From 203598f3a4c50727773a2a7d16b48645de14a172 Mon Sep 17 00:00:00 2001 From: Avgustin Marinov Date: Fri, 28 Nov 2025 09:13:41 +0200 Subject: [PATCH] Fix auth -> authentication in some props in SDK (#2839) Signed-off-by: Avgustin Marinov --- docs/authorization.md | 2 +- .../hawkbit/auth/SpringEvalExpressions.java | 2 +- .../hawkbit/context/AccessContext.java | 9 +- .../java/org/eclipse/hawkbit/context/Mdc.java | 6 +- .../security/HawkbitSecurityProperties.java | 4 +- .../TenantAwareAuthenticationDetails.java | 4 +- .../context/AccessContextAsSystemTest.java | 28 +++--- .../security/controller/Authenticator.java | 6 +- .../controller/DdiSecurityProperties.java | 2 +- .../controller/GatewayTokenAuthenticator.java | 2 +- .../SecurityHeaderAuthenticator.java | 2 +- .../SecurityTokenAuthenticator.java | 2 +- .../GatewayTokenAuthenticatorTest.java | 10 +- .../SecurityHeaderAuthenticatorTest.java | 12 +-- .../SecurityTokenAuthenticatorTest.java | 10 +- .../src/main/resources/application.properties | 2 +- .../hawkbit/amqp/DmfApiConfiguration.java | 2 +- .../mgmt/rest/api/MgmtBasicAuthRestApi.java | 4 +- .../mgmt/rest/api/MgmtRestConstants.java | 2 +- .../rest/resource/MgmtBasicAuthResource.java | 2 +- .../resource/MgmtBasicAuthResourceTest.java | 6 +- .../mgmt/MgmtSecurityConfiguration.java | 4 +- .../src/main/resources/application.properties | 2 +- .../TenantConfigurationManagementTest.java | 91 ++++++++++--------- .../rest/SecurityManagedConfiguration.java | 2 +- .../eclipse/hawkbit/sdk/HawkbitClient.java | 4 +- .../java/org/eclipse/hawkbit/sdk/Tenant.java | 2 +- .../sdk/mgmt/AuthenticationSetupHelper.java | 22 ++--- .../org/eclipse/hawkbit/ui/HawkbitUiApp.java | 4 +- 29 files changed, 129 insertions(+), 121 deletions(-) diff --git a/docs/authorization.md b/docs/authorization.md index 55d9764ef..be0cf441e 100644 --- a/docs/authorization.md +++ b/docs/authorization.md @@ -12,7 +12,7 @@ information. In hawkBit [SecurityAutoConfiguration](https://github.com/eclipse-hawkbit/hawkbit/blob/master/hawkbit-autoconfigure/src/main/java/org/eclipse/hawkbit/autoconfigure/security/SecurityAutoConfiguration.java) is a good starting point for integration. -The default implementation is single user/tenant with basic auth and the logged in user is provided with all +The default implementation is single user/tenant with basic authentication and the logged-in user is provided with all permissions. Additionally, the application properties may be configured for multiple static users; see [Multiple Users](#multiple-users) for details. diff --git a/hawkbit-core/src/main/java/org/eclipse/hawkbit/auth/SpringEvalExpressions.java b/hawkbit-core/src/main/java/org/eclipse/hawkbit/auth/SpringEvalExpressions.java index 01a2a69cb..14f618702 100644 --- a/hawkbit-core/src/main/java/org/eclipse/hawkbit/auth/SpringEvalExpressions.java +++ b/hawkbit-core/src/main/java/org/eclipse/hawkbit/auth/SpringEvalExpressions.java @@ -23,7 +23,7 @@ import org.springframework.security.access.prepost.PreAuthorize; * hasRole([role]) Returns true if the current principal has the specified role. * hasAnyRole([role1,role2]) Returns true if the current principal has any of the supplied roles (given as a comma-separated list of strings) * principal Allows direct access to the principal object representing the current user - * auth Allows direct access to the current Authentication object obtained from the SecurityContext + * authentication Allows direct access to the current Authentication object obtained from the SecurityContext * permitAll Always evaluates to true * denyAll Always evaluates to false * isAnonymous() Returns true if the current principal is an anonymous user diff --git a/hawkbit-core/src/main/java/org/eclipse/hawkbit/context/AccessContext.java b/hawkbit-core/src/main/java/org/eclipse/hawkbit/context/AccessContext.java index 9684cfc0f..4539c4e75 100644 --- a/hawkbit-core/src/main/java/org/eclipse/hawkbit/context/AccessContext.java +++ b/hawkbit-core/src/main/java/org/eclipse/hawkbit/context/AccessContext.java @@ -332,7 +332,7 @@ public class AccessContext { } // simplified info for the security context keeping just the basic info needed for background execution of - // controller auth is not supported - always is false + // controller authentication is not supported - always is false // only authenticated user is supported @NoArgsConstructor @Data @@ -342,7 +342,6 @@ public class AccessContext { private static final long serialVersionUID = 1L; private String tenant; - // auditor / username (auth principal name) private String auditor = "n/a"; // default value "n/a" is used only on deserialization if field is missing @JsonProperty(required = true) private String[] authorities; @@ -354,7 +353,7 @@ public class AccessContext { } if (authentication.getDetails() instanceof TenantAwareAuthenticationDetails tenantAwareDetails) { if (tenantAwareDetails.controller()) { - throw new IllegalStateException("Controller auth context is not supported"); + throw new IllegalStateException("Controller authentication context is not supported"); } tenant = tenantAwareDetails.tenant(); } else if (authentication.getPrincipal() instanceof TenantAwareUser tenantAwareUser) { @@ -362,7 +361,7 @@ public class AccessContext { } // keep the auditor, ofr audit purposes, - // sets principal to the resolved auditor and then deserialized auth will return it as principal + // sets principal to the resolved auditor and then deserialized authentication will return it as principal // since the class is not known to auditor aware - it shall used default - principal as auditor auditor = resolve(authentication); authorities = authentication.getAuthorities().stream().map(Object::toString).toArray(String[]::new); @@ -417,7 +416,7 @@ public class AccessContext { /** * An implementation of the Spring's {@link Authentication} object which is used within a system security code block and - * wraps the original auth object. The wrapped object contains the necessary {@link SpRole#SYSTEM_ROLE} + * wraps the original authentication object. The wrapped object contains the necessary {@link SpRole#SYSTEM_ROLE} * which is allowed to execute all secured methods. */ static final class SystemCodeAuthentication implements Authentication { diff --git a/hawkbit-core/src/main/java/org/eclipse/hawkbit/context/Mdc.java b/hawkbit-core/src/main/java/org/eclipse/hawkbit/context/Mdc.java index 711473e19..e42b7c852 100644 --- a/hawkbit-core/src/main/java/org/eclipse/hawkbit/context/Mdc.java +++ b/hawkbit-core/src/main/java/org/eclipse/hawkbit/context/Mdc.java @@ -49,7 +49,7 @@ public class Mdc { } /** - * Executes callable and returns the result. If MDC is enabled, it sets the tenant and / or actor from the auth in the MDC context. + * Executes callable and returns the result. If MDC is enabled, it sets the tenant and / or actor from the authentication in the MDC context. * * @param the return type * @param callable the callable to execute @@ -81,7 +81,7 @@ public class Mdc { } /** - * Executes callable and returns the result. If MDC is enabled, it sets the tenant and / or actor from the auth in the MDC context. + * Executes callable and returns the result. If MDC is enabled, it sets the tenant and / or actor from the authentication in the MDC context. * Calls the {@link #withAuth(Callable)} method and wraps any catchable exception into a {@link RuntimeException}. * * @param the return type @@ -116,7 +116,7 @@ public class Mdc { } /** - * Executes callable and returns the result. If MDC is enabled, it sets the tenant and / or actor from the auth in the MDC context. + * Executes callable and returns the result. If MDC is enabled, it sets the tenant and / or actor from the authentication in the MDC context. * Calls the {@link #asTenantAsActor(String, String, Callable)} method and wraps any catchable exception into a {@link RuntimeException}. * * @param the return type diff --git a/hawkbit-core/src/main/java/org/eclipse/hawkbit/security/HawkbitSecurityProperties.java b/hawkbit-core/src/main/java/org/eclipse/hawkbit/security/HawkbitSecurityProperties.java index cddf3e4de..6fb7cc4f9 100644 --- a/hawkbit-core/src/main/java/org/eclipse/hawkbit/security/HawkbitSecurityProperties.java +++ b/hawkbit-core/src/main/java/org/eclipse/hawkbit/security/HawkbitSecurityProperties.java @@ -43,11 +43,11 @@ public class HawkbitSecurityProperties { */ private List httpFirewallIgnoredPaths; /** - * Basic auth realm, see https://tools.ietf.org/html/rfc2617#page-3 . + * Basic authentication realm, see https://tools.ietf.org/html/rfc2617#page-3 . */ private String basicRealm = "hawkBit"; /** - * If to allow http auth when there is OAuth2 auth enabled. + * If to allow http authentication when there is OAuth2 authentication enabled. */ private boolean allowHttpBasicOnOAuthEnabled = false; diff --git a/hawkbit-core/src/main/java/org/eclipse/hawkbit/tenancy/TenantAwareAuthenticationDetails.java b/hawkbit-core/src/main/java/org/eclipse/hawkbit/tenancy/TenantAwareAuthenticationDetails.java index 68b435f60..3acc7b42f 100644 --- a/hawkbit-core/src/main/java/org/eclipse/hawkbit/tenancy/TenantAwareAuthenticationDetails.java +++ b/hawkbit-core/src/main/java/org/eclipse/hawkbit/tenancy/TenantAwareAuthenticationDetails.java @@ -15,8 +15,8 @@ import java.io.Serializable; import org.springframework.security.authentication.AbstractAuthenticationToken; /** - * An auth details object {@link AbstractAuthenticationToken#getDetails()} which is stored in the - * spring security auth token details to transport the principal and tenant in the security context session. + * An authentication details object {@link AbstractAuthenticationToken#getDetails()} which is stored in the + * spring security authentication token details to transport the principal and tenant in the security context session. */ public record TenantAwareAuthenticationDetails(String tenant, boolean controller) implements Serializable { diff --git a/hawkbit-core/src/test/java/org/eclipse/hawkbit/context/AccessContextAsSystemTest.java b/hawkbit-core/src/test/java/org/eclipse/hawkbit/context/AccessContextAsSystemTest.java index 5ff048f1f..5296f9041 100644 --- a/hawkbit-core/src/test/java/org/eclipse/hawkbit/context/AccessContextAsSystemTest.java +++ b/hawkbit-core/src/test/java/org/eclipse/hawkbit/context/AccessContextAsSystemTest.java @@ -27,39 +27,39 @@ class AccessContextAsSystemTest { @Test void test() { - final UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken( + final UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken( "test", "pass", List.of(new SimpleGrantedAuthority("anonymous"))); - auth.setDetails("string details"); - test(auth); + authentication.setDetails("string details"); + test(authentication); } @Test void testWithNullPrincipal() { - final UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken( + final UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken( null, "pass", List.of(new SimpleGrantedAuthority("anonymous"))); - auth.setDetails("string details"); - test(auth); + authentication.setDetails("string details"); + test(authentication); } @Test void testWithNullCredentials() { - final UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken( + final UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken( "test", null, List.of(new SimpleGrantedAuthority("anonymous"))); - auth.setDetails("string details"); - test(auth); + authentication.setDetails("string details"); + test(authentication); } @Test void testWitAllNull() { - final UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken( + final UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken( null, null, List.of(new SimpleGrantedAuthority("anonymous"))); - auth.setDetails(null); - test(auth); + authentication.setDetails(null); + test(authentication); } - private static void test(final UsernamePasswordAuthenticationToken auth) { + private static void test(final UsernamePasswordAuthenticationToken authentication) { final SecurityContext sc = SecurityContextHolder.createEmptyContext(); - sc.setAuthentication(auth); + sc.setAuthentication(authentication); SecurityContextHolder.setContext(sc); asSystemAsTenant("tenant", () -> { final Authentication currentAuth = SecurityContextHolder.getContext().getAuthentication(); diff --git a/hawkbit-ddi/hawkbit-ddi-security/src/main/java/org/eclipse/hawkbit/security/controller/Authenticator.java b/hawkbit-ddi/hawkbit-ddi-security/src/main/java/org/eclipse/hawkbit/security/controller/Authenticator.java index 753c7c4a6..22164fc2c 100644 --- a/hawkbit-ddi/hawkbit-ddi-security/src/main/java/org/eclipse/hawkbit/security/controller/Authenticator.java +++ b/hawkbit-ddi/hawkbit-ddi-security/src/main/java/org/eclipse/hawkbit/security/controller/Authenticator.java @@ -31,10 +31,10 @@ import org.springframework.security.core.authority.SimpleGrantedAuthority; public interface Authenticator { /** - * If the auth mechanism is not enabled for the tenant - it just returns null. - * If the auth mechanism is supported, the filter extracts from the security token the related credentials, + * If the authentication mechanism is not enabled for the tenant - it just returns null. + * If the authentication mechanism is supported, the filter extracts from the security token the related credentials, * validate them (do authenticate the caller). - * If validation / auth is successful returns an authenticated auth object. Otherwise, + * If validation / authentication is successful returns an authenticated authentication object. Otherwise, * throws BadCredentialsException. * * @param controllerSecurityToken the securityToken diff --git a/hawkbit-ddi/hawkbit-ddi-security/src/main/java/org/eclipse/hawkbit/security/controller/DdiSecurityProperties.java b/hawkbit-ddi/hawkbit-ddi-security/src/main/java/org/eclipse/hawkbit/security/controller/DdiSecurityProperties.java index 675b05033..5913170f0 100644 --- a/hawkbit-ddi/hawkbit-ddi-security/src/main/java/org/eclipse/hawkbit/security/controller/DdiSecurityProperties.java +++ b/hawkbit-ddi/hawkbit-ddi-security/src/main/java/org/eclipse/hawkbit/security/controller/DdiSecurityProperties.java @@ -89,7 +89,7 @@ public class DdiSecurityProperties { public static class Gatewaytoken { /** - * Gateway token based auth enabled. + * Gateway token based authentication enabled. */ private boolean enabled = false; diff --git a/hawkbit-ddi/hawkbit-ddi-security/src/main/java/org/eclipse/hawkbit/security/controller/GatewayTokenAuthenticator.java b/hawkbit-ddi/hawkbit-ddi-security/src/main/java/org/eclipse/hawkbit/security/controller/GatewayTokenAuthenticator.java index 528833d8e..ff542c25b 100644 --- a/hawkbit-ddi/hawkbit-ddi-security/src/main/java/org/eclipse/hawkbit/security/controller/GatewayTokenAuthenticator.java +++ b/hawkbit-ddi/hawkbit-ddi-security/src/main/java/org/eclipse/hawkbit/security/controller/GatewayTokenAuthenticator.java @@ -43,7 +43,7 @@ public class GatewayTokenAuthenticator extends Authenticator.AbstractAuthenticat } if (!isEnabled(controllerSecurityToken)) { - log.debug("The gateway token auth is disabled"); + log.debug("The gateway token authentication is disabled"); return null; } diff --git a/hawkbit-ddi/hawkbit-ddi-security/src/main/java/org/eclipse/hawkbit/security/controller/SecurityHeaderAuthenticator.java b/hawkbit-ddi/hawkbit-ddi-security/src/main/java/org/eclipse/hawkbit/security/controller/SecurityHeaderAuthenticator.java index 50d53628f..a90ef9bff 100644 --- a/hawkbit-ddi/hawkbit-ddi-security/src/main/java/org/eclipse/hawkbit/security/controller/SecurityHeaderAuthenticator.java +++ b/hawkbit-ddi/hawkbit-ddi-security/src/main/java/org/eclipse/hawkbit/security/controller/SecurityHeaderAuthenticator.java @@ -67,7 +67,7 @@ public class SecurityHeaderAuthenticator extends Authenticator.AbstractAuthentic } if (!isEnabled(controllerSecurityToken)) { - log.debug("The gateway header auth is disabled"); + log.debug("The gateway header authentication is disabled"); return null; } diff --git a/hawkbit-ddi/hawkbit-ddi-security/src/main/java/org/eclipse/hawkbit/security/controller/SecurityTokenAuthenticator.java b/hawkbit-ddi/hawkbit-ddi-security/src/main/java/org/eclipse/hawkbit/security/controller/SecurityTokenAuthenticator.java index fe11f37d0..75e77bf1b 100644 --- a/hawkbit-ddi/hawkbit-ddi-security/src/main/java/org/eclipse/hawkbit/security/controller/SecurityTokenAuthenticator.java +++ b/hawkbit-ddi/hawkbit-ddi-security/src/main/java/org/eclipse/hawkbit/security/controller/SecurityTokenAuthenticator.java @@ -47,7 +47,7 @@ public class SecurityTokenAuthenticator extends Authenticator.AbstractAuthentica } if (!isEnabled(controllerSecurityToken)) { - log.debug("The target security token auth is disabled"); + log.debug("The target security token authentication is disabled"); return null; } diff --git a/hawkbit-ddi/hawkbit-ddi-security/src/test/java/org/eclipse/hawkbit/security/controller/GatewayTokenAuthenticatorTest.java b/hawkbit-ddi/hawkbit-ddi-security/src/test/java/org/eclipse/hawkbit/security/controller/GatewayTokenAuthenticatorTest.java index 03e0a1fcd..0a6596393 100644 --- a/hawkbit-ddi/hawkbit-ddi-security/src/test/java/org/eclipse/hawkbit/security/controller/GatewayTokenAuthenticatorTest.java +++ b/hawkbit-ddi/hawkbit-ddi-security/src/test/java/org/eclipse/hawkbit/security/controller/GatewayTokenAuthenticatorTest.java @@ -26,7 +26,7 @@ import org.mockito.junit.jupiter.MockitoExtension; /** * Feature: Unit Tests - Security
- * Story: Gateway token auth + * Story: Gateway token authentication */ @ExtendWith(MockitoExtension.class) class GatewayTokenAuthenticatorTest { @@ -54,7 +54,7 @@ class GatewayTokenAuthenticatorTest { } /** - * Tests successful auth with gateway token + * Tests successful authentication with gateway token */ @Test void testWithGwToken() { @@ -70,7 +70,7 @@ class GatewayTokenAuthenticatorTest { } /** - * Tests that if gateway token doesn't match, the auth fails + * Tests that if gateway token doesn't match, the authentication fails */ @Test void testWithBadGwToken() { @@ -84,7 +84,7 @@ class GatewayTokenAuthenticatorTest { } /** - * Tests that if gateway token miss, the auth fails + * Tests that if gateway token miss, the authentication fails */ @Test void testWithoutGwToken() { @@ -92,7 +92,7 @@ class GatewayTokenAuthenticatorTest { } /** - * Tests that if disabled, the auth fails + * Tests that if disabled, the authentication fails */ @Test void testWithGwTokenButDisabled() { diff --git a/hawkbit-ddi/hawkbit-ddi-security/src/test/java/org/eclipse/hawkbit/security/controller/SecurityHeaderAuthenticatorTest.java b/hawkbit-ddi/hawkbit-ddi-security/src/test/java/org/eclipse/hawkbit/security/controller/SecurityHeaderAuthenticatorTest.java index b46690b14..d77b64d53 100644 --- a/hawkbit-ddi/hawkbit-ddi-security/src/test/java/org/eclipse/hawkbit/security/controller/SecurityHeaderAuthenticatorTest.java +++ b/hawkbit-ddi/hawkbit-ddi-security/src/test/java/org/eclipse/hawkbit/security/controller/SecurityHeaderAuthenticatorTest.java @@ -63,7 +63,7 @@ class SecurityHeaderAuthenticatorTest { } /** - * Tests successful auth with multiple a single hashes + * Tests successful authentication with multiple a single hashes */ @Test void testWithSingleKnownHash() { @@ -79,7 +79,7 @@ class SecurityHeaderAuthenticatorTest { } /** - * Tests successful auth with multiple hashes + * Tests successful authentication with multiple hashes */ @Test void testWithMultipleKnownHashes() { @@ -100,7 +100,7 @@ class SecurityHeaderAuthenticatorTest { } /** - * Tests that if the hash is unknown, the auth fails + * Tests that if the hash is unknown, the authentication fails */ @Test void testWithUnknownHash() { @@ -114,7 +114,7 @@ class SecurityHeaderAuthenticatorTest { } /** - * Tests that if CN doesn't match the CN in the security token, the auth fails + * Tests that if CN doesn't match the CN in the security token, the authentication fails */ @Test void testWithNonMatchingCN() { @@ -126,7 +126,7 @@ class SecurityHeaderAuthenticatorTest { } /** - * Tests that if the hash miss, the auth fails + * Tests that if the hash miss, the authentication fails */ @Test void testWithoutHash() { @@ -134,7 +134,7 @@ class SecurityHeaderAuthenticatorTest { } /** - * Tests that if disabled, the auth fails + * Tests that if disabled, the authentication fails */ @Test void testWithSingleKnownHashButDisabled() { diff --git a/hawkbit-ddi/hawkbit-ddi-security/src/test/java/org/eclipse/hawkbit/security/controller/SecurityTokenAuthenticatorTest.java b/hawkbit-ddi/hawkbit-ddi-security/src/test/java/org/eclipse/hawkbit/security/controller/SecurityTokenAuthenticatorTest.java index 50e9acf06..990f83ef9 100644 --- a/hawkbit-ddi/hawkbit-ddi-security/src/test/java/org/eclipse/hawkbit/security/controller/SecurityTokenAuthenticatorTest.java +++ b/hawkbit-ddi/hawkbit-ddi-security/src/test/java/org/eclipse/hawkbit/security/controller/SecurityTokenAuthenticatorTest.java @@ -29,7 +29,7 @@ import org.mockito.junit.jupiter.MockitoExtension; /** * Feature: Unit Tests - Security
- * Story: Gateway token auth + * Story: Gateway token authentication */ @ExtendWith(MockitoExtension.class) class SecurityTokenAuthenticatorTest { @@ -57,7 +57,7 @@ class SecurityTokenAuthenticatorTest { } /** - * Tests successful auth with gateway token + * Tests successful authentication with gateway token */ @Test void testWithSecToken() { @@ -76,7 +76,7 @@ class SecurityTokenAuthenticatorTest { } /** - * Tests that if gateway token doesn't match, the auth fails + * Tests that if gateway token doesn't match, the authentication fails */ @Test void testWithBadSecToken() { @@ -88,7 +88,7 @@ class SecurityTokenAuthenticatorTest { } /** - * Tests that if gateway token miss, the auth fails + * Tests that if gateway token miss, the authentication fails */ @Test void testWithoutSecToken() { @@ -96,7 +96,7 @@ class SecurityTokenAuthenticatorTest { } /** - * Tests that if disabled, the auth fails + * Tests that if disabled, the authentication fails */ @Test void testWithSecTokenButDisabled() { diff --git a/hawkbit-ddi/hawkbit-ddi-server/src/main/resources/application.properties b/hawkbit-ddi/hawkbit-ddi-server/src/main/resources/application.properties index 52b0e8819..dc6cd3340 100644 --- a/hawkbit-ddi/hawkbit-ddi-server/src/main/resources/application.properties +++ b/hawkbit-ddi/hawkbit-ddi-server/src/main/resources/application.properties @@ -30,7 +30,7 @@ server.servlet.encoding.charset=UTF-8 server.servlet.encoding.enabled=true server.servlet.encoding.force=true -# DDI auth configuration +# DDI authentication configuration hawkbit.server.ddi.security.authentication.targettoken.enabled=false hawkbit.server.ddi.security.authentication.gatewaytoken.enabled=false diff --git a/hawkbit-dmf/hawkbit-dmf-amqp/src/main/java/org/eclipse/hawkbit/amqp/DmfApiConfiguration.java b/hawkbit-dmf/hawkbit-dmf-amqp/src/main/java/org/eclipse/hawkbit/amqp/DmfApiConfiguration.java index e9665e049..434ea0faf 100644 --- a/hawkbit-dmf/hawkbit-dmf-amqp/src/main/java/org/eclipse/hawkbit/amqp/DmfApiConfiguration.java +++ b/hawkbit-dmf/hawkbit-dmf-amqp/src/main/java/org/eclipse/hawkbit/amqp/DmfApiConfiguration.java @@ -148,7 +148,7 @@ public class DmfApiConfiguration { } /** - * Create the DMF API receiver queue for auth requests called by 3rd + * Create the DMF API receiver queue for authentication requests called by 3rd * party artifact storages for download authorization by devices. * * @return the receiver queue diff --git a/hawkbit-mgmt/hawkbit-mgmt-api/src/main/java/org/eclipse/hawkbit/mgmt/rest/api/MgmtBasicAuthRestApi.java b/hawkbit-mgmt/hawkbit-mgmt-api/src/main/java/org/eclipse/hawkbit/mgmt/rest/api/MgmtBasicAuthRestApi.java index de21da296..b30ec8b9e 100644 --- a/hawkbit-mgmt/hawkbit-mgmt-api/src/main/java/org/eclipse/hawkbit/mgmt/rest/api/MgmtBasicAuthRestApi.java +++ b/hawkbit-mgmt/hawkbit-mgmt-api/src/main/java/org/eclipse/hawkbit/mgmt/rest/api/MgmtBasicAuthRestApi.java @@ -22,11 +22,11 @@ import org.springframework.http.ResponseEntity; import org.springframework.web.bind.annotation.GetMapping; /** - * Api for handling basic auth user validation + * Api for handling basic authentication user validation */ @SuppressWarnings("squid:S1609") @Tag( - name = "Basic Authentication", description = "API for basic auth user validation.", + name = "Basic Authentication", description = "API for basic authentication user validation.", extensions = @Extension(name = OpenApi.X_HAWKBIT, properties = @ExtensionProperty(name = "order", value = BASIC_AUTH_ORDER))) // no request mapping specified here to avoid CVE-2021-22044 in Feign client public interface MgmtBasicAuthRestApi { diff --git a/hawkbit-mgmt/hawkbit-mgmt-api/src/main/java/org/eclipse/hawkbit/mgmt/rest/api/MgmtRestConstants.java b/hawkbit-mgmt/hawkbit-mgmt-api/src/main/java/org/eclipse/hawkbit/mgmt/rest/api/MgmtRestConstants.java index 59cdbcd25..a9a1b2036 100644 --- a/hawkbit-mgmt/hawkbit-mgmt-api/src/main/java/org/eclipse/hawkbit/mgmt/rest/api/MgmtRestConstants.java +++ b/hawkbit-mgmt/hawkbit-mgmt-api/src/main/java/org/eclipse/hawkbit/mgmt/rest/api/MgmtRestConstants.java @@ -81,7 +81,7 @@ public final class MgmtRestConstants { */ public static final String ROLLOUT_V1_REQUEST_MAPPING = BASE_V1_REQUEST_MAPPING + "/rollouts"; /** - * The basic auth validation mapping + * The basic authentication validation mapping */ public static final String AUTH_V1_REQUEST_MAPPING = BASE_V1_REQUEST_MAPPING + "/userinfo"; /** diff --git a/hawkbit-mgmt/hawkbit-mgmt-resource/src/main/java/org/eclipse/hawkbit/mgmt/rest/resource/MgmtBasicAuthResource.java b/hawkbit-mgmt/hawkbit-mgmt-resource/src/main/java/org/eclipse/hawkbit/mgmt/rest/resource/MgmtBasicAuthResource.java index dca1852a4..355d34a53 100644 --- a/hawkbit-mgmt/hawkbit-mgmt-resource/src/main/java/org/eclipse/hawkbit/mgmt/rest/resource/MgmtBasicAuthResource.java +++ b/hawkbit-mgmt/hawkbit-mgmt-resource/src/main/java/org/eclipse/hawkbit/mgmt/rest/resource/MgmtBasicAuthResource.java @@ -20,7 +20,7 @@ import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.web.bind.annotation.RestController; /** - * REST Resource handling basic auth validation. + * REST Resource handling basic authentication validation. */ @RestController public class MgmtBasicAuthResource implements MgmtBasicAuthRestApi { diff --git a/hawkbit-mgmt/hawkbit-mgmt-resource/src/test/java/org/eclipse/hawkbit/mgmt/rest/resource/MgmtBasicAuthResourceTest.java b/hawkbit-mgmt/hawkbit-mgmt-resource/src/test/java/org/eclipse/hawkbit/mgmt/rest/resource/MgmtBasicAuthResourceTest.java index a97dddeca..684345e4c 100644 --- a/hawkbit-mgmt/hawkbit-mgmt-resource/src/test/java/org/eclipse/hawkbit/mgmt/rest/resource/MgmtBasicAuthResourceTest.java +++ b/hawkbit-mgmt/hawkbit-mgmt-resource/src/test/java/org/eclipse/hawkbit/mgmt/rest/resource/MgmtBasicAuthResourceTest.java @@ -51,7 +51,7 @@ import org.springframework.web.context.WebApplicationContext; * Test for {@link MgmtBasicAuthResource}. *

* Feature: Component Tests - Management API
- * Story: Basic auth Userinfo Resource + * Story: Basic authentication Userinfo Resource */ @ActiveProfiles({ "test" }) @ExtendWith({ TestLoggerExtension.class, SharedSqlTestDatabaseExtension.class }) @@ -80,7 +80,7 @@ class MgmtBasicAuthResourceTest { MockMvc defaultMock; /** - * Test of userinfo api with basic auth validation + * Test of userinfo api with basic authentication validation */ @Test @WithUser(principal = TEST_USER, authorities = {"READ", "WRITE", "DELETE"}) @@ -97,7 +97,7 @@ class MgmtBasicAuthResourceTest { } /** - * Test of userinfo api with invalid basic auth fails + * Test of userinfo api with invalid basic authentication fails */ @Test void validateBasicAuthFailsWithInvalidCredentials() throws Exception { diff --git a/hawkbit-mgmt/hawkbit-mgmt-starter/src/main/java/org/eclipse/hawkbit/autoconfigure/mgmt/MgmtSecurityConfiguration.java b/hawkbit-mgmt/hawkbit-mgmt-starter/src/main/java/org/eclipse/hawkbit/autoconfigure/mgmt/MgmtSecurityConfiguration.java index d6cb03825..f3c17e92d 100644 --- a/hawkbit-mgmt/hawkbit-mgmt-starter/src/main/java/org/eclipse/hawkbit/autoconfigure/mgmt/MgmtSecurityConfiguration.java +++ b/hawkbit-mgmt/hawkbit-mgmt-starter/src/main/java/org/eclipse/hawkbit/autoconfigure/mgmt/MgmtSecurityConfiguration.java @@ -106,7 +106,7 @@ public class MgmtSecurityConfiguration { final HttpSecurity http, @Autowired(required = false) @Qualifier("hawkbitOAuth2ResourceServerCustomizer") final Customizer> oauth2ResourceServerCustomizer, // called just before build of the SecurityFilterChain. - // could be used for instance to set auth provider + // could be used for instance to set authentication provider // Note: implementation of the customizer shall always take in account what is the already set by the hawkBit @Autowired(required = false) @Qualifier("hawkbitHttpSecurityCustomizer") final Customizer httpSecurityCustomizer, final SystemManagement systemManagement) throws Exception { @@ -120,7 +120,7 @@ public class MgmtSecurityConfiguration { .anonymous(AbstractHttpConfigurer::disable) .csrf(AbstractHttpConfigurer::disable) .addFilterAfter( - // Servlet filter to create metadata after successful auth over RESTful. + // Servlet filter to create metadata after successful authentication over RESTful. (request, response, chain) -> { final Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); if (authentication != null && authentication.isAuthenticated()) { diff --git a/hawkbit-monolith/hawkbit-update-server/src/main/resources/application.properties b/hawkbit-monolith/hawkbit-update-server/src/main/resources/application.properties index b47a4f05d..b53cfc9d7 100644 --- a/hawkbit-monolith/hawkbit-update-server/src/main/resources/application.properties +++ b/hawkbit-monolith/hawkbit-update-server/src/main/resources/application.properties @@ -32,7 +32,7 @@ server.servlet.encoding.charset=UTF-8 server.servlet.encoding.enabled=true server.servlet.encoding.force=true -# DDI auth configuration +# DDI authentication configuration hawkbit.server.ddi.security.authentication.targettoken.enabled=false hawkbit.server.ddi.security.authentication.gatewaytoken.enabled=false diff --git a/hawkbit-repository/hawkbit-repository-jpa/src/test/java/org/eclipse/hawkbit/repository/jpa/management/TenantConfigurationManagementTest.java b/hawkbit-repository/hawkbit-repository-jpa/src/test/java/org/eclipse/hawkbit/repository/jpa/management/TenantConfigurationManagementTest.java index 291a01357..e374b1f4a 100644 --- a/hawkbit-repository/hawkbit-repository-jpa/src/test/java/org/eclipse/hawkbit/repository/jpa/management/TenantConfigurationManagementTest.java +++ b/hawkbit-repository/hawkbit-repository-jpa/src/test/java/org/eclipse/hawkbit/repository/jpa/management/TenantConfigurationManagementTest.java @@ -18,6 +18,7 @@ import java.time.Duration; import java.util.HashMap; import java.util.Map; +import org.eclipse.hawkbit.repository.TenantConfigurationManagement; import org.eclipse.hawkbit.repository.exception.InvalidTenantConfigurationKeyException; import org.eclipse.hawkbit.repository.exception.TenantConfigurationValidatorException; import org.eclipse.hawkbit.repository.jpa.AbstractJpaIntegrationTest; @@ -25,6 +26,7 @@ import org.eclipse.hawkbit.repository.model.TenantConfigurationValue; import org.eclipse.hawkbit.tenancy.configuration.DurationHelper; import org.eclipse.hawkbit.tenancy.configuration.TenantConfigurationProperties.TenantConfigurationKey; import org.junit.jupiter.api.Assertions; +import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; import org.springframework.context.EnvironmentAware; import org.springframework.core.env.Environment; @@ -35,8 +37,16 @@ import org.springframework.core.env.Environment; */ class TenantConfigurationManagementTest extends AbstractJpaIntegrationTest implements EnvironmentAware { + private TenantConfigurationManagement tenantConfigurationManagement; private Environment env; + @BeforeEach + @Override + public void beforeAll() throws Exception { + super.beforeAll(); + tenantConfigurationManagement = tenantConfigurationManagement(); + } + @Override public void setEnvironment(final Environment env) { this.env = env; @@ -51,7 +61,7 @@ class TenantConfigurationManagementTest extends AbstractJpaIntegrationTest imple assertThat(envPropertyDefault).isNotNull(); // get the configuration from the system management - final TenantConfigurationValue defaultConfigValue = tenantConfigurationManagement().getConfigurationValue( + final TenantConfigurationValue defaultConfigValue = tenantConfigurationManagement.getConfigurationValue( TenantConfigurationKey.AUTHENTICATION_GATEWAY_SECURITY_TOKEN_KEY, String.class); assertThat(defaultConfigValue.isGlobal()).isTrue(); @@ -60,11 +70,11 @@ class TenantConfigurationManagementTest extends AbstractJpaIntegrationTest imple // update the tenant specific configuration, create final String newConfigurationValue = "thisIsAnotherTokenName"; assertThat(newConfigurationValue).isNotEqualTo(defaultConfigValue.getValue()); - tenantConfigurationManagement().addOrUpdateConfiguration( + tenantConfigurationManagement.addOrUpdateConfiguration( TenantConfigurationKey.AUTHENTICATION_GATEWAY_SECURITY_TOKEN_KEY, newConfigurationValue); // verify that new configuration value is used - final TenantConfigurationValue updatedConfigurationValue = tenantConfigurationManagement() + final TenantConfigurationValue updatedConfigurationValue = tenantConfigurationManagement .getConfigurationValue(TenantConfigurationKey.AUTHENTICATION_GATEWAY_SECURITY_TOKEN_KEY, String.class); assertThat(updatedConfigurationValue.isGlobal()).isFalse(); @@ -73,16 +83,15 @@ class TenantConfigurationManagementTest extends AbstractJpaIntegrationTest imple // update the tenant specific configuration, create final String newConfigurationValue2 = "thisIsAnotherTokenName2"; assertThat(newConfigurationValue2).isNotEqualTo(updatedConfigurationValue.getValue()); - tenantConfigurationManagement().addOrUpdateConfiguration( + tenantConfigurationManagement.addOrUpdateConfiguration( TenantConfigurationKey.AUTHENTICATION_GATEWAY_SECURITY_TOKEN_KEY, newConfigurationValue2); // verify that new configuration value is used - final TenantConfigurationValue updatedConfigurationValue2 = tenantConfigurationManagement() + final TenantConfigurationValue updatedConfigurationValue2 = tenantConfigurationManagement .getConfigurationValue(TenantConfigurationKey.AUTHENTICATION_GATEWAY_SECURITY_TOKEN_KEY, String.class); assertThat(updatedConfigurationValue2.isGlobal()).isFalse(); assertThat(updatedConfigurationValue2.getValue()).isEqualTo(newConfigurationValue2); - // assertThat(tenantConfigurationManagement().getTenantConfigurations()).hasSize(1); } /** @@ -95,12 +104,12 @@ class TenantConfigurationManagementTest extends AbstractJpaIntegrationTest imple final String value2 = "secondValue"; // add value first - tenantConfigurationManagement().addOrUpdateConfiguration(configKey, value1); - assertThat(tenantConfigurationManagement().getConfigurationValue(configKey, String.class).getValue()).isEqualTo(value1); + tenantConfigurationManagement.addOrUpdateConfiguration(configKey, value1); + assertThat(tenantConfigurationManagement.getConfigurationValue(configKey, String.class).getValue()).isEqualTo(value1); // update to value second - tenantConfigurationManagement().addOrUpdateConfiguration(configKey, value2); - assertThat(tenantConfigurationManagement().getConfigurationValue(configKey, String.class).getValue()).isEqualTo(value2); + tenantConfigurationManagement.addOrUpdateConfiguration(configKey, value2); + assertThat(tenantConfigurationManagement.getConfigurationValue(configKey, String.class).getValue()).isEqualTo(value2); } /** @@ -114,12 +123,12 @@ class TenantConfigurationManagementTest extends AbstractJpaIntegrationTest imple }}; // add value first - tenantConfigurationManagement().addOrUpdateConfiguration(configuration); - assertThat(tenantConfigurationManagement().getConfigurationValue( + tenantConfigurationManagement.addOrUpdateConfiguration(configuration); + assertThat(tenantConfigurationManagement.getConfigurationValue( TenantConfigurationKey.AUTHENTICATION_GATEWAY_SECURITY_TOKEN_KEY, String.class).getValue()) .isEqualTo("token_123"); assertThat( - tenantConfigurationManagement().getConfigurationValue(TenantConfigurationKey.ROLLOUT_APPROVAL_ENABLED, Boolean.class).getValue()) + tenantConfigurationManagement.getConfigurationValue(TenantConfigurationKey.ROLLOUT_APPROVAL_ENABLED, Boolean.class).getValue()) .isTrue(); } @@ -130,11 +139,11 @@ class TenantConfigurationManagementTest extends AbstractJpaIntegrationTest imple void storeAndUpdateTenantSpecificConfigurationAsBoolean() { final String configKey = TenantConfigurationKey.AUTHENTICATION_HEADER_ENABLED; final Boolean value1 = true; - tenantConfigurationManagement().addOrUpdateConfiguration(configKey, value1); - assertThat(tenantConfigurationManagement().getConfigurationValue(configKey, Boolean.class).getValue()).isEqualTo(value1); + tenantConfigurationManagement.addOrUpdateConfiguration(configKey, value1); + assertThat(tenantConfigurationManagement.getConfigurationValue(configKey, Boolean.class).getValue()).isEqualTo(value1); final Boolean value2 = false; - tenantConfigurationManagement().addOrUpdateConfiguration(configKey, value2); - assertThat(tenantConfigurationManagement().getConfigurationValue(configKey, Boolean.class).getValue()).isEqualTo(value2); + tenantConfigurationManagement.addOrUpdateConfiguration(configKey, value2); + assertThat(tenantConfigurationManagement.getConfigurationValue(configKey, Boolean.class).getValue()).isEqualTo(value2); } /** @@ -146,7 +155,7 @@ class TenantConfigurationManagementTest extends AbstractJpaIntegrationTest imple final String value1 = "thisIsNotABoolean"; // add value as String - assertThatThrownBy(() -> tenantConfigurationManagement().addOrUpdateConfiguration(configKey, value1)) + assertThatThrownBy(() -> tenantConfigurationManagement.addOrUpdateConfiguration(configKey, value1)) .as("Should not have worked as value is not a boolean") .isInstanceOf(TenantConfigurationValidatorException.class); } @@ -163,15 +172,15 @@ class TenantConfigurationManagementTest extends AbstractJpaIntegrationTest imple }}; try { - tenantConfigurationManagement().addOrUpdateConfiguration(configuration); + tenantConfigurationManagement.addOrUpdateConfiguration(configuration); fail("should not have worked as type is wrong"); } catch (final TenantConfigurationValidatorException e) { assertThat( - tenantConfigurationManagement().getConfigurationValue( + tenantConfigurationManagement.getConfigurationValue( TenantConfigurationKey.AUTHENTICATION_GATEWAY_SECURITY_TOKEN_KEY, String.class).getValue()) .isNotEqualTo("token_123"); assertThat( - tenantConfigurationManagement().getConfigurationValue( + tenantConfigurationManagement.getConfigurationValue( TenantConfigurationKey.ROLLOUT_APPROVAL_ENABLED, Boolean.class).getValue()) .isNotEqualTo(true); } @@ -185,22 +194,22 @@ class TenantConfigurationManagementTest extends AbstractJpaIntegrationTest imple final String configKey = TenantConfigurationKey.AUTHENTICATION_GATEWAY_SECURITY_TOKEN_KEY; // gateway token does not have default value so no configuration value should be available - final String defaultConfigValue = tenantConfigurationManagement().getConfigurationValue(configKey, String.class).getValue(); + final String defaultConfigValue = tenantConfigurationManagement.getConfigurationValue(configKey, String.class).getValue(); assertThat(defaultConfigValue).isEmpty(); // update the tenant specific configuration final String newConfigurationValue = "thisIsAnotherValueForPolling"; assertThat(newConfigurationValue).isNotEqualTo(defaultConfigValue); - tenantConfigurationManagement().addOrUpdateConfiguration(configKey, newConfigurationValue); + tenantConfigurationManagement.addOrUpdateConfiguration(configKey, newConfigurationValue); // verify that new configuration value is used - final String updatedConfigurationValue = tenantConfigurationManagement().getConfigurationValue(configKey, String.class).getValue(); + final String updatedConfigurationValue = tenantConfigurationManagement.getConfigurationValue(configKey, String.class).getValue(); assertThat(updatedConfigurationValue).isEqualTo(newConfigurationValue); // delete the tenant specific configuration - tenantConfigurationManagement().deleteConfiguration(configKey); + tenantConfigurationManagement.deleteConfiguration(configKey); // ensure that now gateway token is set again, because is deleted and must be empty now - assertThat(tenantConfigurationManagement().getConfigurationValue(configKey, String.class).getValue()).isEmpty(); + assertThat(tenantConfigurationManagement.getConfigurationValue(configKey, String.class).getValue()).isEmpty(); } /** @@ -210,7 +219,7 @@ class TenantConfigurationManagementTest extends AbstractJpaIntegrationTest imple void storesIntegerWhenStringIsExpected() { final String configKey = TenantConfigurationKey.AUTHENTICATION_GATEWAY_SECURITY_TOKEN_KEY; final Integer wrongDatType = 123; - assertThatThrownBy(() -> tenantConfigurationManagement().addOrUpdateConfiguration(configKey, wrongDatType)) + assertThatThrownBy(() -> tenantConfigurationManagement.addOrUpdateConfiguration(configKey, wrongDatType)) .as("Should not have worked as integer is not a string") .isInstanceOf(TenantConfigurationValidatorException.class); } @@ -222,7 +231,7 @@ class TenantConfigurationManagementTest extends AbstractJpaIntegrationTest imple void storesIntegerWhenBooleanIsExpected() { final String configKey = TenantConfigurationKey.AUTHENTICATION_GATEWAY_SECURITY_TOKEN_ENABLED; final Integer wrongDataType = 123; - assertThatThrownBy(() -> tenantConfigurationManagement().addOrUpdateConfiguration(configKey, wrongDataType)) + assertThatThrownBy(() -> tenantConfigurationManagement.addOrUpdateConfiguration(configKey, wrongDataType)) .as("Should not have worked as integer is not a boolean") .isInstanceOf(TenantConfigurationValidatorException.class); } @@ -234,7 +243,7 @@ class TenantConfigurationManagementTest extends AbstractJpaIntegrationTest imple void storesIntegerWhenPollingIntervalIsExpected() { final String configKey = TenantConfigurationKey.POLLING_TIME; final Integer wrongDataType = 123; - assertThatThrownBy(() -> tenantConfigurationManagement().addOrUpdateConfiguration(configKey, wrongDataType)) + assertThatThrownBy(() -> tenantConfigurationManagement.addOrUpdateConfiguration(configKey, wrongDataType)) .as("Should not have worked as integer is not a time field") .isInstanceOf(TenantConfigurationValidatorException.class); } @@ -246,7 +255,7 @@ class TenantConfigurationManagementTest extends AbstractJpaIntegrationTest imple void storesWrongFormattedStringAsPollingInterval() { final String configKey = TenantConfigurationKey.POLLING_TIME; final String wrongFormatted = "wrongFormatted"; - assertThatThrownBy(() -> tenantConfigurationManagement().addOrUpdateConfiguration(configKey, wrongFormatted)) + assertThatThrownBy(() -> tenantConfigurationManagement.addOrUpdateConfiguration(configKey, wrongFormatted)) .as("should not have worked as string is not a time field") .isInstanceOf(TenantConfigurationValidatorException.class); } @@ -259,7 +268,7 @@ class TenantConfigurationManagementTest extends AbstractJpaIntegrationTest imple final String configKey = TenantConfigurationKey.POLLING_TIME; final String tooSmallDuration = DurationHelper.toString(getDurationByTimeValues(0, 0, 1)); - assertThatThrownBy(() -> tenantConfigurationManagement().addOrUpdateConfiguration(configKey, tooSmallDuration)) + assertThatThrownBy(() -> tenantConfigurationManagement.addOrUpdateConfiguration(configKey, tooSmallDuration)) .as("Should not have worked as string has an invalid format") .isInstanceOf(TenantConfigurationValidatorException.class); } @@ -274,9 +283,9 @@ class TenantConfigurationManagementTest extends AbstractJpaIntegrationTest imple final Duration duration = getDurationByTimeValues(1, 2, 0); assertThat(duration).isEqualTo(Duration.ofHours(1).plusMinutes(2)); - tenantConfigurationManagement().addOrUpdateConfiguration(configKey, DurationHelper.toString(duration)); + tenantConfigurationManagement.addOrUpdateConfiguration(configKey, DurationHelper.toString(duration)); - final String storedDurationString = tenantConfigurationManagement().getConfigurationValue(configKey, String.class).getValue(); + final String storedDurationString = tenantConfigurationManagement.getConfigurationValue(configKey, String.class).getValue(); assertThat(duration).isEqualTo(DurationHelper.fromString(storedDurationString)); } @@ -285,7 +294,7 @@ class TenantConfigurationManagementTest extends AbstractJpaIntegrationTest imple */ @Test void requestConfigValueWithWrongType() { - assertThatThrownBy(() -> tenantConfigurationManagement().getConfigurationValue( + assertThatThrownBy(() -> tenantConfigurationManagement.getConfigurationValue( TenantConfigurationKey.POLLING_TIME, Serializable.class)) .isInstanceOf(TenantConfigurationValidatorException.class); } @@ -319,7 +328,7 @@ class TenantConfigurationManagementTest extends AbstractJpaIntegrationTest imple @Test void storeTenantConfigurationWhichIsNotDeclaredThrowsException() { final String configKeyWhichDoesNotExists = "configKeyWhichDoesNotExists"; - assertThatThrownBy(() -> tenantConfigurationManagement().addOrUpdateConfiguration(configKeyWhichDoesNotExists, "value")) + assertThatThrownBy(() -> tenantConfigurationManagement.addOrUpdateConfiguration(configKeyWhichDoesNotExists, "value")) .as("Expected InvalidTenantConfigurationKeyException for tenant configuration key which is not declared") .isInstanceOf(InvalidTenantConfigurationKeyException.class); } @@ -328,16 +337,16 @@ class TenantConfigurationManagementTest extends AbstractJpaIntegrationTest imple void storeTenantConfigNumberValue() { final String configKey = TenantConfigurationKey.ACTION_CLEANUP_AUTO_EXPIRY; // set auto cleanup for 1 day in Integer ms - tenantConfigurationManagement().addOrUpdateConfiguration(configKey, 86400000); + tenantConfigurationManagement.addOrUpdateConfiguration(configKey, 86400000); // expect long - Long autoCleanupDaysInMs = tenantConfigurationManagement().getConfigurationValue(configKey, Long.class).getValue(); + Long autoCleanupDaysInMs = tenantConfigurationManagement.getConfigurationValue(configKey, Long.class).getValue(); Assertions.assertEquals(86400000, autoCleanupDaysInMs); - tenantConfigurationManagement().addOrUpdateConfiguration(configKey, 86400000); + tenantConfigurationManagement.addOrUpdateConfiguration(configKey, 86400000); // 30 days 2,592,000,000 ms as Long - tenantConfigurationManagement().addOrUpdateConfiguration(configKey, 2592000000L); - autoCleanupDaysInMs = tenantConfigurationManagement().getConfigurationValue(configKey, Long.class).getValue(); + tenantConfigurationManagement.addOrUpdateConfiguration(configKey, 2592000000L); + autoCleanupDaysInMs = tenantConfigurationManagement.getConfigurationValue(configKey, Long.class).getValue(); Assertions.assertEquals(2592000000L, autoCleanupDaysInMs); } @@ -346,7 +355,7 @@ class TenantConfigurationManagementTest extends AbstractJpaIntegrationTest imple final String configKey = TenantConfigurationKey.ACTION_CLEANUP_AUTO_EXPIRY; // set auto cleanup for 1 day in String ms assertThatThrownBy(() -> - tenantConfigurationManagement().addOrUpdateConfiguration(configKey, "86400000")) + tenantConfigurationManagement.addOrUpdateConfiguration(configKey, "86400000")) .as("Cannot convert the value 86400000 of type String to the type Long defined by the configuration key.") .isInstanceOf(TenantConfigurationValidatorException.class); } diff --git a/hawkbit-rest-core/src/main/java/org/eclipse/hawkbit/rest/SecurityManagedConfiguration.java b/hawkbit-rest-core/src/main/java/org/eclipse/hawkbit/rest/SecurityManagedConfiguration.java index 6e52308fb..1a8f8d29e 100644 --- a/hawkbit-rest-core/src/main/java/org/eclipse/hawkbit/rest/SecurityManagedConfiguration.java +++ b/hawkbit-rest-core/src/main/java/org/eclipse/hawkbit/rest/SecurityManagedConfiguration.java @@ -32,7 +32,7 @@ import org.springframework.security.web.firewall.StrictHttpFirewall; import org.springframework.util.CollectionUtils; /** - * All configurations related to HawkBit's auth and authorization layer. + * All configurations related to HawkBit's authentication and authorization layer. */ @Slf4j @Configuration diff --git a/hawkbit-sdk/hawkbit-sdk-commons/src/main/java/org/eclipse/hawkbit/sdk/HawkbitClient.java b/hawkbit-sdk/hawkbit-sdk-commons/src/main/java/org/eclipse/hawkbit/sdk/HawkbitClient.java index 9efa45985..6ec41feda 100644 --- a/hawkbit-sdk/hawkbit-sdk-commons/src/main/java/org/eclipse/hawkbit/sdk/HawkbitClient.java +++ b/hawkbit-sdk/hawkbit-sdk-commons/src/main/java/org/eclipse/hawkbit/sdk/HawkbitClient.java @@ -106,7 +106,7 @@ public class HawkbitClient { template.header(AUTHORIZATION, "GatewayToken " + tenant.getGatewayToken()); } else if (!ObjectUtils.isEmpty(controller.getSecurityToken())) { template.header(AUTHORIZATION, "TargetToken " + controller.getSecurityToken()); - } // else do not send auth, no auth or certificate based + } // else do not send authentication, no authentication or certificate based }; // @formatter:on private static final ErrorDecoder DEFAULT_ERROR_DECODER_0 = new ErrorDecoder.Default(); @@ -279,7 +279,7 @@ public class HawkbitClient { (controller == null ? hawkBitServer.getMgmtUrl() : hawkBitServer.getDdiUrl()) + path).openConnection(); conn.setRequestMethod("POST"); - // deal with auth - only from headers1 + // deal with authentication - only from headers1 final RequestTemplate requestTemplate = new RequestTemplate(); requestInterceptorFn.apply(tenant, controller).apply(requestTemplate); requestTemplate.headers().forEach((k, v) -> v.forEach(e -> conn.setRequestProperty(k, e))); diff --git a/hawkbit-sdk/hawkbit-sdk-commons/src/main/java/org/eclipse/hawkbit/sdk/Tenant.java b/hawkbit-sdk/hawkbit-sdk-commons/src/main/java/org/eclipse/hawkbit/sdk/Tenant.java index beee07abc..c5f1a581c 100644 --- a/hawkbit-sdk/hawkbit-sdk-commons/src/main/java/org/eclipse/hawkbit/sdk/Tenant.java +++ b/hawkbit-sdk/hawkbit-sdk-commons/src/main/java/org/eclipse/hawkbit/sdk/Tenant.java @@ -26,7 +26,7 @@ public class Tenant { @NonNull private String tenantId = "DEFAULT"; - // basic auth user, to access management api + // basic authentication user, to access management api @Nullable private String username = "admin"; @ToString.Exclude diff --git a/hawkbit-sdk/hawkbit-sdk-mgmt/src/main/java/org/eclipse/hawkbit/sdk/mgmt/AuthenticationSetupHelper.java b/hawkbit-sdk/hawkbit-sdk-mgmt/src/main/java/org/eclipse/hawkbit/sdk/mgmt/AuthenticationSetupHelper.java index a8c12c478..28f96dc63 100644 --- a/hawkbit-sdk/hawkbit-sdk-mgmt/src/main/java/org/eclipse/hawkbit/sdk/mgmt/AuthenticationSetupHelper.java +++ b/hawkbit-sdk/hawkbit-sdk-mgmt/src/main/java/org/eclipse/hawkbit/sdk/mgmt/AuthenticationSetupHelper.java @@ -32,17 +32,17 @@ import org.eclipse.hawkbit.sdk.ca.CA; import org.springframework.util.ObjectUtils; /** - * Helper for auth setup + * Helper for authentication setup */ @Slf4j @AllArgsConstructor public class AuthenticationSetupHelper { - private static final String AUTHENTICATION_MODE_GATEWAY_SECURITY_TOKEN_KEY = "auth.gatewaytoken.key"; - private static final String AUTHENTICATION_MODE_GATEWAY_SECURITY_TOKEN_ENABLED = "auth.gatewaytoken.enabled"; - private static final String AUTHENTICATION_MODE_TARGET_SECURITY_TOKEN_ENABLED = "auth.targettoken.enabled"; - private static final String AUTHENTICATION_MODE_HEADER_ENABLED = "auth.header.enabled"; - private static final String AUTHENTICATION_MODE_HEADER_AUTHORITY_NAME = "auth.header.authority"; + private static final String AUTHENTICATION_MODE_GATEWAY_SECURITY_TOKEN_KEY = "authentication.gatewaytoken.key"; + private static final String AUTHENTICATION_MODE_GATEWAY_SECURITY_TOKEN_ENABLED = "authentication.gatewaytoken.enabled"; + private static final String AUTHENTICATION_MODE_TARGET_SECURITY_TOKEN_ENABLED = "authentication.targettoken.enabled"; + private static final String AUTHENTICATION_MODE_HEADER_ENABLED = "authentication.header.enabled"; + private static final String AUTHENTICATION_MODE_HEADER_AUTHORITY_NAME = "authentication.header.authority"; private static final Random RND = new SecureRandom(); @@ -57,7 +57,7 @@ public class AuthenticationSetupHelper { return Base64.getEncoder().encodeToString(rnd); } - // sets up a certificate auth, if DdiCA is null - generate self signed CA + // sets up a certificate authentication, if DdiCA is null - generate self signed CA public void setupCertificateAuthentication() throws CertificateException { final MgmtTenantManagementRestApi mgmtTenantManagementRestApi = hawkbitClient.mgmtService(MgmtTenantManagementRestApi.class, tenant); CA ddiCA = tenant.getDdiCA(); @@ -80,7 +80,7 @@ public class AuthenticationSetupHelper { } } - // enables secure token auth + // enables secure token authentication public void setupSecureTokenAuthentication() { final MgmtTenantManagementRestApi mgmtTenantManagementRestApi = hawkbitClient.mgmtService(MgmtTenantManagementRestApi.class, tenant); if (!(Boolean.TRUE.equals(Objects.requireNonNull(mgmtTenantManagementRestApi @@ -90,7 +90,7 @@ public class AuthenticationSetupHelper { } } - // set gateway token auth (generate and sets gateway token to tenant, if not set up) + // set gateway token authentication (generate and sets gateway token to tenant, if not set up) // return the gateway token public void setupGatewayTokenAuthentication() { String gatewayToken = tenant.getGatewayToken(); @@ -112,8 +112,8 @@ public class AuthenticationSetupHelper { } } - // if gateway token is configured then the gateway auth is enabled, so all devices use gateway token auth. - // otherwise, target token auth is enabled - then all devices shall be registered and the target token shall be set to the one from + // if gateway token is configured then the gateway authentication is enabled, so all devices use gateway token authentication. + // otherwise, target token authentication is enabled - then all devices shall be registered and the target token shall be set to the one from // the DDI controller instance public void setupTargetAuthentication() { final String gatewayToken = tenant.getGatewayToken(); diff --git a/hawkbit-ui/src/main/java/org/eclipse/hawkbit/ui/HawkbitUiApp.java b/hawkbit-ui/src/main/java/org/eclipse/hawkbit/ui/HawkbitUiApp.java index 27a6cbf57..f9ea4726c 100644 --- a/hawkbit-ui/src/main/java/org/eclipse/hawkbit/ui/HawkbitUiApp.java +++ b/hawkbit-ui/src/main/java/org/eclipse/hawkbit/ui/HawkbitUiApp.java @@ -128,8 +128,8 @@ public class HawkbitUiApp implements AppShellConfigurator { final HttpURLConnection conn = (HttpURLConnection) url.openConnection(); conn.setRequestMethod("GET"); - final String auth = username + ":" + password; - final String encodedAuth = Base64.getEncoder().encodeToString(auth.getBytes()); + final String authentication = username + ":" + password; + final String encodedAuth = Base64.getEncoder().encodeToString(authentication.getBytes()); conn.setRequestProperty(AUTHORIZATION_HEADER, "Basic " + encodedAuth); return conn.getResponseCode() != 401;