Nemcio/SCM-Manager
1
0
Fork 0
mirror of https://github.com/scm-manager/scm-manager.git synced 2026-02-05 22:29:11 +01:00
Code Issues Packages Projects Releases Activity

Clean up class

Browse Source
This commit is contained in:
René Pfeuffer
2020-10-05 08:18:37 +02:00
parent 22142d96ea
commit 8733ca97af
1 changed files with 20 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
scm-webapp/src/main/java/sonia/scm/security/ApiKeyRealm.java
View File

@@ -68,15 +68,16 @@ public class ApiKeyRealm extends AuthenticatingRealm {
"%s is required", BearerToken.class);
String password = getPassword(token);
ApiKeyService.CheckResult check = apiKeyService.check(password);
RepositoryRole repositoryRole = repositoryRoleManager.get(check.getPermissionRole());
if (repositoryRole == null) {
throw new AuthorizationException("api key has unknown role: " + check.getPermissionRole());
}
String scope = "repository:" + String.join(",", repositoryRole.getVerbs()) + ":*";
return buildAuthenticationInfo(token, check);
}
private AuthenticationInfo buildAuthenticationInfo(AuthenticationToken token, ApiKeyService.CheckResult check) {
RepositoryRole repositoryRole = determineRole(check);
Scope scope = createScope(repositoryRole);
return helper
.authenticationInfoBuilder(check.getUser())
.withSessionId(getPrincipal(token))
.withScope(Scope.valueOf(scope))
.withScope(scope)
.build();
}
@@ -88,11 +89,23 @@ public class ApiKeyRealm extends AuthenticatingRealm {
}
}
private RepositoryRole determineRole(ApiKeyService.CheckResult check) {
RepositoryRole repositoryRole = repositoryRoleManager.get(check.getPermissionRole());
if (repositoryRole == null) {
throw new AuthorizationException("api key has unknown role: " + check.getPermissionRole());
}
return repositoryRole;
}
private Scope createScope(RepositoryRole repositoryRole) {
return Scope.valueOf("repository:" + String.join(",", repositoryRole.getVerbs()) + ":*");
}
private SessionId getPrincipal(AuthenticationToken token) {
if (token instanceof BearerToken) {
return ((BearerToken) token).getPrincipal();
} else {
return SessionId.valueOf((((UsernamePasswordToken) token).getPrincipal()).toString());
return SessionId.valueOf((token.getPrincipal()).toString());
}
}
}