From c1b0e4a5a3acc31bd469cf498d1ba7d390c379b2 Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Wed, 11 Dec 2013 09:08:26 -0500
Subject: [PATCH] Centralize cookie creation

Change-Id: I1a17416121764f33a8d05a88c80cece0c03ac41d
---
 .../java/com/gitblit/auth/AuthenticationProvider.java  |  9 +++++++++
 .../java/com/gitblit/auth/HtpasswdAuthProvider.java    |  6 +-----
 src/main/java/com/gitblit/auth/LdapAuthProvider.java   |  4 +---
 src/main/java/com/gitblit/auth/PAMAuthProvider.java    | 10 ++++------
 .../java/com/gitblit/auth/RedmineAuthProvider.java     |  9 ++++-----
 .../java/com/gitblit/auth/SalesforceAuthProvider.java  | 10 ++--------
 .../java/com/gitblit/auth/WindowsAuthProvider.java     |  9 ++++-----
 7 files changed, 25 insertions(+), 32 deletions(-)

diff --git a/src/main/java/com/gitblit/auth/AuthenticationProvider.java b/src/main/java/com/gitblit/auth/AuthenticationProvider.java
index cb970cc6..f7b75fa3 100644
--- a/src/main/java/com/gitblit/auth/AuthenticationProvider.java
+++ b/src/main/java/com/gitblit/auth/AuthenticationProvider.java
@@ -26,6 +26,8 @@ import com.gitblit.manager.IRuntimeManager;
 import com.gitblit.manager.IUserManager;
 import com.gitblit.models.TeamModel;
 import com.gitblit.models.UserModel;
+import com.gitblit.utils.ArrayUtils;
+import com.gitblit.utils.StringUtils;
 
 public abstract class AuthenticationProvider {
 
@@ -68,6 +70,13 @@ public abstract class AuthenticationProvider {
 		return serviceName;
 	}
 
+	protected void setCookie(UserModel user, char [] password) {
+		// create a user cookie
+		if (StringUtils.isEmpty(user.cookie) && !ArrayUtils.isEmpty(password)) {
+			user.cookie = StringUtils.getSHA1(user.username + new String(password));
+		}
+	}
+
 	protected void updateUser(UserModel userModel) {
 		// TODO implement user model change detection
 		// account for new user and revised user
diff --git a/src/main/java/com/gitblit/auth/HtpasswdAuthProvider.java b/src/main/java/com/gitblit/auth/HtpasswdAuthProvider.java
index 559a0fa0..5ffb6930 100644
--- a/src/main/java/com/gitblit/auth/HtpasswdAuthProvider.java
+++ b/src/main/java/com/gitblit/auth/HtpasswdAuthProvider.java
@@ -35,8 +35,6 @@ import com.gitblit.Constants.AccountType;
 import com.gitblit.Keys;
 import com.gitblit.auth.AuthenticationProvider.UsernamePasswordAuthenticationProvider;
 import com.gitblit.models.UserModel;
-import com.gitblit.utils.ArrayUtils;
-import com.gitblit.utils.StringUtils;
 
 
 /**
@@ -186,9 +184,7 @@ public class HtpasswdAuthProvider extends UsernamePasswordAuthenticationProvider
                 }
 
                 // create a user cookie
-                if (StringUtils.isEmpty(user.cookie) && !ArrayUtils.isEmpty(password)) {
-                    user.cookie = StringUtils.getSHA1(user.username + passwd);
-                }
+                setCookie(user, password);
 
                 // Set user attributes, hide password from backing user service.
                 user.password = Constants.EXTERNAL_ACCOUNT;
diff --git a/src/main/java/com/gitblit/auth/LdapAuthProvider.java b/src/main/java/com/gitblit/auth/LdapAuthProvider.java
index 6a2dd437..8fef620d 100644
--- a/src/main/java/com/gitblit/auth/LdapAuthProvider.java
+++ b/src/main/java/com/gitblit/auth/LdapAuthProvider.java
@@ -295,9 +295,7 @@ public class LdapAuthProvider extends UsernamePasswordAuthenticationProvider {
 							}
 
 							// create a user cookie
-							if (StringUtils.isEmpty(user.cookie) && !ArrayUtils.isEmpty(password)) {
-								user.cookie = StringUtils.getSHA1(user.username + new String(password));
-							}
+							setCookie(user, password);
 
 							if (!supportsTeamMembershipChanges()) {
 								getTeamsFromLdap(ldapConnection, simpleUsername, loggingInUser, user);
diff --git a/src/main/java/com/gitblit/auth/PAMAuthProvider.java b/src/main/java/com/gitblit/auth/PAMAuthProvider.java
index bbc82d84..7e82bc63 100644
--- a/src/main/java/com/gitblit/auth/PAMAuthProvider.java
+++ b/src/main/java/com/gitblit/auth/PAMAuthProvider.java
@@ -26,8 +26,6 @@ import com.gitblit.Constants.AccountType;
 import com.gitblit.Keys;
 import com.gitblit.auth.AuthenticationProvider.UsernamePasswordAuthenticationProvider;
 import com.gitblit.models.UserModel;
-import com.gitblit.utils.ArrayUtils;
-import com.gitblit.utils.StringUtils;
 
 /**
  * Implementation of PAM authentication for Linux/Unix/MacOSX.
@@ -104,13 +102,13 @@ public class PAMAuthProvider extends UsernamePasswordAuthenticationProvider {
 		}
 
         UserModel user = userManager.getUserModel(username);
-        if (user == null)	// create user object for new authenticated user
+        if (user == null) {
+        	// create user object for new authenticated user
         	user = new UserModel(username.toLowerCase());
+        }
 
         // create a user cookie
-        if (StringUtils.isEmpty(user.cookie) && !ArrayUtils.isEmpty(password)) {
-        	user.cookie = StringUtils.getSHA1(user.username + new String(password));
-        }
+        setCookie(user, password);
 
         // update user attributes from UnixUser
         user.accountType = getAccountType();
diff --git a/src/main/java/com/gitblit/auth/RedmineAuthProvider.java b/src/main/java/com/gitblit/auth/RedmineAuthProvider.java
index 176c576b..04adc459 100644
--- a/src/main/java/com/gitblit/auth/RedmineAuthProvider.java
+++ b/src/main/java/com/gitblit/auth/RedmineAuthProvider.java
@@ -26,7 +26,6 @@ import com.gitblit.Constants.AccountType;
 import com.gitblit.Keys;
 import com.gitblit.auth.AuthenticationProvider.UsernamePasswordAuthenticationProvider;
 import com.gitblit.models.UserModel;
-import com.gitblit.utils.ArrayUtils;
 import com.gitblit.utils.ConnectionUtils;
 import com.gitblit.utils.StringUtils;
 import com.google.gson.Gson;
@@ -122,13 +121,13 @@ public class RedmineAuthProvider extends UsernamePasswordAuthenticationProvider
         }
 
         UserModel user = userManager.getUserModel(username);
-        if (user == null)	// create user object for new authenticated user
+        if (user == null) {
+        	// create user object for new authenticated user
         	user = new UserModel(username.toLowerCase());
+        }
 
         // create a user cookie
-        if (StringUtils.isEmpty(user.cookie) && !ArrayUtils.isEmpty(password)) {
-        	user.cookie = StringUtils.getSHA1(user.username + new String(password));
-        }
+        setCookie(user, password);
 
         // update user attributes from Redmine
         user.accountType = getAccountType();
diff --git a/src/main/java/com/gitblit/auth/SalesforceAuthProvider.java b/src/main/java/com/gitblit/auth/SalesforceAuthProvider.java
index fdda32af..e4273ff6 100644
--- a/src/main/java/com/gitblit/auth/SalesforceAuthProvider.java
+++ b/src/main/java/com/gitblit/auth/SalesforceAuthProvider.java
@@ -5,8 +5,6 @@ import com.gitblit.Constants.AccountType;
 import com.gitblit.Keys;
 import com.gitblit.auth.AuthenticationProvider.UsernamePasswordAuthenticationProvider;
 import com.gitblit.models.UserModel;
-import com.gitblit.utils.ArrayUtils;
-import com.gitblit.utils.StringUtils;
 import com.sforce.soap.partner.Connector;
 import com.sforce.soap.partner.GetUserInfoResult;
 import com.sforce.soap.partner.PartnerConnection;
@@ -62,15 +60,11 @@ public class SalesforceAuthProvider extends UsernamePasswordAuthenticationProvid
 			UserModel user = null;
 			synchronized (this) {
 				user = userManager.getUserModel(simpleUsername);
-				if (user == null)
+				if (user == null) {
 					user = new UserModel(simpleUsername);
-
-				if (StringUtils.isEmpty(user.cookie)
-						&& !ArrayUtils.isEmpty(password)) {
-					user.cookie = StringUtils.getSHA1(user.username
-							+ new String(password));
 				}
 
+				setCookie(user, password);
 				setUserAttributes(user, info);
 
 				updateUser(user);
diff --git a/src/main/java/com/gitblit/auth/WindowsAuthProvider.java b/src/main/java/com/gitblit/auth/WindowsAuthProvider.java
index d455d58f..93cae046 100644
--- a/src/main/java/com/gitblit/auth/WindowsAuthProvider.java
+++ b/src/main/java/com/gitblit/auth/WindowsAuthProvider.java
@@ -29,7 +29,6 @@ import com.gitblit.Constants.AccountType;
 import com.gitblit.Keys;
 import com.gitblit.auth.AuthenticationProvider.UsernamePasswordAuthenticationProvider;
 import com.gitblit.models.UserModel;
-import com.gitblit.utils.ArrayUtils;
 import com.gitblit.utils.StringUtils;
 import com.sun.jna.platform.win32.Win32Exception;
 
@@ -136,13 +135,13 @@ public class WindowsAuthProvider extends UsernamePasswordAuthenticationProvider
 		}
 
         UserModel user = userManager.getUserModel(username);
-        if (user == null)	// create user object for new authenticated user
+        if (user == null) {
+        	// create user object for new authenticated user
         	user = new UserModel(username.toLowerCase());
+        }
 
         // create a user cookie
-        if (StringUtils.isEmpty(user.cookie) && !ArrayUtils.isEmpty(password)) {
-        	user.cookie = StringUtils.getSHA1(user.username + new String(password));
-        }
+        setCookie(user, password);
 
         // update user attributes from Windows identity
         user.accountType = getAccountType();
-- 
2.39.5