added DemoAuthenticator

2025-11-10 15:35:49 +01:00 · 2010-09-08 10:59:54 +02:00
parent f1619a098a
commit cbb85745f3
6 changed files with 424 additions and 27 deletions
--- a/scm-webapp/src/main/java/sonia/scm/api/rest/SecurityFilter.java
+++ b/scm-webapp/src/main/java/sonia/scm/api/rest/SecurityFilter.java
@@ -1,102 +0,0 @@
-/*
- * To change this template, choose Tools | Templates
- * and open the template in the editor.
- */
-
-
-
-package sonia.scm.api.rest;
-
-//~--- JDK imports ------------------------------------------------------------
-
-import java.io.IOException;
-
-import javax.servlet.Filter;
-import javax.servlet.FilterChain;
-import javax.servlet.FilterConfig;
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import javax.servlet.annotation.WebFilter;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-/**
- *
- * @author Sebastian Sdorra
- */
-@WebFilter(urlPatterns = "/api/rest/*")
-public class SecurityFilter implements Filter
-{
-
-  /** Field description */
-  public static final String URL_AUTHENTICATION = "/api/rest/authentication";
-
-  //~--- methods --------------------------------------------------------------
-
-  /**
-   * Method description
-   *
-   */
-  @Override
-  public void destroy()
-  {
-
-    // do nothing
-  }
-
-  /**
-   * Method description
-   *
-   *
-   * @param req
-   * @param res
-   * @param chain
-   *
-   * @throws IOException
-   * @throws ServletException
-   */
-  @Override
-  public void doFilter(ServletRequest req, ServletResponse res,
-                       FilterChain chain)
-          throws IOException, ServletException
-  {
-    if ((req instanceof HttpServletRequest)
-        && (res instanceof HttpServletResponse))
-    {
-      HttpServletRequest request = (HttpServletRequest) req;
-      String uri =
-        request.getRequestURI().substring(request.getContextPath().length());
-
-      if (uri.startsWith(URL_AUTHENTICATION)
-          || (request.getSession(true).getAttribute("auth") != null))
-      {
-        chain.doFilter(req, res);
-      }
-      else
-      {
-        ((HttpServletResponse) res).sendError(
-            HttpServletResponse.SC_UNAUTHORIZED);
-      }
-    }
-    else
-    {
-      throw new ServletException("request is not an HttpServletRequest");
-    }
-  }
-
-  /**
-   * Method description
-   *
-   *
-   * @param filterConfig
-   *
-   * @throws ServletException
-   */
-  @Override
-  public void init(FilterConfig filterConfig) throws ServletException
-  {
-
-    // do nothing
-  }
-}
--- a/scm-webapp/src/main/java/sonia/scm/api/rest/resources/AuthenticationResource.java
+++ b/scm-webapp/src/main/java/sonia/scm/api/rest/resources/AuthenticationResource.java
@@ -11,9 +11,12 @@ package sonia.scm.api.rest.resources;

 import sonia.scm.RepositoryType;
 import sonia.scm.ScmState;
+import sonia.scm.User;
+import sonia.scm.security.Authenticator;

 //~--- JDK imports ------------------------------------------------------------

+import javax.inject.Inject;
 import javax.inject.Singleton;

 import javax.servlet.http.HttpServletRequest;
@@ -38,6 +41,15 @@ import javax.ws.rs.core.Response;
 public class AuthenticationResource
 {

+  /** Field description */
+  private static final RepositoryType[] types = new RepositoryType[] {
+                                                  new RepositoryType("hg",
+                                                    "Mercurial"),
+          new RepositoryType("svn", "Subversion"),
+          new RepositoryType("git", "Git") };
+
+  //~--- get methods ----------------------------------------------------------
+
  /**
   * Method description
   *
@@ -54,11 +66,11 @@ public class AuthenticationResource
                           @FormParam("password") String password)
  {
    ScmState state = null;
+    User user = authenticator.authenticate(request, username, password);

-    if ("hans".equals(username) && "hans123".equals(password))
+    if (user != null)
    {
-      request.getSession(true).setAttribute("auth", username);
-      state = getState(username);
+      state = getState(user);
    }
    else
    {
@@ -80,11 +92,11 @@ public class AuthenticationResource
  public ScmState getState(@Context HttpServletRequest request)
  {
    ScmState state = null;
-    String username = (String) request.getSession(true).getAttribute("auth");
+    User user = authenticator.getUser(request);

-    if (username != null)
+    if (user != null)
    {
-      state = getState(username);
+      state = getState(user);
    }
    else
    {
@@ -98,23 +110,24 @@ public class AuthenticationResource
   * Method description
   *
   *
-   * @param username
+   *
+   * @param user
   *
   * @return
   */
-  private ScmState getState(String username)
+  private ScmState getState(User user)
  {
    ScmState state = new ScmState();

-    state.setUsername(username);
-
-    RepositoryType[] types = new RepositoryType[] {
-                               new RepositoryType("hg", "Mercurial"),
-                               new RepositoryType("svn", "Subversion"),
-                               new RepositoryType("git", "Git") };
-
+    state.setUser(user);
    state.setRepositoryTypes(types);

    return state;
  }
+
+  //~--- fields ---------------------------------------------------------------
+
+  /** Field description */
+  @Inject
+  private Authenticator authenticator;
 }