Nemcio/SCM-Manager
1
0
Fork 0
mirror of https://github.com/scm-manager/scm-manager.git synced 2026-05-05 17:36:07 +02:00
Code Issues Packages Projects Releases Activity

Merge branch 'support/2.6.x' into develop

Browse Source
This commit is contained in:
René Pfeuffer
2020-10-09 12:16:23 +02:00
parent 5c3e489fa7 f7a4061ae4
commit 2f5b6d98c6
7 changed files with 103 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
scm-webapp/src/main/java/sonia/scm/security/JwtAccessTokenResolver.java
View File

@@ -89,7 +89,7 @@ public final class JwtAccessTokenResolver implements AccessTokenResolver {
if (!validator.validate(accessToken)) {
String msg = createValidationFailedMessage(validator, accessToken);
LOG.debug(msg);
throw new AuthenticationException(msg);
throw new TokenValidationFailedException(validator, accessToken);
}
}

20
scm-webapp/src/main/java/sonia/scm/security/ScmAtLeastOneSuccessfulStrategy.java
View File

@@ -55,16 +55,16 @@ public class ScmAtLeastOneSuccessfulStrategy extends AbstractAuthenticationStrat
}
@Override
public AuthenticationInfo afterAllAttempts(AuthenticationToken token, AuthenticationInfo aggregate) throws AuthenticationException {
public AuthenticationInfo afterAllAttempts(AuthenticationToken token, AuthenticationInfo aggregate) {
final List<Throwable> throwables = threadLocal.get();
threadLocal.remove();
if (isAuthenticationSuccessful(aggregate)) {
return aggregate;
}
Optional<TokenExpiredException> tokenExpiredException = findTokenExpiredException(throwables);
Optional<? extends AuthenticationException> specializedException = findSpecializedException(throwables);
if (tokenExpiredException.isPresent()) {
throw tokenExpiredException.get();
if (specializedException.isPresent()) {
throw specializedException.get();
} else {
throw createAuthenticationException(token);
}
@@ -82,6 +82,18 @@ public class ScmAtLeastOneSuccessfulStrategy extends AbstractAuthenticationStrat
return throwables.stream().filter(t -> t instanceof TokenExpiredException).findFirst().map(t -> (TokenExpiredException) t);
}
private static Optional<AuthenticationException> findTokenValidationFailedException(List<Throwable> throwables) {
return throwables.stream().filter(t -> t instanceof TokenValidationFailedException).findFirst().map(t -> (TokenValidationFailedException) t);
}
private static Optional<? extends AuthenticationException> findSpecializedException(List<Throwable> throwables) {
Optional<TokenExpiredException> tokenExpiredException = findTokenExpiredException(throwables);
if (tokenExpiredException.isPresent()) {
return tokenExpiredException;
}
return findTokenValidationFailedException(throwables);
}
private static AuthenticationException createAuthenticationException(AuthenticationToken token) {
return new AuthenticationException("Authentication token of type [" + token.getClass() + "] " +
"could not be authenticated by any configured realms. Please ensure that at least one realm can " +