import static org.sonar.server.authentication.AuthenticationError.handleAuthenticationError;
import static org.sonar.server.authentication.event.AuthenticationEvent.Method;
import static org.sonar.server.authentication.event.AuthenticationEvent.Source;
-import static org.sonar.server.authentication.ws.LoginAction.AUTH_LOGIN_URL;
-import static org.sonar.server.authentication.ws.LogoutAction.AUTH_LOGOUT_URL;
-import static org.sonar.server.authentication.ws.ValidateAction.AUTH_VALIDATE_URL;
+import static org.sonar.server.authentication.ws.LoginAction.LOGIN_URL;
+import static org.sonar.server.authentication.ws.LogoutAction.LOGOUT_URL;
+import static org.sonar.server.authentication.ws.ValidateAction.VALIDATE_URL;
import static org.sonar.server.user.ServerUserSession.createForAnonymous;
import static org.sonar.server.user.ServerUserSession.createForUser;
"/sessions/*",
"/api/system/db_migration_status", "/api/system/status", "/api/system/migrate_db",
"/api/server/index", "/api/server/setup", "/api/server/version",
- AUTH_LOGIN_URL, AUTH_VALIDATE_URL, AUTH_LOGOUT_URL);
+ LOGIN_URL, LOGOUT_URL, VALIDATE_URL);
private static final UrlPattern URL_PATTERN = UrlPattern.builder()
.includes("/*")
*/
package org.sonar.server.authentication.ws;
-import com.google.common.io.Resources;
-import org.sonar.api.server.ws.RailsHandler;
+import java.util.List;
import org.sonar.api.server.ws.WebService;
-import org.sonar.server.ws.ServletFilterHandler;
public class AuthenticationWs implements WebService {
+ public static final String AUTHENTICATION_CONTROLLER = "api/authentication";
+ private final List<AuthenticationWsAction> actions;
+
+ public AuthenticationWs(List<AuthenticationWsAction> actions) {
+ this.actions = actions;
+ }
+
@Override
public void define(Context context) {
- NewController controller = context.createController("api/authentication");
+ NewController controller = context.createController(AUTHENTICATION_CONTROLLER);
controller.setDescription("Handle authentication.");
-
- defineLoginAction(controller);
- defineLogoutAction(controller);
- defineValidateAction(controller);
-
+ actions.forEach(action -> action.define(controller));
controller.done();
}
-
- private void defineValidateAction(NewController controller) {
- NewAction action = controller.createAction("validate")
- .setDescription("Check credentials.")
- .setSince("3.3")
- .setHandler(ServletFilterHandler.INSTANCE)
- .setResponseExample(Resources.getResource(this.getClass(), "example-validate.json"));
-
- RailsHandler.addFormatParam(action);
- }
-
- private static void defineLoginAction(NewController controller) {
- NewAction action = controller.createAction("login")
- .setDescription("Authenticate a user.")
- .setSince("6.0")
- .setPost(true)
- .setHandler(ServletFilterHandler.INSTANCE);
- action.createParam("login")
- .setDescription("Login of the user")
- .setRequired(true);
- action.createParam("password")
- .setDescription("Password of the user")
- .setRequired(true);
- }
-
- private static void defineLogoutAction(NewController controller) {
- controller.createAction("logout")
- .setDescription("Logout a user.")
- .setSince("6.3")
- .setPost(true)
- .setHandler(ServletFilterHandler.INSTANCE);
- }
-
}
--- /dev/null
+/*
+ * SonarQube
+ * Copyright (C) 2009-2016 SonarSource SA
+ * mailto:contact AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonar.server.authentication.ws;
+
+import org.sonar.api.server.ws.WebService;
+
+@FunctionalInterface
+public interface AuthenticationWsAction {
+ // marker interface
+
+ void define(WebService.NewController controller);
+}
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import org.sonar.api.server.ws.WebService;
import org.sonar.api.web.ServletFilter;
import org.sonar.db.DbClient;
import org.sonar.db.user.UserDto;
import org.sonar.server.exceptions.UnauthorizedException;
import org.sonar.server.user.ServerUserSession;
import org.sonar.server.user.ThreadLocalUserSession;
+import org.sonar.server.ws.ServletFilterHandler;
import static java.net.HttpURLConnection.HTTP_BAD_REQUEST;
import static java.net.HttpURLConnection.HTTP_UNAUTHORIZED;
import static org.apache.commons.lang.StringUtils.isEmpty;
import static org.sonar.server.authentication.event.AuthenticationEvent.Method;
import static org.sonar.server.authentication.event.AuthenticationEvent.Source;
+import static org.sonar.server.authentication.ws.AuthenticationWs.AUTHENTICATION_CONTROLLER;
import static org.sonarqube.ws.client.WsRequest.Method.POST;
-public class LoginAction extends ServletFilter {
+public class LoginAction extends ServletFilter implements AuthenticationWsAction {
- public static final String AUTH_LOGIN_URL = "/api/authentication/login";
+ private static final String LOGIN_ACTION = "login";
+ public static final String LOGIN_URL = "/" + AUTHENTICATION_CONTROLLER + "/" + LOGIN_ACTION;
private final DbClient dbClient;
private final CredentialsAuthenticator credentialsAuthenticator;
this.authenticationEvent = authenticationEvent;
}
+ @Override
+ public void define(WebService.NewController controller) {
+ WebService.NewAction action = controller.createAction(LOGIN_ACTION)
+ .setDescription("Authenticate a user.")
+ .setSince("6.0")
+ .setPost(true)
+ .setHandler(ServletFilterHandler.INSTANCE);
+ action.createParam("login")
+ .setDescription("Login of the user")
+ .setRequired(true);
+ action.createParam("password")
+ .setDescription("Password of the user")
+ .setRequired(true);
+ }
+
@Override
public UrlPattern doGetPattern() {
- return UrlPattern.create(AUTH_LOGIN_URL);
+ return UrlPattern.create(LOGIN_URL);
}
@Override
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import org.sonar.api.server.ws.WebService;
import org.sonar.api.web.ServletFilter;
import org.sonar.server.authentication.JwtHttpHandler;
import org.sonar.server.authentication.event.AuthenticationEvent;
import org.sonar.server.authentication.event.AuthenticationException;
+import org.sonar.server.ws.ServletFilterHandler;
import static java.net.HttpURLConnection.HTTP_BAD_REQUEST;
import static java.net.HttpURLConnection.HTTP_UNAUTHORIZED;
+import static org.sonar.server.authentication.ws.AuthenticationWs.AUTHENTICATION_CONTROLLER;
import static org.sonarqube.ws.client.WsRequest.Method.POST;
-public class LogoutAction extends ServletFilter {
+public class LogoutAction extends ServletFilter implements AuthenticationWsAction {
- public static final String AUTH_LOGOUT_URL = "/api/authentication/logout";
+ private static final String LOGOUT_ACTION = "logout";
+ public static final String LOGOUT_URL = "/" + AUTHENTICATION_CONTROLLER + "/" + LOGOUT_ACTION;
private final JwtHttpHandler jwtHttpHandler;
private final AuthenticationEvent authenticationEvent;
this.authenticationEvent = authenticationEvent;
}
+ @Override
+ public void define(WebService.NewController controller) {
+ controller.createAction(LOGOUT_ACTION)
+ .setDescription("Logout a user.")
+ .setSince("6.3")
+ .setPost(true)
+ .setHandler(ServletFilterHandler.INSTANCE);
+ }
+
@Override
public UrlPattern doGetPattern() {
- return UrlPattern.create(AUTH_LOGOUT_URL);
+ return UrlPattern.create(LOGOUT_URL);
}
@Override
package org.sonar.server.authentication.ws;
+import com.google.common.io.Resources;
import java.io.IOException;
import java.util.Optional;
import javax.servlet.FilterChain;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.sonar.api.config.Settings;
+import org.sonar.api.server.ws.WebService;
import org.sonar.api.utils.text.JsonWriter;
import org.sonar.api.web.ServletFilter;
import org.sonar.db.user.UserDto;
import org.sonar.server.authentication.BasicAuthenticator;
import org.sonar.server.authentication.JwtHttpHandler;
import org.sonar.server.authentication.event.AuthenticationException;
+import org.sonar.server.ws.ServletFilterHandler;
import org.sonarqube.ws.MediaTypes;
import static org.sonar.api.CoreProperties.CORE_FORCE_AUTHENTICATION_PROPERTY;
+import static org.sonar.server.authentication.ws.AuthenticationWs.AUTHENTICATION_CONTROLLER;
-public class ValidateAction extends ServletFilter {
+public class ValidateAction extends ServletFilter implements AuthenticationWsAction {
- public static final String AUTH_VALIDATE_URL = "/api/authentication/validate";
+ private static final String VALIDATE_ACTION = "validate";
+ public static final String VALIDATE_URL = "/" + AUTHENTICATION_CONTROLLER + "/" + VALIDATE_ACTION;
private final Settings settings;
private final JwtHttpHandler jwtHttpHandler;
this.jwtHttpHandler = jwtHttpHandler;
}
+ @Override
+ public void define(WebService.NewController controller) {
+ controller.createAction("validate")
+ .setDescription("Check credentials.")
+ .setSince("3.3")
+ .setHandler(ServletFilterHandler.INSTANCE)
+ .setResponseExample(Resources.getResource(this.getClass(), "example-validate.json"));
+ }
+
@Override
public UrlPattern doGetPattern() {
- return UrlPattern.create(AUTH_VALIDATE_URL);
+ return UrlPattern.create(VALIDATE_URL);
}
@Override
*/
package org.sonar.server.authentication.ws;
+import java.util.Arrays;
import org.junit.Test;
import org.sonar.api.server.ws.WebService;
import org.sonar.server.ws.ServletFilterHandler;
public class AuthenticationWsTest {
- WsTester tester = new WsTester(new AuthenticationWs());
+ WsTester tester = new WsTester(new AuthenticationWs(Arrays.asList(
+ new LoginAction(null, null, null, null, null),
+ new LogoutAction(null, null),
+ new ValidateAction(null, null, null))));
@Test
public void define_ws() {
assertThat(validate).isNotNull();
assertThat(validate.handler()).isInstanceOf(ServletFilterHandler.class);
assertThat(validate.responseExampleAsString()).isNotEmpty();
- assertThat(validate.params()).hasSize(1);
+ assertThat(validate.params()).isEmpty();
WebService.Action login = controller.action("login");
assertThat(login).isNotNull();