Merge fa88e1e700 into aa213c3003

2024-05-31 09:03:03 +00:00 · 2024-05-31 09:03:03 +00:00 · 89bd5d7af9
parent aa213c3003 fa88e1e700
commit 89bd5d7af9
5 changed files with 29 additions and 11 deletions
--- a/wsmaster/che-core-api-auth-bitbucket/src/main/java/org/eclipse/che/security/oauth/BitbucketOAuthAuthenticator.java
+++ b/wsmaster/che-core-api-auth-bitbucket/src/main/java/org/eclipse/che/security/oauth/BitbucketOAuthAuthenticator.java
@ -29,6 +29,8 @@ import org.eclipse.che.api.auth.shared.dto.OAuthToken;
 public class BitbucketOAuthAuthenticator extends OAuthAuthenticator {
  private final String bitbucketEndpoint;

+  private static final String BITBUCKET_CLOUD_ENDPOINT = "https://bitbucket.org";
+
  public BitbucketOAuthAuthenticator(
      String bitbucketEndpoint,
      String clientId,
@ -52,7 +54,7 @@ public class BitbucketOAuthAuthenticator extends OAuthAuthenticator {

  @Override
  public final String getOAuthProvider() {
-    return "bitbucket";
+    return BITBUCKET_CLOUD_ENDPOINT.equals(bitbucketEndpoint) ? "bitbucket" : "bitbucket-server";
  }

  @Override
@ -76,7 +78,7 @@ public class BitbucketOAuthAuthenticator extends OAuthAuthenticator {
   * @return Bitbucket Cloud or Server API request URL
   */
  private String getTestRequestUrl() {
-    return "https://bitbucket.org".equals(bitbucketEndpoint)
+    return BITBUCKET_CLOUD_ENDPOINT.equals(bitbucketEndpoint)
        ? "https://api.bitbucket.org/2.0/user"
        : bitbucketEndpoint + "/plugins/servlet/applinks/whoami";
  }
--- a/wsmaster/che-core-api-factory-bitbucket-server/src/main/java/org/eclipse/che/api/factory/server/bitbucket/HttpBitbucketServerApiClient.java
+++ b/wsmaster/che-core-api-factory-bitbucket-server/src/main/java/org/eclipse/che/api/factory/server/bitbucket/HttpBitbucketServerApiClient.java
@ -421,7 +421,7 @@ public class HttpBitbucketServerApiClient implements BitbucketServerApiClient {

  private @Nullable String getToken() throws ScmUnauthorizedException {
    try {
-      OAuthToken token = oAuthAPI.getToken("bitbucket");
+      OAuthToken token = oAuthAPI.getToken("bitbucket-server");
      return token.getToken();
    } catch (NotFoundException
        | ServerException
@ -459,7 +459,7 @@ public class HttpBitbucketServerApiClient implements BitbucketServerApiClient {
        "bitbucket",
        authenticator instanceof NoopOAuthAuthenticator ? "2.0" : "1.0",
        authenticator instanceof NoopOAuthAuthenticator
-            ? apiEndpoint + "/oauth/authenticate?oauth_provider=bitbucket&scope=ADMIN_WRITE"
+            ? apiEndpoint + "/oauth/authenticate?oauth_provider=bitbucket-server&scope=ADMIN_WRITE"
            : authenticator.getLocalAuthenticateUrl());
  }
 }
--- a/wsmaster/che-core-api-factory-bitbucket-server/src/test/java/org/eclipse/che/api/factory/server/bitbucket/HttpBitbucketServerApiClientTest.java
+++ b/wsmaster/che-core-api-factory-bitbucket-server/src/test/java/org/eclipse/che/api/factory/server/bitbucket/HttpBitbucketServerApiClientTest.java
@ -394,7 +394,7 @@ public class HttpBitbucketServerApiClientTest {
          NotFoundException, BadRequestException {

    // given
-    when(oAuthAPI.getToken(eq("bitbucket"))).thenReturn(mock(OAuthToken.class));
+    when(oAuthAPI.getToken(eq("bitbucket-server"))).thenReturn(mock(OAuthToken.class));
    HttpBitbucketServerApiClient localServer =
        new HttpBitbucketServerApiClient(
            wireMockServer.url("/"), new NoopOAuthAuthenticator(), oAuthAPI, apiEndpoint);
@ -411,7 +411,7 @@ public class HttpBitbucketServerApiClientTest {
    // given
    OAuthToken token = mock(OAuthToken.class);
    when(token.getToken()).thenReturn("token");
-    when(oAuthAPI.getToken(eq("bitbucket"))).thenReturn(token);
+    when(oAuthAPI.getToken(eq("bitbucket-server"))).thenReturn(token);
    bitbucketServer =
        new HttpBitbucketServerApiClient(
            wireMockServer.url("/"), new NoopOAuthAuthenticator(), oAuthAPI, apiEndpoint);
@ -437,6 +437,6 @@ public class HttpBitbucketServerApiClientTest {
    bitbucketServer.getUser();

    // then
-    verify(oAuthAPI, times(2)).getToken(eq("bitbucket"));
+    verify(oAuthAPI, times(2)).getToken(eq("bitbucket-server"));
  }
 }
--- a/wsmaster/che-core-api-factory-github-common/src/main/java/org/eclipse/che/api/factory/server/github/AbstractGithubURLParser.java
+++ b/wsmaster/che-core-api-factory-github-common/src/main/java/org/eclipse/che/api/factory/server/github/AbstractGithubURLParser.java
@ -63,6 +63,7 @@ public abstract class AbstractGithubURLParser {
  private final boolean disableSubdomainIsolation;

  private final String providerName;
+  private final String endpoint;

  /** Constructor used for testing only. */
  AbstractGithubURLParser(
@ -78,8 +79,7 @@ public abstract class AbstractGithubURLParser {
    this.disableSubdomainIsolation = disableSubdomainIsolation;
    this.providerName = providerName;

-    String endpoint =
-        isNullOrEmpty(oauthEndpoint) ? GITHUB_SAAS_ENDPOINT : trimEnd(oauthEndpoint, '/');
+    endpoint = isNullOrEmpty(oauthEndpoint) ? GITHUB_SAAS_ENDPOINT : trimEnd(oauthEndpoint, '/');

    this.githubPattern = compile(format(githubPatternTemplate, endpoint));
    this.githubSSHPattern =
@ -93,8 +93,8 @@ public abstract class AbstractGithubURLParser {
        // If the GitHub URL is not configured, try to find it in a manually added user namespace
        // token.
        || isUserTokenPresent(trimmedUrl)
-        // Try to call an API request to see if the URL matches GitHub.
-        || isApiRequestRelevant(trimmedUrl);
+        // Try to call an API request to see if the URL matches self-hosted GitHub Enterprise.
+        || (!GITHUB_SAAS_ENDPOINT.equals(endpoint) && isApiRequestRelevant(trimmedUrl));
  }

  private boolean isUserTokenPresent(String repositoryUrl) {
--- a/wsmaster/che-core-api-factory-github/src/test/java/org/eclipse/che/api/factory/server/github/GithubURLParserTest.java
+++ b/wsmaster/che-core-api-factory-github/src/test/java/org/eclipse/che/api/factory/server/github/GithubURLParserTest.java
@ -31,6 +31,7 @@ import static org.testng.Assert.assertTrue;
 import com.github.tomakehurst.wiremock.WireMockServer;
 import com.github.tomakehurst.wiremock.client.WireMock;
 import com.github.tomakehurst.wiremock.common.Slf4jNotifier;
+import java.lang.reflect.Field;
 import java.util.Optional;
 import org.eclipse.che.api.core.ApiException;
 import org.eclipse.che.api.factory.server.scm.PersonalAccessToken;
@ -336,6 +337,9 @@ public class GithubURLParserTest {
  @Test
  public void shouldValidateOldVersionGitHubServerUrl() throws Exception {
    // given
+    Field endpoint = AbstractGithubURLParser.class.getDeclaredField("endpoint");
+    endpoint.setAccessible(true);
+    endpoint.set(githubUrlParser, wireMockServer.baseUrl());
    String url = wireMockServer.url("/user/repo");
    stubFor(
        get(urlEqualTo("/api/v3/user"))
@ -354,6 +358,9 @@ public class GithubURLParserTest {
  @Test
  public void shouldValidateGitHubServerUrl() throws Exception {
    // given
+    Field endpoint = AbstractGithubURLParser.class.getDeclaredField("endpoint");
+    endpoint.setAccessible(true);
+    endpoint.set(githubUrlParser, wireMockServer.baseUrl());
    String url = wireMockServer.url("/user/repo");
    stubFor(
        get(urlEqualTo("/api/v3/user"))
@ -368,4 +375,13 @@ public class GithubURLParserTest {
    // then
    assertTrue(valid);
  }
+
+  @Test
+  public void shouldNotRequestGitHubSAASUrl() throws Exception {
+    // when
+    githubUrlParser.isValid("https:github.com/repo/user.git");
+
+    // then
+    verify(githubApiClient, never()).getUser(anyString());
+  }
 }