SONAR-14586 Move DefaultAdminCredentialsVerifier to sonar-webserver-auth

author: Wouter Admiraal <wouter.admiraal@sonarsource.com> 2021-03-11 14:30:39 +0100
committer: sonartech <sonartech@sonarsource.com> 2021-03-18 20:08:12 +0000
commit: 434951a0bf4f7165fecda893ee0ea9771784791d (patch)
tree: fb5475d5bd1012ec8c7b5ff71b1b0e868ce067e5 /server/sonar-webserver-core/src/main
parent: bd1f5a9348146f88b3bd250817c3302b935f9a34 (diff)
download: sonarqube-434951a0bf4f7165fecda893ee0ea9771784791d.tar.gz
sonarqube-434951a0bf4f7165fecda893ee0ea9771784791d.zip
5 files changed, 0 insertions, 261 deletions
diff --git a/server/sonar-webserver-core/src/main/java/org/sonar/server/authentication/DefaultAdminCredentialsVerifier.java b/server/sonar-webserver-core/src/main/java/org/sonar/server/authentication/DefaultAdminCredentialsVerifier.java
deleted file mode 100644
index dd8aeb372c9..00000000000
--- a/server/sonar-webserver-core/src/main/java/org/sonar/server/authentication/DefaultAdminCredentialsVerifier.java
+++ /dev/null
@@ -1,98 +0,0 @@
-/*
- * SonarQube
- * Copyright (C) 2009-2021 SonarSource SA
- * mailto:info AT sonarsource DOT com
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
- */
-package org.sonar.server.authentication;
-
-import org.picocontainer.Startable;
-import org.sonar.api.utils.log.Logger;
-import org.sonar.api.utils.log.Loggers;
-import org.sonar.db.DbClient;
-import org.sonar.db.DbSession;
-import org.sonar.db.user.UserDto;
-import org.sonar.server.authentication.event.AuthenticationEvent;
-import org.sonar.server.authentication.event.AuthenticationException;
-import org.sonar.server.notification.NotificationManager;
-
-import static org.sonar.server.log.ServerProcessLogging.STARTUP_LOGGER_NAME;
-import static org.sonar.server.property.InternalProperties.DEFAULT_ADMIN_CREDENTIAL_USAGE_EMAIL;
-
-/**
- * Detect usage of an active admin account with default credential in order to ask this account to reset its password during authentication.
- */
-public class DefaultAdminCredentialsVerifier implements Startable {
-
-  private static final Logger LOGGER = Loggers.get(STARTUP_LOGGER_NAME);
-
-  private final DbClient dbClient;
-  private final CredentialsLocalAuthentication localAuthentication;
-  private final NotificationManager notificationManager;
-
-  public DefaultAdminCredentialsVerifier(DbClient dbClient, CredentialsLocalAuthentication localAuthentication, NotificationManager notificationManager) {
-    this.dbClient = dbClient;
-    this.localAuthentication = localAuthentication;
-    this.notificationManager = notificationManager;
-  }
-
-  @Override
-  public void start() {
-    try (DbSession session = dbClient.openSession(false)) {
-      UserDto admin = dbClient.userDao().selectActiveUserByLogin(session, "admin");
-      if (admin == null || !isDefaultCredentialUser(session, admin)) {
-        return;
-      }
-      addWarningInSonarDotLog();
-      dbClient.userDao().update(session, admin.setResetPassword(true));
-      sendEmailToAdmins(session);
-      session.commit();
-    }
-  }
-
-  private static void addWarningInSonarDotLog() {
-    String highlighter = "####################################################################################################################";
-    String msg = "Default Administrator credentials are still being used. Make sure to change the password or deactivate the account.";
-
-    LOGGER.warn(highlighter);
-    LOGGER.warn(msg);
-    LOGGER.warn(highlighter);
-  }
-
-  private boolean isDefaultCredentialUser(DbSession dbSession, UserDto user) {
-    try {
-      localAuthentication.authenticate(dbSession, user, "admin", AuthenticationEvent.Method.BASIC);
-      return true;
-    } catch (AuthenticationException ex) {
-      return false;
-    }
-  }
-
-  private void sendEmailToAdmins(DbSession session) {
-    if (dbClient.internalPropertiesDao().selectByKey(session, DEFAULT_ADMIN_CREDENTIAL_USAGE_EMAIL)
-      .map(Boolean::parseBoolean)
-      .orElse(false)) {
-      return;
-    }
-    notificationManager.scheduleForSending(new DefaultAdminCredentialsVerifierNotification());
-    dbClient.internalPropertiesDao().save(session, DEFAULT_ADMIN_CREDENTIAL_USAGE_EMAIL, Boolean.TRUE.toString());
-  }
-
-  @Override
-  public void stop() {
-    // Nothing to do
-  }
-}
diff --git a/server/sonar-webserver-core/src/main/java/org/sonar/server/authentication/DefaultAdminCredentialsVerifierNotification.java b/server/sonar-webserver-core/src/main/java/org/sonar/server/authentication/DefaultAdminCredentialsVerifierNotification.java
deleted file mode 100644
index 2616dc6290a..00000000000
--- a/server/sonar-webserver-core/src/main/java/org/sonar/server/authentication/DefaultAdminCredentialsVerifierNotification.java
+++ /dev/null
@@ -1,31 +0,0 @@
-/*
- * SonarQube
- * Copyright (C) 2009-2021 SonarSource SA
- * mailto:info AT sonarsource DOT com
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
- */
-package org.sonar.server.authentication;
-
-import org.sonar.api.notifications.Notification;
-
-public class DefaultAdminCredentialsVerifierNotification extends Notification {
-
-  static final String TYPE = "default-admin-credential-verifier";
-
-  public DefaultAdminCredentialsVerifierNotification() {
-    super(TYPE);
-  }
-}
diff --git a/server/sonar-webserver-core/src/main/java/org/sonar/server/authentication/DefaultAdminCredentialsVerifierNotificationHandler.java b/server/sonar-webserver-core/src/main/java/org/sonar/server/authentication/DefaultAdminCredentialsVerifierNotificationHandler.java
deleted file mode 100644
index a7d1d9e186f..00000000000
--- a/server/sonar-webserver-core/src/main/java/org/sonar/server/authentication/DefaultAdminCredentialsVerifierNotificationHandler.java
+++ /dev/null
@@ -1,62 +0,0 @@
-/*
- * SonarQube
- * Copyright (C) 2009-2021 SonarSource SA
- * mailto:info AT sonarsource DOT com
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
- */
-package org.sonar.server.authentication;
-
-import java.util.Collection;
-import java.util.Optional;
-import java.util.Set;
-import org.sonar.db.DbClient;
-import org.sonar.db.DbSession;
-import org.sonar.server.notification.EmailNotificationHandler;
-import org.sonar.server.notification.NotificationDispatcherMetadata;
-import org.sonar.server.notification.email.EmailNotificationChannel;
-import org.sonar.server.notification.email.EmailNotificationChannel.EmailDeliveryRequest;
-
-import static java.util.stream.Collectors.toSet;
-
-public class DefaultAdminCredentialsVerifierNotificationHandler extends EmailNotificationHandler<DefaultAdminCredentialsVerifierNotification> {
-
-  private final DbClient dbClient;
-
-  public DefaultAdminCredentialsVerifierNotificationHandler(DbClient dbClient, EmailNotificationChannel emailNotificationChannel) {
-    super(emailNotificationChannel);
-    this.dbClient = dbClient;
-  }
-
-  @Override
-  public Optional<NotificationDispatcherMetadata> getMetadata() {
-    return Optional.empty();
-  }
-
-  @Override
-  public Class<DefaultAdminCredentialsVerifierNotification> getNotificationClass() {
-    return DefaultAdminCredentialsVerifierNotification.class;
-  }
-
-  @Override
-  public Set<EmailDeliveryRequest> toEmailDeliveryRequests(Collection<DefaultAdminCredentialsVerifierNotification> notifications) {
-    try (DbSession session = dbClient.openSession(false)) {
-      return dbClient.authorizationDao().selectGlobalAdministerEmailSubscribers(session)
-        .stream()
-        .flatMap(t -> notifications.stream().map(notification -> new EmailDeliveryRequest(t.getEmail(), notification)))
-        .collect(toSet());
-    }
-  }
-}
diff --git a/server/sonar-webserver-core/src/main/java/org/sonar/server/authentication/DefaultAdminCredentialsVerifierNotificationTemplate.java b/server/sonar-webserver-core/src/main/java/org/sonar/server/authentication/DefaultAdminCredentialsVerifierNotificationTemplate.java
deleted file mode 100644
index fb6844b7ab7..00000000000
--- a/server/sonar-webserver-core/src/main/java/org/sonar/server/authentication/DefaultAdminCredentialsVerifierNotificationTemplate.java
+++ /dev/null
@@ -1,47 +0,0 @@
-/*
- * SonarQube
- * Copyright (C) 2009-2021 SonarSource SA
- * mailto:info AT sonarsource DOT com
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
- */
-package org.sonar.server.authentication;
-
-import javax.annotation.CheckForNull;
-import org.sonar.api.notifications.Notification;
-import org.sonar.server.issue.notification.EmailMessage;
-import org.sonar.server.issue.notification.EmailTemplate;
-
-public class DefaultAdminCredentialsVerifierNotificationTemplate implements EmailTemplate {
-
-  static final String SUBJECT = "Default Administrator credentials are still used";
-  static final String BODY_FORMAT = "Hello,\n\n" +
-    "Your SonarQube instance is still using default administrator credentials.\n" +
-    "Make sure to change the password for the 'admin' account or deactivate this account.";
-
-  @Override
-  @CheckForNull
-  public EmailMessage format(Notification notification) {
-    if (!DefaultAdminCredentialsVerifierNotification.TYPE.equals(notification.getType())) {
-      return null;
-    }
-
-    return new EmailMessage()
-      .setMessageId(DefaultAdminCredentialsVerifierNotification.TYPE)
-      .setSubject(SUBJECT)
-      .setPlainTextMessage(BODY_FORMAT);
-  }
-
-}
diff --git a/server/sonar-webserver-core/src/main/java/org/sonar/server/authentication/package-info.java b/server/sonar-webserver-core/src/main/java/org/sonar/server/authentication/package-info.java
deleted file mode 100644
index fabf034df91..00000000000
--- a/server/sonar-webserver-core/src/main/java/org/sonar/server/authentication/package-info.java
+++ /dev/null
@@ -1,23 +0,0 @@
-/*
- * SonarQube
- * Copyright (C) 2009-2021 SonarSource SA
- * mailto:info AT sonarsource DOT com
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
- */
-@ParametersAreNonnullByDefault
-package org.sonar.server.authentication;
-
-import javax.annotation.ParametersAreNonnullByDefault;
author	Wouter Admiraal <wouter.admiraal@sonarsource.com>	2021-03-11 14:30:39 +0100
committer	sonartech <sonartech@sonarsource.com>	2021-03-18 20:08:12 +0000
commit	434951a0bf4f7165fecda893ee0ea9771784791d (patch)
tree	fb5475d5bd1012ec8c7b5ff71b1b0e868ce067e5 /server/sonar-webserver-core/src/main
parent	bd1f5a9348146f88b3bd250817c3302b935f9a34 (diff)
download	sonarqube-434951a0bf4f7165fecda893ee0ea9771784791d.tar.gz sonarqube-434951a0bf4f7165fecda893ee0ea9771784791d.zip