Remove hard servlet dependency from SystemSecurityContext (#1812)

Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
2024-08-11 10:50:01 +03:00
parent e874cf5014
commit d851fa4d02
2 changed files with 41 additions and 34 deletions
--- a/hawkbit-autoconfigure/src/main/java/org/eclipse/hawkbit/autoconfigure/security/SecurityManagedConfiguration.java
+++ b/hawkbit-autoconfigure/src/main/java/org/eclipse/hawkbit/autoconfigure/security/SecurityManagedConfiguration.java
@@ -206,7 +206,7 @@ public class SecurityManagedConfiguration {
                        .sessionManagement(configurer -> configurer.sessionCreationPolicy(SessionCreationPolicy.STATELESS));
            }

-            MDCHandler.getInstance().addLoggingFilter(http);
+            MDCHandler.Filter.addLoggingFilter(http);

            return http.build();
        }
@@ -323,7 +323,7 @@ public class SecurityManagedConfiguration {
                        .sessionManagement(configurer -> configurer.sessionCreationPolicy(SessionCreationPolicy.STATELESS));
            }

-            MDCHandler.getInstance().addLoggingFilter(http);
+            MDCHandler.Filter.addLoggingFilter(http);

            return http.build();
        }
@@ -387,7 +387,7 @@ public class SecurityManagedConfiguration {
                    .addFilterBefore(downloadIdAuthenticationFilter, AuthorizationFilter.class)
                    .sessionManagement(configurer -> configurer.sessionCreationPolicy(SessionCreationPolicy.STATELESS));

-            MDCHandler.getInstance().addLoggingFilter(http);
+            MDCHandler.Filter.addLoggingFilter(http);

            return http.build();
        }
@@ -491,7 +491,7 @@ public class SecurityManagedConfiguration {
                httpSecurityCustomizer.customize(http);
            }

-            MDCHandler.getInstance().addLoggingFilter(http);
+            MDCHandler.Filter.addLoggingFilter(http);

            return http.build();
        }
--- a/hawkbit-security-core/src/main/java/org/eclipse/hawkbit/security/MDCHandler.java
+++ b/hawkbit-security-core/src/main/java/org/eclipse/hawkbit/security/MDCHandler.java
@@ -9,6 +9,7 @@
 */
 package org.eclipse.hawkbit.security;

+import ch.qos.logback.classic.turbo.MDCFilter;
 import jakarta.servlet.FilterChain;
 import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpServletRequest;
@@ -76,36 +77,6 @@ public class MDCHandler {
        }
    }

-    public void addLoggingFilter(final HttpSecurity httpSecurity) {
-        httpSecurity.addFilterBefore(new OncePerRequestFilter() {
-            @Override
-            protected void doFilterInternal(
-                    final HttpServletRequest request, final HttpServletResponse response, final FilterChain filterChain)
-                    throws ServletException, IOException {
-                try {
-                    withLogging(() -> {
-                        filterChain.doFilter(request, response);
-                        return null;
-                    });
-                } catch (final RuntimeException re) {
-                    throw re;
-                } catch (final WrappedException we) {
-                    final Throwable cause = we.getCause();
-                    if (cause instanceof ServletException se) {
-                        throw se;
-                    } else if (cause instanceof IOException ioe) {
-                        throw ioe;
-                    } else {
-                        throw we.toRuntimeException();
-                    }
-                } catch (final Exception e) {
-                    // should never be here - if mdc is handler is enabled non-runtime exceptions are always wrapped
-                    throw new RuntimeException(e);
-                }
-            }
-        }, AuthorizationFilter.class);
-    }
-
    private <T> T putUserAndCall(final Callable<T> callable) throws WrappedException {
        final String user = springSecurityAuditorAware
                .getCurrentAuditor()
@@ -151,4 +122,40 @@ public class MDCHandler {
            return new RuntimeException(getCause() == null ? this : getCause());
        }
    }
+
+    public static class Filter {
+
+        public static void addLoggingFilter(final HttpSecurity httpSecurity) {
+            httpSecurity.addFilterBefore(new OncePerRequestFilter() {
+
+                private final MDCHandler mdcFilter = MDCHandler.getInstance();
+
+                @Override
+                protected void doFilterInternal(
+                        final HttpServletRequest request, final HttpServletResponse response, final FilterChain filterChain)
+                        throws ServletException, IOException {
+                    try {
+                        mdcFilter.withLogging(() -> {
+                            filterChain.doFilter(request, response);
+                            return null;
+                        });
+                    } catch (final RuntimeException re) {
+                        throw re;
+                    } catch (final WrappedException we) {
+                        final Throwable cause = we.getCause();
+                        if (cause instanceof ServletException se) {
+                            throw se;
+                        } else if (cause instanceof IOException ioe) {
+                            throw ioe;
+                        } else {
+                            throw we.toRuntimeException();
+                        }
+                    } catch (final Exception e) {
+                        // should never be here - if mdc is handler is enabled non-runtime exceptions are always wrapped
+                        throw new RuntimeException(e);
+                    }
+                }
+            }, AuthorizationFilter.class);
+        }
+    }
 }