Nemcio/SCM-Manager
1
0
Fork 0
mirror of https://github.com/scm-manager/scm-manager.git synced 2025-11-15 09:46:16 +01:00
Code Issues Packages Projects Releases Activity

redesign bearer tokens

Browse Source
This commit is contained in:
Sebastian Sdorra
2017-01-17 15:54:32 +01:00
parent 70d5942250
commit 5738fa2d66
8 changed files with 61 additions and 80 deletions
Download Patch File Download Diff File Expand all files Collapse all files

73
scm-core/src/main/java/sonia/scm/security/BearerAuthenticationToken.java → scm-core/src/main/java/sonia/scm/security/BearerToken.java
View File

@@ -33,6 +33,8 @@ package sonia.scm.security;
//~--- non-JDK imports --------------------------------------------------------
import com.google.common.base.Preconditions;
import com.google.common.base.Strings;
import org.apache.shiro.authc.AuthenticationToken;
/**
@@ -41,69 +43,48 @@ import org.apache.shiro.authc.AuthenticationToken;
* @author Sebastian Sdorra
* @since 2.0.0
*/
public class BearerAuthenticationToken implements AuthenticationToken
{
public final class BearerToken implements AuthenticationToken {
/** Field description */
private static final long serialVersionUID = -5005335710978534182L;
//~--- constructors ---------------------------------------------------------
private final String raw;
/**
* Constructs a new BearerAuthenticationToken
* Constructs a new instance.
*
*
* @param token bearer token
* @param raw raw bearer token
*/
public BearerAuthenticationToken(String token)
{
this.token = token;
}
//~--- get methods ----------------------------------------------------------
/**
* Returns the token.
*
*
* @return token
*/
@Override
public String getCredentials()
{
return token;
private BearerToken(String raw) {
this.raw = raw;
}
/**
* Returns the username or null.
* Returns the wrapped raw format of the token.
*
*
* @return username or null
* @return raw format
*/
@Override
public String getPrincipal()
{
public String getCredentials() {
return raw;
}
/**
* Returns always {@code null}.
*
* @return {@code null}
*/
@Override
public Object getPrincipal() {
return null;
}
//~--- set methods ----------------------------------------------------------
/**
* Sets the username.
* Creates a new {@link BearerToken} from raw string representation.
*
* @param raw string representation
*
* @param username username
* @return new bearer token
*/
public void setUsername(String username)
{
this.username = username;
public static BearerToken valueOf(String raw){
Preconditions.checkArgument(!Strings.isNullOrEmpty(raw), "raw token is required");
return new BearerToken(raw);
}
//~--- fields ---------------------------------------------------------------
/** bearer token */
private final String token;
/** username */
private String username;
}

4
scm-plugins/scm-legacy-plugin/src/test/java/sonia/scm/legacy/LegacyRealmTest.java
View File

@@ -48,7 +48,7 @@ import org.mockito.Mock;
import org.mockito.runners.MockitoJUnitRunner;
import sonia.scm.group.GroupDAO;
import sonia.scm.security.BearerAuthenticationToken;
import sonia.scm.security.BearerToken;
import sonia.scm.user.User;
import sonia.scm.user.UserDAO;
import sonia.scm.user.UserTestData;
@@ -140,7 +140,7 @@ public class LegacyRealmTest
@Test(expected = IllegalArgumentException.class)
public void testDoGetAuthenticationInfoWrongToken()
{
realm.doGetAuthenticationInfo(new BearerAuthenticationToken("test"));
realm.doGetAuthenticationInfo(BearerToken.valueOf("test"));
}
//~--- fields ---------------------------------------------------------------

12
scm-webapp/src/main/java/sonia/scm/security/BearerRealm.java
View File

@@ -62,7 +62,7 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/**
* Realm for authentication with {@link BearerAuthenticationToken}.
* Realm for authentication with {@link BearerToken}.
*
* @author Sebastian Sdorra
* @since 2.0.0
@@ -100,7 +100,7 @@ public class BearerRealm extends AuthenticatingRealm
this.validators = validators;
setCredentialsMatcher(new AllowAllCredentialsMatcher());
setAuthenticationTokenClass(BearerAuthenticationToken.class);
setAuthenticationTokenClass(BearerToken.class);
}
//~--- methods --------------------------------------------------------------
@@ -117,10 +117,10 @@ public class BearerRealm extends AuthenticatingRealm
@Override
protected AuthenticationInfo doGetAuthenticationInfo( AuthenticationToken token)
{
checkArgument(token instanceof BearerAuthenticationToken, "%s is required",
BearerAuthenticationToken.class);
checkArgument(token instanceof BearerToken, "%s is required",
BearerToken.class);
BearerAuthenticationToken bt = (BearerAuthenticationToken) token;
BearerToken bt = (BearerToken) token;
Claims c = checkToken(bt);
return helper.getAuthenticationInfo(c.getSubject(), bt.getCredentials(), Scopes.fromClaims(c));
@@ -134,7 +134,7 @@ public class BearerRealm extends AuthenticatingRealm
*
* @return claim
*/
private Claims checkToken(BearerAuthenticationToken token)
private Claims checkToken(BearerToken token)
{
Claims claims;

14
scm-webapp/src/main/java/sonia/scm/web/BearerWebTokenGenerator.java
View File

@@ -34,7 +34,7 @@ package sonia.scm.web;
//~--- non-JDK imports --------------------------------------------------------
import sonia.scm.plugin.Extension;
import sonia.scm.security.BearerAuthenticationToken;
import sonia.scm.security.BearerToken;
import sonia.scm.util.HttpUtil;
//~--- JDK imports ------------------------------------------------------------
@@ -42,7 +42,7 @@ import sonia.scm.util.HttpUtil;
import javax.servlet.http.HttpServletRequest;
/**
* Creates a {@link BearerAuthenticationToken} from an authorization header with
* Creates a {@link BearerToken} from an authorization header with
* bearer authorization.
*
* @author Sebastian Sdorra
@@ -53,24 +53,24 @@ public class BearerWebTokenGenerator extends SchemeBasedWebTokenGenerator
{
/**
* Creates a {@link BearerAuthenticationToken} from an authorization header
* Creates a {@link BearerToken} from an authorization header
* with bearer authorization.
*
* @param request http servlet request
* @param scheme authorization scheme
* @param authorization authorization payload
*
* @return {@link BearerAuthenticationToken} or {@code null}
* @return {@link BearerToken} or {@code null}
*/
@Override
protected BearerAuthenticationToken createToken(HttpServletRequest request,
protected BearerToken createToken(HttpServletRequest request,
String scheme, String authorization)
{
BearerAuthenticationToken token = null;
BearerToken token = null;
if (HttpUtil.AUTHORIZATION_SCHEME_BEARER.equalsIgnoreCase(scheme))
{
token = new BearerAuthenticationToken(authorization);
token = BearerToken.valueOf(authorization);
}
return token;

14
scm-webapp/src/main/java/sonia/scm/web/CookieBearerWebTokenGenerator.java
View File

@@ -34,7 +34,7 @@ package sonia.scm.web;
//~--- non-JDK imports --------------------------------------------------------
import sonia.scm.plugin.Extension;
import sonia.scm.security.BearerAuthenticationToken;
import sonia.scm.security.BearerToken;
//~--- JDK imports ------------------------------------------------------------
@@ -43,7 +43,7 @@ import javax.servlet.http.HttpServletRequest;
import sonia.scm.util.HttpUtil;
/**
* Creates an {@link BearerAuthenticationToken} from the {@link #COOKIE_NAME}
* Creates an {@link BearerToken} from the {@link #COOKIE_NAME}
* cookie.
*
* @author Sebastian Sdorra
@@ -54,17 +54,17 @@ public class CookieBearerWebTokenGenerator implements WebTokenGenerator
{
/**
* Creates an {@link BearerAuthenticationToken} from the {@link #COOKIE_NAME}
* Creates an {@link BearerToken} from the {@link #COOKIE_NAME}
* cookie.
*
* @param request http servlet request
*
* @return {@link BearerAuthenticationToken} or {@code null}
* @return {@link BearerToken} or {@code null}
*/
@Override
public BearerAuthenticationToken createToken(HttpServletRequest request)
public BearerToken createToken(HttpServletRequest request)
{
BearerAuthenticationToken token = null;
BearerToken token = null;
Cookie[] cookies = request.getCookies();
if (cookies != null)
@@ -73,7 +73,7 @@ public class CookieBearerWebTokenGenerator implements WebTokenGenerator
{
if (HttpUtil.COOKIE_BEARER_AUTHENTICATION.equals(cookie.getName()))
{
token = new BearerAuthenticationToken(cookie.getValue());
token = BearerToken.valueOf(cookie.getValue());
break;
}

12
scm-webapp/src/test/java/sonia/scm/security/BearerRealmTest.java
View File

@@ -107,7 +107,7 @@ public class BearerRealmTest
String compact = createCompactToken(marvin.getName(), key);
BearerAuthenticationToken token = new BearerAuthenticationToken(compact);
BearerToken token = BearerToken.valueOf(compact);
AuthenticationInfo info = realm.doGetAuthenticationInfo(token);
assertNotNull(info);
@@ -142,7 +142,7 @@ public class BearerRealmTest
Scope.valueOf("repo:*", "user:*")
);
AuthenticationInfo info = realm.doGetAuthenticationInfo(new BearerAuthenticationToken(compact));
AuthenticationInfo info = realm.doGetAuthenticationInfo(BearerToken.valueOf(compact));
Scope scope = info.getPrincipals().oneByType(Scope.class);
assertThat(scope, Matchers.containsInAnyOrder("repo:*", "user:*"));
}
@@ -170,7 +170,7 @@ public class BearerRealmTest
expectedException.expectMessage(Matchers.containsString("claims"));
// kick authentication
realm.doGetAuthenticationInfo(new BearerAuthenticationToken(compact));
realm.doGetAuthenticationInfo(BearerToken.valueOf(compact));
}
/**
@@ -191,7 +191,7 @@ public class BearerRealmTest
Date exp = new Date(System.currentTimeMillis() - 600l);
String compact = createCompactToken(trillian.getName(), key, exp, Scope.empty());
realm.doGetAuthenticationInfo(new BearerAuthenticationToken(compact));
realm.doGetAuthenticationInfo(BearerToken.valueOf(compact));
}
/**
@@ -206,7 +206,7 @@ public class BearerRealmTest
User trillian = UserTestData.createTrillian();
String compact = createCompactToken(trillian.getName(), createSecureKey());
realm.doGetAuthenticationInfo(new BearerAuthenticationToken(compact));
realm.doGetAuthenticationInfo(BearerToken.valueOf(compact));
}
/**
@@ -222,7 +222,7 @@ public class BearerRealmTest
String compact = Jwts.builder().setSubject("test").compact();
realm.doGetAuthenticationInfo(new BearerAuthenticationToken(compact));
realm.doGetAuthenticationInfo(BearerToken.valueOf(compact));
}
/**

6
scm-webapp/src/test/java/sonia/scm/web/BearerWebTokenGeneratorTest.java
View File

@@ -40,7 +40,7 @@ import org.junit.runner.RunWith;
import org.mockito.Mock;
import static org.mockito.Mockito.*;
import org.mockito.runners.MockitoJUnitRunner;
import sonia.scm.security.BearerAuthenticationToken;
import sonia.scm.security.BearerToken;
/**
*
@@ -71,8 +71,8 @@ public class BearerWebTokenGeneratorTest {
when(request.getHeader("Authorization")).thenReturn("Bearer asd");
AuthenticationToken token = tokenGenerator.createToken(request);
assertNotNull(token);
assertThat(token, instanceOf(BearerAuthenticationToken.class));
BearerAuthenticationToken bt = (BearerAuthenticationToken) token;
assertThat(token, instanceOf(BearerToken.class));
BearerToken bt = (BearerToken) token;
assertThat(bt.getCredentials(), equalTo("asd"));
}

4
scm-webapp/src/test/java/sonia/scm/web/CookieBearerWebTokenGeneratorTest.java
View File

@@ -41,7 +41,7 @@ import org.junit.runner.RunWith;
import org.mockito.Mock;
import org.mockito.runners.MockitoJUnitRunner;
import sonia.scm.security.BearerAuthenticationToken;
import sonia.scm.security.BearerToken;
import static org.junit.Assert.*;
@@ -74,7 +74,7 @@ public class CookieBearerWebTokenGeneratorTest
when(c.getValue()).thenReturn("value");
when(request.getCookies()).thenReturn(new Cookie[] { c });
BearerAuthenticationToken token = tokenGenerator.createToken(request);
BearerToken token = tokenGenerator.createToken(request);
assertNotNull(token);
assertEquals("value", token.getCredentials());