1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
|
/*
* SonarQube
* Copyright (C) 2009-2025 SonarSource SA
* mailto:info AT sonarsource DOT com
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 3 of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with this program; if not, write to the Free Software Foundation,
* Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
package org.sonar.auth.bitbucket;
import java.util.Arrays;
import java.util.List;
import java.util.function.Supplier;
import javax.annotation.CheckForNull;
import org.sonar.api.PropertyType;
import org.sonar.api.config.Configuration;
import org.sonar.api.config.PropertyDefinition;
import org.sonar.api.server.ServerSide;
@ServerSide
public class BitbucketSettings {
private static final Supplier<? extends IllegalStateException> DEFAULT_VALUE_MISSING = () -> new IllegalStateException("Should have a default value");
public static final String CONSUMER_KEY = "sonar.auth.bitbucket.clientId.secured";
public static final String CONSUMER_SECRET = "sonar.auth.bitbucket.clientSecret.secured";
public static final String ENABLED = "sonar.auth.bitbucket.enabled";
public static final String ALLOW_USERS_TO_SIGN_UP = "sonar.auth.bitbucket.allowUsersToSignUp";
public static final String WORKSPACE_ALLOWED_LIST = "sonar.auth.bitbucket.workspaces";
public static final String DEFAULT_API_URL = "https://api.bitbucket.org/";
public static final String DEFAULT_WEB_URL = "https://bitbucket.org/";
public static final String CATEGORY = "authentication";
public static final String SUBCATEGORY = "bitbucket";
private final Configuration config;
public BitbucketSettings(Configuration config) {
this.config = config;
}
@CheckForNull
public String clientId() {
return config.get(CONSUMER_KEY).orElse(null);
}
@CheckForNull
public String clientSecret() {
return config.get(CONSUMER_SECRET).orElse(null);
}
public boolean isEnabled() {
return config.getBoolean(ENABLED).orElseThrow(DEFAULT_VALUE_MISSING) && clientId() != null && clientSecret() != null;
}
public boolean allowUsersToSignUp() {
return config.getBoolean(ALLOW_USERS_TO_SIGN_UP).orElseThrow(DEFAULT_VALUE_MISSING);
}
public String[] workspaceAllowedList() {
return config.getStringArray(WORKSPACE_ALLOWED_LIST);
}
public String webURL() {
return DEFAULT_WEB_URL;
}
public String apiURL() {
return DEFAULT_API_URL;
}
public static List<PropertyDefinition> definitions() {
return Arrays.asList(
PropertyDefinition.builder(ENABLED)
.name("Enabled")
.description("Enable Bitbucket users to login. Value is ignored if consumer key and secret are not defined.")
.category(CATEGORY)
.subCategory(SUBCATEGORY)
.type(PropertyType.BOOLEAN)
.defaultValue(String.valueOf(false))
.index(1)
.build(),
PropertyDefinition.builder(CONSUMER_KEY)
.name("OAuth consumer key")
.description("Consumer key provided by Bitbucket when registering the consumer.")
.category(CATEGORY)
.subCategory(SUBCATEGORY)
.index(2)
.build(),
PropertyDefinition.builder(CONSUMER_SECRET)
.name("OAuth consumer secret")
.description("Consumer secret provided by Bitbucket when registering the consumer.")
.category(CATEGORY)
.subCategory(SUBCATEGORY)
.index(3)
.build(),
PropertyDefinition.builder(ALLOW_USERS_TO_SIGN_UP)
.name("Allow users to sign up")
.description("Allow new users to authenticate. When set to disabled, only existing users will be able to authenticate.")
.category(CATEGORY)
.subCategory(SUBCATEGORY)
.type(PropertyType.BOOLEAN)
.defaultValue(String.valueOf(true))
.index(4)
.build(),
PropertyDefinition.builder(WORKSPACE_ALLOWED_LIST)
.name("Workspaces")
.description("Only members of at least one of these workspace will be able to authenticate. Keep empty to disable workspace restriction. " +
"You can use either the workspace name, or the workspace slug (ex: https://bitbucket.org/{workspace-slug}). " +
"⚠ if not set, any BitBucket user will be able to authenticate to the server.")
.category(CATEGORY)
.subCategory(SUBCATEGORY)
.multiValues(true)
.index(5)
.build()
);
}
}
|