Split repository API for module and DS management. Refactor utility usage (#524)
* Split DS management and reduce util usage. Signed-off-by: kaizimmerm <kai.zimmermann@bosch-si.com> * Split sw module and type management. Signed-off-by: kaizimmerm <kai.zimmermann@bosch-si.com> * Sonar issues. Signed-off-by: kaizimmerm <kai.zimmermann@bosch-si.com> * Make sonar listen to the exception! Signed-off-by: kaizimmerm <kai.zimmermann@bosch-si.com> * Register both beans. Signed-off-by: kaizimmerm <kai.zimmermann@bosch-si.com> * Split JPA implementations. Signed-off-by: kaizimmerm <kai.zimmermann@bosch-si.com> * Revert user details change. Signed-off-by: kaizimmerm <kai.zimmermann@bosch-si.com> * Fix compilation errors. Signed-off-by: kaizimmerm <kai.zimmermann@bosch-si.com> * Fix bean queries. Fix image path. Signed-off-by: kaizimmerm <kai.zimmermann@bosch-si.com> * Document preferred utility usage. Signed-off-by: kaizimmerm <kai.zimmermann@bosch-si.com> * Fix exmaples and revert unintended checkin. Signed-off-by: kaizimmerm <kai.zimmermann@bosch-si.com> * Code cleanup. Signed-off-by: kaizimmerm <kai.zimmermann@bosch-si.com> * Typos, readibility. Signed-off-by: kaizimmerm <kai.zimmermann@bosch-si.com> * Remove unused reference. Signed-off-by: kaizimmerm <kai.zimmermann@bosch-si.com> * Rollouts cache delete aware. Signed-off-by: kaizimmerm <kai.zimmermann@bosch-si.com> * Fix rolloutgroup delete event. Signed-off-by: kaizimmerm <kai.zimmermann@bosch-si.com> * Add new RolloutGroupDeletedEvent event Signed-off-by: kaizimmerm <kai.zimmermann@bosch-si.com>
This commit is contained in:
@@ -11,6 +11,7 @@ package org.eclipse.hawkbit.security;
|
||||
import java.io.IOException;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collection;
|
||||
import java.util.Collections;
|
||||
import java.util.Map;
|
||||
|
||||
import javax.servlet.FilterChain;
|
||||
@@ -33,9 +34,6 @@ import org.springframework.security.web.authentication.preauth.AbstractPreAuthen
|
||||
import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken;
|
||||
import org.springframework.util.AntPathMatcher;
|
||||
|
||||
import com.google.common.collect.Iterators;
|
||||
import com.google.common.collect.UnmodifiableIterator;
|
||||
|
||||
/**
|
||||
* An abstraction for all controller based security to parse the e.g. the tenant
|
||||
* name from the URL and the controller ID from the URL to do security checks
|
||||
@@ -170,8 +168,10 @@ public abstract class AbstractHttpControllerAuthenticationFilter extends Abstrac
|
||||
final String tenant, final String controllerId) {
|
||||
final DmfTenantSecurityToken secruityToken = new DmfTenantSecurityToken(tenant, null, controllerId, null,
|
||||
FileResource.createFileResourceBySha1(""));
|
||||
final UnmodifiableIterator<String> forEnumeration = Iterators.forEnumeration(request.getHeaderNames());
|
||||
forEnumeration.forEachRemaining(header -> secruityToken.putHeader(header, request.getHeader(header)));
|
||||
|
||||
Collections.list(request.getHeaderNames())
|
||||
.forEach(header -> secruityToken.putHeader(header, request.getHeader(header)));
|
||||
|
||||
return secruityToken;
|
||||
}
|
||||
|
||||
|
||||
@@ -12,6 +12,8 @@ import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.junit.Assert.fail;
|
||||
import static org.mockito.Mockito.when;
|
||||
|
||||
import java.util.Arrays;
|
||||
|
||||
import org.junit.Test;
|
||||
import org.junit.runner.RunWith;
|
||||
import org.mockito.Mock;
|
||||
@@ -21,8 +23,6 @@ import org.springframework.security.authentication.InsufficientAuthenticationExc
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken;
|
||||
|
||||
import com.google.common.collect.Lists;
|
||||
|
||||
import ru.yandex.qatools.allure.annotations.Description;
|
||||
import ru.yandex.qatools.allure.annotations.Features;
|
||||
import ru.yandex.qatools.allure.annotations.Stories;
|
||||
@@ -47,8 +47,8 @@ public class PreAuthTokenSourceTrustAuthenticationProviderTest {
|
||||
public void principalAndCredentialsNotTheSameThrowsAuthenticationException() {
|
||||
final String principal = "controllerIdURL";
|
||||
final String credentials = "controllerIdHeader";
|
||||
final PreAuthenticatedAuthenticationToken token = new PreAuthenticatedAuthenticationToken(
|
||||
principal, Lists.newArrayList(credentials));
|
||||
final PreAuthenticatedAuthenticationToken token = new PreAuthenticatedAuthenticationToken(principal,
|
||||
Arrays.asList(credentials));
|
||||
token.setDetails(webAuthenticationDetailsMock);
|
||||
|
||||
// test, should throw authentication exception
|
||||
@@ -66,12 +66,11 @@ public class PreAuthTokenSourceTrustAuthenticationProviderTest {
|
||||
public void principalAndCredentialsAreTheSameWithNoSourceIpCheckIsSuccessful() {
|
||||
final String principal = "controllerId";
|
||||
final String credentials = "controllerId";
|
||||
final PreAuthenticatedAuthenticationToken token = new PreAuthenticatedAuthenticationToken(
|
||||
principal, Lists.newArrayList(credentials));
|
||||
final PreAuthenticatedAuthenticationToken token = new PreAuthenticatedAuthenticationToken(principal,
|
||||
Arrays.asList(credentials));
|
||||
token.setDetails(webAuthenticationDetailsMock);
|
||||
|
||||
final Authentication authenticate = underTestWithoutSourceIpCheck
|
||||
.authenticate(token);
|
||||
final Authentication authenticate = underTestWithoutSourceIpCheck.authenticate(token);
|
||||
assertThat(authenticate.isAuthenticated()).isTrue();
|
||||
}
|
||||
|
||||
@@ -81,8 +80,8 @@ public class PreAuthTokenSourceTrustAuthenticationProviderTest {
|
||||
final String remoteAddress = "192.168.1.1";
|
||||
final String principal = "controllerId";
|
||||
final String credentials = "controllerId";
|
||||
final PreAuthenticatedAuthenticationToken token = new PreAuthenticatedAuthenticationToken(
|
||||
principal, Lists.newArrayList(credentials));
|
||||
final PreAuthenticatedAuthenticationToken token = new PreAuthenticatedAuthenticationToken(principal,
|
||||
Arrays.asList(credentials));
|
||||
token.setDetails(webAuthenticationDetailsMock);
|
||||
|
||||
when(webAuthenticationDetailsMock.getRemoteAddress()).thenReturn(remoteAddress);
|
||||
@@ -102,15 +101,14 @@ public class PreAuthTokenSourceTrustAuthenticationProviderTest {
|
||||
public void priniciapAndCredentialsAreTheSameAndSourceIpIsTrusted() {
|
||||
final String principal = "controllerId";
|
||||
final String credentials = "controllerId";
|
||||
final PreAuthenticatedAuthenticationToken token = new PreAuthenticatedAuthenticationToken(
|
||||
principal, Lists.newArrayList(credentials));
|
||||
final PreAuthenticatedAuthenticationToken token = new PreAuthenticatedAuthenticationToken(principal,
|
||||
Arrays.asList(credentials));
|
||||
token.setDetails(webAuthenticationDetailsMock);
|
||||
|
||||
when(webAuthenticationDetailsMock.getRemoteAddress()).thenReturn(REQUEST_SOURCE_IP);
|
||||
|
||||
// test, should throw authentication exception
|
||||
final Authentication authenticate = underTestWithSourceIpCheck
|
||||
.authenticate(token);
|
||||
final Authentication authenticate = underTestWithSourceIpCheck.authenticate(token);
|
||||
assertThat(authenticate.isAuthenticated()).isTrue();
|
||||
}
|
||||
|
||||
@@ -120,8 +118,8 @@ public class PreAuthTokenSourceTrustAuthenticationProviderTest {
|
||||
"192.168.1.3" };
|
||||
final String principal = "controllerId";
|
||||
final String credentials = "controllerId";
|
||||
final PreAuthenticatedAuthenticationToken token = new PreAuthenticatedAuthenticationToken(
|
||||
principal, Lists.newArrayList(credentials));
|
||||
final PreAuthenticatedAuthenticationToken token = new PreAuthenticatedAuthenticationToken(principal,
|
||||
Arrays.asList(credentials));
|
||||
token.setDetails(webAuthenticationDetailsMock);
|
||||
|
||||
when(webAuthenticationDetailsMock.getRemoteAddress()).thenReturn(REQUEST_SOURCE_IP);
|
||||
@@ -139,8 +137,8 @@ public class PreAuthTokenSourceTrustAuthenticationProviderTest {
|
||||
final String[] trustedIPAddresses = new String[] { "192.168.1.1", "192.168.1.2", "192.168.1.3" };
|
||||
final String principal = "controllerId";
|
||||
final String credentials = "controllerId";
|
||||
final PreAuthenticatedAuthenticationToken token = new PreAuthenticatedAuthenticationToken(
|
||||
principal, Lists.newArrayList(credentials));
|
||||
final PreAuthenticatedAuthenticationToken token = new PreAuthenticatedAuthenticationToken(principal,
|
||||
Arrays.asList(credentials));
|
||||
token.setDetails(webAuthenticationDetailsMock);
|
||||
|
||||
when(webAuthenticationDetailsMock.getRemoteAddress()).thenReturn(REQUEST_SOURCE_IP);
|
||||
|
||||
Reference in New Issue
Block a user