From aa44cd33c9ec90617ab657d4088cd1a0df9a526b Mon Sep 17 00:00:00 2001 From: ivinokur Date: Sat, 27 Jan 2024 16:41:56 +0200 Subject: [PATCH] commit --- .../server/scm/KubernetesScmModule.java | 2 +- ...KubernetesAuthorisationRequestManager.java | 2 +- .../KubernetesGitCredentialManager.java | 4 +- .../KubernetesPersonalAccessTokenManager.java | 37 ++++++++++++---- ...ernetesPersonalAccessTokenManagerTest.java | 24 +++++------ .../OAuthTokenSecretsConfigurator.java | 2 +- wsmaster/che-core-api-auth-github/pom.xml | 4 -- wsmaster/che-core-api-auth/pom.xml | 4 ++ .../che/security/oauth/EmbeddedOAuthAPI.java | 17 ++++++++ .../oauth/OAuthAuthenticationService.java | 1 + .../AzureDevOpsFactoryParametersResolver.java | 2 +- ...AzureDevOpsPersonalAccessTokenFetcher.java | 9 ++-- .../devops/AzureDevOpsUserDataFetcher.java | 12 +----- ...rAuthorizingFactoryParametersResolver.java | 2 +- .../bitbucket/BitbucketServerURLParser.java | 2 +- ...horizingFactoryParametersResolverTest.java | 2 +- .../BitbucketFactoryParametersResolver.java | 2 +- ...itbucketFactoryParametersResolverTest.java | 2 +- ...tbucketPersonalAccessTokenFetcherTest.java | 6 +-- .../ssh/GitSshFactoryParametersResolver.java | 2 +- ...stractGithubFactoryParametersResolver.java | 2 +- ...tractGithubPersonalAccessTokenFetcher.java | 14 +++---- .../github/AbstractGithubURLParser.java | 2 +- .../github/AbstractGithubUserDataFetcher.java | 26 +----------- .../GithubFactoryParametersResolver.java | 2 +- ...GithubFactoryParametersResolverSecond.java | 2 +- .../server/github/GithubUserDataFetcher.java | 9 +--- .../github/GithubUserDataFetcherSecond.java | 3 -- .../GithubFactoryParametersResolverTest.java | 2 +- .../GithubPersonalAccessTokenFetcherTest.java | 6 +-- .../GitlabFactoryParametersResolver.java | 2 +- .../gitlab/GitlabOAuthTokenFetcher.java | 13 +++--- .../server/gitlab/GitlabUrlParser.java | 2 +- .../server/gitlab/GitlabUserDataFetcher.java | 17 +------- .../GitlabFactoryParametersResolverTest.java | 2 +- .../gitlab/GitlabUserDataFetcherTest.java | 3 +- wsmaster/che-core-api-factory/pom.xml | 8 ---- .../server}/AuthorisationRequestManager.java | 2 +- .../server/BaseFactoryParameterResolver.java | 1 - .../api/factory/server/FactoryService.java | 1 - .../scm/AbstractGitUserDataFetcher.java | 42 ++++--------------- .../scm/AuthorizingFileContentProvider.java | 6 +-- .../server/scm/PersonalAccessToken.java | 26 +++++++----- .../scm/PersonalAccessTokenFetcher.java | 2 +- .../server/scm/PersonalAccessTokenParams.java | 10 ++--- .../scm/ScmPersonalAccessTokenFetcher.java | 3 +- .../BaseFactoryParameterResolverTest.java | 1 - .../factory/server/FactoryServiceTest.java | 1 - 48 files changed, 149 insertions(+), 199 deletions(-) rename wsmaster/{che-core-api-auth/src/main/java/org/eclipse/che/security/oauth => che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server}/AuthorisationRequestManager.java (96%) diff --git a/infrastructures/infrastructure-factory/src/main/java/org/eclipse/che/api/factory/server/scm/KubernetesScmModule.java b/infrastructures/infrastructure-factory/src/main/java/org/eclipse/che/api/factory/server/scm/KubernetesScmModule.java index c7e0f79dd4..861ff2b9d0 100644 --- a/infrastructures/infrastructure-factory/src/main/java/org/eclipse/che/api/factory/server/scm/KubernetesScmModule.java +++ b/infrastructures/infrastructure-factory/src/main/java/org/eclipse/che/api/factory/server/scm/KubernetesScmModule.java @@ -12,10 +12,10 @@ package org.eclipse.che.api.factory.server.scm; import com.google.inject.AbstractModule; +import org.eclipse.che.api.factory.server.AuthorisationRequestManager; import org.eclipse.che.api.factory.server.scm.kubernetes.KubernetesAuthorisationRequestManager; import org.eclipse.che.api.factory.server.scm.kubernetes.KubernetesGitCredentialManager; import org.eclipse.che.api.factory.server.scm.kubernetes.KubernetesPersonalAccessTokenManager; -import org.eclipse.che.security.oauth.AuthorisationRequestManager; public class KubernetesScmModule extends AbstractModule { @Override diff --git a/infrastructures/infrastructure-factory/src/main/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesAuthorisationRequestManager.java b/infrastructures/infrastructure-factory/src/main/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesAuthorisationRequestManager.java index 44356d006d..7f2a792618 100644 --- a/infrastructures/infrastructure-factory/src/main/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesAuthorisationRequestManager.java +++ b/infrastructures/infrastructure-factory/src/main/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesAuthorisationRequestManager.java @@ -28,10 +28,10 @@ import java.util.List; import java.util.Map; import javax.inject.Inject; import javax.inject.Singleton; +import org.eclipse.che.api.factory.server.AuthorisationRequestManager; import org.eclipse.che.api.factory.server.scm.exception.ScmConfigurationPersistenceException; import org.eclipse.che.api.factory.server.scm.exception.UnsatisfiedScmPreconditionException; import org.eclipse.che.api.workspace.server.spi.InfrastructureException; -import org.eclipse.che.security.oauth.AuthorisationRequestManager; import org.eclipse.che.workspace.infrastructure.kubernetes.CheServerKubernetesClientFactory; import org.eclipse.che.workspace.infrastructure.kubernetes.api.shared.KubernetesNamespaceMeta; import org.eclipse.che.workspace.infrastructure.kubernetes.namespace.KubernetesNamespaceFactory; diff --git a/infrastructures/infrastructure-factory/src/main/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesGitCredentialManager.java b/infrastructures/infrastructure-factory/src/main/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesGitCredentialManager.java index 6092ee357f..9d89a498e9 100644 --- a/infrastructures/infrastructure-factory/src/main/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesGitCredentialManager.java +++ b/infrastructures/infrastructure-factory/src/main/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesGitCredentialManager.java @@ -14,7 +14,7 @@ package org.eclipse.che.api.factory.server.scm.kubernetes; import static com.google.common.base.Strings.isNullOrEmpty; import static java.lang.String.format; import static java.nio.charset.StandardCharsets.UTF_8; -import static org.eclipse.che.api.factory.server.scm.PersonalAccessTokenFetcher.OAUTH_2_PREFIX; +import static org.eclipse.che.api.factory.server.scm.PersonalAccessTokenFetcher.OAUTH_2_SUFFIX; import static org.eclipse.che.workspace.infrastructure.kubernetes.provision.secret.KubernetesSecretAnnotationNames.ANNOTATION_AUTOMOUNT; import static org.eclipse.che.workspace.infrastructure.kubernetes.provision.secret.KubernetesSecretAnnotationNames.ANNOTATION_DEV_WORKSPACE_MOUNT_PATH; import static org.eclipse.che.workspace.infrastructure.kubernetes.provision.secret.KubernetesSecretAnnotationNames.ANNOTATION_GIT_CREDENTIALS; @@ -176,7 +176,7 @@ public class KubernetesGitCredentialManager implements GitCredentialManager { private String getUsernameSegment(PersonalAccessToken personalAccessToken) { // Special characters are not allowed in URL username segment, so we need to escape them. PercentEscaper percentEscaper = new PercentEscaper("", false); - return personalAccessToken.getScmTokenName().startsWith(OAUTH_2_PREFIX) + return personalAccessToken.getScmProviderName().startsWith(OAUTH_2_SUFFIX) ? "oauth2" : isNullOrEmpty(personalAccessToken.getScmOrganization()) ? percentEscaper.escape(personalAccessToken.getScmUserName()) diff --git a/infrastructures/infrastructure-factory/src/main/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesPersonalAccessTokenManager.java b/infrastructures/infrastructure-factory/src/main/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesPersonalAccessTokenManager.java index 15ce7e16e2..023a812403 100644 --- a/infrastructures/infrastructure-factory/src/main/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesPersonalAccessTokenManager.java +++ b/infrastructures/infrastructure-factory/src/main/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesPersonalAccessTokenManager.java @@ -65,8 +65,8 @@ public class KubernetesPersonalAccessTokenManager implements PersonalAccessToken public static final String ANNOTATION_SCM_ORGANIZATION = "che.eclipse.org/scm-organization"; public static final String ANNOTATION_SCM_PERSONAL_ACCESS_TOKEN_ID = "che.eclipse.org/scm-personal-access-token-id"; - public static final String ANNOTATION_SCM_PERSONAL_ACCESS_TOKEN_NAME = - "che.eclipse.org/scm-personal-access-token-name"; + public static final String ANNOTATION_SCM_PERSONAL_ACCESS_PROVIDER_NAME = + "che.eclipse.org/scm-personal-access-provider-name"; public static final String ANNOTATION_SCM_URL = "che.eclipse.org/scm-url"; public static final String TOKEN_DATA_FIELD = "token"; @@ -103,8 +103,8 @@ public class KubernetesPersonalAccessTokenManager implements PersonalAccessToken ANNOTATION_SCM_PERSONAL_ACCESS_TOKEN_ID, personalAccessToken.getScmTokenId()) .put( - ANNOTATION_SCM_PERSONAL_ACCESS_TOKEN_NAME, - personalAccessToken.getScmTokenName()) + ANNOTATION_SCM_PERSONAL_ACCESS_PROVIDER_NAME, + personalAccessToken.getScmProviderName()) .build()) .withLabels(SECRET_LABELS) .build(); @@ -182,6 +182,7 @@ public class KubernetesPersonalAccessTokenManager implements PersonalAccessToken .secrets() .get(KUBERNETES_PERSONAL_ACCESS_TOKEN_LABEL_SELECTOR); for (Secret secret : secrets) { + migrate(secret, oAuthProviderName); if (deleteSecretIfMisconfigured(secret)) { continue; } @@ -201,7 +202,7 @@ public class KubernetesPersonalAccessTokenManager implements PersonalAccessToken secretAnnotations.get(ANNOTATION_CHE_USERID), personalAccessTokenParams.getOrganization(), scmUsername.get(), - secretAnnotations.get(ANNOTATION_SCM_PERSONAL_ACCESS_TOKEN_NAME), + secretAnnotations.get(ANNOTATION_SCM_PERSONAL_ACCESS_PROVIDER_NAME), personalAccessTokenParams.getScmTokenId(), personalAccessTokenParams.getToken()); return Optional.of(personalAccessToken); @@ -225,13 +226,33 @@ public class KubernetesPersonalAccessTokenManager implements PersonalAccessToken return Optional.empty(); } + private void migrate(Secret secret, String providerName) throws InfrastructureException { + String oldAnnotation = + secret.getMetadata().getAnnotations().get("che.eclipse.org/scm-personal-access-token-name"); + if (!isNullOrEmpty(oldAnnotation)) { + secret + .getMetadata() + .getAnnotations() + .remove("che.eclipse.org/scm-personal-access-token-name"); + secret + .getMetadata() + .getAnnotations() + .put(ANNOTATION_SCM_PERSONAL_ACCESS_PROVIDER_NAME, providerName); + cheServerKubernetesClientFactory + .create() + .secrets() + .inNamespace(secret.getMetadata().getNamespace()) + .createOrReplace(secret); + } + } + private boolean deleteSecretIfMisconfigured(Secret secret) throws InfrastructureException { Map secretAnnotations = secret.getMetadata().getAnnotations(); String configuredScmServerUrl = secretAnnotations.get(ANNOTATION_SCM_URL); String configuredCheUserId = secretAnnotations.get(ANNOTATION_CHE_USERID); String configuredOAuthProviderName = - secretAnnotations.get(ANNOTATION_SCM_PERSONAL_ACCESS_TOKEN_NAME); + secretAnnotations.get(ANNOTATION_SCM_PERSONAL_ACCESS_PROVIDER_NAME); // if any of the required annotations is missing, the secret is not valid if (isNullOrEmpty(configuredScmServerUrl) @@ -253,7 +274,7 @@ public class KubernetesPersonalAccessTokenManager implements PersonalAccessToken String token = new String(Base64.getDecoder().decode(secret.getData().get("token"))).trim(); String configuredOAuthProviderName = - secretAnnotations.get(ANNOTATION_SCM_PERSONAL_ACCESS_TOKEN_NAME); + secretAnnotations.get(ANNOTATION_SCM_PERSONAL_ACCESS_PROVIDER_NAME); String configuredTokenId = secretAnnotations.get(ANNOTATION_SCM_PERSONAL_ACCESS_TOKEN_ID); String configuredScmOrganization = secretAnnotations.get(ANNOTATION_SCM_ORGANIZATION); String configuredScmServerUrl = secretAnnotations.get(ANNOTATION_SCM_URL); @@ -275,7 +296,7 @@ public class KubernetesPersonalAccessTokenManager implements PersonalAccessToken String configuredScmServerUrl = secretAnnotations.get(ANNOTATION_SCM_URL); String configuredCheUserId = secretAnnotations.get(ANNOTATION_CHE_USERID); String configuredOAuthProviderName = - secretAnnotations.get(ANNOTATION_SCM_PERSONAL_ACCESS_TOKEN_NAME); + secretAnnotations.get(ANNOTATION_SCM_PERSONAL_ACCESS_PROVIDER_NAME); return (configuredCheUserId.equals(cheUser.getUserId())) && (oAuthProviderName == null || oAuthProviderName.equals(configuredOAuthProviderName)) diff --git a/infrastructures/infrastructure-factory/src/test/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesPersonalAccessTokenManagerTest.java b/infrastructures/infrastructure-factory/src/test/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesPersonalAccessTokenManagerTest.java index 47cfdb423f..2cd07c0856 100644 --- a/infrastructures/infrastructure-factory/src/test/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesPersonalAccessTokenManagerTest.java +++ b/infrastructures/infrastructure-factory/src/test/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesPersonalAccessTokenManagerTest.java @@ -104,7 +104,7 @@ public class KubernetesPersonalAccessTokenManagerTest { new ObjectMetaBuilder() .withAnnotations( Map.of( - ANNOTATION_SCM_PERSONAL_ACCESS_TOKEN_NAME, + ANNOTATION_SCM_PERSONAL_ACCESS_PROVIDER_NAME, "github", ANNOTATION_CHE_USERID, "user", @@ -181,7 +181,7 @@ public class KubernetesPersonalAccessTokenManagerTest { new ObjectMetaBuilder() .withAnnotations( Map.of( - ANNOTATION_SCM_PERSONAL_ACCESS_TOKEN_NAME, + ANNOTATION_SCM_PERSONAL_ACCESS_PROVIDER_NAME, "github", ANNOTATION_CHE_USERID, "user1", @@ -192,7 +192,7 @@ public class KubernetesPersonalAccessTokenManagerTest { new ObjectMetaBuilder() .withAnnotations( Map.of( - ANNOTATION_SCM_PERSONAL_ACCESS_TOKEN_NAME, + ANNOTATION_SCM_PERSONAL_ACCESS_PROVIDER_NAME, "github", ANNOTATION_CHE_USERID, "user1", @@ -203,7 +203,7 @@ public class KubernetesPersonalAccessTokenManagerTest { new ObjectMetaBuilder() .withAnnotations( Map.of( - ANNOTATION_SCM_PERSONAL_ACCESS_TOKEN_NAME, + ANNOTATION_SCM_PERSONAL_ACCESS_PROVIDER_NAME, "github", ANNOTATION_CHE_USERID, "user2", @@ -249,7 +249,7 @@ public class KubernetesPersonalAccessTokenManagerTest { new ObjectMetaBuilder() .withAnnotations( Map.of( - ANNOTATION_SCM_PERSONAL_ACCESS_TOKEN_NAME, + ANNOTATION_SCM_PERSONAL_ACCESS_PROVIDER_NAME, "github", ANNOTATION_CHE_USERID, "user1", @@ -294,7 +294,7 @@ public class KubernetesPersonalAccessTokenManagerTest { new ObjectMetaBuilder() .withAnnotations( Map.of( - ANNOTATION_SCM_PERSONAL_ACCESS_TOKEN_NAME, + ANNOTATION_SCM_PERSONAL_ACCESS_PROVIDER_NAME, "github", ANNOTATION_CHE_USERID, "user1", @@ -339,7 +339,7 @@ public class KubernetesPersonalAccessTokenManagerTest { new ObjectMetaBuilder() .withAnnotations( Map.of( - ANNOTATION_SCM_PERSONAL_ACCESS_TOKEN_NAME, + ANNOTATION_SCM_PERSONAL_ACCESS_PROVIDER_NAME, "github", ANNOTATION_CHE_USERID, "user1", @@ -350,7 +350,7 @@ public class KubernetesPersonalAccessTokenManagerTest { new ObjectMetaBuilder() .withAnnotations( Map.of( - ANNOTATION_SCM_PERSONAL_ACCESS_TOKEN_NAME, + ANNOTATION_SCM_PERSONAL_ACCESS_PROVIDER_NAME, "github", ANNOTATION_CHE_USERID, "user1", @@ -397,7 +397,7 @@ public class KubernetesPersonalAccessTokenManagerTest { .withNamespace("test") .withAnnotations( Map.of( - ANNOTATION_SCM_PERSONAL_ACCESS_TOKEN_NAME, + ANNOTATION_SCM_PERSONAL_ACCESS_PROVIDER_NAME, "github", ANNOTATION_CHE_USERID, "user1")) @@ -433,7 +433,7 @@ public class KubernetesPersonalAccessTokenManagerTest { new ObjectMetaBuilder() .withAnnotations( Map.of( - ANNOTATION_SCM_PERSONAL_ACCESS_TOKEN_NAME, + ANNOTATION_SCM_PERSONAL_ACCESS_PROVIDER_NAME, "github", ANNOTATION_CHE_USERID, "user1", @@ -480,7 +480,7 @@ public class KubernetesPersonalAccessTokenManagerTest { new ObjectMetaBuilder() .withAnnotations( Map.of( - ANNOTATION_SCM_PERSONAL_ACCESS_TOKEN_NAME, + ANNOTATION_SCM_PERSONAL_ACCESS_PROVIDER_NAME, "github", ANNOTATION_CHE_USERID, "user1", @@ -493,7 +493,7 @@ public class KubernetesPersonalAccessTokenManagerTest { new ObjectMetaBuilder() .withAnnotations( Map.of( - ANNOTATION_SCM_PERSONAL_ACCESS_TOKEN_NAME, + ANNOTATION_SCM_PERSONAL_ACCESS_PROVIDER_NAME, "github", ANNOTATION_CHE_USERID, "user1", diff --git a/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/namespace/configurator/OAuthTokenSecretsConfigurator.java b/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/namespace/configurator/OAuthTokenSecretsConfigurator.java index d68978ccbd..06c7f94d8c 100644 --- a/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/namespace/configurator/OAuthTokenSecretsConfigurator.java +++ b/infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/namespace/configurator/OAuthTokenSecretsConfigurator.java @@ -69,7 +69,7 @@ public class OAuthTokenSecretsConfigurator implements NamespaceConfigurator { && s.getMetadata() .getAnnotations() .get(ANNOTATION_SCM_PERSONAL_ACCESS_TOKEN_NAME) - .startsWith(PersonalAccessTokenFetcher.OAUTH_2_PREFIX)) + .startsWith(PersonalAccessTokenFetcher.OAUTH_2_SUFFIX)) .forEach( s -> { try { diff --git a/wsmaster/che-core-api-auth-github/pom.xml b/wsmaster/che-core-api-auth-github/pom.xml index 97e678b644..0e1146c9ba 100644 --- a/wsmaster/che-core-api-auth-github/pom.xml +++ b/wsmaster/che-core-api-auth-github/pom.xml @@ -43,10 +43,6 @@ org.eclipse.che.core che-core-api-auth-github-common - - org.eclipse.che.core - che-core-api-auth-github-common - org.eclipse.che.core che-core-commons-annotations diff --git a/wsmaster/che-core-api-auth/pom.xml b/wsmaster/che-core-api-auth/pom.xml index 33b184449b..4c299bd11d 100644 --- a/wsmaster/che-core-api-auth/pom.xml +++ b/wsmaster/che-core-api-auth/pom.xml @@ -59,6 +59,10 @@ org.eclipse.che.core che-core-api-dto + + org.eclipse.che.core + che-core-api-factory + org.eclipse.che.core che-core-commons-annotations diff --git a/wsmaster/che-core-api-auth/src/main/java/org/eclipse/che/security/oauth/EmbeddedOAuthAPI.java b/wsmaster/che-core-api-auth/src/main/java/org/eclipse/che/security/oauth/EmbeddedOAuthAPI.java index 2620f753d1..8f5f87309c 100644 --- a/wsmaster/che-core-api-auth/src/main/java/org/eclipse/che/security/oauth/EmbeddedOAuthAPI.java +++ b/wsmaster/che-core-api-auth/src/main/java/org/eclipse/che/security/oauth/EmbeddedOAuthAPI.java @@ -40,6 +40,11 @@ import org.eclipse.che.api.core.UnauthorizedException; import org.eclipse.che.api.core.rest.shared.dto.Link; import org.eclipse.che.api.core.rest.shared.dto.LinkParameter; import org.eclipse.che.api.core.util.LinksHelper; +import org.eclipse.che.api.factory.server.scm.PersonalAccessToken; +import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager; +import org.eclipse.che.api.factory.server.scm.exception.ScmCommunicationException; +import org.eclipse.che.api.factory.server.scm.exception.ScmConfigurationPersistenceException; +import org.eclipse.che.api.factory.server.scm.exception.ScmUnauthorizedException; import org.eclipse.che.commons.env.EnvironmentContext; import org.eclipse.che.commons.subject.Subject; import org.eclipse.che.security.oauth.shared.dto.OAuthAuthenticatorDescriptor; @@ -62,6 +67,8 @@ public class EmbeddedOAuthAPI implements OAuthAPI { @Inject protected OAuthAuthenticatorProvider oauth2Providers; @Inject protected org.eclipse.che.security.oauth1.OAuthAuthenticatorProvider oauth1Providers; + + @Inject private PersonalAccessTokenManager personalAccessTokenManager; private String redirectAfterLogin; @Override @@ -177,10 +184,20 @@ public class EmbeddedOAuthAPI implements OAuthAPI { if (token != null) { return token; } + Optional tokenOptional = + personalAccessTokenManager.get(subject, oauthProvider); + if (tokenOptional.isPresent()) { + PersonalAccessToken tokenDto = tokenOptional.get(); + return newDto(OAuthToken.class).withToken(tokenDto.getToken()); + } throw new UnauthorizedException( "OAuth token for user " + subject.getUserId() + " was not found"); } catch (IOException e) { throw new ServerException(e.getLocalizedMessage(), e); + } catch (ScmCommunicationException + | ScmUnauthorizedException + | ScmConfigurationPersistenceException e) { + throw new RuntimeException(e); } } diff --git a/wsmaster/che-core-api-auth/src/main/java/org/eclipse/che/security/oauth/OAuthAuthenticationService.java b/wsmaster/che-core-api-auth/src/main/java/org/eclipse/che/security/oauth/OAuthAuthenticationService.java index eb135c99b9..f649533e32 100644 --- a/wsmaster/che-core-api-auth/src/main/java/org/eclipse/che/security/oauth/OAuthAuthenticationService.java +++ b/wsmaster/che-core-api-auth/src/main/java/org/eclipse/che/security/oauth/OAuthAuthenticationService.java @@ -29,6 +29,7 @@ import org.eclipse.che.api.auth.shared.dto.OAuthToken; import org.eclipse.che.api.core.*; import org.eclipse.che.api.core.rest.Service; import org.eclipse.che.api.core.rest.annotations.Required; +import org.eclipse.che.api.factory.server.AuthorisationRequestManager; import org.eclipse.che.security.oauth.shared.dto.OAuthAuthenticatorDescriptor; /** RESTful wrapper for OAuthAuthenticator. */ diff --git a/wsmaster/che-core-api-factory-azure-devops/src/main/java/org/eclipse/che/api/factory/server/azure/devops/AzureDevOpsFactoryParametersResolver.java b/wsmaster/che-core-api-factory-azure-devops/src/main/java/org/eclipse/che/api/factory/server/azure/devops/AzureDevOpsFactoryParametersResolver.java index 60f307ad1a..66b8a158e8 100644 --- a/wsmaster/che-core-api-factory-azure-devops/src/main/java/org/eclipse/che/api/factory/server/azure/devops/AzureDevOpsFactoryParametersResolver.java +++ b/wsmaster/che-core-api-factory-azure-devops/src/main/java/org/eclipse/che/api/factory/server/azure/devops/AzureDevOpsFactoryParametersResolver.java @@ -21,6 +21,7 @@ import java.util.Map; import javax.inject.Inject; import javax.inject.Singleton; import org.eclipse.che.api.core.ApiException; +import org.eclipse.che.api.factory.server.AuthorisationRequestManager; import org.eclipse.che.api.factory.server.BaseFactoryParameterResolver; import org.eclipse.che.api.factory.server.FactoryParametersResolver; import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager; @@ -37,7 +38,6 @@ import org.eclipse.che.api.workspace.shared.dto.ProjectConfigDto; import org.eclipse.che.api.workspace.shared.dto.SourceStorageDto; import org.eclipse.che.api.workspace.shared.dto.devfile.ProjectDto; import org.eclipse.che.api.workspace.shared.dto.devfile.SourceDto; -import org.eclipse.che.security.oauth.AuthorisationRequestManager; /** * Provides Factory Parameters resolver for Azure DevOps repositories. diff --git a/wsmaster/che-core-api-factory-azure-devops/src/main/java/org/eclipse/che/api/factory/server/azure/devops/AzureDevOpsPersonalAccessTokenFetcher.java b/wsmaster/che-core-api-factory-azure-devops/src/main/java/org/eclipse/che/api/factory/server/azure/devops/AzureDevOpsPersonalAccessTokenFetcher.java index 0b8c278ebd..68055c347a 100644 --- a/wsmaster/che-core-api-factory-azure-devops/src/main/java/org/eclipse/che/api/factory/server/azure/devops/AzureDevOpsPersonalAccessTokenFetcher.java +++ b/wsmaster/che-core-api-factory-azure-devops/src/main/java/org/eclipse/che/api/factory/server/azure/devops/AzureDevOpsPersonalAccessTokenFetcher.java @@ -82,7 +82,7 @@ public class AzureDevOpsPersonalAccessTokenFetcher implements PersonalAccessToke try { oAuthToken = oAuthAPI.getToken(AzureDevOps.PROVIDER_NAME); - String tokenName = NameGenerator.generate(OAUTH_2_PREFIX, 5); + String tokenName = NameGenerator.generate(OAUTH_2_SUFFIX, 5); String tokenId = NameGenerator.generate("id-", 5); Optional> valid = isValid( @@ -132,8 +132,8 @@ public class AzureDevOpsPersonalAccessTokenFetcher implements PersonalAccessToke try { AzureDevOpsUser user; - if (personalAccessToken.getScmTokenName() != null - && personalAccessToken.getScmTokenName().startsWith(OAUTH_2_PREFIX)) { + if (personalAccessToken.getScmProviderName() != null + && personalAccessToken.getScmProviderName().startsWith(OAUTH_2_SUFFIX)) { user = azureDevOpsApiClient.getUserWithOAuthToken(personalAccessToken.getToken()); } else { user = @@ -155,7 +155,8 @@ public class AzureDevOpsPersonalAccessTokenFetcher implements PersonalAccessToke try { AzureDevOpsUser user; - if (params.getScmTokenName() != null && params.getScmTokenName().startsWith(OAUTH_2_PREFIX)) { + if (params.getScmProviderName() != null + && params.getScmProviderName().startsWith(OAUTH_2_SUFFIX)) { user = azureDevOpsApiClient.getUserWithOAuthToken(params.getToken()); } else { user = azureDevOpsApiClient.getUserWithPAT(params.getToken(), params.getOrganization()); diff --git a/wsmaster/che-core-api-factory-azure-devops/src/main/java/org/eclipse/che/api/factory/server/azure/devops/AzureDevOpsUserDataFetcher.java b/wsmaster/che-core-api-factory-azure-devops/src/main/java/org/eclipse/che/api/factory/server/azure/devops/AzureDevOpsUserDataFetcher.java index 5e8f23ac51..a79ce726dc 100644 --- a/wsmaster/che-core-api-factory-azure-devops/src/main/java/org/eclipse/che/api/factory/server/azure/devops/AzureDevOpsUserDataFetcher.java +++ b/wsmaster/che-core-api-factory-azure-devops/src/main/java/org/eclipse/che/api/factory/server/azure/devops/AzureDevOpsUserDataFetcher.java @@ -15,7 +15,6 @@ import static org.eclipse.che.api.factory.server.azure.devops.AzureDevOps.getAut import javax.inject.Inject; import javax.inject.Named; -import org.eclipse.che.api.auth.shared.dto.OAuthToken; import org.eclipse.che.api.factory.server.scm.AbstractGitUserDataFetcher; import org.eclipse.che.api.factory.server.scm.GitUserData; import org.eclipse.che.api.factory.server.scm.PersonalAccessToken; @@ -23,7 +22,6 @@ import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager; import org.eclipse.che.api.factory.server.scm.exception.ScmBadRequestException; import org.eclipse.che.api.factory.server.scm.exception.ScmCommunicationException; import org.eclipse.che.api.factory.server.scm.exception.ScmItemNotFoundException; -import org.eclipse.che.security.oauth.OAuthAPI; /** * Azure DevOps user data fetcher. @@ -37,24 +35,16 @@ public class AzureDevOpsUserDataFetcher extends AbstractGitUserDataFetcher { @Inject public AzureDevOpsUserDataFetcher( - OAuthAPI oAuthTokenFetcher, PersonalAccessTokenManager personalAccessTokenManager, AzureDevOpsApiClient azureDevOpsApiClient, @Named("che.api") String cheApiEndpoint, @Named("che.integration.azure.devops.application_scopes") String[] scopes) { - super(AzureDevOps.PROVIDER_NAME, personalAccessTokenManager, oAuthTokenFetcher); + super(AzureDevOps.PROVIDER_NAME, personalAccessTokenManager); this.scopes = scopes; this.cheApiEndpoint = cheApiEndpoint; this.azureDevOpsApiClient = azureDevOpsApiClient; } - @Override - protected GitUserData fetchGitUserDataWithOAuthToken(OAuthToken oAuthToken) - throws ScmItemNotFoundException, ScmCommunicationException, ScmBadRequestException { - AzureDevOpsUser user = azureDevOpsApiClient.getUserWithOAuthToken(oAuthToken.getToken()); - return new GitUserData(user.getDisplayName(), user.getEmailAddress()); - } - @Override protected GitUserData fetchGitUserDataWithPersonalAccessToken( PersonalAccessToken personalAccessToken) diff --git a/wsmaster/che-core-api-factory-bitbucket-server/src/main/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketServerAuthorizingFactoryParametersResolver.java b/wsmaster/che-core-api-factory-bitbucket-server/src/main/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketServerAuthorizingFactoryParametersResolver.java index e53a93b40c..c5bcd11945 100644 --- a/wsmaster/che-core-api-factory-bitbucket-server/src/main/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketServerAuthorizingFactoryParametersResolver.java +++ b/wsmaster/che-core-api-factory-bitbucket-server/src/main/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketServerAuthorizingFactoryParametersResolver.java @@ -20,6 +20,7 @@ import javax.inject.Inject; import javax.inject.Singleton; import org.eclipse.che.api.core.ApiException; import org.eclipse.che.api.core.BadRequestException; +import org.eclipse.che.api.factory.server.AuthorisationRequestManager; import org.eclipse.che.api.factory.server.BaseFactoryParameterResolver; import org.eclipse.che.api.factory.server.FactoryParametersResolver; import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager; @@ -33,7 +34,6 @@ import org.eclipse.che.api.factory.shared.dto.ScmInfoDto; import org.eclipse.che.api.workspace.server.devfile.URLFetcher; import org.eclipse.che.api.workspace.shared.dto.devfile.ProjectDto; import org.eclipse.che.api.workspace.shared.dto.devfile.SourceDto; -import org.eclipse.che.security.oauth.AuthorisationRequestManager; /** * Provides Factory Parameters resolver for both public and private bitbucket repositories. diff --git a/wsmaster/che-core-api-factory-bitbucket-server/src/main/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketServerURLParser.java b/wsmaster/che-core-api-factory-bitbucket-server/src/main/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketServerURLParser.java index f275b6b5f3..890d634a05 100644 --- a/wsmaster/che-core-api-factory-bitbucket-server/src/main/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketServerURLParser.java +++ b/wsmaster/che-core-api-factory-bitbucket-server/src/main/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketServerURLParser.java @@ -94,7 +94,7 @@ public class BitbucketServerURLParser { try { Optional token = personalAccessTokenManager.get(EnvironmentContext.getCurrent().getSubject(), serverUrl); - return token.isPresent() && token.get().getScmTokenName().equals(OAUTH_PROVIDER_NAME); + return token.isPresent() && token.get().getScmProviderName().equals(OAUTH_PROVIDER_NAME); } catch (ScmConfigurationPersistenceException | ScmUnauthorizedException | ScmCommunicationException exception) { diff --git a/wsmaster/che-core-api-factory-bitbucket-server/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketServerAuthorizingFactoryParametersResolverTest.java b/wsmaster/che-core-api-factory-bitbucket-server/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketServerAuthorizingFactoryParametersResolverTest.java index 664d0749d2..de1835b776 100644 --- a/wsmaster/che-core-api-factory-bitbucket-server/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketServerAuthorizingFactoryParametersResolverTest.java +++ b/wsmaster/che-core-api-factory-bitbucket-server/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketServerAuthorizingFactoryParametersResolverTest.java @@ -35,6 +35,7 @@ import java.util.Map; import java.util.Optional; import org.eclipse.che.api.core.ApiException; import org.eclipse.che.api.core.model.factory.ScmInfo; +import org.eclipse.che.api.factory.server.AuthorisationRequestManager; import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager; import org.eclipse.che.api.factory.server.urlfactory.DevfileFilenamesProvider; import org.eclipse.che.api.factory.server.urlfactory.RemoteFactoryUrl; @@ -45,7 +46,6 @@ import org.eclipse.che.api.workspace.server.devfile.URLFetcher; import org.eclipse.che.api.workspace.shared.dto.devfile.DevfileDto; import org.eclipse.che.api.workspace.shared.dto.devfile.MetadataDto; import org.eclipse.che.api.workspace.shared.dto.devfile.SourceDto; -import org.eclipse.che.security.oauth.AuthorisationRequestManager; import org.eclipse.che.security.oauth.OAuthAPI; import org.mockito.Mock; import org.mockito.testng.MockitoTestNGListener; diff --git a/wsmaster/che-core-api-factory-bitbucket/src/main/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketFactoryParametersResolver.java b/wsmaster/che-core-api-factory-bitbucket/src/main/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketFactoryParametersResolver.java index 9c67f50f22..3fefac5947 100644 --- a/wsmaster/che-core-api-factory-bitbucket/src/main/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketFactoryParametersResolver.java +++ b/wsmaster/che-core-api-factory-bitbucket/src/main/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketFactoryParametersResolver.java @@ -20,6 +20,7 @@ import javax.inject.Inject; import javax.inject.Singleton; import org.eclipse.che.api.core.ApiException; import org.eclipse.che.api.core.BadRequestException; +import org.eclipse.che.api.factory.server.AuthorisationRequestManager; import org.eclipse.che.api.factory.server.BaseFactoryParameterResolver; import org.eclipse.che.api.factory.server.FactoryParametersResolver; import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager; @@ -34,7 +35,6 @@ import org.eclipse.che.api.factory.shared.dto.ScmInfoDto; import org.eclipse.che.api.workspace.server.devfile.URLFetcher; import org.eclipse.che.api.workspace.shared.dto.ProjectConfigDto; import org.eclipse.che.api.workspace.shared.dto.devfile.ProjectDto; -import org.eclipse.che.security.oauth.AuthorisationRequestManager; /** Provides Factory Parameters resolver for bitbucket repositories. */ @Singleton diff --git a/wsmaster/che-core-api-factory-bitbucket/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketFactoryParametersResolverTest.java b/wsmaster/che-core-api-factory-bitbucket/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketFactoryParametersResolverTest.java index 7d6e2ae754..5d9868d1d4 100644 --- a/wsmaster/che-core-api-factory-bitbucket/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketFactoryParametersResolverTest.java +++ b/wsmaster/che-core-api-factory-bitbucket/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketFactoryParametersResolverTest.java @@ -36,6 +36,7 @@ import java.util.Map; import java.util.Optional; import org.eclipse.che.api.core.ApiException; import org.eclipse.che.api.core.model.factory.ScmInfo; +import org.eclipse.che.api.factory.server.AuthorisationRequestManager; import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager; import org.eclipse.che.api.factory.server.urlfactory.DevfileFilenamesProvider; import org.eclipse.che.api.factory.server.urlfactory.ProjectConfigDtoMerger; @@ -49,7 +50,6 @@ import org.eclipse.che.api.workspace.shared.dto.devfile.DevfileDto; import org.eclipse.che.api.workspace.shared.dto.devfile.MetadataDto; import org.eclipse.che.api.workspace.shared.dto.devfile.ProjectDto; import org.eclipse.che.api.workspace.shared.dto.devfile.SourceDto; -import org.eclipse.che.security.oauth.AuthorisationRequestManager; import org.mockito.ArgumentCaptor; import org.mockito.Captor; import org.mockito.Mock; diff --git a/wsmaster/che-core-api-factory-bitbucket/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketPersonalAccessTokenFetcherTest.java b/wsmaster/che-core-api-factory-bitbucket/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketPersonalAccessTokenFetcherTest.java index 9dce3efc19..fdc3e9098e 100644 --- a/wsmaster/che-core-api-factory-bitbucket/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketPersonalAccessTokenFetcherTest.java +++ b/wsmaster/che-core-api-factory-bitbucket/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketPersonalAccessTokenFetcherTest.java @@ -18,7 +18,7 @@ import static com.github.tomakehurst.wiremock.client.WireMock.stubFor; import static com.github.tomakehurst.wiremock.client.WireMock.urlEqualTo; import static com.github.tomakehurst.wiremock.core.WireMockConfiguration.wireMockConfig; import static java.net.HttpURLConnection.HTTP_FORBIDDEN; -import static org.eclipse.che.api.factory.server.scm.PersonalAccessTokenFetcher.OAUTH_2_PREFIX; +import static org.eclipse.che.api.factory.server.scm.PersonalAccessTokenFetcher.OAUTH_2_SUFFIX; import static org.eclipse.che.dto.server.DtoFactory.newDto; import static org.mockito.ArgumentMatchers.anyString; import static org.mockito.Mockito.when; @@ -188,7 +188,7 @@ public class BitbucketPersonalAccessTokenFetcherTest { PersonalAccessTokenParams params = new PersonalAccessTokenParams( "https://bitbucket.org", - OAUTH_2_PREFIX + "-params-name", + OAUTH_2_SUFFIX + "-params-name", "tid-23434", bitbucketOauthToken, null); @@ -205,7 +205,7 @@ public class BitbucketPersonalAccessTokenFetcherTest { PersonalAccessTokenParams params = new PersonalAccessTokenParams( "https://bitbucket.org", - OAUTH_2_PREFIX + "-token-name", + OAUTH_2_SUFFIX + "-token-name", "tid-23434", bitbucketOauthToken, null); diff --git a/wsmaster/che-core-api-factory-git-ssh/src/main/java/org/eclipse/che/api/factory/server/git/ssh/GitSshFactoryParametersResolver.java b/wsmaster/che-core-api-factory-git-ssh/src/main/java/org/eclipse/che/api/factory/server/git/ssh/GitSshFactoryParametersResolver.java index 97698512d9..dde048c7ce 100644 --- a/wsmaster/che-core-api-factory-git-ssh/src/main/java/org/eclipse/che/api/factory/server/git/ssh/GitSshFactoryParametersResolver.java +++ b/wsmaster/che-core-api-factory-git-ssh/src/main/java/org/eclipse/che/api/factory/server/git/ssh/GitSshFactoryParametersResolver.java @@ -21,6 +21,7 @@ import java.util.Map; import javax.inject.Inject; import javax.inject.Singleton; import org.eclipse.che.api.core.ApiException; +import org.eclipse.che.api.factory.server.AuthorisationRequestManager; import org.eclipse.che.api.factory.server.BaseFactoryParameterResolver; import org.eclipse.che.api.factory.server.FactoryParametersResolver; import org.eclipse.che.api.factory.server.FactoryResolverPriority; @@ -35,7 +36,6 @@ import org.eclipse.che.api.factory.shared.dto.ScmInfoDto; import org.eclipse.che.api.workspace.server.devfile.URLFetcher; import org.eclipse.che.api.workspace.shared.dto.devfile.ProjectDto; import org.eclipse.che.api.workspace.shared.dto.devfile.SourceDto; -import org.eclipse.che.security.oauth.AuthorisationRequestManager; /** * Provides Factory Parameters resolver for Git Ssh repositories. diff --git a/wsmaster/che-core-api-factory-github-common/src/main/java/org/eclipse/che/api/factory/server/github/AbstractGithubFactoryParametersResolver.java b/wsmaster/che-core-api-factory-github-common/src/main/java/org/eclipse/che/api/factory/server/github/AbstractGithubFactoryParametersResolver.java index 2a4652ec55..b3bc0d8e64 100644 --- a/wsmaster/che-core-api-factory-github-common/src/main/java/org/eclipse/che/api/factory/server/github/AbstractGithubFactoryParametersResolver.java +++ b/wsmaster/che-core-api-factory-github-common/src/main/java/org/eclipse/che/api/factory/server/github/AbstractGithubFactoryParametersResolver.java @@ -19,6 +19,7 @@ import jakarta.validation.constraints.NotNull; import java.util.Map; import org.eclipse.che.api.core.ApiException; import org.eclipse.che.api.core.BadRequestException; +import org.eclipse.che.api.factory.server.AuthorisationRequestManager; import org.eclipse.che.api.factory.server.BaseFactoryParameterResolver; import org.eclipse.che.api.factory.server.FactoryParametersResolver; import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager; @@ -29,7 +30,6 @@ import org.eclipse.che.api.factory.shared.dto.*; import org.eclipse.che.api.workspace.server.devfile.URLFetcher; import org.eclipse.che.api.workspace.shared.dto.ProjectConfigDto; import org.eclipse.che.api.workspace.shared.dto.devfile.ProjectDto; -import org.eclipse.che.security.oauth.AuthorisationRequestManager; /** * Provides Factory Parameters resolver for github repositories. diff --git a/wsmaster/che-core-api-factory-github-common/src/main/java/org/eclipse/che/api/factory/server/github/AbstractGithubPersonalAccessTokenFetcher.java b/wsmaster/che-core-api-factory-github-common/src/main/java/org/eclipse/che/api/factory/server/github/AbstractGithubPersonalAccessTokenFetcher.java index efb7646435..62e572592b 100644 --- a/wsmaster/che-core-api-factory-github-common/src/main/java/org/eclipse/che/api/factory/server/github/AbstractGithubPersonalAccessTokenFetcher.java +++ b/wsmaster/che-core-api-factory-github-common/src/main/java/org/eclipse/che/api/factory/server/github/AbstractGithubPersonalAccessTokenFetcher.java @@ -135,12 +135,11 @@ public abstract class AbstractGithubPersonalAccessTokenFetcher } try { oAuthToken = oAuthAPI.getToken(providerName); - String tokenName = NameGenerator.generate(OAUTH_2_PREFIX, 5); String tokenId = NameGenerator.generate("id-", 5); Optional> valid = isValid( new PersonalAccessTokenParams( - scmServerUrl, tokenName, tokenId, oAuthToken.getToken(), null)); + scmServerUrl, providerName, tokenId, oAuthToken.getToken(), null)); if (valid.isEmpty()) { throw buildScmUnauthorizedException(cheSubject); } else if (!valid.get().first) { @@ -152,7 +151,7 @@ public abstract class AbstractGithubPersonalAccessTokenFetcher scmServerUrl, cheSubject.getUserId(), valid.get().second, - tokenName, + providerName, tokenId, oAuthToken.getToken()); } catch (UnauthorizedException e) { @@ -185,8 +184,8 @@ public abstract class AbstractGithubPersonalAccessTokenFetcher } try { - if (personalAccessToken.getScmTokenName() != null - && personalAccessToken.getScmTokenName().startsWith(OAUTH_2_PREFIX)) { + if (personalAccessToken.getScmProviderName() != null + && personalAccessToken.getScmProviderName().startsWith(OAUTH_2_SUFFIX)) { String[] scopes = githubApiClient.getTokenScopes(personalAccessToken.getToken()).second; return Optional.of(containsScopes(scopes, DEFAULT_TOKEN_SCOPES)); } else { @@ -210,7 +209,7 @@ public abstract class AbstractGithubPersonalAccessTokenFetcher // The url from the token has the same url as the api client, no need to create a new one. apiClient = githubApiClient; } else { - if ("github".equals(params.getScmTokenName())) { + if ("github".equals(params.getScmProviderName())) { apiClient = new GithubApiClient(params.getScmProviderUrl()); } else { LOG.debug("not a valid url {} for current fetcher ", params.getScmProviderUrl()); @@ -218,7 +217,8 @@ public abstract class AbstractGithubPersonalAccessTokenFetcher } } try { - if (params.getScmTokenName() != null && params.getScmTokenName().startsWith(OAUTH_2_PREFIX)) { + if (params.getScmProviderName() != null + && params.getScmProviderName().startsWith(OAUTH_2_SUFFIX)) { Pair pair = apiClient.getTokenScopes(params.getToken()); return Optional.of( Pair.of( diff --git a/wsmaster/che-core-api-factory-github-common/src/main/java/org/eclipse/che/api/factory/server/github/AbstractGithubURLParser.java b/wsmaster/che-core-api-factory-github-common/src/main/java/org/eclipse/che/api/factory/server/github/AbstractGithubURLParser.java index 5c8f934462..ba4f8316b5 100644 --- a/wsmaster/che-core-api-factory-github-common/src/main/java/org/eclipse/che/api/factory/server/github/AbstractGithubURLParser.java +++ b/wsmaster/che-core-api-factory-github-common/src/main/java/org/eclipse/che/api/factory/server/github/AbstractGithubURLParser.java @@ -106,7 +106,7 @@ public abstract class AbstractGithubURLParser { tokenManager.get(EnvironmentContext.getCurrent().getSubject(), serverUrl); if (token.isPresent()) { PersonalAccessToken accessToken = token.get(); - return accessToken.getScmTokenName().equals(providerName); + return accessToken.getScmProviderName().equals(providerName); } } catch (ScmConfigurationPersistenceException | ScmUnauthorizedException diff --git a/wsmaster/che-core-api-factory-github-common/src/main/java/org/eclipse/che/api/factory/server/github/AbstractGithubUserDataFetcher.java b/wsmaster/che-core-api-factory-github-common/src/main/java/org/eclipse/che/api/factory/server/github/AbstractGithubUserDataFetcher.java index 522f309e2f..1d3cb9cccb 100644 --- a/wsmaster/che-core-api-factory-github-common/src/main/java/org/eclipse/che/api/factory/server/github/AbstractGithubUserDataFetcher.java +++ b/wsmaster/che-core-api-factory-github-common/src/main/java/org/eclipse/che/api/factory/server/github/AbstractGithubUserDataFetcher.java @@ -13,10 +13,8 @@ package org.eclipse.che.api.factory.server.github; import static com.google.common.base.Strings.isNullOrEmpty; -import com.google.common.base.Joiner; import com.google.common.collect.ImmutableSet; import java.util.Set; -import org.eclipse.che.api.auth.shared.dto.OAuthToken; import org.eclipse.che.api.factory.server.scm.AbstractGitUserDataFetcher; import org.eclipse.che.api.factory.server.scm.GitUserData; import org.eclipse.che.api.factory.server.scm.PersonalAccessToken; @@ -24,7 +22,6 @@ import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager; import org.eclipse.che.api.factory.server.scm.exception.ScmBadRequestException; import org.eclipse.che.api.factory.server.scm.exception.ScmCommunicationException; import org.eclipse.che.api.factory.server.scm.exception.ScmItemNotFoundException; -import org.eclipse.che.security.oauth.OAuthAPI; /** GitHub user data retriever. */ public abstract class AbstractGithubUserDataFetcher extends AbstractGitUserDataFetcher { @@ -44,27 +41,15 @@ public abstract class AbstractGithubUserDataFetcher extends AbstractGitUserDataF /** Constructor used for testing only. */ public AbstractGithubUserDataFetcher( String apiEndpoint, - OAuthAPI oAuthTokenFetcher, PersonalAccessTokenManager personalAccessTokenManager, GithubApiClient githubApiClient, String providerName) { - super(providerName, personalAccessTokenManager, oAuthTokenFetcher); + super(providerName, personalAccessTokenManager); this.providerName = providerName; this.githubApiClient = githubApiClient; this.apiEndpoint = apiEndpoint; } - @Override - protected GitUserData fetchGitUserDataWithOAuthToken(OAuthToken oAuthToken) - throws ScmItemNotFoundException, ScmCommunicationException, ScmBadRequestException { - GithubUser user = githubApiClient.getUser(oAuthToken.getToken()); - if (isNullOrEmpty(user.getName()) || isNullOrEmpty(user.getEmail())) { - throw new ScmItemNotFoundException(NO_USERNAME_AND_EMAIL_ERROR_MESSAGE); - } else { - return new GitUserData(user.getName(), user.getEmail()); - } - } - @Override protected GitUserData fetchGitUserDataWithPersonalAccessToken( PersonalAccessToken personalAccessToken) @@ -80,13 +65,4 @@ public abstract class AbstractGithubUserDataFetcher extends AbstractGitUserDataF return new GitUserData(user.getName(), user.getEmail()); } } - - protected String getLocalAuthenticateUrl() { - return apiEndpoint - + "/oauth/authenticate?oauth_provider=" - + providerName - + "&scope=" - + Joiner.on(',').join(DEFAULT_TOKEN_SCOPES) - + "&request_method=POST&signature_method=rsa"; - } } diff --git a/wsmaster/che-core-api-factory-github/src/main/java/org/eclipse/che/api/factory/server/github/GithubFactoryParametersResolver.java b/wsmaster/che-core-api-factory-github/src/main/java/org/eclipse/che/api/factory/server/github/GithubFactoryParametersResolver.java index 5721690855..238d1ca79d 100644 --- a/wsmaster/che-core-api-factory-github/src/main/java/org/eclipse/che/api/factory/server/github/GithubFactoryParametersResolver.java +++ b/wsmaster/che-core-api-factory-github/src/main/java/org/eclipse/che/api/factory/server/github/GithubFactoryParametersResolver.java @@ -13,11 +13,11 @@ package org.eclipse.che.api.factory.server.github; import javax.inject.Inject; import javax.inject.Singleton; +import org.eclipse.che.api.factory.server.AuthorisationRequestManager; import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager; import org.eclipse.che.api.factory.server.urlfactory.ProjectConfigDtoMerger; import org.eclipse.che.api.factory.server.urlfactory.URLFactoryBuilder; import org.eclipse.che.api.workspace.server.devfile.URLFetcher; -import org.eclipse.che.security.oauth.AuthorisationRequestManager; /** * Provides Factory Parameters resolver for github repositories. diff --git a/wsmaster/che-core-api-factory-github/src/main/java/org/eclipse/che/api/factory/server/github/GithubFactoryParametersResolverSecond.java b/wsmaster/che-core-api-factory-github/src/main/java/org/eclipse/che/api/factory/server/github/GithubFactoryParametersResolverSecond.java index 5103711d48..ccb3b9d14e 100644 --- a/wsmaster/che-core-api-factory-github/src/main/java/org/eclipse/che/api/factory/server/github/GithubFactoryParametersResolverSecond.java +++ b/wsmaster/che-core-api-factory-github/src/main/java/org/eclipse/che/api/factory/server/github/GithubFactoryParametersResolverSecond.java @@ -13,11 +13,11 @@ package org.eclipse.che.api.factory.server.github; import javax.inject.Inject; import javax.inject.Singleton; +import org.eclipse.che.api.factory.server.AuthorisationRequestManager; import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager; import org.eclipse.che.api.factory.server.urlfactory.ProjectConfigDtoMerger; import org.eclipse.che.api.factory.server.urlfactory.URLFactoryBuilder; import org.eclipse.che.api.workspace.server.devfile.URLFetcher; -import org.eclipse.che.security.oauth.AuthorisationRequestManager; /** * Provides Factory Parameters resolver for github repositories. diff --git a/wsmaster/che-core-api-factory-github/src/main/java/org/eclipse/che/api/factory/server/github/GithubUserDataFetcher.java b/wsmaster/che-core-api-factory-github/src/main/java/org/eclipse/che/api/factory/server/github/GithubUserDataFetcher.java index 49d91c7cd5..57cf35f671 100644 --- a/wsmaster/che-core-api-factory-github/src/main/java/org/eclipse/che/api/factory/server/github/GithubUserDataFetcher.java +++ b/wsmaster/che-core-api-factory-github/src/main/java/org/eclipse/che/api/factory/server/github/GithubUserDataFetcher.java @@ -26,11 +26,9 @@ public class GithubUserDataFetcher extends AbstractGithubUserDataFetcher { public GithubUserDataFetcher( @Named("che.api") String apiEndpoint, @Nullable @Named("che.integration.github.oauth_endpoint") String oauthEndpoint, - OAuthAPI oAuthTokenFetcher, PersonalAccessTokenManager personalAccessTokenManager) { super( apiEndpoint, - oAuthTokenFetcher, personalAccessTokenManager, new GithubApiClient(oauthEndpoint), OAUTH_PROVIDER_NAME); @@ -41,11 +39,6 @@ public class GithubUserDataFetcher extends AbstractGithubUserDataFetcher { OAuthAPI oAuthTokenFetcher, PersonalAccessTokenManager personalAccessTokenManager, GithubApiClient githubApiClient) { - super( - apiEndpoint, - oAuthTokenFetcher, - personalAccessTokenManager, - githubApiClient, - OAUTH_PROVIDER_NAME); + super(apiEndpoint, personalAccessTokenManager, githubApiClient, OAUTH_PROVIDER_NAME); } } diff --git a/wsmaster/che-core-api-factory-github/src/main/java/org/eclipse/che/api/factory/server/github/GithubUserDataFetcherSecond.java b/wsmaster/che-core-api-factory-github/src/main/java/org/eclipse/che/api/factory/server/github/GithubUserDataFetcherSecond.java index 2b707e8f03..ec8fd7581a 100644 --- a/wsmaster/che-core-api-factory-github/src/main/java/org/eclipse/che/api/factory/server/github/GithubUserDataFetcherSecond.java +++ b/wsmaster/che-core-api-factory-github/src/main/java/org/eclipse/che/api/factory/server/github/GithubUserDataFetcherSecond.java @@ -15,7 +15,6 @@ import javax.inject.Inject; import javax.inject.Named; import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager; import org.eclipse.che.commons.annotation.Nullable; -import org.eclipse.che.security.oauth.OAuthAPI; /** GitHub user data retriever. */ public class GithubUserDataFetcherSecond extends AbstractGithubUserDataFetcher { @@ -26,11 +25,9 @@ public class GithubUserDataFetcherSecond extends AbstractGithubUserDataFetcher { public GithubUserDataFetcherSecond( @Named("che.api") String apiEndpoint, @Nullable @Named("che.integration.github.oauth_endpoint_2") String oauthEndpoint, - OAuthAPI oAuthTokenFetcher, PersonalAccessTokenManager personalAccessTokenManager) { super( apiEndpoint, - oAuthTokenFetcher, personalAccessTokenManager, new GithubApiClient(oauthEndpoint), OAUTH_PROVIDER_NAME); diff --git a/wsmaster/che-core-api-factory-github/src/test/java/org/eclipse/che/api/factory/server/github/GithubFactoryParametersResolverTest.java b/wsmaster/che-core-api-factory-github/src/test/java/org/eclipse/che/api/factory/server/github/GithubFactoryParametersResolverTest.java index 439881e530..8731764f72 100644 --- a/wsmaster/che-core-api-factory-github/src/test/java/org/eclipse/che/api/factory/server/github/GithubFactoryParametersResolverTest.java +++ b/wsmaster/che-core-api-factory-github/src/test/java/org/eclipse/che/api/factory/server/github/GithubFactoryParametersResolverTest.java @@ -38,6 +38,7 @@ import java.util.Map; import java.util.Optional; import org.eclipse.che.api.core.ApiException; import org.eclipse.che.api.core.model.factory.ScmInfo; +import org.eclipse.che.api.factory.server.AuthorisationRequestManager; import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager; import org.eclipse.che.api.factory.server.urlfactory.DevfileFilenamesProvider; import org.eclipse.che.api.factory.server.urlfactory.ProjectConfigDtoMerger; @@ -51,7 +52,6 @@ import org.eclipse.che.api.workspace.shared.dto.devfile.DevfileDto; import org.eclipse.che.api.workspace.shared.dto.devfile.MetadataDto; import org.eclipse.che.api.workspace.shared.dto.devfile.ProjectDto; import org.eclipse.che.api.workspace.shared.dto.devfile.SourceDto; -import org.eclipse.che.security.oauth.AuthorisationRequestManager; import org.mockito.ArgumentCaptor; import org.mockito.Captor; import org.mockito.Mock; diff --git a/wsmaster/che-core-api-factory-github/src/test/java/org/eclipse/che/api/factory/server/github/GithubPersonalAccessTokenFetcherTest.java b/wsmaster/che-core-api-factory-github/src/test/java/org/eclipse/che/api/factory/server/github/GithubPersonalAccessTokenFetcherTest.java index 431da4d8ee..4c86498c00 100644 --- a/wsmaster/che-core-api-factory-github/src/test/java/org/eclipse/che/api/factory/server/github/GithubPersonalAccessTokenFetcherTest.java +++ b/wsmaster/che-core-api-factory-github/src/test/java/org/eclipse/che/api/factory/server/github/GithubPersonalAccessTokenFetcherTest.java @@ -19,7 +19,7 @@ import static com.github.tomakehurst.wiremock.client.WireMock.urlEqualTo; import static com.github.tomakehurst.wiremock.core.WireMockConfiguration.wireMockConfig; import static java.net.HttpURLConnection.HTTP_FORBIDDEN; import static org.eclipse.che.api.factory.server.github.GithubPersonalAccessTokenFetcher.DEFAULT_TOKEN_SCOPES; -import static org.eclipse.che.api.factory.server.scm.PersonalAccessTokenFetcher.OAUTH_2_PREFIX; +import static org.eclipse.che.api.factory.server.scm.PersonalAccessTokenFetcher.OAUTH_2_SUFFIX; import static org.eclipse.che.dto.server.DtoFactory.newDto; import static org.mockito.ArgumentMatchers.anyString; import static org.mockito.Mockito.when; @@ -236,7 +236,7 @@ public class GithubPersonalAccessTokenFetcherTest { PersonalAccessTokenParams params = new PersonalAccessTokenParams( wireMockServer.url("/"), - OAUTH_2_PREFIX + "-params-name", + OAUTH_2_SUFFIX + "-params-name", "tid-23434", githubOauthToken, null); @@ -253,7 +253,7 @@ public class GithubPersonalAccessTokenFetcherTest { PersonalAccessTokenParams params = new PersonalAccessTokenParams( wireMockServer.url("/"), - OAUTH_2_PREFIX + "-token-name", + OAUTH_2_SUFFIX + "-token-name", "tid-23434", githubOauthToken, null); diff --git a/wsmaster/che-core-api-factory-gitlab/src/main/java/org/eclipse/che/api/factory/server/gitlab/GitlabFactoryParametersResolver.java b/wsmaster/che-core-api-factory-gitlab/src/main/java/org/eclipse/che/api/factory/server/gitlab/GitlabFactoryParametersResolver.java index 3a3efc3a66..341947ad6a 100644 --- a/wsmaster/che-core-api-factory-gitlab/src/main/java/org/eclipse/che/api/factory/server/gitlab/GitlabFactoryParametersResolver.java +++ b/wsmaster/che-core-api-factory-gitlab/src/main/java/org/eclipse/che/api/factory/server/gitlab/GitlabFactoryParametersResolver.java @@ -20,6 +20,7 @@ import javax.inject.Inject; import javax.inject.Singleton; import org.eclipse.che.api.core.ApiException; import org.eclipse.che.api.core.BadRequestException; +import org.eclipse.che.api.factory.server.AuthorisationRequestManager; import org.eclipse.che.api.factory.server.BaseFactoryParameterResolver; import org.eclipse.che.api.factory.server.FactoryParametersResolver; import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager; @@ -33,7 +34,6 @@ import org.eclipse.che.api.factory.shared.dto.ScmInfoDto; import org.eclipse.che.api.workspace.server.devfile.URLFetcher; import org.eclipse.che.api.workspace.shared.dto.devfile.ProjectDto; import org.eclipse.che.api.workspace.shared.dto.devfile.SourceDto; -import org.eclipse.che.security.oauth.AuthorisationRequestManager; /** * Provides Factory Parameters resolver for Gitlab repositories. diff --git a/wsmaster/che-core-api-factory-gitlab/src/main/java/org/eclipse/che/api/factory/server/gitlab/GitlabOAuthTokenFetcher.java b/wsmaster/che-core-api-factory-gitlab/src/main/java/org/eclipse/che/api/factory/server/gitlab/GitlabOAuthTokenFetcher.java index aaf4811edd..77ecf657c7 100644 --- a/wsmaster/che-core-api-factory-gitlab/src/main/java/org/eclipse/che/api/factory/server/gitlab/GitlabOAuthTokenFetcher.java +++ b/wsmaster/che-core-api-factory-gitlab/src/main/java/org/eclipse/che/api/factory/server/gitlab/GitlabOAuthTokenFetcher.java @@ -106,7 +106,7 @@ public class GitlabOAuthTokenFetcher implements PersonalAccessTokenFetcher { OAuthToken oAuthToken; try { oAuthToken = oAuthAPI.getToken(OAUTH_PROVIDER_NAME); - String tokenName = NameGenerator.generate(OAUTH_2_PREFIX, 5); + String tokenName = NameGenerator.generate(OAUTH_2_SUFFIX, 5); String tokenId = NameGenerator.generate("id-", 5); Optional> valid = isValid( @@ -152,7 +152,7 @@ public class GitlabOAuthTokenFetcher implements PersonalAccessTokenFetcher { GitlabApiClient gitlabApiClient = getApiClient(personalAccessToken.getScmProviderUrl()); if (gitlabApiClient == null || !gitlabApiClient.isConnected(personalAccessToken.getScmProviderUrl())) { - if (personalAccessToken.getScmTokenName().equals(OAUTH_PROVIDER_NAME)) { + if (personalAccessToken.getScmProviderName().equals(OAUTH_PROVIDER_NAME)) { gitlabApiClient = new GitlabApiClient(personalAccessToken.getScmProviderUrl()); } else { LOG.debug( @@ -160,8 +160,8 @@ public class GitlabOAuthTokenFetcher implements PersonalAccessTokenFetcher { return Optional.empty(); } } - if (personalAccessToken.getScmTokenName() != null - && personalAccessToken.getScmTokenName().startsWith(OAUTH_2_PREFIX)) { + if (personalAccessToken.getScmProviderName() != null + && personalAccessToken.getScmProviderName().startsWith(OAUTH_2_SUFFIX)) { // validation OAuth token by special API call try { GitlabOauthTokenInfo info = @@ -190,7 +190,7 @@ public class GitlabOAuthTokenFetcher implements PersonalAccessTokenFetcher { public Optional> isValid(PersonalAccessTokenParams params) { GitlabApiClient gitlabApiClient = getApiClient(params.getScmProviderUrl()); if (gitlabApiClient == null || !gitlabApiClient.isConnected(params.getScmProviderUrl())) { - if (OAUTH_PROVIDER_NAME.equals(params.getScmTokenName())) { + if (OAUTH_PROVIDER_NAME.equals(params.getScmProviderName())) { gitlabApiClient = new GitlabApiClient(params.getScmProviderUrl()); } else { LOG.debug("not a valid url {} for current fetcher ", params.getScmProviderUrl()); @@ -199,7 +199,8 @@ public class GitlabOAuthTokenFetcher implements PersonalAccessTokenFetcher { } try { GitlabUser user = gitlabApiClient.getUser(params.getToken()); - if (params.getScmTokenName() != null && params.getScmTokenName().startsWith(OAUTH_2_PREFIX)) { + if (params.getScmProviderName() != null + && params.getScmProviderName().startsWith(OAUTH_2_SUFFIX)) { // validation OAuth token by special API call GitlabOauthTokenInfo info = gitlabApiClient.getOAuthTokenInfo(params.getToken()); return Optional.of( diff --git a/wsmaster/che-core-api-factory-gitlab/src/main/java/org/eclipse/che/api/factory/server/gitlab/GitlabUrlParser.java b/wsmaster/che-core-api-factory-gitlab/src/main/java/org/eclipse/che/api/factory/server/gitlab/GitlabUrlParser.java index 952bd5c6b3..e33814deda 100644 --- a/wsmaster/che-core-api-factory-gitlab/src/main/java/org/eclipse/che/api/factory/server/gitlab/GitlabUrlParser.java +++ b/wsmaster/che-core-api-factory-gitlab/src/main/java/org/eclipse/che/api/factory/server/gitlab/GitlabUrlParser.java @@ -89,7 +89,7 @@ public class GitlabUrlParser { personalAccessTokenManager.get(EnvironmentContext.getCurrent().getSubject(), serverUrl); if (token.isPresent()) { PersonalAccessToken accessToken = token.get(); - return accessToken.getScmTokenName().equals(OAUTH_PROVIDER_NAME); + return accessToken.getScmProviderName().equals(OAUTH_PROVIDER_NAME); } } catch (ScmConfigurationPersistenceException | ScmUnauthorizedException diff --git a/wsmaster/che-core-api-factory-gitlab/src/main/java/org/eclipse/che/api/factory/server/gitlab/GitlabUserDataFetcher.java b/wsmaster/che-core-api-factory-gitlab/src/main/java/org/eclipse/che/api/factory/server/gitlab/GitlabUserDataFetcher.java index a9fb66cb1c..435fb51a47 100644 --- a/wsmaster/che-core-api-factory-gitlab/src/main/java/org/eclipse/che/api/factory/server/gitlab/GitlabUserDataFetcher.java +++ b/wsmaster/che-core-api-factory-gitlab/src/main/java/org/eclipse/che/api/factory/server/gitlab/GitlabUserDataFetcher.java @@ -21,7 +21,6 @@ import java.util.List; import java.util.Set; import javax.inject.Inject; import javax.inject.Named; -import org.eclipse.che.api.auth.shared.dto.OAuthToken; import org.eclipse.che.api.factory.server.scm.*; import org.eclipse.che.api.factory.server.scm.exception.ScmBadRequestException; import org.eclipse.che.api.factory.server.scm.exception.ScmCommunicationException; @@ -29,7 +28,6 @@ import org.eclipse.che.api.factory.server.scm.exception.ScmItemNotFoundException import org.eclipse.che.commons.annotation.Nullable; import org.eclipse.che.commons.lang.StringUtils; import org.eclipse.che.inject.ConfigurationException; -import org.eclipse.che.security.oauth.OAuthAPI; /** Gitlab OAuth token retriever. */ public class GitlabUserDataFetcher extends AbstractGitUserDataFetcher { @@ -48,9 +46,8 @@ public class GitlabUserDataFetcher extends AbstractGitUserDataFetcher { @Nullable @Named("che.integration.gitlab.server_endpoints") String gitlabEndpoints, @Nullable @Named("che.integration.gitlab.oauth_endpoint") String oauthEndpoint, @Named("che.api") String apiEndpoint, - PersonalAccessTokenManager personalAccessTokenManager, - OAuthAPI oAuthTokenFetcher) { - super(OAUTH_PROVIDER_NAME, personalAccessTokenManager, oAuthTokenFetcher); + PersonalAccessTokenManager personalAccessTokenManager) { + super(OAUTH_PROVIDER_NAME, personalAccessTokenManager); this.apiEndpoint = apiEndpoint; if (gitlabEndpoints != null) { this.registeredGitlabEndpoints = @@ -69,16 +66,6 @@ public class GitlabUserDataFetcher extends AbstractGitUserDataFetcher { } } - @Override - protected GitUserData fetchGitUserDataWithOAuthToken(OAuthToken oAuthToken) - throws ScmItemNotFoundException, ScmCommunicationException, ScmBadRequestException { - for (String gitlabServerEndpoint : this.registeredGitlabEndpoints) { - GitlabUser user = new GitlabApiClient(gitlabServerEndpoint).getUser(oAuthToken.getToken()); - return new GitUserData(user.getName(), user.getEmail()); - } - throw new ScmCommunicationException("Failed to retrieve git user data from Gitlab"); - } - @Override protected GitUserData fetchGitUserDataWithPersonalAccessToken( PersonalAccessToken personalAccessToken) diff --git a/wsmaster/che-core-api-factory-gitlab/src/test/java/org/eclipse/che/api/factory/server/gitlab/GitlabFactoryParametersResolverTest.java b/wsmaster/che-core-api-factory-gitlab/src/test/java/org/eclipse/che/api/factory/server/gitlab/GitlabFactoryParametersResolverTest.java index 15daf55ff9..4c9a3ea62d 100644 --- a/wsmaster/che-core-api-factory-gitlab/src/test/java/org/eclipse/che/api/factory/server/gitlab/GitlabFactoryParametersResolverTest.java +++ b/wsmaster/che-core-api-factory-gitlab/src/test/java/org/eclipse/che/api/factory/server/gitlab/GitlabFactoryParametersResolverTest.java @@ -35,6 +35,7 @@ import java.util.Map; import java.util.Optional; import org.eclipse.che.api.core.ApiException; import org.eclipse.che.api.core.model.factory.ScmInfo; +import org.eclipse.che.api.factory.server.AuthorisationRequestManager; import org.eclipse.che.api.factory.server.scm.PersonalAccessTokenManager; import org.eclipse.che.api.factory.server.urlfactory.DevfileFilenamesProvider; import org.eclipse.che.api.factory.server.urlfactory.RemoteFactoryUrl; @@ -45,7 +46,6 @@ import org.eclipse.che.api.workspace.server.devfile.URLFetcher; import org.eclipse.che.api.workspace.shared.dto.devfile.DevfileDto; import org.eclipse.che.api.workspace.shared.dto.devfile.MetadataDto; import org.eclipse.che.api.workspace.shared.dto.devfile.SourceDto; -import org.eclipse.che.security.oauth.AuthorisationRequestManager; import org.mockito.Mock; import org.mockito.testng.MockitoTestNGListener; import org.testng.annotations.BeforeMethod; diff --git a/wsmaster/che-core-api-factory-gitlab/src/test/java/org/eclipse/che/api/factory/server/gitlab/GitlabUserDataFetcherTest.java b/wsmaster/che-core-api-factory-gitlab/src/test/java/org/eclipse/che/api/factory/server/gitlab/GitlabUserDataFetcherTest.java index 220f3b4b8e..f8e03cf94d 100644 --- a/wsmaster/che-core-api-factory-gitlab/src/test/java/org/eclipse/che/api/factory/server/gitlab/GitlabUserDataFetcherTest.java +++ b/wsmaster/che-core-api-factory-gitlab/src/test/java/org/eclipse/che/api/factory/server/gitlab/GitlabUserDataFetcherTest.java @@ -60,8 +60,7 @@ public class GitlabUserDataFetcherTest { wireMockServer.url("/"), wireMockServer.url("/"), "http://che.api", - personalAccessTokenManager, - oAuthTokenFetcher); + personalAccessTokenManager); stubFor( get(urlEqualTo("/api/v4/user")) diff --git a/wsmaster/che-core-api-factory/pom.xml b/wsmaster/che-core-api-factory/pom.xml index b77a68e8c7..90ba0f644f 100644 --- a/wsmaster/che-core-api-factory/pom.xml +++ b/wsmaster/che-core-api-factory/pom.xml @@ -62,14 +62,6 @@ jakarta.ws.rs jakarta.ws.rs-api - - org.eclipse.che.core - che-core-api-auth - - - org.eclipse.che.core - che-core-api-auth-shared - org.eclipse.che.core che-core-api-core diff --git a/wsmaster/che-core-api-auth/src/main/java/org/eclipse/che/security/oauth/AuthorisationRequestManager.java b/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/AuthorisationRequestManager.java similarity index 96% rename from wsmaster/che-core-api-auth/src/main/java/org/eclipse/che/security/oauth/AuthorisationRequestManager.java rename to wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/AuthorisationRequestManager.java index d2492a6597..c34e5e5a48 100644 --- a/wsmaster/che-core-api-auth/src/main/java/org/eclipse/che/security/oauth/AuthorisationRequestManager.java +++ b/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/AuthorisationRequestManager.java @@ -9,7 +9,7 @@ * Contributors: * Red Hat, Inc. - initial API and implementation */ -package org.eclipse.che.security.oauth; +package org.eclipse.che.api.factory.server; import jakarta.ws.rs.core.UriInfo; import java.util.List; diff --git a/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/BaseFactoryParameterResolver.java b/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/BaseFactoryParameterResolver.java index 652191a557..4bda4e6c89 100644 --- a/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/BaseFactoryParameterResolver.java +++ b/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/BaseFactoryParameterResolver.java @@ -29,7 +29,6 @@ import org.eclipse.che.api.factory.shared.dto.FactoryVisitor; import org.eclipse.che.api.workspace.server.devfile.FileContentProvider; import org.eclipse.che.api.workspace.shared.dto.devfile.DevfileDto; import org.eclipse.che.api.workspace.shared.dto.devfile.ProjectDto; -import org.eclipse.che.security.oauth.AuthorisationRequestManager; public class BaseFactoryParameterResolver { diff --git a/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/FactoryService.java b/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/FactoryService.java index 3dc449de97..7c1d17bf7e 100644 --- a/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/FactoryService.java +++ b/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/FactoryService.java @@ -42,7 +42,6 @@ import org.eclipse.che.api.factory.server.scm.exception.ScmUnauthorizedException import org.eclipse.che.api.factory.server.scm.exception.UnknownScmProviderException; import org.eclipse.che.api.factory.server.scm.exception.UnsatisfiedScmPreconditionException; import org.eclipse.che.api.factory.shared.dto.FactoryMetaDto; -import org.eclipse.che.security.oauth.AuthorisationRequestManager; /** * Defines Factory REST API. diff --git a/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/AbstractGitUserDataFetcher.java b/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/AbstractGitUserDataFetcher.java index d42eab5606..549b513daa 100644 --- a/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/AbstractGitUserDataFetcher.java +++ b/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/AbstractGitUserDataFetcher.java @@ -12,12 +12,9 @@ package org.eclipse.che.api.factory.server.scm; import java.util.Optional; -import org.eclipse.che.api.auth.shared.dto.OAuthToken; -import org.eclipse.che.api.core.*; import org.eclipse.che.api.factory.server.scm.exception.*; import org.eclipse.che.commons.env.EnvironmentContext; import org.eclipse.che.commons.subject.Subject; -import org.eclipse.che.security.oauth.OAuthAPI; /** * Abstraction to fetch git user data from the specific git provider using OAuth 2.0 or personal @@ -28,52 +25,29 @@ import org.eclipse.che.security.oauth.OAuthAPI; public abstract class AbstractGitUserDataFetcher implements GitUserDataFetcher { protected final String oAuthProviderName; protected final PersonalAccessTokenManager personalAccessTokenManager; - protected final OAuthAPI oAuthTokenFetcher; public AbstractGitUserDataFetcher( - String oAuthProviderName, - PersonalAccessTokenManager personalAccessTokenManager, - OAuthAPI oAuthTokenFetcher) { + String oAuthProviderName, PersonalAccessTokenManager personalAccessTokenManager) { this.oAuthProviderName = oAuthProviderName; this.personalAccessTokenManager = personalAccessTokenManager; - this.oAuthTokenFetcher = oAuthTokenFetcher; } public GitUserData fetchGitUserData() throws ScmUnauthorizedException, ScmCommunicationException, ScmConfigurationPersistenceException, ScmItemNotFoundException, ScmBadRequestException { Subject cheSubject = EnvironmentContext.getCurrent().getSubject(); - try { - OAuthToken oAuthToken = oAuthTokenFetcher.getToken(oAuthProviderName); - return fetchGitUserDataWithOAuthToken(oAuthToken); - } catch (UnauthorizedException e) { - throw new ScmUnauthorizedException( - cheSubject.getUserName() - + " is not authorized in " - + oAuthProviderName - + " OAuth provider.", - oAuthProviderName, - "2.0", - getLocalAuthenticateUrl()); - } catch (NotFoundException e) { - Optional personalAccessToken = - personalAccessTokenManager.get(cheSubject, oAuthProviderName, null); - if (personalAccessToken.isPresent()) { - return fetchGitUserDataWithPersonalAccessToken(personalAccessToken.get()); - } - throw new ScmCommunicationException( - "There are no tokes for the user " + cheSubject.getUserId()); - } catch (ServerException | ForbiddenException | BadRequestException | ConflictException e) { - throw new ScmCommunicationException(e.getMessage(), e); + Optional tokenOptional = + personalAccessTokenManager.get(cheSubject, oAuthProviderName, null); + if (tokenOptional.isPresent()) { + return fetchGitUserDataWithPersonalAccessToken(tokenOptional.get()); } + throw new ScmCommunicationException( + "There are no tokes for the user " + cheSubject.getUserId()); } - protected abstract GitUserData fetchGitUserDataWithOAuthToken(OAuthToken oAuthToken) - throws ScmItemNotFoundException, ScmCommunicationException, ScmBadRequestException; - protected abstract GitUserData fetchGitUserDataWithPersonalAccessToken( PersonalAccessToken personalAccessToken) throws ScmItemNotFoundException, ScmCommunicationException, ScmBadRequestException; - protected abstract String getLocalAuthenticateUrl(); + // protected abstract String getLocalAuthenticateUrl(); } diff --git a/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/AuthorizingFileContentProvider.java b/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/AuthorizingFileContentProvider.java index a4d3a45742..efcd85b9ce 100644 --- a/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/AuthorizingFileContentProvider.java +++ b/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/AuthorizingFileContentProvider.java @@ -12,7 +12,7 @@ package org.eclipse.che.api.factory.server.scm; import static com.google.common.base.Strings.isNullOrEmpty; -import static org.eclipse.che.api.factory.server.scm.PersonalAccessTokenFetcher.OAUTH_2_PREFIX; +import static org.eclipse.che.api.factory.server.scm.PersonalAccessTokenFetcher.OAUTH_2_SUFFIX; import static org.eclipse.che.api.factory.server.scm.exception.ExceptionMessages.getDevfileConnectionErrorMessage; import java.io.FileNotFoundException; @@ -85,8 +85,8 @@ public class AuthorizingFileContentProvider authorization = formatAuthorization( token.getToken(), - token.getScmTokenName() == null - || !token.getScmTokenName().startsWith(OAUTH_2_PREFIX)); + token.getScmProviderName() == null + || !token.getScmProviderName().startsWith(OAUTH_2_SUFFIX)); } else { authorization = getCredentialsAuthorization(credentials); } diff --git a/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/PersonalAccessToken.java b/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/PersonalAccessToken.java index acc065d686..2bf2b2be76 100644 --- a/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/PersonalAccessToken.java +++ b/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/PersonalAccessToken.java @@ -26,7 +26,7 @@ public class PersonalAccessToken { /** Organization that user belongs to. Can be null if user is not a member of any organization. */ @Nullable private final String scmOrganization; - private final String scmTokenName; + private final String scmProviderName; private final String scmTokenId; private final String token; private final String cheUserId; @@ -36,13 +36,13 @@ public class PersonalAccessToken { String cheUserId, String scmOrganization, String scmUserName, - String scmTokenName, + String scmProviderName, String scmTokenId, String token) { this.scmProviderUrl = scmProviderUrl; this.scmOrganization = scmOrganization; this.scmUserName = scmUserName; - this.scmTokenName = scmTokenName; + this.scmProviderName = scmProviderName; this.scmTokenId = scmTokenId; this.token = token; this.cheUserId = cheUserId; @@ -52,10 +52,10 @@ public class PersonalAccessToken { String scmProviderUrl, String cheUserId, String scmUserName, - String scmTokenName, + String scmProviderName, String scmTokenId, String token) { - this(scmProviderUrl, cheUserId, null, scmUserName, scmTokenName, scmTokenId, token); + this(scmProviderUrl, cheUserId, null, scmUserName, scmProviderName, scmTokenId, token); } public PersonalAccessToken(String scmProviderUrl, String scmUserName, String token) { @@ -73,8 +73,8 @@ public class PersonalAccessToken { return scmProviderUrl; } - public String getScmTokenName() { - return scmTokenName; + public String getScmProviderName() { + return scmProviderName; } public String getScmTokenId() { @@ -106,7 +106,7 @@ public class PersonalAccessToken { return Objects.equal(scmProviderUrl, that.scmProviderUrl) && Objects.equal(scmUserName, that.scmUserName) && Objects.equal(scmOrganization, that.scmOrganization) - && Objects.equal(scmTokenName, that.scmTokenName) + && Objects.equal(scmProviderName, that.scmProviderName) && Objects.equal(scmTokenId, that.scmTokenId) && Objects.equal(token, that.token) && Objects.equal(cheUserId, that.cheUserId); @@ -115,7 +115,13 @@ public class PersonalAccessToken { @Override public int hashCode() { return Objects.hashCode( - scmProviderUrl, scmUserName, scmOrganization, scmTokenName, scmTokenId, token, cheUserId); + scmProviderUrl, + scmUserName, + scmOrganization, + scmProviderName, + scmTokenId, + token, + cheUserId); } @Override @@ -131,7 +137,7 @@ public class PersonalAccessToken { + scmOrganization + '\'' + ", scmTokenName='" - + scmTokenName + + scmProviderName + '\'' + ", scmTokenId='" + scmTokenId diff --git a/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/PersonalAccessTokenFetcher.java b/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/PersonalAccessTokenFetcher.java index 70f8bd0a70..6f6173e95d 100644 --- a/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/PersonalAccessTokenFetcher.java +++ b/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/PersonalAccessTokenFetcher.java @@ -21,7 +21,7 @@ import org.eclipse.che.commons.subject.Subject; public interface PersonalAccessTokenFetcher { /** Prefix for token names indication it is OAuth token (to differentiate from PAT-s) */ - String OAUTH_2_PREFIX = "oauth2-"; + String OAUTH_2_SUFFIX = "-oauth2"; /** * Retrieve new PersonalAccessToken from concrete scm provider diff --git a/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/PersonalAccessTokenParams.java b/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/PersonalAccessTokenParams.java index 3b803b59e6..7c4570bd0b 100644 --- a/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/PersonalAccessTokenParams.java +++ b/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/PersonalAccessTokenParams.java @@ -14,19 +14,19 @@ package org.eclipse.che.api.factory.server.scm; /** An object to hold parameters for creating a personal access token. */ public class PersonalAccessTokenParams { private final String scmProviderUrl; - private final String scmTokenName; + private final String scmProviderName; private final String scmTokenId; private final String token; private final String organization; public PersonalAccessTokenParams( String scmProviderUrl, - String scmTokenName, + String scmProviderName, String scmTokenId, String token, String organization) { this.scmProviderUrl = scmProviderUrl; - this.scmTokenName = scmTokenName; + this.scmProviderName = scmProviderName; this.scmTokenId = scmTokenId; this.token = token; this.organization = organization; @@ -36,8 +36,8 @@ public class PersonalAccessTokenParams { return scmProviderUrl; } - public String getScmTokenName() { - return scmTokenName; + public String getScmProviderName() { + return scmProviderName; } public String getScmTokenId() { diff --git a/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/ScmPersonalAccessTokenFetcher.java b/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/ScmPersonalAccessTokenFetcher.java index b600b29bd4..5568ec56b3 100644 --- a/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/ScmPersonalAccessTokenFetcher.java +++ b/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/ScmPersonalAccessTokenFetcher.java @@ -80,8 +80,7 @@ public class ScmPersonalAccessTokenFetcher { * {@link PersonalAccessTokenFetcher#isValid(PersonalAccessTokenParams)} method. If any of the * fetchers return an scm username, return it. Otherwise, return null. */ - public Optional getScmUsername(PersonalAccessTokenParams params) - throws UnknownScmProviderException, ScmUnauthorizedException, ScmCommunicationException { + public Optional getScmUsername(PersonalAccessTokenParams params) throws UnknownScmProviderException { for (PersonalAccessTokenFetcher fetcher : personalAccessTokenFetchers) { Optional> isValid = fetcher.isValid(params); if (isValid.isPresent() && isValid.get().first) { diff --git a/wsmaster/che-core-api-factory/src/test/java/org/eclipse/che/api/factory/server/BaseFactoryParameterResolverTest.java b/wsmaster/che-core-api-factory/src/test/java/org/eclipse/che/api/factory/server/BaseFactoryParameterResolverTest.java index 4993faeb9f..0bfeb49f81 100644 --- a/wsmaster/che-core-api-factory/src/test/java/org/eclipse/che/api/factory/server/BaseFactoryParameterResolverTest.java +++ b/wsmaster/che-core-api-factory/src/test/java/org/eclipse/che/api/factory/server/BaseFactoryParameterResolverTest.java @@ -19,7 +19,6 @@ import static org.testng.Assert.assertTrue; import java.util.Map; import org.eclipse.che.api.factory.server.urlfactory.URLFactoryBuilder; -import org.eclipse.che.security.oauth.AuthorisationRequestManager; import org.mockito.Mock; import org.mockito.testng.MockitoTestNGListener; import org.testng.annotations.BeforeMethod; diff --git a/wsmaster/che-core-api-factory/src/test/java/org/eclipse/che/api/factory/server/FactoryServiceTest.java b/wsmaster/che-core-api-factory/src/test/java/org/eclipse/che/api/factory/server/FactoryServiceTest.java index 0f9fd72867..421978fe32 100644 --- a/wsmaster/che-core-api-factory/src/test/java/org/eclipse/che/api/factory/server/FactoryServiceTest.java +++ b/wsmaster/che-core-api-factory/src/test/java/org/eclipse/che/api/factory/server/FactoryServiceTest.java @@ -63,7 +63,6 @@ import org.eclipse.che.api.user.server.model.impl.UserImpl; import org.eclipse.che.commons.env.EnvironmentContext; import org.eclipse.che.commons.subject.SubjectImpl; import org.eclipse.che.dto.server.DtoFactory; -import org.eclipse.che.security.oauth.AuthorisationRequestManager; import org.everrest.assured.EverrestJetty; import org.everrest.core.Filter; import org.everrest.core.GenericContainerRequest;