diff --git a/infrastructures/infrastructure-factory/src/main/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesPersonalAccessTokenManager.java b/infrastructures/infrastructure-factory/src/main/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesPersonalAccessTokenManager.java index 01d79fade9..869808717a 100644 --- a/infrastructures/infrastructure-factory/src/main/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesPersonalAccessTokenManager.java +++ b/infrastructures/infrastructure-factory/src/main/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesPersonalAccessTokenManager.java @@ -63,6 +63,7 @@ public class KubernetesPersonalAccessTokenManager implements PersonalAccessToken public static final String NAME_PATTERN = "personal-access-token-"; public static final String ANNOTATION_CHE_USERID = "che.eclipse.org/che-userid"; + public static final String ANNOTATION_SCM_PROVIDER_NAME = "che.eclipse.org/scm-provider-name"; public static final String ANNOTATION_SCM_ORGANIZATION = "che.eclipse.org/scm-organization"; public static final String ANNOTATION_SCM_PERSONAL_ACCESS_TOKEN_ID = "che.eclipse.org/scm-personal-access-token-id"; @@ -103,6 +104,7 @@ public class KubernetesPersonalAccessTokenManager implements PersonalAccessToken new ImmutableMap.Builder() .put(ANNOTATION_CHE_USERID, personalAccessToken.getCheUserId()) .put(ANNOTATION_SCM_URL, personalAccessToken.getScmProviderUrl()) + .put(ANNOTATION_SCM_PROVIDER_NAME, personalAccessToken.getScmProviderName()) .put( ANNOTATION_SCM_PERSONAL_ACCESS_TOKEN_ID, personalAccessToken.getScmTokenId()) @@ -210,10 +212,11 @@ public class KubernetesPersonalAccessTokenManager implements PersonalAccessToken PersonalAccessToken personalAccessToken = new PersonalAccessToken( personalAccessTokenParams.getScmProviderUrl(), + getScmProviderName(personalAccessTokenParams), secretAnnotations.get(ANNOTATION_CHE_USERID), personalAccessTokenParams.getOrganization(), scmUsername.get(), - secretAnnotations.get(ANNOTATION_SCM_PERSONAL_ACCESS_TOKEN_NAME), + personalAccessTokenParams.getScmTokenName(), personalAccessTokenParams.getScmTokenId(), personalAccessTokenParams.getToken()); return Optional.of(personalAccessToken); @@ -239,6 +242,20 @@ public class KubernetesPersonalAccessTokenManager implements PersonalAccessToken return Optional.empty(); } + /** + * Returns the name of the SCM provider. If the name is not set, the name of the token is used. + * This is used to support back compatibility with the old token secrets, which do not have the + * 'che.eclipse.org/scm-provider-name' annotation. + * + * @param params the parameters of the personal access token + * @return the name of the SCM provider + */ + private String getScmProviderName(PersonalAccessTokenParams params) { + return isNullOrEmpty(params.getScmProviderName()) + ? params.getScmTokenName() + : params.getScmProviderName(); + } + private boolean deleteSecretIfMisconfigured(Secret secret) throws InfrastructureException { Map secretAnnotations = secret.getMetadata().getAnnotations(); LOG.debug("Secret annotations: {}", secretAnnotations); @@ -270,15 +287,17 @@ public class KubernetesPersonalAccessTokenManager implements PersonalAccessToken Map secretAnnotations = secret.getMetadata().getAnnotations(); String token = new String(Base64.getDecoder().decode(secret.getData().get("token"))).trim(); - String configuredOAuthProviderName = + String configuredOAuthTokenName = secretAnnotations.get(ANNOTATION_SCM_PERSONAL_ACCESS_TOKEN_NAME); String configuredTokenId = secretAnnotations.get(ANNOTATION_SCM_PERSONAL_ACCESS_TOKEN_ID); String configuredScmOrganization = secretAnnotations.get(ANNOTATION_SCM_ORGANIZATION); String configuredScmServerUrl = secretAnnotations.get(ANNOTATION_SCM_URL); + String configuredScmProviderName = secretAnnotations.get(ANNOTATION_SCM_PROVIDER_NAME); return new PersonalAccessTokenParams( trimEnd(configuredScmServerUrl, '/'), - configuredOAuthProviderName, + configuredScmProviderName, + configuredOAuthTokenName, configuredTokenId, token, configuredScmOrganization); diff --git a/infrastructures/infrastructure-factory/src/test/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesGitCredentialManagerTest.java b/infrastructures/infrastructure-factory/src/test/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesGitCredentialManagerTest.java index 621bc5838a..39f9e96854 100644 --- a/infrastructures/infrastructure-factory/src/test/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesGitCredentialManagerTest.java +++ b/infrastructures/infrastructure-factory/src/test/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesGitCredentialManagerTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -92,7 +92,13 @@ public class KubernetesGitCredentialManagerTest { PersonalAccessToken token = new PersonalAccessToken( - "https://bitbucket.com", "cheUser", "username", "token-name", "tid-23434", "token123"); + "https://bitbucket.com", + "provider", + "cheUser", + "username", + "token-name", + "tid-23434", + "token123"); // when kubernetesGitCredentialManager.createOrReplace(token); @@ -174,6 +180,7 @@ public class KubernetesGitCredentialManagerTest { PersonalAccessToken token = new PersonalAccessToken( "https://bitbucket.com", + "provider", "cheUser", "username", "oauth2-token-name", @@ -199,6 +206,7 @@ public class KubernetesGitCredentialManagerTest { PersonalAccessToken token = new PersonalAccessToken( "https://bitbucket.com:5648", + "provider", "cheUser", "username", "token-name", diff --git a/infrastructures/infrastructure-factory/src/test/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesPersonalAccessTokenManagerTest.java b/infrastructures/infrastructure-factory/src/test/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesPersonalAccessTokenManagerTest.java index e0036151d6..7556e46569 100644 --- a/infrastructures/infrastructure-factory/src/test/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesPersonalAccessTokenManagerTest.java +++ b/infrastructures/infrastructure-factory/src/test/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesPersonalAccessTokenManagerTest.java @@ -139,7 +139,13 @@ public class KubernetesPersonalAccessTokenManagerTest { PersonalAccessToken token = new PersonalAccessToken( - "https://bitbucket.com", "cheUser", "username", "token-name", "tid-24", "token123"); + "https://bitbucket.com", + "provider", + "cheUser", + "username", + "token-name", + "tid-24", + "token123"); // when personalAccessTokenManager.store(token); diff --git a/wsmaster/che-core-api-auth/src/main/java/org/eclipse/che/security/oauth/EmbeddedOAuthAPI.java b/wsmaster/che-core-api-auth/src/main/java/org/eclipse/che/security/oauth/EmbeddedOAuthAPI.java index ff932feb15..328032b3d4 100644 --- a/wsmaster/che-core-api-auth/src/main/java/org/eclipse/che/security/oauth/EmbeddedOAuthAPI.java +++ b/wsmaster/che-core-api-auth/src/main/java/org/eclipse/che/security/oauth/EmbeddedOAuthAPI.java @@ -108,6 +108,7 @@ public class EmbeddedOAuthAPI implements OAuthAPI { personalAccessTokenManager.store( new PersonalAccessToken( oauth.getEndpointUrl(), + providerName, EnvironmentContext.getCurrent().getSubject().getUserId(), null, null, diff --git a/wsmaster/che-core-api-auth/src/test/java/org/eclipse/che/security/oauth/EmbeddedOAuthAPITest.java b/wsmaster/che-core-api-auth/src/test/java/org/eclipse/che/security/oauth/EmbeddedOAuthAPITest.java index 53d765be70..0013181c7c 100644 --- a/wsmaster/che-core-api-auth/src/test/java/org/eclipse/che/security/oauth/EmbeddedOAuthAPITest.java +++ b/wsmaster/che-core-api-auth/src/test/java/org/eclipse/che/security/oauth/EmbeddedOAuthAPITest.java @@ -165,6 +165,7 @@ public class EmbeddedOAuthAPITest { verify(personalAccessTokenManager).store(tokenCapture.capture()); PersonalAccessToken token = tokenCapture.getValue(); assertEquals(token.getScmProviderUrl(), "http://eclipse.che"); + assertEquals(token.getScmProviderName(), "bitbucket"); assertEquals(token.getCheUserId(), "0000-00-0000"); assertTrue(token.getScmTokenId().startsWith("id-")); assertTrue(token.getScmTokenName().startsWith("bitbucket-")); diff --git a/wsmaster/che-core-api-factory-azure-devops/src/main/java/org/eclipse/che/api/factory/server/azure/devops/AzureDevOpsPersonalAccessTokenFetcher.java b/wsmaster/che-core-api-factory-azure-devops/src/main/java/org/eclipse/che/api/factory/server/azure/devops/AzureDevOpsPersonalAccessTokenFetcher.java index 0b8c278ebd..b9fef804ee 100644 --- a/wsmaster/che-core-api-factory-azure-devops/src/main/java/org/eclipse/che/api/factory/server/azure/devops/AzureDevOpsPersonalAccessTokenFetcher.java +++ b/wsmaster/che-core-api-factory-azure-devops/src/main/java/org/eclipse/che/api/factory/server/azure/devops/AzureDevOpsPersonalAccessTokenFetcher.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -49,6 +49,7 @@ public class AzureDevOpsPersonalAccessTokenFetcher implements PersonalAccessToke private static final Logger LOG = LoggerFactory.getLogger(AzureDevOpsPersonalAccessTokenFetcher.class); + private static final String OAUTH_PROVIDER_NAME = "azure-devops"; private final String cheApiEndpoint; private final String azureDevOpsScmApiEndpoint; private final OAuthAPI oAuthAPI; @@ -87,7 +88,12 @@ public class AzureDevOpsPersonalAccessTokenFetcher implements PersonalAccessToke Optional> valid = isValid( new PersonalAccessTokenParams( - scmServerUrl, tokenName, tokenId, oAuthToken.getToken(), null)); + scmServerUrl, + OAUTH_PROVIDER_NAME, + tokenName, + tokenId, + oAuthToken.getToken(), + null)); if (valid.isEmpty()) { throw buildScmUnauthorizedException(cheSubject); } else if (!valid.get().first) { @@ -97,6 +103,7 @@ public class AzureDevOpsPersonalAccessTokenFetcher implements PersonalAccessToke } return new PersonalAccessToken( scmServerUrl, + OAUTH_PROVIDER_NAME, cheSubject.getUserId(), valid.get().second, tokenName, diff --git a/wsmaster/che-core-api-factory-bitbucket-server/src/main/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketServerPersonalAccessTokenFetcher.java b/wsmaster/che-core-api-factory-bitbucket-server/src/main/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketServerPersonalAccessTokenFetcher.java index 2e40d9e409..dc65dbb624 100644 --- a/wsmaster/che-core-api-factory-bitbucket-server/src/main/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketServerPersonalAccessTokenFetcher.java +++ b/wsmaster/che-core-api-factory-bitbucket-server/src/main/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketServerPersonalAccessTokenFetcher.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -51,6 +51,8 @@ public class BitbucketServerPersonalAccessTokenFetcher implements PersonalAccess private static final Logger LOG = LoggerFactory.getLogger(BitbucketServerPersonalAccessTokenFetcher.class); + private static final String OAUTH_PROVIDER_NAME = "bitbucket-server"; + private static final String TOKEN_NAME_TEMPLATE = "che-token-<%s>-<%s>"; public static final Set DEFAULT_TOKEN_SCOPE = ImmutableSet.of("PROJECT_WRITE", "REPO_WRITE"); @@ -96,6 +98,7 @@ public class BitbucketServerPersonalAccessTokenFetcher implements PersonalAccess LOG.debug("Token created = {} for {}", token.getId(), token.getUser()); return new PersonalAccessToken( scmServerUrl, + OAUTH_PROVIDER_NAME, EnvironmentContext.getCurrent().getSubject().getUserId(), user.getName(), user.getSlug(), diff --git a/wsmaster/che-core-api-factory-bitbucket-server/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketServerAuthorizingFileContentProviderTest.java b/wsmaster/che-core-api-factory-bitbucket-server/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketServerAuthorizingFileContentProviderTest.java index df12f5277b..439569ed44 100644 --- a/wsmaster/che-core-api-factory-bitbucket-server/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketServerAuthorizingFileContentProviderTest.java +++ b/wsmaster/che-core-api-factory-bitbucket-server/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketServerAuthorizingFileContentProviderTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -43,7 +43,7 @@ public class BitbucketServerAuthorizingFileContentProviderTest { url, urlFetcher, personalAccessTokenManager); PersonalAccessToken token = - new PersonalAccessToken(TEST_SCHEME + "://" + TEST_HOSTNAME, "user1", "token"); + new PersonalAccessToken(TEST_SCHEME + "://" + TEST_HOSTNAME, "provider", "user1", "token"); when(personalAccessTokenManager.getAndStore(anyString())).thenReturn(token); String fileURL = "https://foo.bar/scm/repo/.devfile"; @@ -64,7 +64,7 @@ public class BitbucketServerAuthorizingFileContentProviderTest { url, urlFetcher, personalAccessTokenManager); PersonalAccessToken token = - new PersonalAccessToken(TEST_SCHEME + "://" + TEST_HOSTNAME, "user1", "token"); + new PersonalAccessToken(TEST_SCHEME + "://" + TEST_HOSTNAME, "provider", "user1", "token"); when(personalAccessTokenManager.getAndStore(eq(TEST_SCHEME + "://" + TEST_HOSTNAME))) .thenReturn(token); @@ -95,7 +95,7 @@ public class BitbucketServerAuthorizingFileContentProviderTest { new BitbucketServerAuthorizingFileContentProvider( url, urlFetcher, personalAccessTokenManager); PersonalAccessToken token = - new PersonalAccessToken(TEST_SCHEME + "://" + TEST_HOSTNAME, "user1", "token"); + new PersonalAccessToken(TEST_SCHEME + "://" + TEST_HOSTNAME, "provider", "user1", "token"); when(personalAccessTokenManager.getAndStore(anyString())).thenReturn(token); // when diff --git a/wsmaster/che-core-api-factory-bitbucket-server/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketServerScmFileResolverTest.java b/wsmaster/che-core-api-factory-bitbucket-server/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketServerScmFileResolverTest.java index 593c89f79e..60f483481f 100644 --- a/wsmaster/che-core-api-factory-bitbucket-server/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketServerScmFileResolverTest.java +++ b/wsmaster/che-core-api-factory-bitbucket-server/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketServerScmFileResolverTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -74,7 +74,7 @@ public class BitbucketServerScmFileResolverTest { final String rawContent = "raw_content"; final String filename = "devfile.yaml"; when(personalAccessTokenManager.getAndStore(anyString())) - .thenReturn(new PersonalAccessToken(SCM_URL, "root", "token123")); + .thenReturn(new PersonalAccessToken(SCM_URL, "provider", "root", "token123")); when(urlFetcher.fetch(anyString(), eq("Bearer token123"))).thenReturn(rawContent); diff --git a/wsmaster/che-core-api-factory-bitbucket/src/main/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketPersonalAccessTokenFetcher.java b/wsmaster/che-core-api-factory-bitbucket/src/main/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketPersonalAccessTokenFetcher.java index 7ea861c2ee..8c1653b579 100644 --- a/wsmaster/che-core-api-factory-bitbucket/src/main/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketPersonalAccessTokenFetcher.java +++ b/wsmaster/che-core-api-factory-bitbucket/src/main/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketPersonalAccessTokenFetcher.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -97,7 +97,12 @@ public class BitbucketPersonalAccessTokenFetcher implements PersonalAccessTokenF Optional> valid = isValid( new PersonalAccessTokenParams( - scmServerUrl, tokenName, tokenId, oAuthToken.getToken(), null)); + scmServerUrl, + OAUTH_PROVIDER_NAME, + tokenName, + tokenId, + oAuthToken.getToken(), + null)); if (valid.isEmpty()) { throw buildScmUnauthorizedException(cheSubject); } else if (!valid.get().first) { @@ -109,6 +114,7 @@ public class BitbucketPersonalAccessTokenFetcher implements PersonalAccessTokenF } return new PersonalAccessToken( scmServerUrl, + OAUTH_PROVIDER_NAME, cheSubject.getUserId(), valid.get().second, tokenName, diff --git a/wsmaster/che-core-api-factory-bitbucket/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketAuthorizingFileContentProviderTest.java b/wsmaster/che-core-api-factory-bitbucket/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketAuthorizingFileContentProviderTest.java index 98905d469b..8eb74db1a5 100644 --- a/wsmaster/che-core-api-factory-bitbucket/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketAuthorizingFileContentProviderTest.java +++ b/wsmaster/che-core-api-factory-bitbucket/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketAuthorizingFileContentProviderTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -82,7 +82,8 @@ public class BitbucketAuthorizingFileContentProviderTest { // given URLFetcher urlFetcher = Mockito.mock(URLFetcher.class); String url = "https://bitbucket.org/workspace/repository/raw/HEAD/devfile.yaml"; - PersonalAccessToken personalAccessToken = new PersonalAccessToken(url, "che", "my-token"); + PersonalAccessToken personalAccessToken = + new PersonalAccessToken(url, "provider", "che", "my-token"); when(personalAccessTokenManager.getAndStore(anyString())).thenReturn(personalAccessToken); when(bitbucketApiClient.getFileContent( eq("workspace"), eq("repository"), eq("HEAD"), eq("devfile.yaml"), eq("my-token"))) diff --git a/wsmaster/che-core-api-factory-bitbucket/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketPersonalAccessTokenFetcherTest.java b/wsmaster/che-core-api-factory-bitbucket/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketPersonalAccessTokenFetcherTest.java index 9dce3efc19..9210fe58de 100644 --- a/wsmaster/che-core-api-factory-bitbucket/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketPersonalAccessTokenFetcherTest.java +++ b/wsmaster/che-core-api-factory-bitbucket/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketPersonalAccessTokenFetcherTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -87,7 +87,12 @@ public class BitbucketPersonalAccessTokenFetcherTest { .withBodyFile("bitbucket/rest/user/response.json"))); PersonalAccessTokenParams personalAccessTokenParams = new PersonalAccessTokenParams( - "https://bitbucket.org/", "scmTokenName", "scmTokenId", bitbucketOauthToken, null); + "https://bitbucket.org/", + "provider", + "scmTokenName", + "scmTokenId", + bitbucketOauthToken, + null); assertTrue( bitbucketPersonalAccessTokenFetcher.isValid(personalAccessTokenParams).isEmpty(), "Should not validate SCM server with trailing /"); @@ -165,7 +170,12 @@ public class BitbucketPersonalAccessTokenFetcherTest { PersonalAccessTokenParams params = new PersonalAccessTokenParams( - "https://bitbucket.org", "params-name", "tid-23434", bitbucketOauthToken, null); + "https://bitbucket.org", + "provider", + "params-name", + "tid-23434", + bitbucketOauthToken, + null); Optional> valid = bitbucketPersonalAccessTokenFetcher.isValid(params); assertTrue(valid.isPresent()); @@ -188,6 +198,7 @@ public class BitbucketPersonalAccessTokenFetcherTest { PersonalAccessTokenParams params = new PersonalAccessTokenParams( "https://bitbucket.org", + "provider", OAUTH_2_PREFIX + "-params-name", "tid-23434", bitbucketOauthToken, @@ -205,6 +216,7 @@ public class BitbucketPersonalAccessTokenFetcherTest { PersonalAccessTokenParams params = new PersonalAccessTokenParams( "https://bitbucket.org", + "provider", OAUTH_2_PREFIX + "-token-name", "tid-23434", bitbucketOauthToken, diff --git a/wsmaster/che-core-api-factory-bitbucket/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketScmFileResolverTest.java b/wsmaster/che-core-api-factory-bitbucket/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketScmFileResolverTest.java index 7ed67e51fd..5a8dc2e0e7 100644 --- a/wsmaster/che-core-api-factory-bitbucket/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketScmFileResolverTest.java +++ b/wsmaster/che-core-api-factory-bitbucket/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketScmFileResolverTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -75,7 +75,7 @@ public class BitbucketScmFileResolverTest { when(bitbucketApiClient.getFileContent( eq("test"), eq("repo"), eq("HEAD"), eq("devfile.yaml"), eq("my-token"))) .thenReturn(rawContent); - var personalAccessToken = new PersonalAccessToken("foo", "che", "my-token"); + var personalAccessToken = new PersonalAccessToken("foo", "provider", "che", "my-token"); when(personalAccessTokenManager.getAndStore(anyString())).thenReturn(personalAccessToken); String content = diff --git a/wsmaster/che-core-api-factory-github-common/src/main/java/org/eclipse/che/api/factory/server/github/AbstractGithubPersonalAccessTokenFetcher.java b/wsmaster/che-core-api-factory-github-common/src/main/java/org/eclipse/che/api/factory/server/github/AbstractGithubPersonalAccessTokenFetcher.java index efb7646435..05b6dd0c49 100644 --- a/wsmaster/che-core-api-factory-github-common/src/main/java/org/eclipse/che/api/factory/server/github/AbstractGithubPersonalAccessTokenFetcher.java +++ b/wsmaster/che-core-api-factory-github-common/src/main/java/org/eclipse/che/api/factory/server/github/AbstractGithubPersonalAccessTokenFetcher.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -37,6 +37,7 @@ public abstract class AbstractGithubPersonalAccessTokenFetcher private static final Logger LOG = LoggerFactory.getLogger(AbstractGithubPersonalAccessTokenFetcher.class); + private static final String OAUTH_PROVIDER_NAME = "github"; private final String apiEndpoint; private final OAuthAPI oAuthAPI; @@ -140,7 +141,12 @@ public abstract class AbstractGithubPersonalAccessTokenFetcher Optional> valid = isValid( new PersonalAccessTokenParams( - scmServerUrl, tokenName, tokenId, oAuthToken.getToken(), null)); + scmServerUrl, + OAUTH_PROVIDER_NAME, + tokenName, + tokenId, + oAuthToken.getToken(), + null)); if (valid.isEmpty()) { throw buildScmUnauthorizedException(cheSubject); } else if (!valid.get().first) { @@ -150,6 +156,7 @@ public abstract class AbstractGithubPersonalAccessTokenFetcher } return new PersonalAccessToken( scmServerUrl, + OAUTH_PROVIDER_NAME, cheSubject.getUserId(), valid.get().second, tokenName, @@ -210,7 +217,7 @@ public abstract class AbstractGithubPersonalAccessTokenFetcher // The url from the token has the same url as the api client, no need to create a new one. apiClient = githubApiClient; } else { - if ("github".equals(params.getScmTokenName())) { + if (OAUTH_PROVIDER_NAME.equals(params.getScmTokenName())) { apiClient = new GithubApiClient(params.getScmProviderUrl()); } else { LOG.debug("not a valid url {} for current fetcher ", params.getScmProviderUrl()); diff --git a/wsmaster/che-core-api-factory-github/src/test/java/org/eclipse/che/api/factory/server/github/GithubAuthorizingFileContentProviderTest.java b/wsmaster/che-core-api-factory-github/src/test/java/org/eclipse/che/api/factory/server/github/GithubAuthorizingFileContentProviderTest.java index a530b220ae..00967226c6 100644 --- a/wsmaster/che-core-api-factory-github/src/test/java/org/eclipse/che/api/factory/server/github/GithubAuthorizingFileContentProviderTest.java +++ b/wsmaster/che-core-api-factory-github/src/test/java/org/eclipse/che/api/factory/server/github/GithubAuthorizingFileContentProviderTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -56,7 +56,7 @@ public class GithubAuthorizingFileContentProviderTest { new GithubAuthorizingFileContentProvider(githubUrl, urlFetcher, personalAccessTokenManager); when(personalAccessTokenManager.getAndStore(anyString())) - .thenReturn(new PersonalAccessToken("foo", "che", "my-token")); + .thenReturn(new PersonalAccessToken("foo", "provider", "che", "my-token")); fileContentProvider.fetchContent("devfile.yaml"); @@ -84,7 +84,7 @@ public class GithubAuthorizingFileContentProviderTest { new GithubAuthorizingFileContentProvider(githubUrl, urlFetcher, personalAccessTokenManager); when(personalAccessTokenManager.getAndStore(anyString())) - .thenReturn(new PersonalAccessToken(raw_url, "che", "my-token")); + .thenReturn(new PersonalAccessToken(raw_url, "provider", "che", "my-token")); fileContentProvider.fetchContent(raw_url); verify(urlFetcher).fetch(eq(raw_url), eq("token my-token")); @@ -145,7 +145,7 @@ public class GithubAuthorizingFileContentProviderTest { .withServerUrl("https://github.com"); FileContentProvider fileContentProvider = new GithubAuthorizingFileContentProvider(githubUrl, urlFetcher, personalAccessTokenManager); - var personalAccessToken = new PersonalAccessToken(raw_url, "che", "my-token"); + var personalAccessToken = new PersonalAccessToken(raw_url, "provider", "che", "my-token"); when(personalAccessTokenManager.getAndStore(anyString())).thenReturn(personalAccessToken); fileContentProvider.fetchContent(raw_url); diff --git a/wsmaster/che-core-api-factory-github/src/test/java/org/eclipse/che/api/factory/server/github/GithubPersonalAccessTokenFetcherTest.java b/wsmaster/che-core-api-factory-github/src/test/java/org/eclipse/che/api/factory/server/github/GithubPersonalAccessTokenFetcherTest.java index 431da4d8ee..316f297968 100644 --- a/wsmaster/che-core-api-factory-github/src/test/java/org/eclipse/che/api/factory/server/github/GithubPersonalAccessTokenFetcherTest.java +++ b/wsmaster/che-core-api-factory-github/src/test/java/org/eclipse/che/api/factory/server/github/GithubPersonalAccessTokenFetcherTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -91,7 +91,12 @@ public class GithubPersonalAccessTokenFetcherTest { .withBodyFile("github/rest/user/response.json"))); PersonalAccessTokenParams personalAccessTokenParams = new PersonalAccessTokenParams( - "https://github.com/", "scmTokenName", "scmTokenId", githubOauthToken, null); + "https://github.com/", + "provider", + "scmTokenName", + "scmTokenId", + githubOauthToken, + null); assertTrue( githubPATFetcher.isValid(personalAccessTokenParams).isEmpty(), "Should not validate SCM server with trailing /"); @@ -213,7 +218,7 @@ public class GithubPersonalAccessTokenFetcherTest { PersonalAccessTokenParams params = new PersonalAccessTokenParams( - wireMockServer.url("/"), "token-name", "tid-23434", githubOauthToken, null); + wireMockServer.url("/"), "provider", "token-name", "tid-23434", githubOauthToken, null); Optional> valid = githubPATFetcher.isValid(params); assertTrue(valid.isPresent()); @@ -236,6 +241,7 @@ public class GithubPersonalAccessTokenFetcherTest { PersonalAccessTokenParams params = new PersonalAccessTokenParams( wireMockServer.url("/"), + "provider", OAUTH_2_PREFIX + "-params-name", "tid-23434", githubOauthToken, @@ -253,6 +259,7 @@ public class GithubPersonalAccessTokenFetcherTest { PersonalAccessTokenParams params = new PersonalAccessTokenParams( wireMockServer.url("/"), + "provider", OAUTH_2_PREFIX + "-token-name", "tid-23434", githubOauthToken, diff --git a/wsmaster/che-core-api-factory-github/src/test/java/org/eclipse/che/api/factory/server/github/GithubScmFileResolverTest.java b/wsmaster/che-core-api-factory-github/src/test/java/org/eclipse/che/api/factory/server/github/GithubScmFileResolverTest.java index 1108148160..353e50a8f2 100644 --- a/wsmaster/che-core-api-factory-github/src/test/java/org/eclipse/che/api/factory/server/github/GithubScmFileResolverTest.java +++ b/wsmaster/che-core-api-factory-github/src/test/java/org/eclipse/che/api/factory/server/github/GithubScmFileResolverTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -88,7 +88,7 @@ public class GithubScmFileResolverTest { lenient() .when(personalAccessTokenManager.getAndStore(anyString())) - .thenReturn(new PersonalAccessToken("foo", "che", "my-token")); + .thenReturn(new PersonalAccessToken("foo", "provider", "che", "my-token")); when(githubApiClient.isConnected(eq("https://github.com"))).thenReturn(true); when(githubApiClient.getLatestCommit(anyString(), anyString(), anyString(), any())) diff --git a/wsmaster/che-core-api-factory-gitlab/src/main/java/org/eclipse/che/api/factory/server/gitlab/GitlabOAuthTokenFetcher.java b/wsmaster/che-core-api-factory-gitlab/src/main/java/org/eclipse/che/api/factory/server/gitlab/GitlabOAuthTokenFetcher.java index aaf4811edd..d3384a9257 100644 --- a/wsmaster/che-core-api-factory-gitlab/src/main/java/org/eclipse/che/api/factory/server/gitlab/GitlabOAuthTokenFetcher.java +++ b/wsmaster/che-core-api-factory-gitlab/src/main/java/org/eclipse/che/api/factory/server/gitlab/GitlabOAuthTokenFetcher.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -111,7 +111,12 @@ public class GitlabOAuthTokenFetcher implements PersonalAccessTokenFetcher { Optional> valid = isValid( new PersonalAccessTokenParams( - scmServerUrl, tokenName, tokenId, oAuthToken.getToken(), null)); + scmServerUrl, + OAUTH_PROVIDER_NAME, + tokenName, + tokenId, + oAuthToken.getToken(), + null)); if (valid.isEmpty()) { throw buildScmUnauthorizedException(cheSubject); } else if (!valid.get().first) { @@ -121,6 +126,7 @@ public class GitlabOAuthTokenFetcher implements PersonalAccessTokenFetcher { } return new PersonalAccessToken( scmServerUrl, + OAUTH_PROVIDER_NAME, cheSubject.getUserId(), valid.get().second, tokenName, diff --git a/wsmaster/che-core-api-factory-gitlab/src/test/java/org/eclipse/che/api/factory/server/gitlab/GitlabAuthorizingFileContentProviderTest.java b/wsmaster/che-core-api-factory-gitlab/src/test/java/org/eclipse/che/api/factory/server/gitlab/GitlabAuthorizingFileContentProviderTest.java index ca74f83fae..0ba01840d0 100644 --- a/wsmaster/che-core-api-factory-gitlab/src/test/java/org/eclipse/che/api/factory/server/gitlab/GitlabAuthorizingFileContentProviderTest.java +++ b/wsmaster/che-core-api-factory-gitlab/src/test/java/org/eclipse/che/api/factory/server/gitlab/GitlabAuthorizingFileContentProviderTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -35,7 +35,7 @@ public class GitlabAuthorizingFileContentProviderTest { GitlabUrl gitlabUrl = new GitlabUrl().withHostName("gitlab.net").withSubGroups("eclipse/che"); FileContentProvider fileContentProvider = new GitlabAuthorizingFileContentProvider(gitlabUrl, urlFetcher, personalAccessTokenManager); - var personalAccessToken = new PersonalAccessToken("foo", "che", "my-token"); + var personalAccessToken = new PersonalAccessToken("foo", "provider", "che", "my-token"); when(personalAccessTokenManager.getAndStore(anyString())).thenReturn(personalAccessToken); fileContentProvider.fetchContent("devfile.yaml"); verify(urlFetcher) @@ -53,7 +53,7 @@ public class GitlabAuthorizingFileContentProviderTest { new GitlabAuthorizingFileContentProvider(gitlabUrl, urlFetcher, personalAccessTokenManager); String url = "https://gitlab.net/api/v4/projects/eclipse%2Fche/repository/files/devfile.yaml/raw"; - var personalAccessToken = new PersonalAccessToken(url, "che", "my-token"); + var personalAccessToken = new PersonalAccessToken(url, "provider", "che", "my-token"); when(personalAccessTokenManager.getAndStore(anyString())).thenReturn(personalAccessToken); fileContentProvider.fetchContent(url); diff --git a/wsmaster/che-core-api-factory-gitlab/src/test/java/org/eclipse/che/api/factory/server/gitlab/GitlabOAuthTokenFetcherTest.java b/wsmaster/che-core-api-factory-gitlab/src/test/java/org/eclipse/che/api/factory/server/gitlab/GitlabOAuthTokenFetcherTest.java index cb5e0e0446..5244f2f751 100644 --- a/wsmaster/che-core-api-factory-gitlab/src/test/java/org/eclipse/che/api/factory/server/gitlab/GitlabOAuthTokenFetcherTest.java +++ b/wsmaster/che-core-api-factory-gitlab/src/test/java/org/eclipse/che/api/factory/server/gitlab/GitlabOAuthTokenFetcherTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -179,7 +179,12 @@ public class GitlabOAuthTokenFetcherTest { PersonalAccessTokenParams params = new PersonalAccessTokenParams( - wireMockServer.baseUrl(), "oauth2-token-name", "tid-23434", "token123", null); + wireMockServer.baseUrl(), + "provider", + "oauth2-token-name", + "tid-23434", + "token123", + null); Optional> valid = oAuthTokenFetcher.isValid(params); diff --git a/wsmaster/che-core-api-factory-gitlab/src/test/java/org/eclipse/che/api/factory/server/gitlab/GitlabScmFileResolverTest.java b/wsmaster/che-core-api-factory-gitlab/src/test/java/org/eclipse/che/api/factory/server/gitlab/GitlabScmFileResolverTest.java index f2dccda7ca..9705e4084a 100644 --- a/wsmaster/che-core-api-factory-gitlab/src/test/java/org/eclipse/che/api/factory/server/gitlab/GitlabScmFileResolverTest.java +++ b/wsmaster/che-core-api-factory-gitlab/src/test/java/org/eclipse/che/api/factory/server/gitlab/GitlabScmFileResolverTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -73,7 +73,7 @@ public class GitlabScmFileResolverTest { final String rawContent = "raw_content"; final String filename = "devfile.yaml"; when(personalAccessTokenManager.getAndStore(any(String.class))) - .thenReturn(new PersonalAccessToken(SCM_URL, "root", "token123")); + .thenReturn(new PersonalAccessToken(SCM_URL, "provider", "root", "token123")); when(urlFetcher.fetch(anyString(), eq("Bearer token123"))).thenReturn(rawContent); diff --git a/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/PersonalAccessToken.java b/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/PersonalAccessToken.java index acc065d686..9c80af4d9e 100644 --- a/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/PersonalAccessToken.java +++ b/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/PersonalAccessToken.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -22,6 +22,7 @@ import org.eclipse.che.commons.env.EnvironmentContext; public class PersonalAccessToken { private final String scmProviderUrl; + private final String scmProviderName; private final String scmUserName; /** Organization that user belongs to. Can be null if user is not a member of any organization. */ @Nullable private final String scmOrganization; @@ -33,6 +34,7 @@ public class PersonalAccessToken { public PersonalAccessToken( String scmProviderUrl, + String scmProviderName, String cheUserId, String scmOrganization, String scmUserName, @@ -41,6 +43,7 @@ public class PersonalAccessToken { String token) { this.scmProviderUrl = scmProviderUrl; this.scmOrganization = scmOrganization; + this.scmProviderName = scmProviderName; this.scmUserName = scmUserName; this.scmTokenName = scmTokenName; this.scmTokenId = scmTokenId; @@ -50,17 +53,28 @@ public class PersonalAccessToken { public PersonalAccessToken( String scmProviderUrl, + String scmProviderName, String cheUserId, String scmUserName, String scmTokenName, String scmTokenId, String token) { - this(scmProviderUrl, cheUserId, null, scmUserName, scmTokenName, scmTokenId, token); - } - - public PersonalAccessToken(String scmProviderUrl, String scmUserName, String token) { this( scmProviderUrl, + scmProviderName, + cheUserId, + null, + scmUserName, + scmTokenName, + scmTokenId, + token); + } + + public PersonalAccessToken( + String scmProviderUrl, String scmProviderName, String scmUserName, String token) { + this( + scmProviderUrl, + scmProviderName, EnvironmentContext.getCurrent().getSubject().getUserId(), null, scmUserName, @@ -104,6 +118,7 @@ public class PersonalAccessToken { if (o == null || getClass() != o.getClass()) return false; PersonalAccessToken that = (PersonalAccessToken) o; return Objects.equal(scmProviderUrl, that.scmProviderUrl) + && Objects.equal(scmProviderName, that.scmProviderName) && Objects.equal(scmUserName, that.scmUserName) && Objects.equal(scmOrganization, that.scmOrganization) && Objects.equal(scmTokenName, that.scmTokenName) @@ -124,6 +139,9 @@ public class PersonalAccessToken { + "scmProviderUrl='" + scmProviderUrl + '\'' + + "scmProviderName='" + + scmProviderName + + '\'' + ", scmUserName='" + scmUserName + '\'' @@ -143,4 +161,8 @@ public class PersonalAccessToken { + cheUserId + '}'; } + + public String getScmProviderName() { + return scmProviderName; + } } diff --git a/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/PersonalAccessTokenParams.java b/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/PersonalAccessTokenParams.java index 3b803b59e6..4ea748d5f5 100644 --- a/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/PersonalAccessTokenParams.java +++ b/wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/PersonalAccessTokenParams.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012-2023 Red Hat, Inc. + * Copyright (c) 2012-2024 Red Hat, Inc. * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 * which is available at https://www.eclipse.org/legal/epl-2.0/ @@ -14,6 +14,7 @@ package org.eclipse.che.api.factory.server.scm; /** An object to hold parameters for creating a personal access token. */ public class PersonalAccessTokenParams { private final String scmProviderUrl; + private final String scmProviderName; private final String scmTokenName; private final String scmTokenId; private final String token; @@ -21,11 +22,13 @@ public class PersonalAccessTokenParams { public PersonalAccessTokenParams( String scmProviderUrl, + String scmProviderName, String scmTokenName, String scmTokenId, String token, String organization) { this.scmProviderUrl = scmProviderUrl; + this.scmProviderName = scmProviderName; this.scmTokenName = scmTokenName; this.scmTokenId = scmTokenId; this.token = token; @@ -51,4 +54,8 @@ public class PersonalAccessTokenParams { public String getOrganization() { return organization; } + + public String getScmProviderName() { + return scmProviderName; + } }