Change-Id: I5ff18b2768095fb14e7fbece2e756115829abbdetags/v1.4.0
@@ -129,7 +129,7 @@ dependencies: | |||
- compile 'log4j:log4j:1.2.17' :war :fedclient :authority | |||
- compile 'org.slf4j:slf4j-api:1.6.6' :war :fedclient :authority | |||
- compile 'org.slf4j:slf4j-log4j12:1.6.6' :war :fedclient :authority | |||
- compile 'javax.mail:mail:1.4.3' :war :fedclient :authority | |||
- compile 'javax.mail:mail:1.4.3' :war :authority | |||
- compile 'javax.servlet:javax.servlet-api:3.0.1' :fedclient | |||
- compile 'org.eclipse.jetty.aggregate:jetty-webapp:${jetty.version}' @jar | |||
- compile 'org.eclipse.jetty:jetty-ajp:${jetty.version}' @jar | |||
@@ -148,7 +148,7 @@ dependencies: | |||
- compile 'org.fusesource.wikitext:mediawiki-core:${wikitext.version}' :war | |||
- compile 'org.fusesource.wikitext:confluence-core:${wikitext.version}' :war | |||
- compile 'org.eclipse.jgit:org.eclipse.jgit:${jgit.version}' :war :fedclient :manager :authority | |||
- compile 'org.eclipse.jgit:org.eclipse.jgit.http.server:${jgit.version}' :war :fedclient :manager :authority | |||
- compile 'org.eclipse.jgit:org.eclipse.jgit.http.server:${jgit.version}' :war :manager :authority | |||
- compile 'org.bouncycastle:bcprov-jdk15on:${bouncycastle.version}' :war :authority | |||
- compile 'org.bouncycastle:bcmail-jdk15on:${bouncycastle.version}' :war :authority | |||
- compile 'org.bouncycastle:bcpkix-jdk15on:${bouncycastle.version}' :war :authority |
@@ -279,7 +279,8 @@ | |||
<!-- generate jar by traversing the class hierarchy of the specified | |||
classes, exclude any classes in classpath jars --> | |||
<mx:genjar tag="" includeresources="false" excludeClasspathJars="true" | |||
destfile="${project.targetDirectory}/fedclient.jar"> | |||
destfile="${project.targetDirectory}/fedclient.jar" | |||
excludes="**/.class,**/*.java, **/Thumbs.db, **/*.mkd, com/gitblit/wicket/**"> | |||
<mainclass name="com.gitblit.FederationClient" /> | |||
<class name="com.gitblit.Keys" /> | |||
<launcher paths="ext" /> |
@@ -149,13 +149,11 @@ public class DaggerModule { | |||
@Provides @Singleton IFederationManager provideFederationManager( | |||
IRuntimeManager runtimeManager, | |||
INotificationManager notificationManager, | |||
IUserManager userManager, | |||
IRepositoryManager repositoryManager) { | |||
return new FederationManager( | |||
runtimeManager, | |||
notificationManager, | |||
userManager, | |||
repositoryManager); | |||
} | |||
@@ -17,6 +17,7 @@ package com.gitblit; | |||
import java.io.File; | |||
import java.util.ArrayList; | |||
import java.util.Collection; | |||
import java.util.List; | |||
import com.beust.jcommander.JCommander; | |||
@@ -24,7 +25,9 @@ import com.beust.jcommander.Parameter; | |||
import com.beust.jcommander.ParameterException; | |||
import com.beust.jcommander.Parameters; | |||
import com.gitblit.manager.FederationManager; | |||
import com.gitblit.manager.NotificationManager; | |||
import com.gitblit.manager.GitblitManager; | |||
import com.gitblit.manager.IGitblit; | |||
import com.gitblit.manager.INotificationManager; | |||
import com.gitblit.manager.RepositoryManager; | |||
import com.gitblit.manager.RuntimeManager; | |||
import com.gitblit.manager.UserManager; | |||
@@ -89,14 +92,14 @@ public class FederationClient { | |||
} | |||
// configure the Gitblit singleton for minimal, non-server operation | |||
RuntimeManager runtime = new RuntimeManager(settings); | |||
runtime.setBaseFolder(baseFolder); | |||
NotificationManager notifications = new NotificationManager(settings).start(); | |||
RuntimeManager runtime = new RuntimeManager(settings, baseFolder).start(); | |||
NoopNotificationManager notifications = new NoopNotificationManager().start(); | |||
UserManager users = new UserManager(runtime).start(); | |||
RepositoryManager repositories = new RepositoryManager(runtime, users).start(); | |||
FederationManager federation = new FederationManager(runtime, notifications, users, repositories).start(); | |||
FederationManager federation = new FederationManager(runtime, notifications, repositories).start(); | |||
IGitblit gitblit = new GitblitManager(runtime, notifications, users, null, repositories, null, federation); | |||
FederationPullService puller = new FederationPullService(federation.getFederationRegistrations()) { | |||
FederationPullService puller = new FederationPullService(gitblit, federation.getFederationRegistrations()) { | |||
@Override | |||
public void reschedule(FederationModel registration) { | |||
// NOOP | |||
@@ -153,4 +156,37 @@ public class FederationClient { | |||
public String repositoriesFolder; | |||
} | |||
private static class NoopNotificationManager implements INotificationManager { | |||
@Override | |||
public NoopNotificationManager start() { | |||
return this; | |||
} | |||
@Override | |||
public NoopNotificationManager stop() { | |||
return this; | |||
} | |||
@Override | |||
public void sendMailToAdministrators(String subject, String message) { | |||
} | |||
@Override | |||
public void sendMail(String subject, String message, Collection<String> toAddresses) { | |||
} | |||
@Override | |||
public void sendMail(String subject, String message, String... toAddresses) { | |||
} | |||
@Override | |||
public void sendHtmlMail(String subject, String message, Collection<String> toAddresses) { | |||
} | |||
@Override | |||
public void sendHtmlMail(String subject, String message, String... toAddresses) { | |||
} | |||
} | |||
} |
@@ -67,9 +67,9 @@ import org.eclipse.jgit.transport.resolver.UploadPackFactory; | |||
import org.slf4j.Logger; | |||
import org.slf4j.LoggerFactory; | |||
import com.gitblit.GitBlit; | |||
import com.gitblit.IStoredSettings; | |||
import com.gitblit.Keys; | |||
import com.gitblit.manager.IGitblit; | |||
import com.gitblit.utils.StringUtils; | |||
/** | |||
@@ -108,7 +108,7 @@ public class GitDaemon { | |||
private ReceivePackFactory<GitDaemonClient> receivePackFactory; | |||
public GitDaemon(GitBlit gitblit) { | |||
public GitDaemon(IGitblit gitblit) { | |||
IStoredSettings settings = gitblit.getSettings(); | |||
int port = settings.getInteger(Keys.git.daemonPort, 0); |
@@ -183,7 +183,7 @@ public class AuthenticationManager implements IAuthenticationManager { | |||
if (principal != null) { | |||
String username = principal.getName(); | |||
if (!StringUtils.isEmpty(username)) { | |||
boolean internalAccount = isInternalAccount(username); | |||
boolean internalAccount = userManager.isInternalAccount(username); | |||
UserModel user = userManager.getUserModel(username); | |||
if (user != null) { | |||
// existing user | |||
@@ -322,15 +322,6 @@ public class AuthenticationManager implements IAuthenticationManager { | |||
// can not authenticate empty password | |||
return null; | |||
} | |||
// check to see if this is the federation user | |||
// if (canFederate()) { | |||
// if (usernameDecoded.equalsIgnoreCase(Constants.FEDERATION_USER)) { | |||
// List<String> tokens = getFederationTokens(); | |||
// if (tokens.contains(pw)) { | |||
// return getFederationUser(); | |||
// } | |||
// } | |||
// } | |||
// try local authentication | |||
UserModel user = userManager.getUserModel(usernameDecoded); | |||
@@ -489,23 +480,4 @@ public class AuthenticationManager implements IAuthenticationManager { | |||
} | |||
return AuthenticationProvider.NULL_PROVIDER; | |||
} | |||
/** | |||
* Returns true if the username represents an internal account | |||
* | |||
* @param username | |||
* @return true if the specified username represents an internal account | |||
*/ | |||
protected boolean isInternalAccount(String username) { | |||
return !StringUtils.isEmpty(username) | |||
&& (username.equalsIgnoreCase(Constants.FEDERATION_USER) | |||
|| username.equalsIgnoreCase(UserModel.ANONYMOUS.username)); | |||
} | |||
// protected UserModel getFederationUser() { | |||
// // the federation user is an administrator | |||
// UserModel federationUser = new UserModel(Constants.FEDERATION_USER); | |||
// federationUser.canAdmin = true; | |||
// return federationUser; | |||
// } | |||
} |
@@ -17,6 +17,7 @@ package com.gitblit.manager; | |||
import java.io.File; | |||
import java.io.FileFilter; | |||
import java.nio.charset.Charset; | |||
import java.text.MessageFormat; | |||
import java.util.ArrayList; | |||
import java.util.Collections; | |||
@@ -25,6 +26,8 @@ import java.util.List; | |||
import java.util.Map; | |||
import java.util.concurrent.ConcurrentHashMap; | |||
import javax.servlet.http.HttpServletRequest; | |||
import org.slf4j.Logger; | |||
import org.slf4j.LoggerFactory; | |||
@@ -38,6 +41,7 @@ import com.gitblit.models.FederationProposal; | |||
import com.gitblit.models.FederationSet; | |||
import com.gitblit.models.RepositoryModel; | |||
import com.gitblit.models.UserModel; | |||
import com.gitblit.utils.Base64; | |||
import com.gitblit.utils.FederationUtils; | |||
import com.gitblit.utils.JsonUtils; | |||
import com.gitblit.utils.StringUtils; | |||
@@ -69,7 +73,6 @@ public class FederationManager implements IFederationManager { | |||
public FederationManager( | |||
IRuntimeManager runtimeManager, | |||
INotificationManager notificationManager, | |||
IUserManager userManager, | |||
IRepositoryManager repositoryManager) { | |||
this.settings = runtimeManager.getSettings(); | |||
@@ -99,6 +102,17 @@ public class FederationManager implements IFederationManager { | |||
return runtimeManager.getFileOrFolder(Keys.federation.proposalsFolder, "${baseFolder}/proposals"); | |||
} | |||
@Override | |||
public boolean canFederate() { | |||
String passphrase = settings.getString(Keys.federation.passphrase, ""); | |||
return !StringUtils.isEmpty(passphrase); | |||
} | |||
/** | |||
* Returns the federation user account. | |||
* | |||
* @return the federation user account | |||
*/ | |||
@Override | |||
public UserModel getFederationUser() { | |||
// the federation user is an administrator | |||
@@ -108,9 +122,30 @@ public class FederationManager implements IFederationManager { | |||
} | |||
@Override | |||
public boolean canFederate() { | |||
String passphrase = settings.getString(Keys.federation.passphrase, ""); | |||
return !StringUtils.isEmpty(passphrase); | |||
public UserModel authenticate(HttpServletRequest httpRequest) { | |||
if (canFederate()) { | |||
// try to authenticate federation user for cloning | |||
final String authorization = httpRequest.getHeader("Authorization"); | |||
if (authorization != null && authorization.startsWith("Basic")) { | |||
// Authorization: Basic base64credentials | |||
String base64Credentials = authorization.substring("Basic".length()).trim(); | |||
String credentials = new String(Base64.decode(base64Credentials), | |||
Charset.forName("UTF-8")); | |||
// credentials = username:password | |||
final String[] values = credentials.split(":", 2); | |||
if (values.length == 2) { | |||
String username = StringUtils.decodeUsername(values[0]); | |||
String password = values[1]; | |||
if (username.equalsIgnoreCase(Constants.FEDERATION_USER)) { | |||
List<String> tokens = getFederationTokens(); | |||
if (tokens.contains(password)) { | |||
return getFederationUser(); | |||
} | |||
} | |||
} | |||
} | |||
} | |||
return null; | |||
} | |||
/** |
@@ -19,6 +19,8 @@ import java.io.File; | |||
import java.util.List; | |||
import java.util.Map; | |||
import javax.servlet.http.HttpServletRequest; | |||
import com.gitblit.Constants.FederationRequest; | |||
import com.gitblit.Constants.FederationToken; | |||
import com.gitblit.models.FederationModel; | |||
@@ -37,9 +39,22 @@ public interface IFederationManager extends IManager { | |||
*/ | |||
File getProposalsFolder(); | |||
boolean canFederate(); | |||
/** | |||
* Returns the federation user account. | |||
* | |||
* @return the federation user account | |||
*/ | |||
UserModel getFederationUser(); | |||
boolean canFederate(); | |||
/** | |||
* Try to authenticate request as the Federation user. | |||
* | |||
* @param httpRequest | |||
* @return the federation user, if authenticated | |||
*/ | |||
UserModel authenticate(HttpServletRequest httpRequest); | |||
/** | |||
* Returns the list of federated gitblit instances that this instance will |
@@ -19,5 +19,12 @@ import com.gitblit.IUserService; | |||
public interface IUserManager extends IManager, IUserService { | |||
/** | |||
* Returns true if the username represents an internal account | |||
* | |||
* @param username | |||
* @return true if the specified username represents an internal account | |||
*/ | |||
boolean isInternalAccount(String username); | |||
} |
@@ -32,7 +32,6 @@ import org.slf4j.LoggerFactory; | |||
import com.gitblit.Constants.AccessPermission; | |||
import com.gitblit.Constants.AccessRestrictionType; | |||
import com.gitblit.Constants.FederationToken; | |||
import com.gitblit.GitBlit; | |||
import com.gitblit.IStoredSettings; | |||
import com.gitblit.Keys; | |||
import com.gitblit.fanout.FanoutNioService; | |||
@@ -62,13 +61,13 @@ public class ServicesManager implements IManager { | |||
private final IStoredSettings settings; | |||
private final GitBlit gitblit; | |||
private final IGitblit gitblit; | |||
private FanoutService fanoutService; | |||
private GitDaemon gitDaemon; | |||
public ServicesManager(GitBlit gitblit) { | |||
public ServicesManager(IGitblit gitblit) { | |||
this.settings = gitblit.getSettings(); | |||
this.gitblit = gitblit; | |||
} | |||
@@ -209,11 +208,11 @@ public class ServicesManager implements IManager { | |||
private class FederationPuller extends FederationPullService { | |||
public FederationPuller(FederationModel registration) { | |||
super(Arrays.asList(registration)); | |||
super(gitblit, Arrays.asList(registration)); | |||
} | |||
public FederationPuller(List<FederationModel> registrations) { | |||
super(registrations); | |||
super(gitblit, registrations); | |||
} | |||
@Override |
@@ -28,6 +28,7 @@ import org.slf4j.Logger; | |||
import org.slf4j.LoggerFactory; | |||
import com.gitblit.ConfigUserService; | |||
import com.gitblit.Constants; | |||
import com.gitblit.IStoredSettings; | |||
import com.gitblit.IUserService; | |||
import com.gitblit.Keys; | |||
@@ -148,6 +149,19 @@ public class UserManager implements IUserManager { | |||
return this; | |||
} | |||
/** | |||
* Returns true if the username represents an internal account | |||
* | |||
* @param username | |||
* @return true if the specified username represents an internal account | |||
*/ | |||
@Override | |||
public boolean isInternalAccount(String username) { | |||
return !StringUtils.isEmpty(username) | |||
&& (username.equalsIgnoreCase(Constants.FEDERATION_USER) | |||
|| username.equalsIgnoreCase(UserModel.ANONYMOUS.username)); | |||
} | |||
/** | |||
* Returns the cookie value for the specified user. | |||
* |
@@ -31,10 +31,10 @@ import com.gitblit.Constants; | |||
import com.gitblit.Constants.AccessPermission; | |||
import com.gitblit.Constants.FederationPullStatus; | |||
import com.gitblit.Constants.FederationStrategy; | |||
import com.gitblit.GitBlit; | |||
import com.gitblit.GitBlitException.ForbiddenException; | |||
import com.gitblit.IUserService; | |||
import com.gitblit.Keys; | |||
import com.gitblit.manager.IGitblit; | |||
import com.gitblit.models.FederationModel; | |||
import com.gitblit.models.RefModel; | |||
import com.gitblit.models.RepositoryModel; | |||
@@ -49,9 +49,9 @@ import com.gitblit.utils.StringUtils; | |||
public abstract class FederationPullService implements Runnable { | |||
Logger logger = LoggerFactory.getLogger(getClass()); | |||
final Logger logger = LoggerFactory.getLogger(getClass()); | |||
GitBlit gitblit; | |||
final IGitblit gitblit; | |||
private final List<FederationModel> registrations; | |||
@@ -62,8 +62,8 @@ public abstract class FederationPullService implements Runnable { | |||
* @param provider | |||
* @param registration | |||
*/ | |||
public FederationPullService(FederationModel registration) { | |||
this(Arrays.asList(registration)); | |||
public FederationPullService(IGitblit gitblit, FederationModel registration) { | |||
this(gitblit, Arrays.asList(registration)); | |||
} | |||
/** | |||
@@ -77,7 +77,8 @@ public abstract class FederationPullService implements Runnable { | |||
* if true, registrations are rescheduled in perpetuity. if | |||
* false, the federation pull operation is executed once. | |||
*/ | |||
public FederationPullService(List<FederationModel> registrations) { | |||
public FederationPullService(IGitblit gitblit, List<FederationModel> registrations) { | |||
this.gitblit = gitblit; | |||
this.registrations = registrations; | |||
} | |||
@@ -29,13 +29,9 @@ import javax.inject.Inject; | |||
import javax.inject.Singleton; | |||
import javax.servlet.http.HttpServletResponse; | |||
import com.gitblit.Constants; | |||
import com.gitblit.Constants.FederationRequest; | |||
import com.gitblit.IStoredSettings; | |||
import com.gitblit.Keys; | |||
import com.gitblit.Constants.FederationRequest; | |||
import com.gitblit.Keys.federation; | |||
import com.gitblit.Keys.git; | |||
import com.gitblit.Keys.groovy; | |||
import com.gitblit.manager.IFederationManager; | |||
import com.gitblit.manager.IRepositoryManager; | |||
import com.gitblit.manager.IRuntimeManager; |
@@ -18,6 +18,7 @@ package com.gitblit.servlet; | |||
import java.text.MessageFormat; | |||
import javax.inject.Inject; | |||
import javax.servlet.http.HttpServletRequest; | |||
import com.gitblit.Constants.AccessRestrictionType; | |||
import com.gitblit.Constants.AuthorizationControl; | |||
@@ -25,8 +26,10 @@ import com.gitblit.GitBlitException; | |||
import com.gitblit.IStoredSettings; | |||
import com.gitblit.Keys; | |||
import com.gitblit.manager.IAuthenticationManager; | |||
import com.gitblit.manager.IFederationManager; | |||
import com.gitblit.manager.IRepositoryManager; | |||
import com.gitblit.manager.IRuntimeManager; | |||
import com.gitblit.manager.IUserManager; | |||
import com.gitblit.models.RepositoryModel; | |||
import com.gitblit.models.UserModel; | |||
import com.gitblit.utils.StringUtils; | |||
@@ -50,14 +53,22 @@ public class GitFilter extends AccessRestrictionFilter { | |||
private final IStoredSettings settings; | |||
private final IUserManager userManager; | |||
private final IFederationManager federationManager; | |||
@Inject | |||
public GitFilter( | |||
IRuntimeManager runtimeManager, | |||
IUserManager userManager, | |||
IAuthenticationManager authenticationManager, | |||
IRepositoryManager repositoryManager) { | |||
IRepositoryManager repositoryManager, | |||
IFederationManager federationManager) { | |||
super(runtimeManager, authenticationManager, repositoryManager); | |||
this.settings = runtimeManager.getSettings(); | |||
this.userManager = userManager; | |||
this.federationManager = federationManager; | |||
} | |||
/** | |||
@@ -113,6 +124,21 @@ public class GitFilter extends AccessRestrictionFilter { | |||
return null; | |||
} | |||
/** | |||
* Returns the user making the request, if the user has authenticated. | |||
* | |||
* @param httpRequest | |||
* @return user | |||
*/ | |||
@Override | |||
protected UserModel getUser(HttpServletRequest httpRequest) { | |||
UserModel user = authenticationManager.authenticate(httpRequest, requiresClientCertificate()); | |||
if (user == null) { | |||
user = federationManager.authenticate(httpRequest); | |||
} | |||
return user; | |||
} | |||
/** | |||
* Determine if a non-existing repository can be created using this filter. | |||
* |