Code improvements

Signed-off-by: Dominik Herbst <dominik.herbst@bosch-si.com>
This commit is contained in:
Dominik Herbst
2016-10-05 12:46:21 +02:00
parent 7176f93ca4
commit 97ab881d6e
3 changed files with 10 additions and 16 deletions

View File

@@ -10,7 +10,7 @@ package org.eclipse.hawkbit.security;
import java.util.Arrays; import java.util.Arrays;
import java.util.List; import java.util.List;
import java.util.Set; import java.util.stream.Collectors;
import org.eclipse.hawkbit.dmf.json.model.TenantSecurityToken; import org.eclipse.hawkbit.dmf.json.model.TenantSecurityToken;
import org.eclipse.hawkbit.repository.TenantConfigurationManagement; import org.eclipse.hawkbit.repository.TenantConfigurationManagement;
@@ -19,15 +19,11 @@ import org.eclipse.hawkbit.tenancy.configuration.TenantConfigurationKey;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
import com.google.common.collect.Sets;
/** /**
* An pre-authenticated processing filter which extracts the principal from a * An pre-authenticated processing filter which extracts the principal from a
* request URI and the credential from a request header in a the * request URI and the credential from a request header in a the
* {@link TenantSecurityToken}. * {@link TenantSecurityToken}.
* *
*
*
*/ */
public class ControllerPreAuthenticatedSecurityHeaderFilter extends AbstractControllerAuthenticationFilter { public class ControllerPreAuthenticatedSecurityHeaderFilter extends AbstractControllerAuthenticationFilter {
@@ -112,12 +108,10 @@ public class ControllerPreAuthenticatedSecurityHeaderFilter extends AbstractCont
controllerId = secruityToken.getHeader(caCommonNameHeader); controllerId = secruityToken.getHeader(caCommonNameHeader);
} }
List<String> knownHashes = splitMultiHash(authorityNameConfigurationValue); List<String> knownHashes = splitMultiHashBySemicolon(authorityNameConfigurationValue);
Set<HeaderAuthentication> multiHashes = Sets.newHashSetWithExpectedSize(knownHashes.size());
final String cntlId = controllerId; final String cntlId = controllerId;
knownHashes.forEach(hashItem -> multiHashes.add(new HeaderAuthentication(cntlId, hashItem))); return knownHashes.stream().map(hashItem -> new HeaderAuthentication(cntlId, hashItem)).collect(Collectors.toSet());
return multiHashes;
} }
/** /**
@@ -128,8 +122,7 @@ public class ControllerPreAuthenticatedSecurityHeaderFilter extends AbstractCont
*/ */
private String getIssuerHashHeader(final TenantSecurityToken secruityToken, final String knownIssuerHashes) { private String getIssuerHashHeader(final TenantSecurityToken secruityToken, final String knownIssuerHashes) {
// there may be several knownIssuerHashes configured for the tenant // there may be several knownIssuerHashes configured for the tenant
// separated by a semicolon List<String> knownHashes = splitMultiHashBySemicolon(knownIssuerHashes);
List<String> knownHashes = splitMultiHash(knownIssuerHashes);
// iterate over the headers until we get a null header. // iterate over the headers until we get a null header.
int iHeader = 1; int iHeader = 1;
@@ -162,7 +155,7 @@ public class ControllerPreAuthenticatedSecurityHeaderFilter extends AbstractCont
} }
} }
private static List<String> splitMultiHash(String knownIssuerHashes) { private static List<String> splitMultiHashBySemicolon(String knownIssuerHashes) {
return Arrays.asList(knownIssuerHashes.split(";")); return Arrays.asList(knownIssuerHashes.split(";"));
} }
} }

View File

@@ -123,14 +123,18 @@ public class PreAuthTokenSourceTrustAuthenticationProvider implements Authentica
* certificate. * certificate.
* *
* @param principal * @param principal
* the {@link HeaderAuthentication} from the header
* @param credentials * @param credentials
* a single {@link HeaderAuthentication} or a Collection of
* HeaderAuthentication
* @param tokenDetails * @param tokenDetails
* authentication details
* @return <code>true</code> if authentication succeeded, otherwise * @return <code>true</code> if authentication succeeded, otherwise
* <code>false</code> * <code>false</code>
*/ */
private boolean calculateAuthenticationSuccess(Object principal, Object credentials, Object tokenDetails) { private boolean calculateAuthenticationSuccess(Object principal, Object credentials, Object tokenDetails) {
boolean successAuthentication = false; boolean successAuthentication = false;
if (Collection.class.isAssignableFrom(credentials.getClass())) { if (credentials instanceof Collection) {
final Collection<?> multiValueCredentials = (Collection<?>) credentials; final Collection<?> multiValueCredentials = (Collection<?>) credentials;
if (multiValueCredentials.contains(principal)) { if (multiValueCredentials.contains(principal)) {
successAuthentication = checkSourceIPAddressIfNeccessary(tokenDetails); successAuthentication = checkSourceIPAddressIfNeccessary(tokenDetails);

View File

@@ -8,8 +8,6 @@
*/ */
package org.eclipse.hawkbit.security; package org.eclipse.hawkbit.security;
//import static org.junit.Assert.*;
import static org.fest.assertions.api.Assertions.assertThat; import static org.fest.assertions.api.Assertions.assertThat;
import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertEquals;
import static org.mockito.Matchers.eq; import static org.mockito.Matchers.eq;
@@ -105,7 +103,6 @@ public class ControllerPreAuthenticatedSecurityHeaderFilterTest {
eq(TenantConfigurationKey.AUTHENTICATION_MODE_HEADER_AUTHORITY_NAME), eq(String.class))) eq(TenantConfigurationKey.AUTHENTICATION_MODE_HEADER_AUTHORITY_NAME), eq(String.class)))
.thenReturn(CONFIG_VALUE_MULTI_HASH); .thenReturn(CONFIG_VALUE_MULTI_HASH);
assertThat(underTest.getPreAuthenticatedPrincipal(securityToken)).isNull(); assertThat(underTest.getPreAuthenticatedPrincipal(securityToken)).isNull();
;
} }
@Test @Test