aboutsummaryrefslogtreecommitdiffstats
path: root/server
diff options
context:
space:
mode:
authorAurelien Poscia <aurelien.poscia@sonarsource.com>2022-08-08 16:03:28 +0200
committersonartech <sonartech@sonarsource.com>2022-08-10 20:03:08 +0000
commita5d505ac9b71b401691f452c69a994495c09cedb (patch)
tree39721a0a1bc515ad6e3e6bf505213e5a2d46ad48 /server
parent3a1cbb57ea9e240d804c5208a7e0dbc49cd5d0ab (diff)
downloadsonarqube-a5d505ac9b71b401691f452c69a994495c09cedb.tar.gz
sonarqube-a5d505ac9b71b401691f452c69a994495c09cedb.zip
SONAR-17156 add unique index on project_uuid of project_badge_token and clean-up duplicates
Diffstat (limited to 'server')
-rw-r--r--server/sonar-db-dao/src/schema/schema-sq.ddl1
-rw-r--r--server/sonar-db-migration/src/main/java/org/sonar/server/platform/db/migration/version/v96/CreateIndexForProjectBadgeTokens.java61
-rw-r--r--server/sonar-db-migration/src/main/java/org/sonar/server/platform/db/migration/version/v96/DbVersion96.java2
-rw-r--r--server/sonar-db-migration/src/main/java/org/sonar/server/platform/db/migration/version/v96/DeleteDuplicatedProjectBadgeTokens.java49
-rw-r--r--server/sonar-db-migration/src/test/java/org/sonar/server/platform/db/migration/version/v96/CreateIndexForProjectBadgeTokensTest.java52
-rw-r--r--server/sonar-db-migration/src/test/java/org/sonar/server/platform/db/migration/version/v96/DeleteDuplicatedProjectBadgeTokensTest.java117
-rw-r--r--server/sonar-db-migration/src/test/resources/org/sonar/server/platform/db/migration/version/v96/CreateIndexForProjectBadgeTokensTest/schema.sql8
-rw-r--r--server/sonar-db-migration/src/test/resources/org/sonar/server/platform/db/migration/version/v96/DeleteDuplicatedProjectBadgeTokensTest/schema.sql8
-rw-r--r--server/sonar-webserver-auth/src/main/java/org/sonar/server/usertoken/TokenGenerator.java2
-rw-r--r--server/sonar-webserver-auth/src/main/java/org/sonar/server/usertoken/TokenGeneratorImpl.java18
-rw-r--r--server/sonar-webserver-auth/src/test/java/org/sonar/server/usertoken/TokenGeneratorImplTest.java7
-rw-r--r--server/sonar-webserver-webapi/src/main/java/org/sonar/server/badge/ws/TokenAction.java7
-rw-r--r--server/sonar-webserver-webapi/src/main/java/org/sonar/server/badge/ws/TokenRenewAction.java3
-rw-r--r--server/sonar-webserver-webapi/src/test/java/org/sonar/server/badge/ws/TokenActionTest.java6
-rw-r--r--server/sonar-webserver-webapi/src/test/java/org/sonar/server/badge/ws/TokenRenewActionTest.java5
15 files changed, 330 insertions, 16 deletions
diff --git a/server/sonar-db-dao/src/schema/schema-sq.ddl b/server/sonar-db-dao/src/schema/schema-sq.ddl
index 148cd2ec489..6ff53f42894 100644
--- a/server/sonar-db-dao/src/schema/schema-sq.ddl
+++ b/server/sonar-db-dao/src/schema/schema-sq.ddl
@@ -639,6 +639,7 @@ CREATE TABLE "PROJECT_BADGE_TOKEN"(
"UPDATED_AT" BIGINT NOT NULL
);
ALTER TABLE "PROJECT_BADGE_TOKEN" ADD CONSTRAINT "PK_PROJECT_BADGE_TOKEN" PRIMARY KEY("UUID");
+CREATE UNIQUE INDEX "UNIQ_PROJECT_BADGE_TOKEN" ON "PROJECT_BADGE_TOKEN"("PROJECT_UUID" NULLS FIRST);
CREATE TABLE "PROJECT_BRANCHES"(
"UUID" CHARACTER VARYING(50) NOT NULL,
diff --git a/server/sonar-db-migration/src/main/java/org/sonar/server/platform/db/migration/version/v96/CreateIndexForProjectBadgeTokens.java b/server/sonar-db-migration/src/main/java/org/sonar/server/platform/db/migration/version/v96/CreateIndexForProjectBadgeTokens.java
new file mode 100644
index 00000000000..4f8f9e0b2db
--- /dev/null
+++ b/server/sonar-db-migration/src/main/java/org/sonar/server/platform/db/migration/version/v96/CreateIndexForProjectBadgeTokens.java
@@ -0,0 +1,61 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2022 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonar.server.platform.db.migration.version.v96;
+
+import com.google.common.annotations.VisibleForTesting;
+import java.sql.Connection;
+import java.sql.SQLException;
+import org.sonar.db.Database;
+import org.sonar.db.DatabaseUtils;
+import org.sonar.server.platform.db.migration.sql.CreateIndexBuilder;
+import org.sonar.server.platform.db.migration.step.DdlChange;
+
+public class CreateIndexForProjectBadgeTokens extends DdlChange {
+
+ @VisibleForTesting
+ static final String INDEX_NAME = "uniq_project_badge_token";
+ @VisibleForTesting
+ static final String TABLE = "project_badge_token";
+ @VisibleForTesting
+ static final String COLUMN_NAME = "project_uuid";
+
+ public CreateIndexForProjectBadgeTokens(Database db) {
+ super(db);
+ }
+
+ @Override
+ public void execute(Context context) throws SQLException {
+ try (Connection connection = getDatabase().getDataSource().getConnection()) {
+ createProjectBadgeTokenUniqueIndex(context, connection);
+ }
+ }
+
+ private static void createProjectBadgeTokenUniqueIndex(Context context, Connection connection) {
+ if (!DatabaseUtils.indexExistsIgnoreCase(TABLE, INDEX_NAME, connection)) {
+ context.execute(new CreateIndexBuilder()
+ .setTable(TABLE)
+ .setName(INDEX_NAME)
+ .addColumn(COLUMN_NAME)
+ .setUnique(true)
+ .build());
+ }
+ }
+
+}
diff --git a/server/sonar-db-migration/src/main/java/org/sonar/server/platform/db/migration/version/v96/DbVersion96.java b/server/sonar-db-migration/src/main/java/org/sonar/server/platform/db/migration/version/v96/DbVersion96.java
index aeb62b406b0..57d133f3fd3 100644
--- a/server/sonar-db-migration/src/main/java/org/sonar/server/platform/db/migration/version/v96/DbVersion96.java
+++ b/server/sonar-db-migration/src/main/java/org/sonar/server/platform/db/migration/version/v96/DbVersion96.java
@@ -41,6 +41,8 @@ public class DbVersion96 implements DbVersion {
.add(6510, "Create table 'push_events'", CreatePushEventsTable.class)
.add(6511, "Create index 'idx_push_even_crea_uuid_proj' on 'push_events'", CreateIndexForPushEvents.class)
.add(6512, "Add column 'language' to 'push_events'", AddLanguageColumnToPushEventsTable.class)
+ .add(6513, "Delete duplicated rows in 'project_badge_token'", DeleteDuplicatedProjectBadgeTokens.class)
+ .add(6514, "Add unique index on 'project_uuid' in 'project_badge_token'", CreateIndexForProjectBadgeTokens.class)
;
}
}
diff --git a/server/sonar-db-migration/src/main/java/org/sonar/server/platform/db/migration/version/v96/DeleteDuplicatedProjectBadgeTokens.java b/server/sonar-db-migration/src/main/java/org/sonar/server/platform/db/migration/version/v96/DeleteDuplicatedProjectBadgeTokens.java
new file mode 100644
index 00000000000..3d0f5050233
--- /dev/null
+++ b/server/sonar-db-migration/src/main/java/org/sonar/server/platform/db/migration/version/v96/DeleteDuplicatedProjectBadgeTokens.java
@@ -0,0 +1,49 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2022 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonar.server.platform.db.migration.version.v96;
+
+import java.sql.SQLException;
+import org.sonar.db.Database;
+import org.sonar.server.platform.db.migration.step.DataChange;
+import org.sonar.server.platform.db.migration.step.Upsert;
+
+public class DeleteDuplicatedProjectBadgeTokens extends DataChange {
+
+ private static final String DELETE_ITEMS_WITH_DIFFERENT_CREATION_DATES = "delete from project_badge_token where exists ("
+ + " select 1 from project_badge_token b where project_badge_token.project_uuid = b.project_uuid and project_badge_token.created_at > b.created_at)";
+ private static final String DELETE_ITEMS_WITH_SAME_CREATION_DATES = "delete from project_badge_token where exists ("
+ + " select 1 from project_badge_token b where project_badge_token.project_uuid = b.project_uuid and b.uuid < project_badge_token.uuid)";
+
+ public DeleteDuplicatedProjectBadgeTokens(Database db) {
+ super(db);
+ }
+
+ @Override
+ protected void execute(Context context) throws SQLException {
+ executeQuery(context, DELETE_ITEMS_WITH_DIFFERENT_CREATION_DATES);
+ executeQuery(context, DELETE_ITEMS_WITH_SAME_CREATION_DATES);
+ }
+
+ private static void executeQuery(Context context, String sql) throws SQLException {
+ Upsert upsert = context.prepareUpsert(sql);
+ upsert.execute();
+ upsert.commit();
+ }
+}
diff --git a/server/sonar-db-migration/src/test/java/org/sonar/server/platform/db/migration/version/v96/CreateIndexForProjectBadgeTokensTest.java b/server/sonar-db-migration/src/test/java/org/sonar/server/platform/db/migration/version/v96/CreateIndexForProjectBadgeTokensTest.java
new file mode 100644
index 00000000000..8b14b1b8315
--- /dev/null
+++ b/server/sonar-db-migration/src/test/java/org/sonar/server/platform/db/migration/version/v96/CreateIndexForProjectBadgeTokensTest.java
@@ -0,0 +1,52 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2022 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonar.server.platform.db.migration.version.v96;
+
+import java.sql.SQLException;
+import org.junit.Rule;
+import org.junit.Test;
+import org.sonar.db.CoreDbTester;
+
+public class CreateIndexForProjectBadgeTokensTest {
+
+ @Rule
+ public final CoreDbTester db = CoreDbTester.createForSchema(CreateIndexForProjectBadgeTokensTest.class, "schema.sql");
+
+ private final CreateIndexForProjectBadgeTokens createIndexForProjectBadgeTokens = new CreateIndexForProjectBadgeTokens(db.database());
+
+ @Test
+ public void migration_should_create_index() throws SQLException {
+ db.assertIndexDoesNotExist(CreateIndexForProjectBadgeTokens.TABLE, CreateIndexForProjectBadgeTokens.INDEX_NAME);
+
+ createIndexForProjectBadgeTokens.execute();
+
+ db.assertUniqueIndex(CreateIndexForProjectBadgeTokens.TABLE, CreateIndexForProjectBadgeTokens.INDEX_NAME, CreateIndexForProjectBadgeTokens.COLUMN_NAME);
+ }
+
+ @Test
+ public void migration_should_be_reentrant() throws SQLException {
+ createIndexForProjectBadgeTokens.execute();
+
+ createIndexForProjectBadgeTokens.execute();
+
+ db.assertUniqueIndex(CreateIndexForProjectBadgeTokens.TABLE, CreateIndexForProjectBadgeTokens.INDEX_NAME, CreateIndexForProjectBadgeTokens.COLUMN_NAME);
+ }
+
+}
diff --git a/server/sonar-db-migration/src/test/java/org/sonar/server/platform/db/migration/version/v96/DeleteDuplicatedProjectBadgeTokensTest.java b/server/sonar-db-migration/src/test/java/org/sonar/server/platform/db/migration/version/v96/DeleteDuplicatedProjectBadgeTokensTest.java
new file mode 100644
index 00000000000..75da8eac7e8
--- /dev/null
+++ b/server/sonar-db-migration/src/test/java/org/sonar/server/platform/db/migration/version/v96/DeleteDuplicatedProjectBadgeTokensTest.java
@@ -0,0 +1,117 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2022 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonar.server.platform.db.migration.version.v96;
+
+import java.sql.SQLException;
+import org.junit.Rule;
+import org.junit.Test;
+import org.sonar.db.CoreDbTester;
+
+import static org.assertj.core.api.Assertions.assertThat;
+
+public class DeleteDuplicatedProjectBadgeTokensTest {
+ @Rule
+ public final CoreDbTester db = CoreDbTester.createForSchema(DeleteDuplicatedProjectBadgeTokensTest.class, "schema.sql");
+
+ private final DeleteDuplicatedProjectBadgeTokens deleteDuplicatedProjectBadgeTokens = new DeleteDuplicatedProjectBadgeTokens(db.database());
+
+ @Test
+ public void deleteDuplicatedProjectBadgeTokens_whenTokenForDifferentProjects_doesNothing() throws SQLException {
+ insertProjectBadgeToken("uuid1", "proj1", 1);
+ insertProjectBadgeToken("uuid2", "proj2", 1);
+
+ deleteDuplicatedProjectBadgeTokens.execute();
+
+ assertThat(db.countRowsOfTable("project_badge_token")).isEqualTo(2);
+ }
+
+ @Test
+ public void deleteDuplicatedProjectBadgeTokens_whenSeveralTokensForSameProjectsAtTheSameTime_leavesOneToken() throws SQLException {
+ insertProjectBadgeToken("uuid1", "proj1", 1);
+ insertProjectBadgeToken("uuid2", "proj1", 1);
+ insertProjectBadgeToken("uuid3", "proj1", 1);
+
+ deleteDuplicatedProjectBadgeTokens.execute();
+
+ assertThat(db.countRowsOfTable("project_badge_token")).isEqualTo(1);
+ }
+
+ @Test
+ public void deleteDuplicatedProjectBadgeTokens_whenSeveralTokensForSameProjectsAtDifferentTime_leavesMostAncient() throws SQLException {
+ insertProjectBadgeToken("uuid1", "proj1", 2);
+ insertProjectBadgeToken("uuid2", "proj1", 1);
+ insertProjectBadgeToken("uuid3", "proj1", 3);
+
+ deleteDuplicatedProjectBadgeTokens.execute();
+
+ assertThat(db.countRowsOfTable("project_badge_token")).isEqualTo(1);
+ assertThat(db.selectFirst("select UUID from project_badge_token")).containsEntry("UUID", "uuid2");
+ }
+
+ @Test
+ public void deleteDuplicatedProjectBadgeTokens_whenSeveralTokensForSameProjectsAtDifferentAndSameTime_leavesAnyMostAncient() throws SQLException {
+ insertProjectBadgeToken("uuid1", "proj1", 2);
+ insertProjectBadgeToken("uuid2", "proj1", 1);
+ insertProjectBadgeToken("uuid3", "proj1", 3);
+ insertProjectBadgeToken("uuid4", "proj1", 1);
+ insertProjectBadgeToken("uuid5", "proj1", 2);
+
+ deleteDuplicatedProjectBadgeTokens.execute();
+
+ assertThat(db.countRowsOfTable("project_badge_token")).isEqualTo(1);
+ assertThat(db.selectFirst("select UUID from project_badge_token")).containsEntry("UUID", "uuid2");
+ }
+
+ @Test
+ public void deleteDuplicatedProjectBadgeTokens_whenSeveralTokensForSameProjectsAtDifferentAndSameTime_leavesAnyMostAncient2() throws SQLException {
+ insertProjectBadgeToken("uuid1", "proj1", 2);
+ insertProjectBadgeToken("uuid2", "proj1", 1);
+ insertProjectBadgeToken("uuid3", "proj1", 3);
+ insertProjectBadgeToken("uuid4", "proj2", 1);
+ insertProjectBadgeToken("uuid5", "proj2", 1);
+
+ deleteDuplicatedProjectBadgeTokens.execute();
+
+ assertThat(db.countRowsOfTable("project_badge_token")).isEqualTo(2);
+ assertThat(db.select("select UUID from project_badge_token")).extracting(e -> e.get("UUID")).containsOnly("uuid2", "uuid4");
+ }
+
+ @Test
+ public void deleteDuplicatedProjectBadgeTokens_reentrantTest() throws SQLException {
+ insertProjectBadgeToken("uuid1", "proj1", 1);
+ insertProjectBadgeToken("uuid2", "proj2", 1);
+
+ deleteDuplicatedProjectBadgeTokens.execute();
+ deleteDuplicatedProjectBadgeTokens.execute();
+ deleteDuplicatedProjectBadgeTokens.execute();
+
+ assertThat(db.countRowsOfTable("project_badge_token")).isEqualTo(2);
+ }
+
+ private void insertProjectBadgeToken(String uuid, String projectUuid, long createdAt) {
+ db.executeInsert("project_badge_token", "UUID", uuid,
+ "token", "TEST_TOKEN",
+ "project_uuid", projectUuid,
+ "created_at", createdAt,
+ "updated_at", createdAt
+ );
+ }
+
+}
diff --git a/server/sonar-db-migration/src/test/resources/org/sonar/server/platform/db/migration/version/v96/CreateIndexForProjectBadgeTokensTest/schema.sql b/server/sonar-db-migration/src/test/resources/org/sonar/server/platform/db/migration/version/v96/CreateIndexForProjectBadgeTokensTest/schema.sql
new file mode 100644
index 00000000000..b64839cf72d
--- /dev/null
+++ b/server/sonar-db-migration/src/test/resources/org/sonar/server/platform/db/migration/version/v96/CreateIndexForProjectBadgeTokensTest/schema.sql
@@ -0,0 +1,8 @@
+CREATE TABLE "PROJECT_BADGE_TOKEN"(
+ "UUID" CHARACTER VARYING(40) NOT NULL,
+ "TOKEN" CHARACTER VARYING(255) NOT NULL,
+ "PROJECT_UUID" CHARACTER VARYING(40) NOT NULL,
+ "CREATED_AT" BIGINT NOT NULL,
+ "UPDATED_AT" BIGINT NOT NULL
+);
+ALTER TABLE "PROJECT_BADGE_TOKEN" ADD CONSTRAINT "PK_PROJECT_BADGE_TOKEN" PRIMARY KEY("UUID");
diff --git a/server/sonar-db-migration/src/test/resources/org/sonar/server/platform/db/migration/version/v96/DeleteDuplicatedProjectBadgeTokensTest/schema.sql b/server/sonar-db-migration/src/test/resources/org/sonar/server/platform/db/migration/version/v96/DeleteDuplicatedProjectBadgeTokensTest/schema.sql
new file mode 100644
index 00000000000..b64839cf72d
--- /dev/null
+++ b/server/sonar-db-migration/src/test/resources/org/sonar/server/platform/db/migration/version/v96/DeleteDuplicatedProjectBadgeTokensTest/schema.sql
@@ -0,0 +1,8 @@
+CREATE TABLE "PROJECT_BADGE_TOKEN"(
+ "UUID" CHARACTER VARYING(40) NOT NULL,
+ "TOKEN" CHARACTER VARYING(255) NOT NULL,
+ "PROJECT_UUID" CHARACTER VARYING(40) NOT NULL,
+ "CREATED_AT" BIGINT NOT NULL,
+ "UPDATED_AT" BIGINT NOT NULL
+);
+ALTER TABLE "PROJECT_BADGE_TOKEN" ADD CONSTRAINT "PK_PROJECT_BADGE_TOKEN" PRIMARY KEY("UUID");
diff --git a/server/sonar-webserver-auth/src/main/java/org/sonar/server/usertoken/TokenGenerator.java b/server/sonar-webserver-auth/src/main/java/org/sonar/server/usertoken/TokenGenerator.java
index 1df9e1f8dad..4755c77ca94 100644
--- a/server/sonar-webserver-auth/src/main/java/org/sonar/server/usertoken/TokenGenerator.java
+++ b/server/sonar-webserver-auth/src/main/java/org/sonar/server/usertoken/TokenGenerator.java
@@ -39,6 +39,8 @@ public interface TokenGenerator {
*/
String generate(TokenType tokenType);
+ String generateProjectBadgeToken();
+
/**
* Hash a token.<br/>
* Underlying algorithm, format and max length are
diff --git a/server/sonar-webserver-auth/src/main/java/org/sonar/server/usertoken/TokenGeneratorImpl.java b/server/sonar-webserver-auth/src/main/java/org/sonar/server/usertoken/TokenGeneratorImpl.java
index fee313bd1f0..1b9b88bc85c 100644
--- a/server/sonar-webserver-auth/src/main/java/org/sonar/server/usertoken/TokenGeneratorImpl.java
+++ b/server/sonar-webserver-auth/src/main/java/org/sonar/server/usertoken/TokenGeneratorImpl.java
@@ -30,10 +30,8 @@ public class TokenGeneratorImpl implements TokenGenerator {
@Override
public String generate(TokenType tokenType) {
- SecureRandom random = new SecureRandom();
- byte[] randomBytes = new byte[20];
- random.nextBytes(randomBytes);
- return buildIdentifiablePartOfToken(tokenType) + Hex.encodeHexString(randomBytes);
+ String rawToken = generateRawToken();
+ return buildIdentifiablePartOfToken(tokenType) + rawToken;
}
private static String buildIdentifiablePartOfToken(TokenType tokenType) {
@@ -41,6 +39,18 @@ public class TokenGeneratorImpl implements TokenGenerator {
}
@Override
+ public String generateProjectBadgeToken() {
+ return generateRawToken();
+ }
+
+ private static String generateRawToken() {
+ SecureRandom random = new SecureRandom();
+ byte[] randomBytes = new byte[20];
+ random.nextBytes(randomBytes);
+ return Hex.encodeHexString(randomBytes);
+ }
+
+ @Override
public String hash(String token) {
return DigestUtils.sha384Hex(token);
}
diff --git a/server/sonar-webserver-auth/src/test/java/org/sonar/server/usertoken/TokenGeneratorImplTest.java b/server/sonar-webserver-auth/src/test/java/org/sonar/server/usertoken/TokenGeneratorImplTest.java
index 08a20be69b2..f89fc05f8a1 100644
--- a/server/sonar-webserver-auth/src/test/java/org/sonar/server/usertoken/TokenGeneratorImplTest.java
+++ b/server/sonar-webserver-auth/src/test/java/org/sonar/server/usertoken/TokenGeneratorImplTest.java
@@ -61,6 +61,13 @@ public class TokenGeneratorImplTest {
}
@Test
+ public void generateProjectBadgeToken_nullToken_shouldNotHavePrefix() {
+ String token = underTest.generateProjectBadgeToken();
+
+ assertThat(token).matches(".{40}");
+ }
+
+ @Test
public void token_does_not_contain_colon() {
assertThat(underTest.generate(TokenType.USER_TOKEN)).doesNotContain(":");
}
diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/badge/ws/TokenAction.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/badge/ws/TokenAction.java
index 22111431fd7..c2b98f5d6c0 100644
--- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/badge/ws/TokenAction.java
+++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/badge/ws/TokenAction.java
@@ -27,11 +27,10 @@ import org.sonar.api.server.ws.WebService.NewAction;
import org.sonar.api.web.UserRole;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
-import org.sonar.db.project.ProjectDto;
import org.sonar.db.project.ProjectBadgeTokenDto;
+import org.sonar.db.project.ProjectDto;
import org.sonar.server.user.UserSession;
import org.sonar.server.usertoken.TokenGenerator;
-import org.sonar.db.user.TokenType;
import org.sonarqube.ws.ProjectBadgeToken.TokenWsResponse;
import static org.sonar.server.ws.KeyExamples.KEY_PROJECT_EXAMPLE_001;
@@ -80,8 +79,8 @@ public class TokenAction implements ProjectBadgesWsAction {
ProjectBadgeTokenDto projectBadgeTokenDto = dbClient.projectBadgeTokenDao().selectTokenByProject(dbSession, projectDto);
if (projectBadgeTokenDto == null) {
- projectBadgeTokenDto = dbClient.projectBadgeTokenDao().insert(dbSession, tokenGenerator.generate(TokenType.USER_TOKEN),
- projectDto, userSession.getUuid(), userSession.getLogin());
+ String token = tokenGenerator.generateProjectBadgeToken();
+ projectBadgeTokenDto = dbClient.projectBadgeTokenDao().insert(dbSession, token, projectDto, userSession.getUuid(), userSession.getLogin());
dbSession.commit();
}
diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/badge/ws/TokenRenewAction.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/badge/ws/TokenRenewAction.java
index f89f55f4178..89109aa1ebb 100644
--- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/badge/ws/TokenRenewAction.java
+++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/badge/ws/TokenRenewAction.java
@@ -29,7 +29,6 @@ import org.sonar.db.DbSession;
import org.sonar.db.project.ProjectDto;
import org.sonar.server.user.UserSession;
import org.sonar.server.usertoken.TokenGenerator;
-import org.sonar.db.user.TokenType;
import static org.sonar.server.ws.KeyExamples.KEY_PROJECT_EXAMPLE_001;
@@ -73,7 +72,7 @@ public class TokenRenewAction implements ProjectBadgesWsAction {
ProjectDto projectDto = dbClient.projectDao().selectProjectByKey(dbSession, projectKey).orElseThrow(() -> new IllegalArgumentException("project not found"));
userSession.checkProjectPermission(UserRole.ADMIN, projectDto);
- String newGeneratedToken = tokenGenerator.generate(TokenType.USER_TOKEN);
+ String newGeneratedToken = tokenGenerator.generateProjectBadgeToken();
dbClient.projectBadgeTokenDao().upsert(dbSession, newGeneratedToken, projectDto, userSession.getUuid(), userSession.getLogin());
dbSession.commit();
}
diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/badge/ws/TokenActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/badge/ws/TokenActionTest.java
index b078773fc77..c72dd4f39a9 100644
--- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/badge/ws/TokenActionTest.java
+++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/badge/ws/TokenActionTest.java
@@ -26,10 +26,10 @@ import org.mockito.Mockito;
import org.sonar.api.web.UserRole;
import org.sonar.db.DbTester;
import org.sonar.db.component.ComponentDto;
+import org.sonar.db.user.TokenType;
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.tester.UserSessionRule;
import org.sonar.server.usertoken.TokenGenerator;
-import org.sonar.db.user.TokenType;
import org.sonar.server.ws.TestRequest;
import org.sonar.server.ws.TestResponse;
import org.sonar.server.ws.WsActionTester;
@@ -74,7 +74,7 @@ public class TokenActionTest {
public void should_generate_token() {
ComponentDto project = db.components().insertPrivateProject();
userSession.logIn().addProjectPermission(UserRole.USER, project);
- when(tokenGenerator.generate(TokenType.USER_TOKEN)).thenReturn("generated_token");
+ when(tokenGenerator.generateProjectBadgeToken()).thenReturn("generated_token");
TestResponse response = ws.newRequest().setParam("project", project.getKey()).execute();
@@ -85,7 +85,7 @@ public class TokenActionTest {
public void should_reuse_generated_token() {
ComponentDto project = db.components().insertPrivateProject();
userSession.logIn().addProjectPermission(UserRole.USER, project);
- when(tokenGenerator.generate(TokenType.USER_TOKEN)).thenReturn("generated_token");
+ when(tokenGenerator.generateProjectBadgeToken()).thenReturn("generated_token");
// first call, generating the token
TestResponse firstResponse = ws.newRequest().setParam("project", project.getKey()).execute();
diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/badge/ws/TokenRenewActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/badge/ws/TokenRenewActionTest.java
index 37a02948c42..d19cdbb0154 100644
--- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/badge/ws/TokenRenewActionTest.java
+++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/badge/ws/TokenRenewActionTest.java
@@ -33,7 +33,6 @@ import org.sonar.db.project.ProjectDto;
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.tester.UserSessionRule;
import org.sonar.server.usertoken.TokenGenerator;
-import org.sonar.db.user.TokenType;
import org.sonar.server.ws.TestRequest;
import org.sonar.server.ws.TestResponse;
import org.sonar.server.ws.WsActionTester;
@@ -87,7 +86,7 @@ public class TokenRenewActionTest {
public void should_add_token_when_no_token_yet_and_return_204() {
ProjectDto project = db.components().insertPrivateProjectDto();
userSession.logIn().addProjectPermission(UserRole.ADMIN, project);
- when(tokenGenerator.generate(TokenType.USER_TOKEN)).thenReturn("generated_token");
+ when(tokenGenerator.generateProjectBadgeToken()).thenReturn("generated_token");
TestResponse response = ws.newRequest().setParam("project", project.getKey()).execute();
@@ -101,7 +100,7 @@ public class TokenRenewActionTest {
public void should_replace_existing_token_when__token_already_present_and_update_update_at() {
ProjectDto project = db.components().insertPrivateProjectDto();
userSession.logIn().addProjectPermission(UserRole.ADMIN, project);
- when(tokenGenerator.generate(TokenType.USER_TOKEN)).thenReturn("generated_token");
+ when(tokenGenerator.generateProjectBadgeToken()).thenReturn("generated_token");
ws.newRequest().setParam("project", project.getKey()).execute(); //inserting first token with updated at 1000