From abf043cf874394038f1163367cafba885918d308 Mon Sep 17 00:00:00 2001 From: Avgustin Marinov Date: Wed, 19 Feb 2025 13:43:42 +0200 Subject: [PATCH] Fix anonymous download filter (#2290) Signed-off-by: Avgustin Marinov --- .../security/controller/AuthenticationFilters.java | 9 --------- .../ddi/ControllerDownloadSecurityConfiguration.java | 4 +++- 2 files changed, 3 insertions(+), 10 deletions(-) diff --git a/hawkbit-ddi/hawkbit-ddi-security/src/main/java/org/eclipse/hawkbit/security/controller/AuthenticationFilters.java b/hawkbit-ddi/hawkbit-ddi-security/src/main/java/org/eclipse/hawkbit/security/controller/AuthenticationFilters.java index aee38b129..d64402550 100644 --- a/hawkbit-ddi/hawkbit-ddi-security/src/main/java/org/eclipse/hawkbit/security/controller/AuthenticationFilters.java +++ b/hawkbit-ddi/hawkbit-ddi-security/src/main/java/org/eclipse/hawkbit/security/controller/AuthenticationFilters.java @@ -72,8 +72,6 @@ public class AuthenticationFilters { */ private static final String CONTROLLER_REQUEST_ANT_PATTERN = "/{" + TENANT_PLACE_HOLDER + "}/controller/v1/{" + CONTROLLER_ID_PLACE_HOLDER + "}/**"; - private static final String CONTROLLER_DL_REQUEST_ANT_PATTERN = - "/{" + TENANT_PLACE_HOLDER + "}/controller/artifacts/v1/**"; private final SecurityContextHolderStrategy securityContextHolderStrategy = SecurityContextHolder.getContextHolderStrategy(); private final AntPathMatcher pathExtractor = new AntPathMatcher(); @@ -125,13 +123,6 @@ public class AuthenticationFilters { final String tenant = UrlUtils.decodeUriValue(extractUriTemplateVariables.get(TENANT_PLACE_HOLDER)); authenticator.log().trace("Parsed tenant {} and controllerId {} from path request {}", tenant, controllerId, requestURI); return createTenantSecurityTokenVariables(request, tenant, controllerId); - } else if (pathExtractor.match(request.getContextPath() + CONTROLLER_DL_REQUEST_ANT_PATTERN, requestURI)) { - authenticator.log().debug("retrieving path variables from URI request {}", requestURI); - final Map extractUriTemplateVariables = pathExtractor.extractUriTemplateVariables( - request.getContextPath() + CONTROLLER_DL_REQUEST_ANT_PATTERN, requestURI); - final String tenant = UrlUtils.decodeUriValue(extractUriTemplateVariables.get(TENANT_PLACE_HOLDER)); - authenticator.log().trace("Parsed tenant {} from path request {}", tenant, requestURI); - return createTenantSecurityTokenVariables(request, tenant, "anonymous"); } else { authenticator.log().trace("request {} does not match the path pattern {}, request gets ignored", requestURI, CONTROLLER_REQUEST_ANT_PATTERN); return null; diff --git a/hawkbit-ddi/hawkbit-ddi-starter/src/main/java/org/eclipse/hawkbit/autoconfigure/ddi/ControllerDownloadSecurityConfiguration.java b/hawkbit-ddi/hawkbit-ddi-starter/src/main/java/org/eclipse/hawkbit/autoconfigure/ddi/ControllerDownloadSecurityConfiguration.java index 7474e1ef0..b79b56eda 100644 --- a/hawkbit-ddi/hawkbit-ddi-starter/src/main/java/org/eclipse/hawkbit/autoconfigure/ddi/ControllerDownloadSecurityConfiguration.java +++ b/hawkbit-ddi/hawkbit-ddi-starter/src/main/java/org/eclipse/hawkbit/autoconfigure/ddi/ControllerDownloadSecurityConfiguration.java @@ -143,7 +143,9 @@ class ControllerDownloadSecurityConfiguration { @Override public Authentication authenticate(final ControllerSecurityToken controllerSecurityToken) { - return isEnabled(controllerSecurityToken) ? authenticatedController(controllerSecurityToken.getTenant(), null) : null; + return isEnabled(controllerSecurityToken) + ? authenticatedController(controllerSecurityToken.getTenant(), controllerSecurityToken.getControllerId()) + : null; } @Override