diff --git a/scm-core/src/main/java/sonia/scm/ScmState.java b/scm-core/src/main/java/sonia/scm/ScmState.java index 3de189d7cf..8508d90c67 100644 --- a/scm-core/src/main/java/sonia/scm/ScmState.java +++ b/scm-core/src/main/java/sonia/scm/ScmState.java @@ -73,10 +73,10 @@ public class ScmState * @param repositoryTypes - available repository types * @param clientConfig - client configuration */ + @Deprecated public ScmState(SCMContextProvider provider, - WebSecurityContext securityContext, - Collection repositoryTypes, - ScmClientConfig clientConfig) + WebSecurityContext securityContext, Collection repositoryTypes, + ScmClientConfig clientConfig) { this(provider, securityContext, repositoryTypes, null, clientConfig); } @@ -93,10 +93,10 @@ public class ScmState * * @since 1.14 */ + @Deprecated public ScmState(SCMContextProvider provider, - WebSecurityContext securityContext, - Collection repositoryTypes, String defaultUserType, - ScmClientConfig clientConfig) + WebSecurityContext securityContext, Collection repositoryTypes, + String defaultUserType, ScmClientConfig clientConfig) { this.version = provider.getVersion(); this.user = securityContext.getUser(); @@ -106,6 +106,31 @@ public class ScmState this.defaultUserType = defaultUserType; } + /** + * Constructs {@link ScmState} object. + * + * + * @param provider context provider + * @param user current user + * @param groups groups of the current user + * @param repositoryTypes available repository types + * @param defaultUserType default user type + * @param clientConfig client configuration + * + * @since 1.21 + */ + public ScmState(SCMContextProvider provider, User user, + Collection groups, Collection repositoryTypes, + String defaultUserType, ScmClientConfig clientConfig) + { + this.version = provider.getVersion(); + this.user = user; + this.groups = groups; + this.repositoryTypes = repositoryTypes; + this.clientConfig = clientConfig; + this.defaultUserType = defaultUserType; + } + //~--- get methods ---------------------------------------------------------- /** diff --git a/scm-webapp/src/main/java/sonia/scm/security/ScmAuthenticationToken.java b/scm-core/src/main/java/sonia/scm/security/ScmAuthenticationToken.java similarity index 99% rename from scm-webapp/src/main/java/sonia/scm/security/ScmAuthenticationToken.java rename to scm-core/src/main/java/sonia/scm/security/ScmAuthenticationToken.java index a4969680a6..e823415e48 100644 --- a/scm-webapp/src/main/java/sonia/scm/security/ScmAuthenticationToken.java +++ b/scm-core/src/main/java/sonia/scm/security/ScmAuthenticationToken.java @@ -45,6 +45,7 @@ import javax.servlet.http.HttpServletResponse; /** * * @author Sebastian Sdorra + * @since 1.21 */ public class ScmAuthenticationToken implements AuthenticationToken { diff --git a/scm-webapp/src/main/java/sonia/scm/api/rest/resources/AuthenticationResource.java b/scm-webapp/src/main/java/sonia/scm/api/rest/resources/AuthenticationResource.java index 9dc0277fc7..e96ff0e34f 100644 --- a/scm-webapp/src/main/java/sonia/scm/api/rest/resources/AuthenticationResource.java +++ b/scm-webapp/src/main/java/sonia/scm/api/rest/resources/AuthenticationResource.java @@ -36,24 +36,28 @@ package sonia.scm.api.rest.resources; //~--- non-JDK imports -------------------------------------------------------- import com.google.inject.Inject; -import com.google.inject.Provider; import com.google.inject.Singleton; +import org.apache.shiro.SecurityUtils; +import org.apache.shiro.authc.AuthenticationException; +import org.apache.shiro.subject.PrincipalCollection; +import org.apache.shiro.subject.Subject; + import org.codehaus.enunciate.jaxrs.TypeHint; import org.codehaus.enunciate.modules.jersey.ExternallyManagedLifecycle; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import sonia.scm.SCMContext; import sonia.scm.SCMContextProvider; import sonia.scm.ScmClientConfig; import sonia.scm.ScmState; import sonia.scm.config.ScmConfiguration; import sonia.scm.repository.RepositoryManager; +import sonia.scm.security.Groups; +import sonia.scm.security.ScmAuthenticationToken; import sonia.scm.user.User; import sonia.scm.user.UserManager; -import sonia.scm.web.security.WebSecurityContext; //~--- JDK imports ------------------------------------------------------------ @@ -98,16 +102,14 @@ public class AuthenticationResource * @param securityContextProvider */ @Inject - public AuthenticationResource( - SCMContextProvider contextProvider, ScmConfiguration configuration, - RepositoryManager repositoryManger, UserManager userManager, - Provider securityContextProvider) + public AuthenticationResource(SCMContextProvider contextProvider, + ScmConfiguration configuration, RepositoryManager repositoryManger, + UserManager userManager) { this.contextProvider = contextProvider; this.configuration = configuration; this.repositoryManger = repositoryManger; this.userManager = userManager; - this.securityContextProvider = securityContextProvider; } //~--- methods -------------------------------------------------------------- @@ -132,20 +134,21 @@ public class AuthenticationResource @Path("login") @TypeHint(ScmState.class) public ScmState authenticate(@Context HttpServletRequest request, - @Context HttpServletResponse response, - @FormParam("username") String username, - @FormParam("password") String password) + @Context HttpServletResponse response, + @FormParam("username") String username, + @FormParam("password") String password) { ScmState state = null; - WebSecurityContext securityContext = securityContextProvider.get(); - User user = securityContext.authenticate(request, response, username, - password); - if ((user != null) &&!SCMContext.USER_ANONYMOUS.equals(user.getName())) + Subject subject = SecurityUtils.getSubject(); + + try { - state = createState(securityContext); + subject.login(new ScmAuthenticationToken(request, response, username, + password)); + state = createState(subject); } - else + catch (AuthenticationException ex) { throw new WebApplicationException(Response.Status.UNAUTHORIZED); } @@ -171,18 +174,21 @@ public class AuthenticationResource @Path("logout") @TypeHint(ScmState.class) public Response logout(@Context HttpServletRequest request, - @Context HttpServletResponse response) + @Context HttpServletResponse response) { - WebSecurityContext securityContext = securityContextProvider.get(); + Subject subject = SecurityUtils.getSubject(); - securityContext.logout(request, response); + subject.logout(); Response resp = null; - User user = securityContext.getUser(); + + // TODO handle anonymous access + + User user = null; if (user != null) { - ScmState state = createState(securityContext); + ScmState state = createState(subject); resp = Response.ok(state).build(); } @@ -239,17 +245,16 @@ public class AuthenticationResource { Response response = null; ScmState state = null; - WebSecurityContext securityContext = securityContextProvider.get(); - User user = securityContext.getUser(); + Subject subject = SecurityUtils.getSubject(); - if (user != null) + if (subject.isAuthenticated()) { if (logger.isDebugEnabled()) { - logger.debug("return state for user {}", user.getName()); + logger.debug("return state for user {}", subject.getPrincipal()); } - state = createState(securityContext); + state = createState(subject); response = Response.ok(state).build(); } else @@ -268,14 +273,19 @@ public class AuthenticationResource * * @param securityContext * + * @param subject + * * @return */ - private ScmState createState(WebSecurityContext securityContext) + private ScmState createState(Subject subject) { - return new ScmState(contextProvider, securityContext, - repositoryManger.getConfiguredTypes(), - userManager.getDefaultType(), - new ScmClientConfig(configuration)); + PrincipalCollection collection = subject.getPrincipals(); + User user = collection.oneByType(User.class); + Groups groups = collection.oneByType(Groups.class); + + return new ScmState(contextProvider, user, groups.getGroups(), + repositoryManger.getConfiguredTypes(), userManager.getDefaultType(), + new ScmClientConfig(configuration)); } //~--- fields --------------------------------------------------------------- @@ -289,9 +299,6 @@ public class AuthenticationResource /** Field description */ private RepositoryManager repositoryManger; - /** Field description */ - private Provider securityContextProvider; - /** Field description */ private UserManager userManager; }