diff --git a/hawkbit-security-integration/src/main/java/org/eclipse/hawkbit/security/ControllerPreAuthenticatedSecurityHeaderFilter.java b/hawkbit-security-integration/src/main/java/org/eclipse/hawkbit/security/ControllerPreAuthenticatedSecurityHeaderFilter.java index 6965afe3f..a536b319d 100644 --- a/hawkbit-security-integration/src/main/java/org/eclipse/hawkbit/security/ControllerPreAuthenticatedSecurityHeaderFilter.java +++ b/hawkbit-security-integration/src/main/java/org/eclipse/hawkbit/security/ControllerPreAuthenticatedSecurityHeaderFilter.java @@ -10,7 +10,7 @@ package org.eclipse.hawkbit.security; import java.util.Arrays; import java.util.List; -import java.util.Set; +import java.util.stream.Collectors; import org.eclipse.hawkbit.dmf.json.model.TenantSecurityToken; import org.eclipse.hawkbit.repository.TenantConfigurationManagement; @@ -19,15 +19,11 @@ import org.eclipse.hawkbit.tenancy.configuration.TenantConfigurationKey; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import com.google.common.collect.Sets; - /** * An pre-authenticated processing filter which extracts the principal from a * request URI and the credential from a request header in a the * {@link TenantSecurityToken}. * - * - * */ public class ControllerPreAuthenticatedSecurityHeaderFilter extends AbstractControllerAuthenticationFilter { @@ -112,12 +108,10 @@ public class ControllerPreAuthenticatedSecurityHeaderFilter extends AbstractCont controllerId = secruityToken.getHeader(caCommonNameHeader); } - List knownHashes = splitMultiHash(authorityNameConfigurationValue); + List knownHashes = splitMultiHashBySemicolon(authorityNameConfigurationValue); - Set multiHashes = Sets.newHashSetWithExpectedSize(knownHashes.size()); final String cntlId = controllerId; - knownHashes.forEach(hashItem -> multiHashes.add(new HeaderAuthentication(cntlId, hashItem))); - return multiHashes; + return knownHashes.stream().map(hashItem -> new HeaderAuthentication(cntlId, hashItem)).collect(Collectors.toSet()); } /** @@ -128,8 +122,7 @@ public class ControllerPreAuthenticatedSecurityHeaderFilter extends AbstractCont */ private String getIssuerHashHeader(final TenantSecurityToken secruityToken, final String knownIssuerHashes) { // there may be several knownIssuerHashes configured for the tenant - // separated by a semicolon - List knownHashes = splitMultiHash(knownIssuerHashes); + List knownHashes = splitMultiHashBySemicolon(knownIssuerHashes); // iterate over the headers until we get a null header. int iHeader = 1; @@ -162,7 +155,7 @@ public class ControllerPreAuthenticatedSecurityHeaderFilter extends AbstractCont } } - private static List splitMultiHash(String knownIssuerHashes) { + private static List splitMultiHashBySemicolon(String knownIssuerHashes) { return Arrays.asList(knownIssuerHashes.split(";")); } } diff --git a/hawkbit-security-integration/src/main/java/org/eclipse/hawkbit/security/PreAuthTokenSourceTrustAuthenticationProvider.java b/hawkbit-security-integration/src/main/java/org/eclipse/hawkbit/security/PreAuthTokenSourceTrustAuthenticationProvider.java index 0809f6691..ffe1b7377 100644 --- a/hawkbit-security-integration/src/main/java/org/eclipse/hawkbit/security/PreAuthTokenSourceTrustAuthenticationProvider.java +++ b/hawkbit-security-integration/src/main/java/org/eclipse/hawkbit/security/PreAuthTokenSourceTrustAuthenticationProvider.java @@ -123,14 +123,18 @@ public class PreAuthTokenSourceTrustAuthenticationProvider implements Authentica * certificate. * * @param principal + * the {@link HeaderAuthentication} from the header * @param credentials + * a single {@link HeaderAuthentication} or a Collection of + * HeaderAuthentication * @param tokenDetails + * authentication details * @return true if authentication succeeded, otherwise * false */ private boolean calculateAuthenticationSuccess(Object principal, Object credentials, Object tokenDetails) { boolean successAuthentication = false; - if (Collection.class.isAssignableFrom(credentials.getClass())) { + if (credentials instanceof Collection) { final Collection multiValueCredentials = (Collection) credentials; if (multiValueCredentials.contains(principal)) { successAuthentication = checkSourceIPAddressIfNeccessary(tokenDetails); diff --git a/hawkbit-security-integration/src/test/java/org/eclipse/hawkbit/security/ControllerPreAuthenticatedSecurityHeaderFilterTest.java b/hawkbit-security-integration/src/test/java/org/eclipse/hawkbit/security/ControllerPreAuthenticatedSecurityHeaderFilterTest.java index 1275e44b0..15e9c2055 100644 --- a/hawkbit-security-integration/src/test/java/org/eclipse/hawkbit/security/ControllerPreAuthenticatedSecurityHeaderFilterTest.java +++ b/hawkbit-security-integration/src/test/java/org/eclipse/hawkbit/security/ControllerPreAuthenticatedSecurityHeaderFilterTest.java @@ -8,8 +8,6 @@ */ package org.eclipse.hawkbit.security; - -//import static org.junit.Assert.*; import static org.fest.assertions.api.Assertions.assertThat; import static org.junit.Assert.assertEquals; import static org.mockito.Matchers.eq; @@ -105,7 +103,6 @@ public class ControllerPreAuthenticatedSecurityHeaderFilterTest { eq(TenantConfigurationKey.AUTHENTICATION_MODE_HEADER_AUTHORITY_NAME), eq(String.class))) .thenReturn(CONFIG_VALUE_MULTI_HASH); assertThat(underTest.getPreAuthenticatedPrincipal(securityToken)).isNull(); - ; } @Test