diff --git a/hawkbit-http-security/src/main/java/org/eclipse/hawkbit/security/AbstractHttpControllerAuthenticationFilter.java b/hawkbit-http-security/src/main/java/org/eclipse/hawkbit/security/AbstractHttpControllerAuthenticationFilter.java index 4236ab530..18501aa22 100644 --- a/hawkbit-http-security/src/main/java/org/eclipse/hawkbit/security/AbstractHttpControllerAuthenticationFilter.java +++ b/hawkbit-http-security/src/main/java/org/eclipse/hawkbit/security/AbstractHttpControllerAuthenticationFilter.java @@ -22,12 +22,11 @@ import jakarta.servlet.ServletResponse; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; +import lombok.extern.slf4j.Slf4j; import org.eclipse.hawkbit.repository.TenantConfigurationManagement; import org.eclipse.hawkbit.security.DmfTenantSecurityToken.FileResource; import org.eclipse.hawkbit.tenancy.TenantAware; import org.eclipse.hawkbit.util.UrlUtils; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; import org.springframework.security.core.Authentication; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.context.SecurityContextHolder; @@ -40,10 +39,9 @@ import org.springframework.util.AntPathMatcher; * name from the URL and the controller ID from the URL to do security checks * based on this information. */ +@Slf4j public abstract class AbstractHttpControllerAuthenticationFilter extends AbstractPreAuthenticatedProcessingFilter { - - private static final Logger LOG = LoggerFactory.getLogger(AbstractHttpControllerAuthenticationFilter.class); - + private static final String TENANT_PLACE_HOLDER = "tenant"; private static final String CONTROLLER_ID_PLACE_HOLDER = "controllerId"; @@ -134,28 +132,28 @@ public abstract class AbstractHttpControllerAuthenticationFilter extends Abstrac final String requestURI = request.getRequestURI(); if (pathExtractor.match(request.getContextPath() + CONTROLLER_REQUEST_ANT_PATTERN, requestURI)) { - LOG.debug("retrieving principal from URI request {}", requestURI); + log.debug("retrieving principal from URI request {}", requestURI); final Map extractUriTemplateVariables = pathExtractor .extractUriTemplateVariables(request.getContextPath() + CONTROLLER_REQUEST_ANT_PATTERN, requestURI); final String controllerId = UrlUtils.decodeUriValue(extractUriTemplateVariables.get(CONTROLLER_ID_PLACE_HOLDER)); final String tenant = UrlUtils.decodeUriValue(extractUriTemplateVariables.get(TENANT_PLACE_HOLDER)); - if (LOG.isTraceEnabled()) { - LOG.trace("Parsed tenant {} and controllerId {} from path request {}", tenant, controllerId, + if (log.isTraceEnabled()) { + log.trace("Parsed tenant {} and controllerId {} from path request {}", tenant, controllerId, requestURI); } return createTenantSecurityTokenVariables(request, tenant, controllerId); } else if (pathExtractor.match(request.getContextPath() + CONTROLLER_DL_REQUEST_ANT_PATTERN, requestURI)) { - LOG.debug("retrieving path variables from URI request {}", requestURI); + log.debug("retrieving path variables from URI request {}", requestURI); final Map extractUriTemplateVariables = pathExtractor.extractUriTemplateVariables( request.getContextPath() + CONTROLLER_DL_REQUEST_ANT_PATTERN, requestURI); final String tenant = UrlUtils.decodeUriValue(extractUriTemplateVariables.get(TENANT_PLACE_HOLDER)); - if (LOG.isTraceEnabled()) { - LOG.trace("Parsed tenant {} from path request {}", tenant, requestURI); + if (log.isTraceEnabled()) { + log.trace("Parsed tenant {} from path request {}", tenant, requestURI); } return createTenantSecurityTokenVariables(request, tenant, "anonymous"); } else { - if (LOG.isTraceEnabled()) { - LOG.trace("request {} does not match the path pattern {}, request gets ignored", requestURI, + if (log.isTraceEnabled()) { + log.trace("request {} does not match the path pattern {}, request gets ignored", requestURI, CONTROLLER_REQUEST_ANT_PATTERN); } return null; diff --git a/hawkbit-http-security/src/main/java/org/eclipse/hawkbit/security/ControllerTenantAwareAuthenticationDetailsSource.java b/hawkbit-http-security/src/main/java/org/eclipse/hawkbit/security/ControllerTenantAwareAuthenticationDetailsSource.java index 8c7b87ed3..c407c261e 100644 --- a/hawkbit-http-security/src/main/java/org/eclipse/hawkbit/security/ControllerTenantAwareAuthenticationDetailsSource.java +++ b/hawkbit-http-security/src/main/java/org/eclipse/hawkbit/security/ControllerTenantAwareAuthenticationDetailsSource.java @@ -13,10 +13,9 @@ import java.util.Map; import jakarta.servlet.http.HttpServletRequest; +import lombok.extern.slf4j.Slf4j; import org.eclipse.hawkbit.im.authentication.TenantAwareAuthenticationDetails; import org.eclipse.hawkbit.util.UrlUtils; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; import org.springframework.security.authentication.AuthenticationDetailsSource; import org.springframework.util.AntPathMatcher; @@ -24,14 +23,12 @@ import org.springframework.util.AntPathMatcher; * An {@link AuthenticationDetailsSource} implementation which retrieves the * tenant from a request pattern {@link #TENANT_AWARE_CONTROLLER_PATTERN} and * stores the retrieved tenant in the {@link TenantAwareAuthenticationDetails}. - * */ +@Slf4j public class ControllerTenantAwareAuthenticationDetailsSource implements AuthenticationDetailsSource { private static final String TENANT_AWARE_CONTROLLER_PATTERN = "/{tenant}/controller/**"; - private static final Logger LOGGER = LoggerFactory - .getLogger(ControllerTenantAwareAuthenticationDetailsSource.class); private static final String TENANT_PLACE_HOLDER = "tenant"; private final AntPathMatcher pathExtractor; @@ -49,17 +46,17 @@ public class ControllerTenantAwareAuthenticationDetailsSource private String getTenantFromRequestUri(final HttpServletRequest request) { final String requestURI = request.getRequestURI(); - LOGGER.debug("retrieving tenant from URI request {}", requestURI); + log.debug("retrieving tenant from URI request {}", requestURI); final String requestPathPattern = request.getContextPath() + TENANT_AWARE_CONTROLLER_PATTERN; if (!pathExtractor.match(requestPathPattern, requestURI)) { - LOGGER.info("Controller request not matching tenant aware request pattern requestpath: {}, pattern {}", + log.info("Controller request not matching tenant aware request pattern requestpath: {}, pattern {}", requestURI, TENANT_AWARE_CONTROLLER_PATTERN); return null; } final Map extractUriTemplateVariables = pathExtractor .extractUriTemplateVariables(requestPathPattern, requestURI); - if (LOGGER.isTraceEnabled()) { - LOGGER.trace("Parsed path variables {} using tenant {}", extractUriTemplateVariables, + if (log.isTraceEnabled()) { + log.trace("Parsed path variables {} using tenant {}", extractUriTemplateVariables, extractUriTemplateVariables.get(TENANT_PLACE_HOLDER)); } return UrlUtils.decodeUriValue(extractUriTemplateVariables.get(TENANT_PLACE_HOLDER)); diff --git a/hawkbit-http-security/src/main/java/org/eclipse/hawkbit/security/DosFilter.java b/hawkbit-http-security/src/main/java/org/eclipse/hawkbit/security/DosFilter.java index 9d64591ec..6df8154b9 100644 --- a/hawkbit-http-security/src/main/java/org/eclipse/hawkbit/security/DosFilter.java +++ b/hawkbit-http-security/src/main/java/org/eclipse/hawkbit/security/DosFilter.java @@ -20,6 +20,7 @@ import jakarta.servlet.ServletException; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; +import lombok.extern.slf4j.Slf4j; import org.eclipse.hawkbit.util.IpUtil; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -36,12 +37,13 @@ import com.github.benmanes.caffeine.cache.Caffeine; * maximum number of request per seconds which can be separately configured for * read (GET) and write (PUT/POST/DELETE) requests. */ +@Slf4j public class DosFilter extends OncePerRequestFilter { - private static final Logger LOG = LoggerFactory.getLogger(DosFilter.class); - private static final Logger LOG_DOS = LoggerFactory.getLogger(SecurityConstants.SECURITY_LOG_PREFIX + ".dos"); - private static final Logger LOG_BLACKLIST = LoggerFactory - .getLogger(SecurityConstants.SECURITY_LOG_PREFIX + ".blacklist"); + private static final Logger LOG_DOS = + LoggerFactory.getLogger(SecurityConstants.SECURITY_LOG_PREFIX + ".dos"); + private static final Logger LOG_BLACKLIST = + LoggerFactory.getLogger(SecurityConstants.SECURITY_LOG_PREFIX + ".blacklist"); private final AntPathMatcher antMatcher = new AntPathMatcher(); private final Collection includeAntPaths; @@ -84,7 +86,6 @@ public class DosFilter extends OncePerRequestFilter { */ public DosFilter(final Collection includeAntPaths, final int maxRead, final int maxWrite, final String ipDosWhiteListPattern, final String ipBlackListPattern, final String forwardHeader) { - this.includeAntPaths = includeAntPaths; this.maxRead = maxRead; this.maxWrite = maxWrite; @@ -165,7 +166,7 @@ public class DosFilter extends OncePerRequestFilter { } private static boolean handleMissingIpAddress(final HttpServletResponse response) { - LOG.error("Failed to get peer IP adress"); + log.error("Failed to get peer IP adress"); response.setStatus(HttpStatus.INTERNAL_SERVER_ERROR.value()); return false; } diff --git a/hawkbit-http-security/src/main/java/org/eclipse/hawkbit/security/HttpDownloadAuthenticationFilter.java b/hawkbit-http-security/src/main/java/org/eclipse/hawkbit/security/HttpDownloadAuthenticationFilter.java index 536d20a84..082f02cc4 100644 --- a/hawkbit-http-security/src/main/java/org/eclipse/hawkbit/security/HttpDownloadAuthenticationFilter.java +++ b/hawkbit-http-security/src/main/java/org/eclipse/hawkbit/security/HttpDownloadAuthenticationFilter.java @@ -14,22 +14,18 @@ import java.util.regex.Pattern; import jakarta.servlet.http.HttpServletRequest; +import lombok.extern.slf4j.Slf4j; import org.eclipse.hawkbit.cache.DownloadIdCache; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; import org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter; /** - * Extracts download or upload id from the request URI secruity token and set + * Extracts download or upload id from the request URI security token and set * the security context. - * - * - * */ +@Slf4j public class HttpDownloadAuthenticationFilter extends AbstractPreAuthenticatedProcessingFilter { public static final String REQUEST_ID_REGEX_PATTERN = ".*\\/downloadId\\/.*"; - private static final Logger LOG = LoggerFactory.getLogger(HttpDownloadAuthenticationFilter.class); private final Pattern pattern; private final DownloadIdCache downloadIdCache; @@ -51,7 +47,7 @@ public class HttpDownloadAuthenticationFilter extends AbstractPreAuthenticatedPr if (!matcher.matches()) { return null; } - LOG.debug("retrieving id from URI request {}", requestURI); + log.debug("retrieving id from URI request {}", requestURI); final String[] groups = requestURI.split("\\/"); final String id = groups[groups.length - 1]; if (id == null) {