1. Sebastian Sdorra
  2. scm-manager

Commits

Sebastian Sdorra  committed b0c30f7

use apache shiro api for authentication resource

  • Participants
  • Parent commits 54fdc47
  • Branches apache-shiro

Comments (0)

Files changed (4)

File scm-core/src/main/java/sonia/scm/ScmState.java

View file
  • Ignore whitespace
    * @param repositoryTypes - available repository types
    * @param clientConfig - client configuration
    */
+  @Deprecated
   public ScmState(SCMContextProvider provider,
-                  WebSecurityContext securityContext,
-                  Collection<Type> repositoryTypes,
-                  ScmClientConfig clientConfig)
+    WebSecurityContext securityContext, Collection<Type> repositoryTypes,
+    ScmClientConfig clientConfig)
   {
     this(provider, securityContext, repositoryTypes, null, clientConfig);
   }
    *
    * @since 1.14
    */
+  @Deprecated
   public ScmState(SCMContextProvider provider,
-                  WebSecurityContext securityContext,
-                  Collection<Type> repositoryTypes, String defaultUserType,
-                  ScmClientConfig clientConfig)
+    WebSecurityContext securityContext, Collection<Type> repositoryTypes,
+    String defaultUserType, ScmClientConfig clientConfig)
   {
     this.version = provider.getVersion();
     this.user = securityContext.getUser();
     this.defaultUserType = defaultUserType;
   }
 
+  /**
+   * Constructs {@link ScmState} object.
+   *
+   *
+   * @param provider context provider
+   * @param user current user
+   * @param groups groups of the current user
+   * @param repositoryTypes available repository types
+   * @param defaultUserType default user type
+   * @param clientConfig client configuration
+   *
+   * @since 1.21
+   */
+  public ScmState(SCMContextProvider provider, User user,
+    Collection<String> groups, Collection<Type> repositoryTypes,
+    String defaultUserType, ScmClientConfig clientConfig)
+  {
+    this.version = provider.getVersion();
+    this.user = user;
+    this.groups = groups;
+    this.repositoryTypes = repositoryTypes;
+    this.clientConfig = clientConfig;
+    this.defaultUserType = defaultUserType;
+  }
+
   //~--- get methods ----------------------------------------------------------
 
   /**

File scm-core/src/main/java/sonia/scm/security/ScmAuthenticationToken.java

View file
  • Ignore whitespace
+/**
+ * Copyright (c) 2010, Sebastian Sdorra All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer. 2. Redistributions in
+ * binary form must reproduce the above copyright notice, this list of
+ * conditions and the following disclaimer in the documentation and/or other
+ * materials provided with the distribution. 3. Neither the name of SCM-Manager;
+ * nor the names of its contributors may be used to endorse or promote products
+ * derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR
+ * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+ * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * http://bitbucket.org/sdorra/scm-manager
+ *
+ */
+
+
+
+package sonia.scm.security;
+
+//~--- non-JDK imports --------------------------------------------------------
+
+import com.google.common.base.Objects;
+
+import org.apache.shiro.authc.AuthenticationToken;
+
+//~--- JDK imports ------------------------------------------------------------
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+/**
+ *
+ * @author Sebastian Sdorra
+ * @since 1.21
+ */
+public class ScmAuthenticationToken implements AuthenticationToken
+{
+
+  /** Field description */
+  private static final long serialVersionUID = -3208692400029843828L;
+
+  //~--- constructors ---------------------------------------------------------
+
+  /**
+   * Constructs ...
+   *
+   *
+   * @param request
+   * @param response
+   * @param username
+   * @param password
+   */
+  public ScmAuthenticationToken(HttpServletRequest request,
+    HttpServletResponse response, String username, String password)
+  {
+    this.request = request;
+    this.response = response;
+    this.username = username;
+    this.password = password;
+  }
+
+  //~--- methods --------------------------------------------------------------
+
+  /**
+   * Method description
+   *
+   *
+   * @param obj
+   *
+   * @return
+   */
+  @Override
+  public boolean equals(Object obj)
+  {
+    if (obj == null)
+    {
+      return false;
+    }
+
+    if (getClass() != obj.getClass())
+    {
+      return false;
+    }
+
+    final ScmAuthenticationToken other = (ScmAuthenticationToken) obj;
+
+    return Objects.equal(request, other.request)
+      && Objects.equal(response, other.response)
+      && Objects.equal(username, other.username)
+      && Objects.equal(password, other.password);
+  }
+
+  /**
+   * Method description
+   *
+   *
+   * @return
+   */
+  @Override
+  public int hashCode()
+  {
+    return Objects.hashCode(request, response, username, password);
+  }
+
+  /**
+   * Method description
+   *
+   *
+   * @return
+   */
+  @Override
+  public String toString()
+  {
+    //J-
+    return Objects.toStringHelper(this)
+                  .add("request", request)
+                  .add("response", response)
+                  .add("username", username)
+                  .add("password", "xxx")
+                  .toString();
+    //J+
+  }
+
+  //~--- get methods ----------------------------------------------------------
+
+  /**
+   * Method description
+   *
+   *
+   * @return
+   */
+  @Override
+  public String getCredentials()
+  {
+    return password;
+  }
+
+  /**
+   * Method description
+   *
+   *
+   * @return
+   */
+  public String getPassword()
+  {
+    return password;
+  }
+
+  /**
+   * Method description
+   *
+   *
+   * @return
+   */
+  @Override
+  public String getPrincipal()
+  {
+    return username;
+  }
+
+  /**
+   * Method description
+   *
+   *
+   * @return
+   */
+  public HttpServletRequest getRequest()
+  {
+    return request;
+  }
+
+  /**
+   * Method description
+   *
+   *
+   * @return
+   */
+  public HttpServletResponse getResponse()
+  {
+    return response;
+  }
+
+  /**
+   * Method description
+   *
+   *
+   * @return
+   */
+  public String getUsername()
+  {
+    return username;
+  }
+
+  //~--- fields ---------------------------------------------------------------
+
+  /** Field description */
+  private String password;
+
+  /** Field description */
+  private HttpServletRequest request;
+
+  /** Field description */
+  private HttpServletResponse response;
+
+  /** Field description */
+  private String username;
+}

File scm-webapp/src/main/java/sonia/scm/api/rest/resources/AuthenticationResource.java

View file
  • Ignore whitespace
 //~--- non-JDK imports --------------------------------------------------------
 
 import com.google.inject.Inject;
-import com.google.inject.Provider;
 import com.google.inject.Singleton;
 
+import org.apache.shiro.SecurityUtils;
+import org.apache.shiro.authc.AuthenticationException;
+import org.apache.shiro.subject.PrincipalCollection;
+import org.apache.shiro.subject.Subject;
+
 import org.codehaus.enunciate.jaxrs.TypeHint;
 import org.codehaus.enunciate.modules.jersey.ExternallyManagedLifecycle;
 
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import sonia.scm.SCMContext;
 import sonia.scm.SCMContextProvider;
 import sonia.scm.ScmClientConfig;
 import sonia.scm.ScmState;
 import sonia.scm.config.ScmConfiguration;
 import sonia.scm.repository.RepositoryManager;
+import sonia.scm.security.Groups;
+import sonia.scm.security.ScmAuthenticationToken;
 import sonia.scm.user.User;
 import sonia.scm.user.UserManager;
-import sonia.scm.web.security.WebSecurityContext;
 
 //~--- JDK imports ------------------------------------------------------------
 
    * @param securityContextProvider
    */
   @Inject
-  public AuthenticationResource(
-          SCMContextProvider contextProvider, ScmConfiguration configuration,
-          RepositoryManager repositoryManger, UserManager userManager,
-          Provider<WebSecurityContext> securityContextProvider)
+  public AuthenticationResource(SCMContextProvider contextProvider,
+    ScmConfiguration configuration, RepositoryManager repositoryManger,
+    UserManager userManager)
   {
     this.contextProvider = contextProvider;
     this.configuration = configuration;
     this.repositoryManger = repositoryManger;
     this.userManager = userManager;
-    this.securityContextProvider = securityContextProvider;
   }
 
   //~--- methods --------------------------------------------------------------
   @Path("login")
   @TypeHint(ScmState.class)
   public ScmState authenticate(@Context HttpServletRequest request,
-                               @Context HttpServletResponse response,
-                               @FormParam("username") String username,
-                               @FormParam("password") String password)
+    @Context HttpServletResponse response,
+    @FormParam("username") String username,
+    @FormParam("password") String password)
   {
     ScmState state = null;
-    WebSecurityContext securityContext = securityContextProvider.get();
-    User user = securityContext.authenticate(request, response, username,
-                  password);
 
-    if ((user != null) &&!SCMContext.USER_ANONYMOUS.equals(user.getName()))
+    Subject subject = SecurityUtils.getSubject();
+
+    try
     {
-      state = createState(securityContext);
+      subject.login(new ScmAuthenticationToken(request, response, username,
+        password));
+      state = createState(subject);
     }
-    else
+    catch (AuthenticationException ex)
     {
       throw new WebApplicationException(Response.Status.UNAUTHORIZED);
     }
   @Path("logout")
   @TypeHint(ScmState.class)
   public Response logout(@Context HttpServletRequest request,
-                         @Context HttpServletResponse response)
+    @Context HttpServletResponse response)
   {
-    WebSecurityContext securityContext = securityContextProvider.get();
+    Subject subject = SecurityUtils.getSubject();
 
-    securityContext.logout(request, response);
+    subject.logout();
 
     Response resp = null;
-    User user = securityContext.getUser();
+
+    // TODO handle anonymous access
+
+    User user = null;
 
     if (user != null)
     {
-      ScmState state = createState(securityContext);
+      ScmState state = createState(subject);
 
       resp = Response.ok(state).build();
     }
   {
     Response response = null;
     ScmState state = null;
-    WebSecurityContext securityContext = securityContextProvider.get();
-    User user = securityContext.getUser();
+    Subject subject = SecurityUtils.getSubject();
 
-    if (user != null)
+    if (subject.isAuthenticated())
     {
       if (logger.isDebugEnabled())
       {
-        logger.debug("return state for user {}", user.getName());
+        logger.debug("return state for user {}", subject.getPrincipal());
       }
 
-      state = createState(securityContext);
+      state = createState(subject);
       response = Response.ok(state).build();
     }
     else
    *
    * @param securityContext
    *
+   * @param subject
+   *
    * @return
    */
-  private ScmState createState(WebSecurityContext securityContext)
+  private ScmState createState(Subject subject)
   {
-    return new ScmState(contextProvider, securityContext,
-                        repositoryManger.getConfiguredTypes(),
-                        userManager.getDefaultType(),
-                        new ScmClientConfig(configuration));
+    PrincipalCollection collection = subject.getPrincipals();
+    User user = collection.oneByType(User.class);
+    Groups groups = collection.oneByType(Groups.class);
+
+    return new ScmState(contextProvider, user, groups.getGroups(),
+      repositoryManger.getConfiguredTypes(), userManager.getDefaultType(),
+      new ScmClientConfig(configuration));
   }
 
   //~--- fields ---------------------------------------------------------------
   private RepositoryManager repositoryManger;
 
   /** Field description */
-  private Provider<WebSecurityContext> securityContextProvider;
-
-  /** Field description */
   private UserManager userManager;
 }

File scm-webapp/src/main/java/sonia/scm/security/ScmAuthenticationToken.java

  • Ignore whitespace
-/**
- * Copyright (c) 2010, Sebastian Sdorra All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * 1. Redistributions of source code must retain the above copyright notice,
- * this list of conditions and the following disclaimer. 2. Redistributions in
- * binary form must reproduce the above copyright notice, this list of
- * conditions and the following disclaimer in the documentation and/or other
- * materials provided with the distribution. 3. Neither the name of SCM-Manager;
- * nor the names of its contributors may be used to endorse or promote products
- * derived from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR
- * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
- * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- * http://bitbucket.org/sdorra/scm-manager
- *
- */
-
-
-
-package sonia.scm.security;
-
-//~--- non-JDK imports --------------------------------------------------------
-
-import com.google.common.base.Objects;
-
-import org.apache.shiro.authc.AuthenticationToken;
-
-//~--- JDK imports ------------------------------------------------------------
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-/**
- *
- * @author Sebastian Sdorra
- */
-public class ScmAuthenticationToken implements AuthenticationToken
-{
-
-  /** Field description */
-  private static final long serialVersionUID = -3208692400029843828L;
-
-  //~--- constructors ---------------------------------------------------------
-
-  /**
-   * Constructs ...
-   *
-   *
-   * @param request
-   * @param response
-   * @param username
-   * @param password
-   */
-  public ScmAuthenticationToken(HttpServletRequest request,
-    HttpServletResponse response, String username, String password)
-  {
-    this.request = request;
-    this.response = response;
-    this.username = username;
-    this.password = password;
-  }
-
-  //~--- methods --------------------------------------------------------------
-
-  /**
-   * Method description
-   *
-   *
-   * @param obj
-   *
-   * @return
-   */
-  @Override
-  public boolean equals(Object obj)
-  {
-    if (obj == null)
-    {
-      return false;
-    }
-
-    if (getClass() != obj.getClass())
-    {
-      return false;
-    }
-
-    final ScmAuthenticationToken other = (ScmAuthenticationToken) obj;
-
-    return Objects.equal(request, other.request)
-      && Objects.equal(response, other.response)
-      && Objects.equal(username, other.username)
-      && Objects.equal(password, other.password);
-  }
-
-  /**
-   * Method description
-   *
-   *
-   * @return
-   */
-  @Override
-  public int hashCode()
-  {
-    return Objects.hashCode(request, response, username, password);
-  }
-
-  /**
-   * Method description
-   *
-   *
-   * @return
-   */
-  @Override
-  public String toString()
-  {
-    //J-
-    return Objects.toStringHelper(this)
-                  .add("request", request)
-                  .add("response", response)
-                  .add("username", username)
-                  .add("password", "xxx")
-                  .toString();
-    //J+
-  }
-
-  //~--- get methods ----------------------------------------------------------
-
-  /**
-   * Method description
-   *
-   *
-   * @return
-   */
-  @Override
-  public String getCredentials()
-  {
-    return password;
-  }
-
-  /**
-   * Method description
-   *
-   *
-   * @return
-   */
-  public String getPassword()
-  {
-    return password;
-  }
-
-  /**
-   * Method description
-   *
-   *
-   * @return
-   */
-  @Override
-  public String getPrincipal()
-  {
-    return username;
-  }
-
-  /**
-   * Method description
-   *
-   *
-   * @return
-   */
-  public HttpServletRequest getRequest()
-  {
-    return request;
-  }
-
-  /**
-   * Method description
-   *
-   *
-   * @return
-   */
-  public HttpServletResponse getResponse()
-  {
-    return response;
-  }
-
-  /**
-   * Method description
-   *
-   *
-   * @return
-   */
-  public String getUsername()
-  {
-    return username;
-  }
-
-  //~--- fields ---------------------------------------------------------------
-
-  /** Field description */
-  private String password;
-
-  /** Field description */
-  private HttpServletRequest request;
-
-  /** Field description */
-  private HttpServletResponse response;
-
-  /** Field description */
-  private String username;
-}