Improved AccessContext (#3029)
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
This commit is contained in:
@@ -12,19 +12,15 @@ package org.eclipse.hawkbit.security.controller;
|
||||
import static org.eclipse.hawkbit.context.AccessContext.asTenant;
|
||||
|
||||
import java.io.Serial;
|
||||
import java.util.Collection;
|
||||
import java.util.List;
|
||||
import java.util.Objects;
|
||||
|
||||
import lombok.EqualsAndHashCode;
|
||||
import org.eclipse.hawkbit.auth.SpRole;
|
||||
import org.eclipse.hawkbit.context.Principal;
|
||||
import org.eclipse.hawkbit.repository.helper.TenantConfigHelper;
|
||||
import org.eclipse.hawkbit.tenancy.TenantAwareAuthenticationDetails;
|
||||
import org.slf4j.Logger;
|
||||
import org.springframework.security.authentication.AbstractAuthenticationToken;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
||||
|
||||
/**
|
||||
* Interface for Authentication mechanism.
|
||||
@@ -65,14 +61,11 @@ public interface Authenticator {
|
||||
@Serial
|
||||
private static final long serialVersionUID = 1L;
|
||||
|
||||
private static final Collection<GrantedAuthority> CONTROLLER_AUTHORITY =
|
||||
List.of(new SimpleGrantedAuthority(SpRole.CONTROLLER_ROLE));
|
||||
private final String controllerId;
|
||||
private final Principal principal;
|
||||
|
||||
AuthenticatedController(final String tenant, final String controllerId) {
|
||||
super(CONTROLLER_AUTHORITY);
|
||||
super.setDetails(new TenantAwareAuthenticationDetails(tenant, true));
|
||||
this.controllerId = controllerId;
|
||||
super(SpRole.CONTROLLER_AUTHORITIES);
|
||||
this.principal = new Principal(tenant, controllerId);
|
||||
setAuthenticated(true);
|
||||
}
|
||||
|
||||
@@ -83,7 +76,7 @@ public interface Authenticator {
|
||||
|
||||
@Override
|
||||
public Object getPrincipal() {
|
||||
return controllerId;
|
||||
return principal;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -15,6 +15,7 @@ import static org.eclipse.hawkbit.tenancy.configuration.TenantConfigurationPrope
|
||||
import static org.eclipse.hawkbit.tenancy.configuration.TenantConfigurationProperties.TenantConfigurationKey.AUTHENTICATION_GATEWAY_SECURITY_TOKEN_KEY;
|
||||
import static org.mockito.Mockito.when;
|
||||
|
||||
import org.eclipse.hawkbit.context.Principal;
|
||||
import org.eclipse.hawkbit.repository.TenantConfigurationManagement;
|
||||
import org.eclipse.hawkbit.repository.helper.TenantConfigHelper;
|
||||
import org.eclipse.hawkbit.repository.model.TenantConfigurationValue;
|
||||
@@ -66,7 +67,7 @@ class GatewayTokenAuthenticatorTest {
|
||||
|
||||
assertThat(authenticator.authenticate(securityToken))
|
||||
.isNotNull()
|
||||
.hasFieldOrPropertyWithValue("principal", CONTROLLER_ID);
|
||||
.hasFieldOrPropertyWithValue("principal", new Principal("DEFAULT", CONTROLLER_ID));
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -14,6 +14,7 @@ import static org.eclipse.hawkbit.tenancy.configuration.TenantConfigurationPrope
|
||||
import static org.eclipse.hawkbit.tenancy.configuration.TenantConfigurationProperties.TenantConfigurationKey.AUTHENTICATION_HEADER_ENABLED;
|
||||
import static org.mockito.Mockito.when;
|
||||
|
||||
import org.eclipse.hawkbit.context.Principal;
|
||||
import org.eclipse.hawkbit.repository.TenantConfigurationManagement;
|
||||
import org.eclipse.hawkbit.repository.helper.TenantConfigHelper;
|
||||
import org.eclipse.hawkbit.repository.model.TenantConfigurationValue;
|
||||
@@ -77,7 +78,7 @@ class SecurityHeaderAuthenticatorTest {
|
||||
|
||||
assertThat(authenticator.authenticate(securityToken))
|
||||
.isNotNull()
|
||||
.hasFieldOrPropertyWithValue("principal", CA_COMMON_NAME_VALUE);
|
||||
.hasFieldOrPropertyWithValue("principal", new Principal("DEFAULT", CA_COMMON_NAME_VALUE));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -92,13 +93,13 @@ class SecurityHeaderAuthenticatorTest {
|
||||
|
||||
assertThat(authenticator.authenticate(prepareSecurityToken(SINGLE_AUTHORITY)))
|
||||
.isNotNull()
|
||||
.hasFieldOrPropertyWithValue("principal", CA_COMMON_NAME_VALUE);
|
||||
.hasFieldOrPropertyWithValue("principal", new Principal("DEFAULT", CA_COMMON_NAME_VALUE));
|
||||
assertThat(authenticator.authenticate(prepareSecurityToken(SECOND_AUTHORITY)))
|
||||
.isNotNull()
|
||||
.hasFieldOrPropertyWithValue("principal", CA_COMMON_NAME_VALUE);
|
||||
.hasFieldOrPropertyWithValue("principal", new Principal("DEFAULT", CA_COMMON_NAME_VALUE));
|
||||
assertThat(authenticator.authenticate(prepareSecurityToken(THIRD_AUTHORITY)))
|
||||
.isNotNull()
|
||||
.hasFieldOrPropertyWithValue("principal", CA_COMMON_NAME_VALUE);
|
||||
.hasFieldOrPropertyWithValue("principal", new Principal("DEFAULT", CA_COMMON_NAME_VALUE));
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -15,6 +15,7 @@ import static org.mockito.Mockito.when;
|
||||
|
||||
import java.util.Optional;
|
||||
|
||||
import org.eclipse.hawkbit.context.Principal;
|
||||
import org.eclipse.hawkbit.repository.ControllerManagement;
|
||||
import org.eclipse.hawkbit.repository.TenantConfigurationManagement;
|
||||
import org.eclipse.hawkbit.repository.helper.TenantConfigHelper;
|
||||
@@ -72,7 +73,7 @@ class SecurityTokenAuthenticatorTest {
|
||||
|
||||
assertThat(authenticator.authenticate(securityToken))
|
||||
.isNotNull()
|
||||
.hasFieldOrPropertyWithValue("principal", CONTROLLER_ID);
|
||||
.hasFieldOrPropertyWithValue("principal", new Principal("DEFAULT", CONTROLLER_ID));
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
Reference in New Issue
Block a user