urlfactory.RemoteFactoryUrl; @@ -29,7 +30,6 @@ import org.eclipse.che.api.factory.shared.dto.*; import org.eclipse.che.api.workspace.server.devfile.URLFetcher; import org.eclipse.che.api.workspace.shared.dto.ProjectConfigDto; import org.eclipse.che.api.workspace.shared.dto.devfile.ProjectDto; -import org.eclipse.che.security.oauth.AuthorisationRequestManager; /** * Provides Factory Parameters resolver for github repositories. diff --git a/wsmaster/che-core-api-factory-github-common/src/main/java/org/eclipse/che/api/factory/server/github/AbstractGithubURLParser.java b/wsmaster/che-core-api-factory-github-common/src/main/java/org/eclipse/che/api/factory/server/github/AbstractGithubURLParser.java index 5c8f934462..c11372d90a 100644 --- a/wsmaster/che-core-api-factory-github-common/src/main/java/org/eclipse/che/api/factory/server/github/AbstractGithubURLParser.java +++ b/wsmaster/che-core-api-factory-github-common/src/main/java/org/eclipse/che/api/factory/server/github/AbstractGithubURLParser.java @@ -108,9 +108,7 @@ public abstract class AbstractGithubURLParser { PersonalAccessToken accessToken = token.get(); return accessToken.getScmTokenName().equals(providerName); } - } catch (ScmConfigurationPersistenceException - | ScmUnauthorizedException - | ScmCommunicationException exception) { + } catch (ScmConfigurationPersistenceException exception) { return false; } } diff --git a/wsmaster/che-core-api-factory-github-common/src/main/java/org/eclipse/che/api/factory/server/github/AbstractGithubUserDataFetcher.java b/wsmaster/che-core-api-factory-github-common/src/main/java/org/eclipse/che/api/factory/server/github/AbstractGithubUserDataFetcher.java index 522f309e2f..1ce559486d 100644 --- a/wsmaster/che-core-api-factory-github-common/src/main/java/org/eclipse/che/api/factory/server/github/AbstractGithubUserDataFetcher.java +++ b/wsmaster/che-core-api-factory-github-common/src/main/java/org/eclipse/che/api/factory/server/github/AbstractGithubUserDataFetcher.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -16,7 +16,6 @@ import static com.google.common.base.Strings.isNullOrEmpty; import com.google.common.base.Joiner; import com.google.common.collect.ImmutableSet; import java.util.Set; -import org.eclipse.che.api.auth.shared.dto.OAuthToken; import org.eclipse.che.api.factory.server.scm.AbstractGitUserDataFetcher; import org.eclipse.che.api.factory.server.scm.GitUserData; import org.eclipse.che.api.factory.server.scm.PersonalAccessToken; @@ -24,7 +23,6 @@ import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager; import org.eclipse.che.api.factory.server.scm.exception.ScmBadRequestException; import org.eclipse.che.api.factory.server.scm.exception.ScmCommunicationException; import org.eclipse.che.api.factory.server.scm.exception.ScmItemNotFoundException; -import org.eclipse.che.security.oauth.OAuthAPI; /** GitHub user data retriever. */ public abstract class AbstractGithubUserDataFetcher extends AbstractGitUserDataFetcher { @@ -44,20 +42,19 @@ public abstract class AbstractGithubUserDataFetcher extends AbstractGitUserDataF /** Constructor used for testing only. */ public AbstractGithubUserDataFetcher( String apiEndpoint, - OAuthAPI oAuthTokenFetcher, PersonalAccessTokenManager personalAccessTokenManager, GithubApiClient githubApiClient, String providerName) { - super(providerName, personalAccessTokenManager, oAuthTokenFetcher); + super(providerName, githubApiClient.getServerUrl(), personalAccessTokenManager); this.providerName = providerName; this.githubApiClient = githubApiClient; this.apiEndpoint = apiEndpoint; } @Override - protected GitUserData fetchGitUserDataWithOAuthToken(OAuthToken oAuthToken) + protected GitUserData fetchGitUserDataWithOAuthToken(String token) throws ScmItemNotFoundException, ScmCommunicationException, ScmBadRequestException { - GithubUser user = githubApiClient.getUser(oAuthToken.getToken()); + GithubUser user = githubApiClient.getUser(token); if (isNullOrEmpty(user.getName()) || isNullOrEmpty(user.getEmail())) { throw new ScmItemNotFoundException(NO_USERNAME_AND_EMAIL_ERROR_MESSAGE); } else { diff --git a/wsmaster/che-core-api-factory-github-common/src/main/java/org/eclipse/che/api/factory/server/github/GithubApiClient.java b/wsmaster/che-core-api-factory-github-common/src/main/java/org/eclipse/che/api/factory/server/github/GithubApiClient.java index 159e0e8a36..57907c1275 100644 --- a/wsmaster/che-core-api-factory-github-common/src/main/java/org/eclipse/che/api/factory/server/github/GithubApiClient.java +++ b/wsmaster/che-core-api-factory-github-common/src/main/java/org/eclipse/che/api/factory/server/github/GithubApiClient.java @@ -235,6 +235,11 @@ public class GithubApiClient { }); } + /** Returns the GitHub endpoint URL. */ + public String getServerUrl() { + return this.scmServerUrl.toString(); + } + /** * Builds and returns HttpRequest to acces the GitHub API. * diff --git a/wsmaster/che-core-api-factory-github/src/main/java/org/eclipse/che/api/factory/server/github/GithubFactoryParametersResolver.java b/wsmaster/che-core-api-factory-github/src/main/java/org/eclipse/che/api/factory/server/github/GithubFactoryParametersResolver.java index 5721690855..462505bde6 100644 --- a/wsmaster/che-core-api-factory-github/src/main/java/org/eclipse/che/api/factory/server/github/GithubFactoryParametersResolver.java +++ b/wsmaster/che-core-api-factory-github/src/main/java/org/eclipse/che/api/factory/server/github/GithubFactoryParametersResolver.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -13,11 +13,11 @@ package org.eclipse.che.api.factory.server.github; import javax.inject.Inject; import javax.inject.Singleton; +import org.eclipse.che.api.factory.server.scm.AuthorisationRequestManager; import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager; import org.eclipse.che.api.factory.server.urlfactory.ProjectConfigDtoMerger; import org.eclipse.che.api.factory.server.urlfactory.URLFactoryBuilder; import org.eclipse.che.api.workspace.server.devfile.URLFetcher; -import org.eclipse.che.security.oauth.AuthorisationRequestManager; /** * Provides Factory Parameters resolver for github repositories. diff --git a/wsmaster/che-core-api-factory-github/src/main/java/org/eclipse/che/api/factory/server/github/GithubFactoryParametersResolverSecond.java b/wsmaster/che-core-api-factory-github/src/main/java/org/eclipse/che/api/factory/server/github/GithubFactoryParametersResolverSecond.java index 5103711d48..20a37cbd8d 100644 --- a/wsmaster/che-core-api-factory-github/src/main/java/org/eclipse/che/api/factory/server/github/GithubFactoryParametersResolverSecond.java +++ b/wsmaster/che-core-api-factory-github/src/main/java/org/eclipse/che/api/factory/server/github/GithubFactoryParametersResolverSecond.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -13,11 +13,11 @@ package org.eclipse.che.api.factory.server.github; import javax.inject.Inject; import javax.inject.Singleton; +import org.eclipse.che.api.factory.server.scm.AuthorisationRequestManager; import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager; import org.eclipse.che.api.factory.server.urlfactory.ProjectConfigDtoMerger; import org.eclipse.che.api.factory.server.urlfactory.URLFactoryBuilder; import org.eclipse.che.api.workspace.server.devfile.URLFetcher; -import org.eclipse.che.security.oauth.AuthorisationRequestManager; /** * Provides Factory Parameters resolver for github repositories. diff --git a/wsmaster/che-core-api-factory-github/src/main/java/org/eclipse/che/api/factory/server/github/GithubUserDataFetcher.java b/wsmaster/che-core-api-factory-github/src/main/java/org/eclipse/che/api/factory/server/github/GithubUserDataFetcher.java index 49d91c7cd5..7041ebcfbe 100644 --- a/wsmaster/che-core-api-factory-github/src/main/java/org/eclipse/che/api/factory/server/github/GithubUserDataFetcher.java +++ b/wsmaster/che-core-api-factory-github/src/main/java/org/eclipse/che/api/factory/server/github/GithubUserDataFetcher.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -15,7 +15,6 @@ import javax.inject.Inject; import javax.inject.Named; import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager; import org.eclipse.che.commons.annotation.Nullable; -import org.eclipse.che.security.oauth.OAuthAPI; /** GitHub user data retriever. */ public class GithubUserDataFetcher extends AbstractGithubUserDataFetcher { @@ -26,11 +25,9 @@ public class GithubUserDataFetcher extends AbstractGithubUserDataFetcher { public GithubUserDataFetcher( @Named("che.api") String apiEndpoint, @Nullable @Named("che.integration.github.oauth_endpoint") String oauthEndpoint, - OAuthAPI oAuthTokenFetcher, PersonalAccessTokenManager personalAccessTokenManager) { super( apiEndpoint, - oAuthTokenFetcher, personalAccessTokenManager, new GithubApiClient(oauthEndpoint), OAUTH_PROVIDER_NAME); @@ -38,14 +35,8 @@ public class GithubUserDataFetcher extends AbstractGithubUserDataFetcher { GithubUserDataFetcher( String apiEndpoint, - OAuthAPI oAuthTokenFetcher, PersonalAccessTokenManager personalAccessTokenManager, GithubApiClient githubApiClient) { - super( - apiEndpoint, - oAuthTokenFetcher, - personalAccessTokenManager, - githubApiClient, - OAUTH_PROVIDER_NAME); + super(apiEndpoint, personalAccessTokenManager, githubApiClient, OAUTH_PROVIDER_NAME); } } diff --git a/wsmaster/che-core-api-factory-github/src/main/java/org/eclipse/che/api/factory/server/github/GithubUserDataFetcherSecond.java b/wsmaster/che-core-api-factory-github/src/main/java/org/eclipse/che/api/factory/server/github/GithubUserDataFetcherSecond.java index 2b707e8f03..fad70cc09c 100644 --- a/wsmaster/che-core-api-factory-github/src/main/java/org/eclipse/che/api/factory/server/github/GithubUserDataFetcherSecond.java +++ b/wsmaster/che-core-api-factory-github/src/main/java/org/eclipse/che/api/factory/server/github/GithubUserDataFetcherSecond.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -15,7 +15,6 @@ import javax.inject.Inject; import javax.inject.Named; import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager; import org.eclipse.che.commons.annotation.Nullable; -import org.eclipse.che.security.oauth.OAuthAPI; /** GitHub user data retriever. */ public class GithubUserDataFetcherSecond extends AbstractGithubUserDataFetcher { @@ -26,11 +25,9 @@ public class GithubUserDataFetcherSecond extends AbstractGithubUserDataFetcher { public GithubUserDataFetcherSecond( @Named("che.api") String apiEndpoint, @Nullable @Named("che.integration.github.oauth_endpoint_2") String oauthEndpoint, - OAuthAPI oAuthTokenFetcher, PersonalAccessTokenManager personalAccessTokenManager) { super( apiEndpoint, - oAuthTokenFetcher, personalAccessTokenManager, new GithubApiClient(oauthEndpoint), OAUTH_PROVIDER_NAME); diff --git a/wsmaster/che-core-api-factory-github/src/test/java/org/eclipse/che/api/factory/server/github/GithubFactoryParametersResolverTest.java b/wsmaster/che-core-api-factory-github/src/test/java/org/eclipse/che/api/factory/server/github/GithubFactoryParametersResolverTest.java index 439881e530..6f8d2d5fb5 100644 --- a/wsmaster/che-core-api-factory-github/src/test/java/org/eclipse/che/api/factory/server/github/GithubFactoryParametersResolverTest.java +++ b/wsmaster/che-core-api-factory-github/src/test/java/org/eclipse/che/api/factory/server/github/GithubFactoryParametersResolverTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -38,6 +38,7 @@ import java.util.Map; import java.util.Optional; import org.eclipse.che.api.core.ApiException; import org.eclipse.che.api.core.model.factory.ScmInfo; +import org.eclipse.che.api.factory.server.scm.AuthorisationRequestManager; import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager; import org.eclipse.che.api.factory.server.urlfactory.DevfileFilenamesProvider; import org.eclipse.che.api.factory.server.urlfactory.ProjectConfigDtoMerger; @@ -51,7 +52,6 @@ import org.eclipse.che.api.workspace.shared.dto.devfile.DevfileDto; import org.eclipse.che.api.workspace.shared.dto.devfile.MetadataDto; import org.eclipse.che.api.workspace.shared.dto.devfile.ProjectDto; import org.eclipse.che.api.workspace.shared.dto.devfile.SourceDto; -import org.eclipse.che.security.oauth.AuthorisationRequestManager; import org.mockito.ArgumentCaptor; import org.mockito.Captor; import org.mockito.Mock; diff --git a/wsmaster/che-core-api-factory-github/src/test/java/org/eclipse/che/api/factory/server/github/GithubGitUserDataFetcherTest.java b/wsmaster/che-core-api-factory-github/src/test/java/org/eclipse/che/api/factory/server/github/GithubGitUserDataFetcherTest.java index 412b1e9ecf..8b7a3fb3ac 100644 --- a/wsmaster/che-core-api-factory-github/src/test/java/org/eclipse/che/api/factory/server/github/GithubGitUserDataFetcherTest.java +++ b/wsmaster/che-core-api-factory-github/src/test/java/org/eclipse/che/api/factory/server/github/GithubGitUserDataFetcherTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -17,8 +17,9 @@ import static com.github.tomakehurst.wiremock.client.WireMock.get; import static com.github.tomakehurst.wiremock.client.WireMock.stubFor; import static com.github.tomakehurst.wiremock.client.WireMock.urlEqualTo; import static com.github.tomakehurst.wiremock.core.WireMockConfiguration.wireMockConfig; -import static org.eclipse.che.dto.server.DtoFactory.newDto; -import static org.mockito.ArgumentMatchers.anyString; +import static org.mockito.ArgumentMatchers.any; +import static org.mockito.ArgumentMatchers.eq; +import static org.mockito.Mockito.mock; import static org.mockito.Mockito.when; import static org.testng.Assert.assertEquals; @@ -26,9 +27,11 @@ import com.github.tomakehurst.wiremock.WireMockServer; import com.github.tomakehurst.wiremock.client.WireMock; import com.github.tomakehurst.wiremock.common.Slf4jNotifier; import com.google.common.net.HttpHeaders; -import org.eclipse.che.api.auth.shared.dto.OAuthToken; +import java.util.Optional; import org.eclipse.che.api.factory.server.scm.GitUserData; +import org.eclipse.che.api.factory.server.scm.PersonalAccessToken; import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager; +import org.eclipse.che.commons.subject.Subject; import org.eclipse.che.security.oauth.OAuthAPI; import org.mockito.Mock; import org.mockito.testng.MockitoTestNGListener; @@ -60,7 +63,6 @@ public class GithubGitUserDataFetcherTest { githubGUDFetcher = new GithubUserDataFetcher( "http://che.api", - oAuthTokenFetcher, personalAccessTokenManager, new GithubApiClient(wireMockServer.url("/"))); stubFor( @@ -80,8 +82,11 @@ public class GithubGitUserDataFetcherTest { @Test public void shouldFetchGitUserData() throws Exception { - OAuthToken oAuthToken = newDto(OAuthToken.class).withToken(githubOauthToken).withScope("repo"); - when(oAuthTokenFetcher.getToken(anyString())).thenReturn(oAuthToken); + PersonalAccessToken token = mock(PersonalAccessToken.class); + when(token.getToken()).thenReturn(githubOauthToken); + when(token.getScmProviderUrl()).thenReturn(wireMockServer.url("/")); + when(personalAccessTokenManager.get(any(Subject.class), eq("github"), eq(null))) + .thenReturn(Optional.of(token)); GitUserData gitUserData = githubGUDFetcher.fetchGitUserData(); diff --git a/wsmaster/che-core-api-factory-gitlab/src/main/java/org/eclipse/che/api/factory/server/gitlab/GitlabFactoryParametersResolver.java b/wsmaster/che-core-api-factory-gitlab/src/main/java/org/eclipse/che/api/factory/server/gitlab/GitlabFactoryParametersResolver.java index 3a3efc3a66..cca0a9b21a 100644 --- a/wsmaster/che-core-api-factory-gitlab/src/main/java/org/eclipse/che/api/factory/server/gitlab/GitlabFactoryParametersResolver.java +++ b/wsmaster/che-core-api-factory-gitlab/src/main/java/org/eclipse/che/api/factory/server/gitlab/GitlabFactoryParametersResolver.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -22,6 +22,7 @@ import org.eclipse.che.api.core.ApiException; import org.eclipse.che.api.core.BadRequestException; import org.eclipse.che.api.factory.server.BaseFactoryParameterResolver; import org.eclipse.che.api.factory.server.FactoryParametersResolver; +import org.eclipse.che.api.factory.server.scm.AuthorisationRequestManager; import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager; import org.eclipse.che.api.factory.server.urlfactory.RemoteFactoryUrl; import org.eclipse.che.api.factory.server.urlfactory.URLFactoryBuilder; @@ -33,7 +34,6 @@ import org.eclipse.che.api.factory.shared.dto.ScmInfoDto; import org.eclipse.che.api.workspace.server.devfile.URLFetcher; import org.eclipse.che.api.workspace.shared.dto.devfile.ProjectDto; import org.eclipse.che.api.workspace.shared.dto.devfile.SourceDto; -import org.eclipse.che.security.oauth.AuthorisationRequestManager; /** * Provides Factory Parameters resolver for Gitlab repositories. diff --git a/wsmaster/che-core-api-factory-gitlab/src/main/java/org/eclipse/che/api/factory/server/gitlab/GitlabUrlParser.java b/wsmaster/che-core-api-factory-gitlab/src/main/java/org/eclipse/che/api/factory/server/gitlab/GitlabUrlParser.java index 952bd5c6b3..d094b114a7 100644 --- a/wsmaster/che-core-api-factory-gitlab/src/main/java/org/eclipse/che/api/factory/server/gitlab/GitlabUrlParser.java +++ b/wsmaster/che-core-api-factory-gitlab/src/main/java/org/eclipse/che/api/factory/server/gitlab/GitlabUrlParser.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -31,7 +31,6 @@ import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager; import org.eclipse.che.api.factory.server.scm.exception.ScmCommunicationException; import org.eclipse.che.api.factory.server.scm.exception.ScmConfigurationPersistenceException; import org.eclipse.che.api.factory.server.scm.exception.ScmItemNotFoundException; -import org.eclipse.che.api.factory.server.scm.exception.ScmUnauthorizedException; import org.eclipse.che.api.factory.server.urlfactory.DevfileFilenamesProvider; import org.eclipse.che.commons.annotation.Nullable; import org.eclipse.che.commons.env.EnvironmentContext; @@ -91,9 +90,7 @@ public class GitlabUrlParser { PersonalAccessToken accessToken = token.get(); return accessToken.getScmTokenName().equals(OAUTH_PROVIDER_NAME); } - } catch (ScmConfigurationPersistenceException - | ScmUnauthorizedException - | ScmCommunicationException exception) { + } catch (ScmConfigurationPersistenceException exception) { return false; } } diff --git a/wsmaster/che-core-api-factory-gitlab/src/main/java/org/eclipse/che/api/factory/server/gitlab/GitlabUserDataFetcher.java b/wsmaster/che-core-api-factory-gitlab/src/main/java/org/eclipse/che/api/factory/server/gitlab/GitlabUserDataFetcher.java index a9fb66cb1c..15f2cffc7a 100644 --- a/wsmaster/che-core-api-factory-gitlab/src/main/java/org/eclipse/che/api/factory/server/gitlab/GitlabUserDataFetcher.java +++ b/wsmaster/che-core-api-factory-gitlab/src/main/java/org/eclipse/che/api/factory/server/gitlab/GitlabUserDataFetcher.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -11,6 +11,7 @@ */ package org.eclipse.che.api.factory.server.gitlab; +import static com.google.common.base.Strings.isNullOrEmpty; import static java.util.stream.Collectors.toList; import com.google.common.base.Joiner; @@ -21,7 +22,6 @@ import java.util.List; import java.util.Set; import javax.inject.Inject; import javax.inject.Named; -import org.eclipse.che.api.auth.shared.dto.OAuthToken; import org.eclipse.che.api.factory.server.scm.*; import org.eclipse.che.api.factory.server.scm.exception.ScmBadRequestException; import org.eclipse.che.api.factory.server.scm.exception.ScmCommunicationException; @@ -29,7 +29,6 @@ import org.eclipse.che.api.factory.server.scm.exception.ScmItemNotFoundException import org.eclipse.che.commons.annotation.Nullable; import org.eclipse.che.commons.lang.StringUtils; import org.eclipse.che.inject.ConfigurationException; -import org.eclipse.che.security.oauth.OAuthAPI; /** Gitlab OAuth token retriever. */ public class GitlabUserDataFetcher extends AbstractGitUserDataFetcher { @@ -48,9 +47,11 @@ public class GitlabUserDataFetcher extends AbstractGitUserDataFetcher { @Nullable @Named("che.integration.gitlab.server_endpoints") String gitlabEndpoints, @Nullable @Named("che.integration.gitlab.oauth_endpoint") String oauthEndpoint, @Named("che.api") String apiEndpoint, - PersonalAccessTokenManager personalAccessTokenManager, - OAuthAPI oAuthTokenFetcher) { - super(OAUTH_PROVIDER_NAME, personalAccessTokenManager, oAuthTokenFetcher); + PersonalAccessTokenManager personalAccessTokenManager) { + super( + OAUTH_PROVIDER_NAME, + isNullOrEmpty(gitlabEndpoints) ? "https://gitlab.com" : gitlabEndpoints, + personalAccessTokenManager); this.apiEndpoint = apiEndpoint; if (gitlabEndpoints != null) { this.registeredGitlabEndpoints = @@ -70,10 +71,10 @@ public class GitlabUserDataFetcher extends AbstractGitUserDataFetcher { } @Override - protected GitUserData fetchGitUserDataWithOAuthToken(OAuthToken oAuthToken) + protected GitUserData fetchGitUserDataWithOAuthToken(String token) throws ScmItemNotFoundException, ScmCommunicationException, ScmBadRequestException { for (String gitlabServerEndpoint : this.registeredGitlabEndpoints) { - GitlabUser user = new GitlabApiClient(gitlabServerEndpoint).getUser(oAuthToken.getToken()); + GitlabUser user = new GitlabApiClient(gitlabServerEndpoint).getUser(token); return new GitUserData(user.getName(), user.getEmail()); } throw new ScmCommunicationException("Failed to retrieve git user data from Gitlab"); diff --git a/wsmaster/che-core-api-factory-gitlab/src/test/java/org/eclipse/che/api/factory/server/gitlab/GitlabFactoryParametersResolverTest.java b/wsmaster/che-core-api-factory-gitlab/src/test/java/org/eclipse/che/api/factory/server/gitlab/GitlabFactoryParametersResolverTest.java index 15daf55ff9..e4afa847d5 100644 --- a/wsmaster/che-core-api-factory-gitlab/src/test/java/org/eclipse/che/api/factory/server/gitlab/GitlabFactoryParametersResolverTest.java +++ b/wsmaster/che-core-api-factory-gitlab/src/test/java/org/eclipse/che/api/factory/server/gitlab/GitlabFactoryParametersResolverTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -35,6 +35,7 @@ import java.util.Map; import java.util.Optional; import org.eclipse.che.api.core.ApiException; import org.eclipse.che.api.core.model.factory.ScmInfo; +import org.eclipse.che.api.factory.server.scm.AuthorisationRequestManager; import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager; import org.eclipse.che.api.factory.server.urlfactory.DevfileFilenamesProvider; import org.eclipse.che.api.factory.server.urlfactory.RemoteFactoryUrl; @@ -45,7 +46,6 @@ import org.eclipse.che.api.workspace.server.devfile.URLFetcher; import org.eclipse.che.api.workspace.shared.dto.devfile.DevfileDto; import org.eclipse.che.api.workspace.shared.dto.devfile.MetadataDto; import org.eclipse.che.api.workspace.shared.dto.devfile.SourceDto; -import org.eclipse.che.security.oauth.AuthorisationRequestManager; import org.mockito.Mock; import org.mockito.testng.MockitoTestNGListener; import org.testng.annotations.BeforeMethod; diff --git a/wsmaster/che-core-api-factory-gitlab/src/test/java/org/eclipse/che/api/factory/server/gitlab/GitlabUserDataFetcherTest.java b/wsmaster/che-core-api-factory-gitlab/src/test/java/org/eclipse/che/api/factory/server/gitlab/GitlabUserDataFetcherTest.java index 220f3b4b8e..5e16f9d060 100644 --- a/wsmaster/che-core-api-factory-gitlab/src/test/java/org/eclipse/che/api/factory/server/gitlab/GitlabUserDataFetcherTest.java +++ b/wsmaster/che-core-api-factory-gitlab/src/test/java/org/eclipse/che/api/factory/server/gitlab/GitlabUserDataFetcherTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -17,8 +17,9 @@ import static com.github.tomakehurst.wiremock.client.WireMock.get; import static com.github.tomakehurst.wiremock.client.WireMock.stubFor; import static com.github.tomakehurst.wiremock.client.WireMock.urlEqualTo; import static com.github.tomakehurst.wiremock.core.WireMockConfiguration.wireMockConfig; -import static org.eclipse.che.dto.server.DtoFactory.newDto; -import static org.mockito.ArgumentMatchers.anyString; +import static org.mockito.ArgumentMatchers.any; +import static org.mockito.ArgumentMatchers.eq; +import static org.mockito.Mockito.mock; import static org.mockito.Mockito.when; import static org.testng.Assert.assertEquals; @@ -26,9 +27,11 @@ import com.github.tomakehurst.wiremock.WireMockServer; import com.github.tomakehurst.wiremock.client.WireMock; import com.github.tomakehurst.wiremock.common.Slf4jNotifier; import com.google.common.net.HttpHeaders; -import org.eclipse.che.api.auth.shared.dto.OAuthToken; +import java.util.Optional; import org.eclipse.che.api.factory.server.scm.GitUserData; +import org.eclipse.che.api.factory.server.scm.PersonalAccessToken; import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager; +import org.eclipse.che.commons.subject.Subject; import org.eclipse.che.security.oauth.OAuthAPI; import org.mockito.Mock; import org.mockito.testng.MockitoTestNGListener; @@ -60,8 +63,7 @@ public class GitlabUserDataFetcherTest { wireMockServer.url("/"), wireMockServer.url("/"), "http://che.api", - personalAccessTokenManager, - oAuthTokenFetcher); + personalAccessTokenManager); stubFor( get(urlEqualTo("/api/v4/user")) @@ -79,9 +81,11 @@ public class GitlabUserDataFetcherTest { @Test public void shouldFetchGitUserData() throws Exception { - OAuthToken oAuthToken = - newDto(OAuthToken.class).withToken("oauthtoken").withScope("api write_repository openid"); - when(oAuthTokenFetcher.getToken(anyString())).thenReturn(oAuthToken); + PersonalAccessToken token = mock(PersonalAccessToken.class); + when(token.getToken()).thenReturn("oauthtoken"); + when(token.getScmProviderUrl()).thenReturn(wireMockServer.url("/")); + when(personalAccessTokenManager.get(any(Subject.class), eq("gitlab"), eq(null))) + .thenReturn(Optional.of(token)); GitUserData gitUserData = gitlabUserDataFetcher.fetchGitUserData(); assertEquals(gitUserData.getScmUsername(), "John Smith"); diff --git a/wsmaster/che-core-api-factory/pom.xml b/wsmaster/che-core-api-factory/pom.xml index b77a68e8c7..90ba0f644f 100644 --- a/wsmaster/che-core-api-factory/pom.xml +++ b/wsmaster/che-core-api-factory/pom.xml @@ -62,14 +62,6 @@ jakarta.ws.rs jakarta.ws.rs-api - - org.eclipse.che.core - che-core-api-auth - - - org.eclipse.che.core - che-core-api-auth-shared - org.eclipse.che.core che-core-api-core diff --git a/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/BaseFactoryParameterResolver.java b/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/BaseFactoryParameterResolver.java index 652191a557..b5b8098044 100644 --- a/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/BaseFactoryParameterResolver.java +++ b/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/BaseFactoryParameterResolver.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -21,6 +21,7 @@ import java.util.Map; import java.util.function.Consumer; import java.util.function.Supplier; import org.eclipse.che.api.core.ApiException; +import org.eclipse.che.api.factory.server.scm.AuthorisationRequestManager; import org.eclipse.che.api.factory.server.urlfactory.RemoteFactoryUrl; import org.eclipse.che.api.factory.server.urlfactory.URLFactoryBuilder; import org.eclipse.che.api.factory.shared.dto.FactoryDto; @@ -29,7 +30,6 @@ import org.eclipse.che.api.factory.shared.dto.FactoryVisitor; import org.eclipse.che.api.workspace.server.devfile.FileContentProvider; import org.eclipse.che.api.workspace.shared.dto.devfile.DevfileDto; import org.eclipse.che.api.workspace.shared.dto.devfile.ProjectDto; -import org.eclipse.che.security.oauth.AuthorisationRequestManager; public class BaseFactoryParameterResolver { diff --git a/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/FactoryService.java b/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/FactoryService.java index 3dc449de97..2070ff1117 100644 --- a/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/FactoryService.java +++ b/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/FactoryService.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -35,6 +35,7 @@ import javax.inject.Inject; import org.eclipse.che.api.core.ApiException; import org.eclipse.che.api.core.BadRequestException; import org.eclipse.che.api.core.rest.Service; +import org.eclipse.che.api.factory.server.scm.AuthorisationRequestManager; import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager; import org.eclipse.che.api.factory.server.scm.exception.ScmCommunicationException; import org.eclipse.che.api.factory.server.scm.exception.ScmConfigurationPersistenceException; @@ -42,7 +43,6 @@ import org.eclipse.che.api.factory.server.scm.exception.ScmUnauthorizedException import org.eclipse.che.api.factory.server.scm.exception.UnknownScmProviderException; import org.eclipse.che.api.factory.server.scm.exception.UnsatisfiedScmPreconditionException; import org.eclipse.che.api.factory.shared.dto.FactoryMetaDto; -import org.eclipse.che.security.oauth.AuthorisationRequestManager; /** * Defines Factory REST API. diff --git a/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/AbstractGitUserDataFetcher.java b/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/AbstractGitUserDataFetcher.java index d42eab5606..8b1b94d27a 100644 --- a/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/AbstractGitUserDataFetcher.java +++ b/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/AbstractGitUserDataFetcher.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -12,12 +12,9 @@ package org.eclipse.che.api.factory.server.scm; import java.util.Optional; -import org.eclipse.che.api.auth.shared.dto.OAuthToken; -import org.eclipse.che.api.core.*; import org.eclipse.che.api.factory.server.scm.exception.*; import org.eclipse.che.commons.env.EnvironmentContext; import org.eclipse.che.commons.subject.Subject; -import org.eclipse.che.security.oauth.OAuthAPI; /** * Abstraction to fetch git user data from the specific git provider using OAuth 2.0 or personal @@ -27,48 +24,38 @@ import org.eclipse.che.security.oauth.OAuthAPI; */ public abstract class AbstractGitUserDataFetcher implements GitUserDataFetcher { protected final String oAuthProviderName; + private final String oAuthProviderUrl; protected final PersonalAccessTokenManager personalAccessTokenManager; - protected final OAuthAPI oAuthTokenFetcher; public AbstractGitUserDataFetcher( String oAuthProviderName, - PersonalAccessTokenManager personalAccessTokenManager, - OAuthAPI oAuthTokenFetcher) { + String oAuthProviderUrl, + PersonalAccessTokenManager personalAccessTokenManager) { this.oAuthProviderName = oAuthProviderName; + this.oAuthProviderUrl = oAuthProviderUrl; this.personalAccessTokenManager = personalAccessTokenManager; - this.oAuthTokenFetcher = oAuthTokenFetcher; } public GitUserData fetchGitUserData() throws ScmUnauthorizedException, ScmCommunicationException, ScmConfigurationPersistenceException, ScmItemNotFoundException, ScmBadRequestException { Subject cheSubject = EnvironmentContext.getCurrent().getSubject(); - try { - OAuthToken oAuthToken = oAuthTokenFetcher.getToken(oAuthProviderName); - return fetchGitUserDataWithOAuthToken(oAuthToken); - } catch (UnauthorizedException e) { - throw new ScmUnauthorizedException( - cheSubject.getUserName() - + " is not authorized in " - + oAuthProviderName - + " OAuth provider.", - oAuthProviderName, - "2.0", - getLocalAuthenticateUrl()); - } catch (NotFoundException e) { - Optional personalAccessToken = - personalAccessTokenManager.get(cheSubject, oAuthProviderName, null); - if (personalAccessToken.isPresent()) { - return fetchGitUserDataWithPersonalAccessToken(personalAccessToken.get()); + Optional tokenOptional = + personalAccessTokenManager.get(cheSubject, oAuthProviderName, null); + if (tokenOptional.isPresent()) { + return fetchGitUserDataWithPersonalAccessToken(tokenOptional.get()); + } else { + Optional oAuthTokenOptional = + personalAccessTokenManager.get(cheSubject, oAuthProviderUrl); + if (oAuthTokenOptional.isPresent()) { + return fetchGitUserDataWithOAuthToken(oAuthTokenOptional.get().getToken()); } - throw new ScmCommunicationException( - "There are no tokes for the user " + cheSubject.getUserId()); - } catch (ServerException | ForbiddenException | BadRequestException | ConflictException e) { - throw new ScmCommunicationException(e.getMessage(), e); } + throw new ScmCommunicationException( + "There are no tokes for the user " + cheSubject.getUserId()); } - protected abstract GitUserData fetchGitUserDataWithOAuthToken(OAuthToken oAuthToken) + protected abstract GitUserData fetchGitUserDataWithOAuthToken(String token) throws ScmItemNotFoundException, ScmCommunicationException, ScmBadRequestException; protected abstract GitUserData fetchGitUserDataWithPersonalAccessToken( diff --git a/wsmaster/che-core-api-auth/src/main/java/org/eclipse/che/security/oauth/AuthorisationRequestManager.java b/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/AuthorisationRequestManager.java similarity index 93% rename from wsmaster/che-core-api-auth/src/main/java/org/eclipse/che/security/oauth/AuthorisationRequestManager.java rename to wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/AuthorisationRequestManager.java index d2492a6597..57426db2f9 100644 --- a/wsmaster/che-core-api-auth/src/main/java/org/eclipse/che/security/oauth/AuthorisationRequestManager.java +++ b/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/AuthorisationRequestManager.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -9,7 +9,7 @@ * Contributors: * Red Hat, Inc. - initial API and implementation */ -package org.eclipse.che.security.oauth; +package org.eclipse.che.api.factory.server.scm; import jakarta.ws.rs.core.UriInfo; import java.util.List; diff --git a/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/PersonalAccessTokenManager.java b/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/PersonalAccessTokenManager.java index 82ae0e5f50..43bdb690cb 100644 --- a/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/PersonalAccessTokenManager.java +++ b/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/PersonalAccessTokenManager.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -50,8 +50,7 @@ public interface PersonalAccessTokenManager { * permanent storage. */ Optional get(Subject cheUser, String scmServerUrl) - throws ScmConfigurationPersistenceException, ScmUnauthorizedException, - ScmCommunicationException; + throws ScmConfigurationPersistenceException; /** * Gets {@link PersonalAccessToken} from permanent storage. @@ -80,13 +79,10 @@ public interface PersonalAccessTokenManager { * @return personal access token * @throws ScmConfigurationPersistenceException - problem occurred during communication with * permanent storage. - * @throws ScmUnauthorizedException - scm authorization required. - * @throws ScmCommunicationException - problem occurred during communication with scm provider. */ Optional get( Subject cheUser, String oAuthProviderName, @Nullable String scmServerUrl) - throws ScmConfigurationPersistenceException, ScmUnauthorizedException, - ScmCommunicationException; + throws ScmConfigurationPersistenceException; /** * Gets {@link PersonalAccessToken} from permanent storage. If the token is not found try to fetch diff --git a/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/ScmPersonalAccessTokenFetcher.java b/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/ScmPersonalAccessTokenFetcher.java index b600b29bd4..d24b8be5b1 100644 --- a/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/ScmPersonalAccessTokenFetcher.java +++ b/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/ScmPersonalAccessTokenFetcher.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -81,7 +81,7 @@ public class ScmPersonalAccessTokenFetcher { * fetchers return an scm username, return it. Otherwise, return null. */ public Optional getScmUsername(PersonalAccessTokenParams params) - throws UnknownScmProviderException, ScmUnauthorizedException, ScmCommunicationException { + throws UnknownScmProviderException { for (PersonalAccessTokenFetcher fetcher : personalAccessTokenFetchers) { Optional> isValid = fetcher.isValid(params); if (isValid.isPresent() && isValid.get().first) { diff --git a/wsmaster/che-core-api-factory/src/test/java/org/eclipse/che/api/factory/server/BaseFactoryParameterResolverTest.java b/wsmaster/che-core-api-factory/src/test/java/org/eclipse/che/api/factory/server/BaseFactoryParameterResolverTest.java index 4993faeb9f..105de8e5f3 100644 --- a/wsmaster/che-core-api-factory/src/test/java/org/eclipse/che/api/factory/server/BaseFactoryParameterResolverTest.java +++ b/wsmaster/che-core-api-factory/src/test/java/org/eclipse/che/api/factory/server/BaseFactoryParameterResolverTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -18,8 +18,8 @@ import static org.testng.Assert.assertFalse; import static org.testng.Assert.assertTrue; import java.util.Map; +import org.eclipse.che.api.factory.server.scm.AuthorisationRequestManager; import org.eclipse.che.api.factory.server.urlfactory.URLFactoryBuilder; -import org.eclipse.che.security.oauth.AuthorisationRequestManager; import org.mockito.Mock; import org.mockito.testng.MockitoTestNGListener; import org.testng.annotations.BeforeMethod; diff --git a/wsmaster/che-core-api-factory/src/test/java/org/eclipse/che/api/factory/server/FactoryServiceTest.java b/wsmaster/che-core-api-factory/src/test/java/org/eclipse/che/api/factory/server/FactoryServiceTest.java index 0f9fd72867..28ca396646 100644 --- a/wsmaster/che-core-api-factory/src/test/java/org/eclipse/che/api/factory/server/FactoryServiceTest.java +++ b/wsmaster/che-core-api-factory/src/test/java/org/eclipse/che/api/factory/server/FactoryServiceTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -54,6 +54,7 @@ import org.eclipse.che.api.core.rest.shared.dto.ServiceError; import org.eclipse.che.api.factory.server.FactoryService.FactoryParametersResolverHolder; import org.eclipse.che.api.factory.server.builder.FactoryBuilder; import org.eclipse.che.api.factory.server.impl.SourceStorageParametersValidator; +import org.eclipse.che.api.factory.server.scm.AuthorisationRequestManager; import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager; import org.eclipse.che.api.factory.server.urlfactory.RemoteFactoryUrl; import org.eclipse.che.api.factory.shared.dto.FactoryDto; @@ -63,7 +64,6 @@ import org.eclipse.che.api.user.server.model.impl.UserImpl; import org.eclipse.che.commons.env.EnvironmentContext; import org.eclipse.che.commons.subject.SubjectImpl; import org.eclipse.che.dto.server.DtoFactory; -import org.eclipse.che.security.oauth.AuthorisationRequestManager; import org.everrest.assured.EverrestJetty; import org.everrest.core.Filter; import org.everrest.core.GenericContainerRequest;