Improved AccessContext (#3029)

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
This commit is contained in:
Avgustin Marinov
2026-04-21 13:51:37 +03:00
committed by GitHub
parent f2edc36e11
commit c029c88db6
35 changed files with 188 additions and 290 deletions

View File

@@ -12,19 +12,15 @@ package org.eclipse.hawkbit.security.controller;
import static org.eclipse.hawkbit.context.AccessContext.asTenant;
import java.io.Serial;
import java.util.Collection;
import java.util.List;
import java.util.Objects;
import lombok.EqualsAndHashCode;
import org.eclipse.hawkbit.auth.SpRole;
import org.eclipse.hawkbit.context.Principal;
import org.eclipse.hawkbit.repository.helper.TenantConfigHelper;
import org.eclipse.hawkbit.tenancy.TenantAwareAuthenticationDetails;
import org.slf4j.Logger;
import org.springframework.security.authentication.AbstractAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
/**
* Interface for Authentication mechanism.
@@ -65,14 +61,11 @@ public interface Authenticator {
@Serial
private static final long serialVersionUID = 1L;
private static final Collection<GrantedAuthority> CONTROLLER_AUTHORITY =
List.of(new SimpleGrantedAuthority(SpRole.CONTROLLER_ROLE));
private final String controllerId;
private final Principal principal;
AuthenticatedController(final String tenant, final String controllerId) {
super(CONTROLLER_AUTHORITY);
super.setDetails(new TenantAwareAuthenticationDetails(tenant, true));
this.controllerId = controllerId;
super(SpRole.CONTROLLER_AUTHORITIES);
this.principal = new Principal(tenant, controllerId);
setAuthenticated(true);
}
@@ -83,7 +76,7 @@ public interface Authenticator {
@Override
public Object getPrincipal() {
return controllerId;
return principal;
}
}
}

View File

@@ -15,6 +15,7 @@ import static org.eclipse.hawkbit.tenancy.configuration.TenantConfigurationPrope
import static org.eclipse.hawkbit.tenancy.configuration.TenantConfigurationProperties.TenantConfigurationKey.AUTHENTICATION_GATEWAY_SECURITY_TOKEN_KEY;
import static org.mockito.Mockito.when;
import org.eclipse.hawkbit.context.Principal;
import org.eclipse.hawkbit.repository.TenantConfigurationManagement;
import org.eclipse.hawkbit.repository.helper.TenantConfigHelper;
import org.eclipse.hawkbit.repository.model.TenantConfigurationValue;
@@ -66,7 +67,7 @@ class GatewayTokenAuthenticatorTest {
assertThat(authenticator.authenticate(securityToken))
.isNotNull()
.hasFieldOrPropertyWithValue("principal", CONTROLLER_ID);
.hasFieldOrPropertyWithValue("principal", new Principal("DEFAULT", CONTROLLER_ID));
}
/**

View File

@@ -14,6 +14,7 @@ import static org.eclipse.hawkbit.tenancy.configuration.TenantConfigurationPrope
import static org.eclipse.hawkbit.tenancy.configuration.TenantConfigurationProperties.TenantConfigurationKey.AUTHENTICATION_HEADER_ENABLED;
import static org.mockito.Mockito.when;
import org.eclipse.hawkbit.context.Principal;
import org.eclipse.hawkbit.repository.TenantConfigurationManagement;
import org.eclipse.hawkbit.repository.helper.TenantConfigHelper;
import org.eclipse.hawkbit.repository.model.TenantConfigurationValue;
@@ -77,7 +78,7 @@ class SecurityHeaderAuthenticatorTest {
assertThat(authenticator.authenticate(securityToken))
.isNotNull()
.hasFieldOrPropertyWithValue("principal", CA_COMMON_NAME_VALUE);
.hasFieldOrPropertyWithValue("principal", new Principal("DEFAULT", CA_COMMON_NAME_VALUE));
}
/**
@@ -92,13 +93,13 @@ class SecurityHeaderAuthenticatorTest {
assertThat(authenticator.authenticate(prepareSecurityToken(SINGLE_AUTHORITY)))
.isNotNull()
.hasFieldOrPropertyWithValue("principal", CA_COMMON_NAME_VALUE);
.hasFieldOrPropertyWithValue("principal", new Principal("DEFAULT", CA_COMMON_NAME_VALUE));
assertThat(authenticator.authenticate(prepareSecurityToken(SECOND_AUTHORITY)))
.isNotNull()
.hasFieldOrPropertyWithValue("principal", CA_COMMON_NAME_VALUE);
.hasFieldOrPropertyWithValue("principal", new Principal("DEFAULT", CA_COMMON_NAME_VALUE));
assertThat(authenticator.authenticate(prepareSecurityToken(THIRD_AUTHORITY)))
.isNotNull()
.hasFieldOrPropertyWithValue("principal", CA_COMMON_NAME_VALUE);
.hasFieldOrPropertyWithValue("principal", new Principal("DEFAULT", CA_COMMON_NAME_VALUE));
}
/**

View File

@@ -15,6 +15,7 @@ import static org.mockito.Mockito.when;
import java.util.Optional;
import org.eclipse.hawkbit.context.Principal;
import org.eclipse.hawkbit.repository.ControllerManagement;
import org.eclipse.hawkbit.repository.TenantConfigurationManagement;
import org.eclipse.hawkbit.repository.helper.TenantConfigHelper;
@@ -72,7 +73,7 @@ class SecurityTokenAuthenticatorTest {
assertThat(authenticator.authenticate(securityToken))
.isNotNull()
.hasFieldOrPropertyWithValue("principal", CONTROLLER_ID);
.hasFieldOrPropertyWithValue("principal", new Principal("DEFAULT", CONTROLLER_ID));
}
/**