Nemcio/SCM-Manager
1
0
Fork 0
mirror of https://github.com/scm-manager/scm-manager.git synced 2025-11-11 16:05:44 +01:00
Code Issues Packages Projects Releases Activity

Merged in feature/assign_ui_session_id (pull request #377)

Browse Source 
API-Client Support for SSE and Toast Components
This commit is contained in:
Eduard Heimbuch
2019-12-13 12:21:07 +00:00
parent 401cf791e5 f9cfcd5e93
commit 03425b9e8a
27 changed files with 2145 additions and 1084 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
scm-core/src/main/java/sonia/scm/security/BearerToken.java
View File

@@ -37,6 +37,8 @@ import com.google.common.base.Preconditions;
import com.google.common.base.Strings; import com.google.common.base.Strings;
import org.apache.shiro.authc.AuthenticationToken; import org.apache.shiro.authc.AuthenticationToken;
import javax.annotation.Nullable;
/** /**
* Token used for authentication with bearer tokens. * Token used for authentication with bearer tokens.
* *
@@ -45,14 +47,17 @@ import org.apache.shiro.authc.AuthenticationToken;
*/ */
public final class BearerToken implements AuthenticationToken { public final class BearerToken implements AuthenticationToken {
private final SessionId sessionId;
private final String raw; private final String raw;
/** /**
* Constructs a new instance. * Constructs a new instance.
* *
* @param sessionId session id of the client
* @param raw raw bearer token * @param raw raw bearer token
*/ */
private BearerToken(String raw) { private BearerToken(SessionId sessionId, String raw) {
this.sessionId = sessionId;
this.raw = raw; this.raw = raw;
} }
@@ -67,13 +72,13 @@ public final class BearerToken implements AuthenticationToken {
} }
/** /**
* Returns always {@code null}. * Returns the session id or {@code null}.
* *
* @return {@code null} * @return session id or {@code null}
*/ */
@Override @Override
public Object getPrincipal() { public SessionId getPrincipal() {
return null; return sessionId;
} }
/** /**
@@ -85,6 +90,23 @@ public final class BearerToken implements AuthenticationToken {
*/ */
public static BearerToken valueOf(String raw){ public static BearerToken valueOf(String raw){
Preconditions.checkArgument(!Strings.isNullOrEmpty(raw), "raw token is required"); Preconditions.checkArgument(!Strings.isNullOrEmpty(raw), "raw token is required");
return new BearerToken(raw); return new BearerToken(null, raw);
}
/**
* Creates a new {@link BearerToken} from raw string representation for the given ui session id.
*
* @param sessionId session id of the client
* @param rawToken bearer token string representation
*
* @return new bearer token
*/
public static BearerToken create(@Nullable String sessionId, String rawToken) {
Preconditions.checkArgument(!Strings.isNullOrEmpty(rawToken), "raw token is required");
SessionId session = null;
if (!Strings.isNullOrEmpty(sessionId)) {
session = SessionId.valueOf(sessionId);
}
return new BearerToken(session, rawToken);
} }
} }

37
scm-core/src/main/java/sonia/scm/security/DAORealmHelper.java
View File

@@ -115,7 +115,7 @@ public final class DAORealmHelper {
UsernamePasswordToken upt = (UsernamePasswordToken) token; UsernamePasswordToken upt = (UsernamePasswordToken) token;
String principal = upt.getUsername(); String principal = upt.getUsername();
return getAuthenticationInfo(principal, null, null); return getAuthenticationInfo(principal, null, null, null);
} }
/** /**
@@ -129,8 +129,9 @@ public final class DAORealmHelper {
return new AuthenticationInfoBuilder(principal); return new AuthenticationInfoBuilder(principal);
} }
private SimpleAuthenticationInfo getAuthenticationInfo(
private AuthenticationInfo getAuthenticationInfo(String principal, String credentials, Scope scope) { String principal, String credentials, Scope scope, SessionId sessionId
) {
checkArgument(!Strings.isNullOrEmpty(principal), "username is required"); checkArgument(!Strings.isNullOrEmpty(principal), "username is required");
LOG.debug("try to authenticate {}", principal); LOG.debug("try to authenticate {}", principal);
@@ -150,6 +151,10 @@ public final class DAORealmHelper {
collection.add(user, realm); collection.add(user, realm);
collection.add(MoreObjects.firstNonNull(scope, Scope.empty()), realm); collection.add(MoreObjects.firstNonNull(scope, Scope.empty()), realm);
if (sessionId != null) {
collection.add(sessionId, realm);
}
String creds = credentials; String creds = credentials;
if (credentials == null) { if (credentials == null) {
@@ -170,7 +175,7 @@ public final class DAORealmHelper {
private String credentials; private String credentials;
private Scope scope; private Scope scope;
private Iterable<String> groups = Collections.emptySet(); private SessionId sessionId;
private AuthenticationInfoBuilder(String principal) { private AuthenticationInfoBuilder(String principal) {
this.principal = principal; this.principal = principal;
@@ -201,17 +206,17 @@ public final class DAORealmHelper {
return this; return this;
} }
// /** /**
// * With groups adds extra groups, besides those which come from the {@link GroupDAO}, to the authentication info. * With the session id.
// * *
// * @param groups extra groups * @param sessionId session id
// * *
// * @return {@code this} * @return {@code this}
// */ */
// public AuthenticationInfoBuilder withGroups(Iterable<String> groups) { public AuthenticationInfoBuilder withSessionId(SessionId sessionId) {
// this.groups = groups; this.sessionId = sessionId;
// return this; return this;
// } }
/** /**
* Build creates the authentication info from the given information. * Build creates the authentication info from the given information.
@@ -219,7 +224,7 @@ public final class DAORealmHelper {
* @return authentication info * @return authentication info
*/ */
public AuthenticationInfo build() { public AuthenticationInfo build() {
return getAuthenticationInfo(principal, credentials, scope); return getAuthenticationInfo(principal, credentials, scope, sessionId);
} }
} }

41
scm-core/src/main/java/sonia/scm/security/SessionId.java Normal file
View File

@@ -0,0 +1,41 @@
package sonia.scm.security;
import com.google.common.base.Preconditions;
import com.google.common.base.Strings;
import java.util.Objects;
/**
* Client side session id.
*/
public final class SessionId {
private final String value;
private SessionId(String value) {
this.value = value;
}
@Override
public boolean equals(Object o) {
if (this == o) return true;
if (o == null || getClass() != o.getClass()) return false;
SessionId sessionID = (SessionId) o;
return Objects.equals(value, sessionID.value);
}
@Override
public int hashCode() {
return Objects.hash(value);
}
@Override
public String toString() {
return value;
}
public static SessionId valueOf(String value) {
Preconditions.checkArgument(!Strings.isNullOrEmpty(value), "session id could not be empty or null");
return new SessionId(value);
}
}

12
scm-core/src/main/java/sonia/scm/util/HttpUtil.java
View File

@@ -116,6 +116,12 @@ public final class HttpUtil
*/ */
public static final String HEADER_SCM_CLIENT = "X-SCM-Client"; public static final String HEADER_SCM_CLIENT = "X-SCM-Client";
/**
* header for identifying the scm-manager client session
* @since 2.0.0
*/
public static final String HEADER_SCM_SESSION = "X-SCM-Session-ID";
/** Field description */ /** Field description */
public static final String HEADER_USERAGENT = "User-Agent"; public static final String HEADER_USERAGENT = "User-Agent";
@@ -698,8 +704,10 @@ public final class HttpUtil
String defaultValue) String defaultValue)
{ {
String value = request.getHeader(header); String value = request.getHeader(header);
if (value == null) {
return MoreObjects.firstNonNull(value, defaultValue); value = defaultValue;
}
return value;
} }
/** /**

18
scm-core/src/test/java/sonia/scm/security/DAORealmHelperTest.java
View File

@@ -27,9 +27,6 @@ class DAORealmHelperTest {
@Mock @Mock
private UserDAO userDAO; private UserDAO userDAO;
@Mock
private GroupDAO groupDAO;
private DAORealmHelper helper; private DAORealmHelper helper;
@BeforeEach @BeforeEach
@@ -87,6 +84,21 @@ class DAORealmHelperTest {
assertThat(principals.oneByType(Scope.class)).isSameAs(scope); assertThat(principals.oneByType(Scope.class)).isSameAs(scope);
} }
@Test
void shouldReturnAuthenticationInfoWithSessionId() {
User user = new User("trillian");
when(userDAO.get("trillian")).thenReturn(user);
SessionId session = SessionId.valueOf("abc123");
AuthenticationInfo authenticationInfo = helper.authenticationInfoBuilder("trillian")
.withSessionId(session)
.build();
PrincipalCollection principals = authenticationInfo.getPrincipals();
assertThat(principals.oneByType(SessionId.class)).isSameAs(session);
}
@Test @Test
void shouldReturnAuthenticationInfoWithCredentials() { void shouldReturnAuthenticationInfoWithCredentials() {
User user = new User("trillian"); User user = new User("trillian");

25
scm-core/src/test/java/sonia/scm/util/HttpUtilTest.java
View File

@@ -54,6 +54,31 @@ import javax.servlet.http.HttpServletRequest;
public class HttpUtilTest public class HttpUtilTest
{ {
@Test
public void testGetHeader() {
HttpServletRequest request = mock(HttpServletRequest.class);
when(request.getHeader("Test")).thenReturn("Value-One");
String value = HttpUtil.getHeader(request, "Test", "Fallback");
assertEquals("Value-One", value);
}
@Test
public void testGetHeaderWithDefaultValue() {
HttpServletRequest request = mock(HttpServletRequest.class);
String value = HttpUtil.getHeader(request, "Test", "Fallback");
assertEquals("Fallback", value);
}
@Test
public void testGetHeaderWithNullAsDefaultValue() {
HttpServletRequest request = mock(HttpServletRequest.class);
String value = HttpUtil.getHeader(request, "Test", null);
assertNull(value);
}
@Test @Test
public void concatenateTest() { public void concatenateTest() {
assertEquals( assertEquals(

1
scm-ui/ui-components/package.json
View File

@@ -49,6 +49,7 @@
"@scm-manager/ui-types": "^2.0.0-SNAPSHOT", "@scm-manager/ui-types": "^2.0.0-SNAPSHOT",
"classnames": "^2.2.6", "classnames": "^2.2.6",
"date-fns": "^2.4.1", "date-fns": "^2.4.1",
"event-source-polyfill": "^1.0.9",
"query-string": "5", "query-string": "5",
"react": "^16.8.6", "react": "^16.8.6",
"react-diff-view": "^1.8.1", "react-diff-view": "^1.8.1",

36
scm-ui/ui-components/src/__snapshots__/storyshots.test.ts.snap
View File

@@ -336,7 +336,7 @@ exports[`Storyshots DateFromNow Default 1`] = `
exports[`Storyshots Forms|Checkbox Default 1`] = ` exports[`Storyshots Forms|Checkbox Default 1`] = `
<div <div
className="sc-fBuWsC ldmpJA" className="sc-caSCKo brLbbv"
> >
<div <div
className="field" className="field"
@@ -381,7 +381,7 @@ exports[`Storyshots Forms|Checkbox Default 1`] = `
exports[`Storyshots Forms|Checkbox Disabled 1`] = ` exports[`Storyshots Forms|Checkbox Disabled 1`] = `
<div <div
className="sc-fBuWsC ldmpJA" className="sc-caSCKo brLbbv"
> >
<div <div
className="field" className="field"
@@ -409,7 +409,7 @@ exports[`Storyshots Forms|Checkbox Disabled 1`] = `
exports[`Storyshots Forms|Radio Default 1`] = ` exports[`Storyshots Forms|Radio Default 1`] = `
<div <div
className="sc-fMiknA keSQNk" className="sc-gisBJw jHakbY"
> >
<label <label
className="radio" className="radio"
@@ -438,7 +438,7 @@ exports[`Storyshots Forms|Radio Default 1`] = `
exports[`Storyshots Forms|Radio Disabled 1`] = ` exports[`Storyshots Forms|Radio Disabled 1`] = `
<div <div
className="sc-fMiknA keSQNk" className="sc-gisBJw jHakbY"
> >
<label <label
className="radio" className="radio"
@@ -2558,3 +2558,31 @@ exports[`Storyshots Table|Table TextColumn 1`] = `
</tbody> </tbody>
</table> </table>
`; `;
exports[`Storyshots Toast Danger 1`] = `null`;
exports[`Storyshots Toast Info 1`] = `null`;
exports[`Storyshots Toast Open/Close 1`] = `
<div
style={
Object {
"padding": "2rem",
}
}
>
<button
className="button is-primary"
onClick={[Function]}
>
Open
Toast
</button>
</div>
`;
exports[`Storyshots Toast Primary 1`] = `null`;
exports[`Storyshots Toast Success 1`] = `null`;
exports[`Storyshots Toast Warning 1`] = `null`;

100
scm-ui/ui-components/src/apiclient.ts
View File

@@ -1,6 +1,43 @@
import { contextPath } from "./urls"; import { contextPath } from "./urls";
import { createBackendError, ForbiddenError, isBackendError, UnauthorizedError } from "./errors"; // @ts-ignore we have not types for event-source-polyfill
import { BackendErrorContent } from "./errors"; import { EventSourcePolyfill } from "event-source-polyfill";
import { createBackendError, ForbiddenError, isBackendError, UnauthorizedError, BackendErrorContent } from "./errors";
type SubscriptionEvent = {
type: string;
};
type OpenEvent = SubscriptionEvent;
type ErrorEvent = SubscriptionEvent & {
error: Error;
};
type MessageEvent = SubscriptionEvent & {
data: string;
lastEventId?: string;
};
type MessageListeners = {
[eventType: string]: (event: MessageEvent) => void;
};
type SubscriptionContext = {
onOpen?: OpenEvent;
onMessage: MessageListeners;
onError?: ErrorEvent;
};
type SubscriptionArgument = MessageListeners | SubscriptionContext;
type Cancel = () => void;
const sessionId = (
Date.now().toString(36) +
Math.random()
.toString(36)
.substr(2, 5)
).toUpperCase();
const extractXsrfTokenFromJwt = (jwt: string) => { const extractXsrfTokenFromJwt = (jwt: string) => {
const parts = jwt.split("."); const parts = jwt.split(".");
@@ -26,26 +63,34 @@ const extractXsrfToken = () => {
return extractXsrfTokenFromCookie(document.cookie); return extractXsrfTokenFromCookie(document.cookie);
}; };
const applyFetchOptions: (p: RequestInit) => RequestInit = o => { const createRequestHeaders = () => {
if (!o.headers) { const headers: { [key: string]: string } = {
o.headers = {}; // disable caching for now
} Cache: "no-cache",
// @ts-ignore We are sure that here we only get headers of type Record<string, string>
const headers: Record<string, string> = o.headers;
headers["Cache"] = "no-cache";
// identify the request as ajax request // identify the request as ajax request
headers["X-Requested-With"] = "XMLHttpRequest"; "X-Requested-With": "XMLHttpRequest",
// identify the web interface // identify the web interface
headers["X-SCM-Client"] = "WUI"; "X-SCM-Client": "WUI",
// identify the window session
"X-SCM-Session-ID": sessionId
};
const xsrf = extractXsrfToken(); const xsrf = extractXsrfToken();
if (xsrf) { if (xsrf) {
headers["X-XSRF-Token"] = xsrf; headers["X-XSRF-Token"] = xsrf;
} }
return headers;
};
const applyFetchOptions: (p: RequestInit) => RequestInit = o => {
if (o.headers) {
o.headers = {
...createRequestHeaders()
};
} else {
o.headers = createRequestHeaders();
}
o.credentials = "same-origin"; o.credentials = "same-origin";
o.headers = headers;
return o; return o;
}; };
@@ -165,12 +210,39 @@ class ApiClient {
if (!options.headers) { if (!options.headers) {
options.headers = {}; options.headers = {};
} }
// @ts-ignore We are sure that here we only get headers of type Record<string, string> // @ts-ignore We are sure that here we only get headers of type {[name:string]: string}
options.headers["Content-Type"] = contentType; options.headers["Content-Type"] = contentType;
} }
return fetch(createUrl(url), options).then(handleFailure); return fetch(createUrl(url), options).then(handleFailure);
} }
subscribe(url: string, argument: SubscriptionArgument): Cancel {
const es = new EventSourcePolyfill(createUrl(url), {
withCredentials: true,
headers: createRequestHeaders()
});
let listeners: MessageListeners;
// type guard, to identify that argument is of type SubscriptionContext
if ("onMessage" in argument) {
listeners = (argument as SubscriptionContext).onMessage;
if (argument.onError) {
es.onerror = argument.onError;
}
if (argument.onOpen) {
es.onopen = argument.onOpen;
}
} else {
listeners = argument;
}
for (const type in listeners) {
es.addEventListener(type, listeners[type]);
}
return es.close;
}
} }
export const apiClient = new ApiClient(); export const apiClient = new ApiClient();

1
scm-ui/ui-components/src/index.ts
View File

@@ -66,6 +66,7 @@ export * from "./modals";
export * from "./navigation"; export * from "./navigation";
export * from "./repos"; export * from "./repos";
export * from "./table"; export * from "./table";
export * from "./toast";
export { export {
File, File,

5
scm-ui/ui-components/src/table/Table.tsx
View File

@@ -37,9 +37,9 @@ const Table: FC<Props> = ({ data, sortable, children, emptyMessage }) => {
} }
}); });
const mapDataToColumns = (row: any) => { const mapDataToColumns = (row: any, rowIndex: number) => {
return ( return (
<tr> <tr key={rowIndex}>
{React.Children.map(children, (child, columnIndex) => { {React.Children.map(children, (child, columnIndex) => {
return <td>{React.cloneElement(child, { ...child.props, columnIndex, row })}</td>; return <td>{React.cloneElement(child, { ...child.props, columnIndex, row })}</td>;
})} })}
@@ -93,6 +93,7 @@ const Table: FC<Props> = ({ data, sortable, children, emptyMessage }) => {
onClick={isSortable(child) ? () => tableSort(index) : undefined} onClick={isSortable(child) ? () => tableSort(index) : undefined}
onMouseEnter={() => setHoveredColumnIndex(index)} onMouseEnter={() => setHoveredColumnIndex(index)}
onMouseLeave={() => setHoveredColumnIndex(undefined)} onMouseLeave={() => setHoveredColumnIndex(undefined)}
key={index}
> >
{child.props.header} {child.props.header}
{isSortable(child) && renderSortIcon(child, ascending, shouldShowIcon(index))} {isSortable(child) && renderSortIcon(child, ascending, shouldShowIcon(index))}

62
scm-ui/ui-components/src/toast/Toast.tsx Normal file
View File

@@ -0,0 +1,62 @@
import React, { FC } from "react";
import { createPortal } from "react-dom";
import styled from "styled-components";
import { getTheme, Themeable, ToastThemeContext, Type } from "./themes";
import usePortalRootElement from "../usePortalRootElement";
type Props = {
type: Type;
title: string;
};
const Container = styled.div<Themeable>`
z-index: 99999;
position: fixed;
padding: 1.5rem;
right: 1.5rem;
bottom: 1.5rem;
color: ${props => props.theme.primary};
background-color: ${props => props.theme.secondary};
max-width: 18rem;
font-size: 0.75rem;
border-radius: 5px;
animation: 0.5s slide-up;
& > p {
margin-bottom: 0.5rem;
}
@keyframes slide-up {
from {
bottom: -10rem;
}
to {
bottom: 1.5rem;
}
}
`;
const Title = styled.h1<Themeable>`
margin-bottom: 0.25rem;
font-weight: bold;
`;
const Toast: FC<Props> = ({ children, title, type }) => {
const rootElement = usePortalRootElement("toastRoot");
if (!rootElement) {
// portal not yet ready
return null;
}
const theme = getTheme(type);
const content = (
<Container theme={theme}>
<Title theme={theme}>{title}</Title>
<ToastThemeContext.Provider value={theme}>{children}</ToastThemeContext.Provider>
</Container>
);
return createPortal(content, rootElement);
};
export default Toast;

37
scm-ui/ui-components/src/toast/ToastButton.tsx Normal file
View File

@@ -0,0 +1,37 @@
import React, { FC, useContext } from "react";
import { ToastThemeContext, Themeable } from "./themes";
import styled from "styled-components";
type Props = {
icon?: string;
};
const ThemedButton = styled.div.attrs(props => ({
className: "button"
}))<Themeable>`
color: ${props => props.theme.primary};
border-color: ${props => props.theme.primary};
background-color: ${props => props.theme.secondary};
font-size: 0.75rem;
&:hover {
color: ${props => props.theme.primary};
border-color: ${props => props.theme.tertiary};
background-color: ${props => props.theme.tertiary};
}
`;
const ToastButtonIcon = styled.i`
margin-right: 0.25rem;
`;
const ToastButton: FC<Props> = ({ icon, children }) => {
const theme = useContext(ToastThemeContext);
return (
<ThemedButton theme={theme}>
{icon && <ToastButtonIcon className={`fas fa-fw fa-${icon}`} />} {children}
</ThemedButton>
);
};
export default ToastButton;

20
scm-ui/ui-components/src/toast/ToastButtons.tsx Normal file
View File

@@ -0,0 +1,20 @@
import React, { FC } from "react";
import styled from "styled-components";
const Buttons = styled.div`
display: flex;
padding-top: 0.5rem;
width: 100%;
& > * {
flex-grow: 1;
}
& > *:not(:last-child) {
margin-right: 0.5rem;
}
`;
const ToastButtons: FC = ({ children }) => <Buttons>{children}</Buttons>;
export default ToastButtons;

42
scm-ui/ui-components/src/toast/index.stories.tsx Normal file
View File

@@ -0,0 +1,42 @@
import React, { useState } from "react";
import { storiesOf } from "@storybook/react";
import Toast from "./Toast";
import ToastButtons from "./ToastButtons";
import ToastButton from "./ToastButton";
import { types } from "./themes";
const toastStories = storiesOf("Toast", module);
const AnimatedToast = () => (
<Toast type="primary" title="Animated">
Awesome animated Toast
</Toast>
);
const Animator = () => {
const [display, setDisplay] = useState(false);
return (
<div style={{ padding: "2rem" }}>
{display && <AnimatedToast />}
<button className="button is-primary" onClick={() => setDisplay(!display)}>
{display ? "Close" : "Open"} Toast
</button>
</div>
);
};
toastStories.add("Open/Close", () => <Animator />);
types.forEach(type => {
toastStories.add(type.charAt(0).toUpperCase() + type.slice(1), () => (
<Toast type={type} title="New Changes">
<p>The underlying Pull-Request has changed. Press reload to see the changes.</p>
<p>Warning: Non saved modification will be lost.</p>
<ToastButtons>
<ToastButton icon="redo">Reload</ToastButton>
<ToastButton icon="times">Ignore</ToastButton>
</ToastButtons>
</Toast>
));
});

3
scm-ui/ui-components/src/toast/index.ts Normal file
View File

@@ -0,0 +1,3 @@
export { default as Toast } from "./Toast";
export { default as ToastButton } from "./ToastButton";
export { default as ToastButtons } from "./ToastButtons";

53
scm-ui/ui-components/src/toast/themes.ts Normal file
View File

@@ -0,0 +1,53 @@
import * as React from "react";
export type ToastTheme = {
primary: string;
secondary: string;
tertiary: string;
};
export type Themeable = {
theme: ToastTheme;
};
export type Type = "info" | "primary" | "success" | "warning" | "danger";
export const types: Type[] = ["info", "primary", "success", "warning", "danger"];
const themes: { [name in Type]: ToastTheme } = {
info: {
primary: "#363636",
secondary: "#99d8f3",
tertiary: "white"
},
primary: {
primary: "#363636",
secondary: "#7fe8ef",
tertiary: "white"
},
success: {
primary: "#363636",
secondary: "#7fe3cd",
tertiary: "white"
},
warning: {
primary: "#905515",
secondary: "#ffeeab",
tertiary: "white"
},
danger: {
primary: "#363636",
secondary: "#ff9baf",
tertiary: "white"
}
};
export const getTheme = (name: Type) => {
const theme = themes[name];
if (!theme) {
throw new Error(`could not find theme with name ${name}`);
}
return theme;
};
export const ToastThemeContext = React.createContext(themes.warning);

33
scm-ui/ui-components/src/usePortalRootElement.ts Normal file
View File

@@ -0,0 +1,33 @@
import { useEffect, useState } from "react";
const createElement = (id: string) => {
const element = document.createElement("div");
element.setAttribute("id", id);
return element;
};
const appendRootElement = (rootElement: HTMLElement) => {
document.body.appendChild(rootElement);
};
const usePortalRootElement = (id: string) => {
const [rootElement, setRootElement] = useState<HTMLElement>();
useEffect(() => {
let element = document.getElementById(id);
if (!element) {
element = createElement(id);
appendRootElement(element);
}
setRootElement(element);
return () => {
if (element) {
element.remove();
}
setRootElement(undefined);
};
}, [id]);
return rootElement;
};
export default usePortalRootElement;

1
scm-webapp/src/main/java/sonia/scm/security/BearerRealm.java
View File

@@ -104,6 +104,7 @@ public class BearerRealm extends AuthenticatingRealm
return helper.authenticationInfoBuilder(accessToken.getSubject()) return helper.authenticationInfoBuilder(accessToken.getSubject())
.withCredentials(bt.getCredentials()) .withCredentials(bt.getCredentials())
.withScope(Scopes.fromClaims(accessToken.getClaims())) .withScope(Scopes.fromClaims(accessToken.getClaims()))
.withSessionId(bt.getPrincipal())
.build(); .build();
} }

3
scm-webapp/src/main/java/sonia/scm/web/BearerWebTokenGenerator.java
View File

@@ -70,7 +70,8 @@ public class BearerWebTokenGenerator extends SchemeBasedWebTokenGenerator
if (HttpUtil.AUTHORIZATION_SCHEME_BEARER.equalsIgnoreCase(scheme)) if (HttpUtil.AUTHORIZATION_SCHEME_BEARER.equalsIgnoreCase(scheme))
{ {
token = BearerToken.valueOf(authorization); String sessionId = request.getHeader(HttpUtil.HEADER_SCM_SESSION);
token = BearerToken.create(sessionId, authorization);
} }
return token; return token;

7
scm-webapp/src/main/java/sonia/scm/web/CookieBearerWebTokenGenerator.java
View File

@@ -43,7 +43,7 @@ import javax.servlet.http.HttpServletRequest;
import sonia.scm.util.HttpUtil; import sonia.scm.util.HttpUtil;
/** /**
* Creates an {@link BearerToken} from the {@link #COOKIE_NAME} * Creates an {@link BearerToken} from the {@link HttpUtil#COOKIE_BEARER_AUTHENTICATION}
* cookie. * cookie.
* *
* @author Sebastian Sdorra * @author Sebastian Sdorra
@@ -54,7 +54,7 @@ public class CookieBearerWebTokenGenerator implements WebTokenGenerator
{ {
/** /**
* Creates an {@link BearerToken} from the {@link #COOKIE_NAME} * Creates an {@link BearerToken} from the {@link HttpUtil#COOKIE_BEARER_AUTHENTICATION}
* cookie. * cookie.
* *
* @param request http servlet request * @param request http servlet request
@@ -73,7 +73,8 @@ public class CookieBearerWebTokenGenerator implements WebTokenGenerator
{ {
if (HttpUtil.COOKIE_BEARER_AUTHENTICATION.equals(cookie.getName())) if (HttpUtil.COOKIE_BEARER_AUTHENTICATION.equals(cookie.getName()))
{ {
token = BearerToken.valueOf(cookie.getValue()); String sessionId = HttpUtil.getHeader(request, HttpUtil.HEADER_SCM_SESSION, null);
token = BearerToken.create(sessionId, cookie.getValue());
break; break;
} }

33
scm-webapp/src/main/java/sonia/scm/web/security/DefaultAdministrationContext.java
View File

@@ -177,45 +177,26 @@ public class DefaultAdministrationContext implements AdministrationContext
//J+ //J+
} }
/** private void doRunAsInNonWebSessionContext(PrivilegedAction action) {
* Method description
*
*
* @param action
*/
private void doRunAsInNonWebSessionContext(PrivilegedAction action)
{
if (logger.isTraceEnabled())
{
logger.trace("bind shiro security manager to current thread"); logger.trace("bind shiro security manager to current thread");
}
try try {
{
SecurityUtils.setSecurityManager(securityManager); SecurityUtils.setSecurityManager(securityManager);
Subject subject = createAdminSubject(); Subject subject = createAdminSubject();
ThreadState state = new SubjectThreadState(subject); ThreadState state = new SubjectThreadState(subject);
state.bind(); state.bind();
try try
{ {
if (logger.isInfoEnabled()) logger.info("execute action {} in administration context", action.getClass().getName());
{
logger.info("execute action {} in administration context",
action.getClass().getName());
}
action.run(); action.run();
} finally {
logger.trace("restore current thread state");
state.restore();
} }
finally } finally {
{
state.clear();
}
}
finally
{
SecurityUtils.setSecurityManager(null); SecurityUtils.setSecurityManager(null);
} }
} }

5
scm-webapp/src/test/java/sonia/scm/security/BearerRealmTest.java
View File

@@ -84,11 +84,9 @@ class BearerRealmTest {
@Test @Test
void shouldDoGetAuthentication() { void shouldDoGetAuthentication() {
BearerToken bearerToken = BearerToken.valueOf("__bearer__"); BearerToken bearerToken = BearerToken.create("__session__", "__bearer__");
AccessToken accessToken = mock(AccessToken.class); AccessToken accessToken = mock(AccessToken.class);
Set<String> groups = ImmutableSet.of("HeartOfGold", "Puzzle42");
when(accessToken.getSubject()).thenReturn("trillian"); when(accessToken.getSubject()).thenReturn("trillian");
when(accessToken.getClaims()).thenReturn(new HashMap<>()); when(accessToken.getClaims()).thenReturn(new HashMap<>());
when(accessTokenResolver.resolve(bearerToken)).thenReturn(accessToken); when(accessTokenResolver.resolve(bearerToken)).thenReturn(accessToken);
@@ -96,6 +94,7 @@ class BearerRealmTest {
when(realmHelper.authenticationInfoBuilder("trillian")).thenReturn(builder); when(realmHelper.authenticationInfoBuilder("trillian")).thenReturn(builder);
when(builder.withCredentials("__bearer__")).thenReturn(builder); when(builder.withCredentials("__bearer__")).thenReturn(builder);
when(builder.withScope(any(Scope.class))).thenReturn(builder); when(builder.withScope(any(Scope.class))).thenReturn(builder);
when(builder.withSessionId(any(SessionId.class))).thenReturn(builder);
when(builder.build()).thenReturn(authenticationInfo); when(builder.build()).thenReturn(authenticationInfo);
AuthenticationInfo result = realm.doGetAuthenticationInfo(bearerToken); AuthenticationInfo result = realm.doGetAuthenticationInfo(bearerToken);

74
scm-webapp/src/test/java/sonia/scm/web/BearerWebTokenGeneratorTest.java
View File

@@ -33,47 +33,73 @@ package sonia.scm.web;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import org.apache.shiro.authc.AuthenticationToken; import org.apache.shiro.authc.AuthenticationToken;
import org.junit.Test;
import static org.junit.Assert.*;
import static org.hamcrest.Matchers.*; import org.junit.jupiter.api.Test;
import org.junit.runner.RunWith; import org.junit.jupiter.api.extension.ExtendWith;
import org.mockito.Mock; import org.mockito.Mock;
import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Mockito.*; import static org.mockito.Mockito.*;
import org.mockito.junit.MockitoJUnitRunner; import org.mockito.junit.jupiter.MockitoExtension;
import sonia.scm.security.BearerToken; import sonia.scm.security.BearerToken;
import sonia.scm.security.SessionId;
import sonia.scm.util.HttpUtil;
/** /**
* *
* @author Sebastian Sdorra * @author Sebastian Sdorra
*/ */
@RunWith(MockitoJUnitRunner.class) @ExtendWith(MockitoExtension.class)
public class BearerWebTokenGeneratorTest { class BearerWebTokenGeneratorTest {
private final BearerWebTokenGenerator tokenGenerator = new BearerWebTokenGenerator();
@Mock @Mock
private HttpServletRequest request; private HttpServletRequest request;
private final BearerWebTokenGenerator tokenGenerator = new BearerWebTokenGenerator();
@Test @Test
public void testCreateTokenWithWrongScheme() void shouldNotCreateTokenWithWrongScheme() {
{
when(request.getHeader("Authorization")).thenReturn("BASIC ASD"); when(request.getHeader("Authorization")).thenReturn("BASIC ASD");
assertNull(tokenGenerator.createToken(request));
}
@Test
public void testCreateTokenWithoutAuthorizationHeader(){
assertNull(tokenGenerator.createToken(request));
}
@Test
public void testCreateToken(){
when(request.getHeader("Authorization")).thenReturn("Bearer asd");
AuthenticationToken token = tokenGenerator.createToken(request); AuthenticationToken token = tokenGenerator.createToken(request);
assertNotNull(token);
assertThat(token, instanceOf(BearerToken.class)); assertThat(token).isNull();
}
@Test
void shouldNotCreateTokenWithoutAuthorizationHeader(){
AuthenticationToken token = tokenGenerator.createToken(request);
assertThat(token).isNull();
}
@Test
void shouldCreateToken(){
when(request.getHeader("Authorization")).thenReturn("Bearer asd");
AuthenticationToken token = tokenGenerator.createToken(request);
assertThat(token)
.isNotNull()
.isInstanceOf(BearerToken.class);
BearerToken bt = (BearerToken) token; BearerToken bt = (BearerToken) token;
assertThat(bt.getCredentials(), equalTo("asd")); assertThat(bt.getCredentials()).isEqualTo("asd");
}
@Test
void shouldCreateTokenWithSessionId(){
doReturn("Bearer asd").when(request).getHeader("Authorization");
doReturn("bcd123").when(request).getHeader(HttpUtil.HEADER_SCM_SESSION);
AuthenticationToken token = tokenGenerator.createToken(request);
assertThat(token)
.isNotNull()
.isInstanceOf(BearerToken.class);
BearerToken bt = (BearerToken) token;
assertThat(bt.getPrincipal()).isEqualTo(SessionId.valueOf("bcd123"));
assertThat(bt.getCredentials()).isEqualTo("asd");
} }
} }

105
scm-webapp/src/test/java/sonia/scm/web/CookieBearerWebTokenGeneratorTest.java
View File

@@ -35,82 +35,81 @@ package sonia.scm.web;
//~--- non-JDK imports -------------------------------------------------------- //~--- non-JDK imports --------------------------------------------------------
import org.junit.Test; import org.junit.jupiter.api.Test;
import org.junit.runner.RunWith; import org.junit.jupiter.api.extension.ExtendWith;
import org.mockito.Mock; import org.mockito.Mock;
import org.mockito.junit.MockitoJUnitRunner; import org.mockito.junit.jupiter.MockitoExtension;
import sonia.scm.security.BearerToken; import sonia.scm.security.BearerToken;
import sonia.scm.security.SessionId;
import static org.junit.Assert.*; import sonia.scm.util.HttpUtil;
import static org.mockito.Mockito.*;
//~--- JDK imports ------------------------------------------------------------
import javax.servlet.http.Cookie; import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import sonia.scm.util.HttpUtil;
import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Mockito.*;
//~--- JDK imports ------------------------------------------------------------
/** /**
* *
* @author Sebastian Sdorra * @author Sebastian Sdorra
*/ */
@RunWith(MockitoJUnitRunner.class) @ExtendWith(MockitoExtension.class)
public class CookieBearerWebTokenGeneratorTest class CookieBearerWebTokenGeneratorTest {
{
private final CookieBearerWebTokenGenerator tokenGenerator = new CookieBearerWebTokenGenerator();
@Mock
private HttpServletRequest request;
/**
* Method description
*
*/
@Test @Test
public void testCreateToken() void shouldCreateToken() {
{ assignBearerCookie("value");
Cookie c = mock(Cookie.class);
when(c.getName()).thenReturn(HttpUtil.COOKIE_BEARER_AUTHENTICATION);
when(c.getValue()).thenReturn("value");
when(request.getCookies()).thenReturn(new Cookie[] { c });
BearerToken token = tokenGenerator.createToken(request); BearerToken token = tokenGenerator.createToken(request);
assertNotNull(token); assertThat(token).isNotNull();
assertEquals("value", token.getCredentials()); assertThat(token.getPrincipal()).isNull();
assertThat(token.getCredentials()).isEqualTo("value");
} }
/**
* Method description
*
*/
@Test @Test
public void testCreateTokenWithWrongCookie() void shouldCreateTokenWithSessionId() {
{ when(request.getHeader(HttpUtil.HEADER_SCM_SESSION)).thenReturn("abc123");
assignBearerCookie("authc");
BearerToken token = tokenGenerator.createToken(request);
assertThat(token).isNotNull();
assertThat(token.getPrincipal()).isEqualTo(SessionId.valueOf("abc123"));
assertThat(token.getCredentials()).isEqualTo("authc");
}
private void assignBearerCookie(String value) {
assignCookie(HttpUtil.COOKIE_BEARER_AUTHENTICATION, value);
}
private void assignCookie(String name, String value) {
Cookie c = mock(Cookie.class); Cookie c = mock(Cookie.class);
when(c.getName()).thenReturn("other-cookie"); when(c.getName()).thenReturn(name);
when(request.getCookies()).thenReturn(new Cookie[] { c }); lenient().when(c.getValue()).thenReturn(value);
assertNull(tokenGenerator.createToken(request)); when(request.getCookies()).thenReturn(new Cookie[]{c});
} }
/**
* Method description
*
*/
@Test @Test
public void testCreateTokenWithoutCookies() void shouldNotCreateTokenForWrongCookie() {
{ assignCookie("other-cookie", "with-some-value");
assertNull(tokenGenerator.createToken(request));
BearerToken token = tokenGenerator.createToken(request);
assertThat(token).isNull();
} }
//~--- fields --------------------------------------------------------------- @Test
void shouldNotCreateTokenWithoutCookies() {
/** Field description */ BearerToken token = tokenGenerator.createToken(request);
private final CookieBearerWebTokenGenerator tokenGenerator = assertThat(token).isNull();
new CookieBearerWebTokenGenerator(); }
/** Field description */
@Mock
private HttpServletRequest request;
} }

72
scm-webapp/src/test/java/sonia/scm/web/security/DefaultAdministrationContextTest.java Normal file
View File

@@ -0,0 +1,72 @@
package sonia.scm.web.security;
import com.google.inject.Guice;
import com.google.inject.Injector;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.ThreadContext;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.mockito.Mock;
import org.mockito.junit.jupiter.MockitoExtension;
import static org.assertj.core.api.Assertions.assertThat;
import static org.junit.jupiter.api.Assertions.*;
import static org.mockito.Mockito.when;
@ExtendWith(MockitoExtension.class)
class DefaultAdministrationContextTest {
private DefaultAdministrationContext context;
@Mock
private Subject subject;
@BeforeEach
void create() {
Injector injector = Guice.createInjector();
SecurityManager securityManager = new DefaultSecurityManager();
context = new DefaultAdministrationContext(injector, securityManager);
}
@Test
void shouldBindSubject() {
context.runAsAdmin(() -> {
Subject adminSubject = SecurityUtils.getSubject();
assertThat(adminSubject.getPrincipal()).isEqualTo("scmsystem");
});
}
@Test
void shouldBindSubjectEvenIfAlreadyBound() {
ThreadContext.bind(subject);
try {
context.runAsAdmin(() -> {
Subject adminSubject = SecurityUtils.getSubject();
assertThat(adminSubject.getPrincipal()).isEqualTo("scmsystem");
});
} finally {
ThreadContext.unbindSubject();
}
}
@Test
void shouldRestoreCurrentSubject() {
when(subject.getPrincipal()).thenReturn("tricia");
ThreadContext.bind(subject);
try {
context.runAsAdmin(() -> {});
Subject currentSubject = SecurityUtils.getSubject();
assertThat(currentSubject.getPrincipal()).isEqualTo("tricia");
} finally {
ThreadContext.unbindSubject();
}
}
}

2311
yarn.lock
View File

File diff suppressed because it is too large Load Diff