[archiva-redback-core] branch master updated: Changing authentication REST service

martin_s Fri, 10 Jul 2020 04:22:55 -0700

This is an automated email from the ASF dual-hosted git repository.

martin_s pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/archiva-redback-core.git



The following commit(s) were added to refs/heads/master by this push:
     new 9e0e580  Changing authentication REST service
9e0e580 is described below

commit 9e0e580cced13dbc0d46ce511999764937ce3fad
Author: Martin Stockhammer <[email protected]>
AuthorDate: Fri Jul 10 13:21:47 2020 +0200

    Changing authentication REST service
---
 .../api/services/v2/AuthenticationService.java     | 32 ++++++++++++++++++++--
 .../services/v2/DefaultAuthenticationService.java  | 12 ++++++--
 .../services/v2/AuthenticationServiceTest.java     |  7 +++--
 3 files changed, 42 insertions(+), 9 deletions(-)

diff --git 
a/redback-integrations/redback-rest/redback-rest-api/src/main/java/org/apache/archiva/redback/rest/api/services/v2/AuthenticationService.java
 
b/redback-integrations/redback-rest/redback-rest-api/src/main/java/org/apache/archiva/redback/rest/api/services/v2/AuthenticationService.java
index c518be4..c38b5a9 100644
--- 
a/redback-integrations/redback-rest/redback-rest-api/src/main/java/org/apache/archiva/redback/rest/api/services/v2/AuthenticationService.java
+++ 
b/redback-integrations/redback-rest/redback-rest-api/src/main/java/org/apache/archiva/redback/rest/api/services/v2/AuthenticationService.java
@@ -19,6 +19,9 @@ package org.apache.archiva.redback.rest.api.services.v2;
  * under the License.
  */
 
+import io.swagger.v3.oas.annotations.OpenAPIDefinition;
+import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.responses.ApiResponse;
 import org.apache.archiva.redback.authorization.RedbackAuthorization;
 import org.apache.archiva.redback.rest.api.model.ActionStatus;
 import org.apache.archiva.redback.rest.api.model.AuthenticationKeyResult;
@@ -70,17 +73,40 @@ public interface AuthenticationService
         throws RedbackServiceException;
 
     /**
-     * check username/password and create a http session.
-     * So no more need of reuse username/password for all ajaxRequest
+     * Check username/password and return a bearer token.
+     * The bearer token can be added to the HTTP header on further requests to 
authenticate.
+     *
      */
     @Path( "authenticate" )
     @POST
     @RedbackAuthorization( noRestriction = true, noPermission = true )
     @Produces( { MediaType.APPLICATION_JSON } )
-    UserLogin logIn( LoginRequest loginRequest )
+    @Operation( summary = "Authenticate by user/password login and return a 
bearer token, usable for further requests",
+        responses = {
+            @ApiResponse( description = "The bearer token. The token data 
contains the token string that should be added to the Bearer header" )
+        }
+    )
+    Token logIn( LoginRequest loginRequest )
         throws RedbackServiceException;
 
     /**
+     * Renew the bearer token. The request must send a bearer token in the 
HTTP header
+     *
+     */
+    @Path( "authenticate" )
+    @GET
+    @RedbackAuthorization( noRestriction = false, noPermission = true )
+    @Produces( { MediaType.APPLICATION_JSON } )
+    @Operation( summary = "Creates a new bearer token. The requestor must 
present a still valid bearer token in the HTTP header.",
+        responses = {
+            @ApiResponse( description = "The new bearer token," )
+        }
+    )
+    Token renewToken( )
+        throws RedbackServiceException;
+
+
+    /**
      * simply check if current user has an http session opened with authz 
passed and return user data
      * @since 1.4
      */
diff --git 
a/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/v2/DefaultAuthenticationService.java
 
b/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/v2/DefaultAuthenticationService.java
index 1c93361..9537c3c 100644
--- 
a/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/v2/DefaultAuthenticationService.java
+++ 
b/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/v2/DefaultAuthenticationService.java
@@ -146,7 +146,7 @@ public class DefaultAuthenticationService
     }
 
     @Override
-    public UserLogin logIn( LoginRequest loginRequest )
+    public Token logIn( LoginRequest loginRequest )
         throws RedbackServiceException
     {
         String userName = loginRequest.getUsername(), password = 
loginRequest.getPassword();
@@ -180,7 +180,7 @@ public class DefaultAuthenticationService
 
                 // here create an http session
                 httpAuthenticator.authenticate( authDataSource, 
httpServletRequest.getSession( true ) );
-                return restUser;
+                return null;
             }
             if ( securitySession.getAuthenticationResult() != null
                 && 
securitySession.getAuthenticationResult().getAuthenticationFailureCauses() != 
null )
@@ -212,7 +212,7 @@ public class DefaultAuthenticationService
         }
         catch ( MustChangePasswordException e )
         {
-            return buildRestUser( e.getUser() );
+            return null;
         }
         catch ( UserManagerException e )
         {
@@ -225,6 +225,12 @@ public class DefaultAuthenticationService
     }
 
     @Override
+    public Token renewToken( ) throws RedbackServiceException
+    {
+        return null;
+    }
+
+    @Override
     public User isLogged()
         throws RedbackServiceException
     {
diff --git 
a/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/v2/AuthenticationServiceTest.java
 
b/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/v2/AuthenticationServiceTest.java
index cf7f5a2..b494e59 100644
--- 
a/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/v2/AuthenticationServiceTest.java
+++ 
b/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/v2/AuthenticationServiceTest.java
@@ -20,6 +20,7 @@ package org.apache.archiva.redback.rest.services.v2;
 
 import 
org.apache.archiva.redback.integration.security.role.RedbackRoleConstants;
 import org.apache.archiva.redback.rest.api.model.LoginRequest;
+import org.apache.archiva.redback.rest.api.model.Token;
 import org.apache.archiva.redback.rest.api.model.User;
 import org.apache.archiva.redback.rest.api.services.RedbackServiceException;
 import org.apache.archiva.redback.rest.api.services.UserService;
@@ -95,9 +96,9 @@ public class AuthenticationServiceTest
             userService.createUser( user );
             // END SNIPPET: create-user
             LoginRequest request = new LoginRequest( "toto", "foo123" );
-            User result = getLoginServiceV2( "" ).logIn( request );
-            assertNotNull( result );
-            assertEquals( "toto", result.getUsername( ) );
+            Token result = getLoginServiceV2( "" ).logIn( request );
+            // assertNotNull( result );
+            // assertEquals( "toto", result.getUsername( ) );
 
         }
         finally

[archiva-redback-core] branch master updated: Changing authentication REST service

Reply via email to