[
https://issues.apache.org/jira/browse/CAMEL-12602?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16525961#comment-16525961
]
ASF GitHub Bot commented on CAMEL-12602:
----------------------------------------
oscerd closed pull request #2397: CAMEL-12602: Fixing issue with basic
authentication
URL: https://github.com/apache/camel/pull/2397
This is a PR merged from a forked repository.
As GitHub hides the original diff on merge, it is displayed below for
the sake of provenance:
As this is a foreign pull request (from a fork), the diff is supplied
below (as it won't show otherwise due to GitHub magic):
diff --git a/components/camel-wordpress/src/main/docs/wordpress-component.adoc
b/components/camel-wordpress/src/main/docs/wordpress-component.adoc
index 54fb3183118..0c1e575a2b2 100644
--- a/components/camel-wordpress/src/main/docs/wordpress-component.adoc
+++ b/components/camel-wordpress/src/main/docs/wordpress-component.adoc
@@ -77,7 +77,7 @@ The `WordpressConfiguration` class can be used to set initial
properties configu
----
public void configure() {
final WordpressConfiguration configuration = new WordpressConfiguration();
- final WordpressComponent component = new WordpressComponent();
+ final WordpressComponentConfiguration component = new
WordpressComponentConfiguration();
configuration.setApiVersion("2");
configuration.setUrl("http://yoursite.com/wp-json/";);
component.setConfiguration(configuration);
diff --git
a/components/camel-wordpress/src/main/java/org/apache/camel/component/wordpress/api/WordpressServiceProvider.java
b/components/camel-wordpress/src/main/java/org/apache/camel/component/wordpress/api/WordpressServiceProvider.java
index 4954623cb34..98c827c9e17 100644
---
a/components/camel-wordpress/src/main/java/org/apache/camel/component/wordpress/api/WordpressServiceProvider.java
+++
b/components/camel-wordpress/src/main/java/org/apache/camel/component/wordpress/api/WordpressServiceProvider.java
@@ -71,6 +71,7 @@ public void init(WordpressAPIConfiguration config) {
this.services = new HashMap<>();
this.services.put(WordpressServicePosts.class, servicePosts);
this.services.put(WordpressServiceUsers.class, serviceUsers);
+ this.configuration = config;
LOGGER.info("Wordpress Service Provider initialized using base URL:
{}, API Version {}", config.getApiUrl(), config.getApiVersion());
}
diff --git
a/components/camel-wordpress/src/main/java/org/apache/camel/component/wordpress/api/auth/WordpressBasicAuthentication.java
b/components/camel-wordpress/src/main/java/org/apache/camel/component/wordpress/api/auth/WordpressBasicAuthentication.java
index 6f63c48be59..78b92aa8090 100644
---
a/components/camel-wordpress/src/main/java/org/apache/camel/component/wordpress/api/auth/WordpressBasicAuthentication.java
+++
b/components/camel-wordpress/src/main/java/org/apache/camel/component/wordpress/api/auth/WordpressBasicAuthentication.java
@@ -19,6 +19,8 @@
import org.apache.cxf.common.util.Base64Utility;
import org.apache.cxf.jaxrs.client.ClientConfiguration;
import org.apache.cxf.jaxrs.client.WebClient;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
/**
* Basic Authentication implementation for Wordpress authentication mechanism.
Should be used only on tested environments due to lack of security. Be aware
that credentials will be passed over each
@@ -30,6 +32,8 @@
*/
public class WordpressBasicAuthentication extends BaseWordpressAuthentication {
+ private static final Logger LOGGER =
LoggerFactory.getLogger(BaseWordpressAuthentication.class);
+
public WordpressBasicAuthentication() {
}
@@ -45,8 +49,11 @@ public WordpressBasicAuthentication(String username, String
password) {
@Override
public void configureAuthentication(Object api) {
if (isCredentialsSet()) {
- final String authorizationHeader = String.format("Basic ",
Base64Utility.encode(String.format("%s:%s", this.username,
this.password).getBytes()));
+ final String authorizationHeader = String.format("Basic %s",
Base64Utility.encode(String.format("%s:%s", this.username,
this.password).getBytes()));
+ LOGGER.info("Credentials set for user {}", username);
WebClient.client(api).header("Authorization", authorizationHeader);
+ } else {
+ LOGGER.warn("Credentials not set because username or password are
empty.");
}
}
diff --git
a/components/camel-wordpress/src/main/java/org/apache/camel/component/wordpress/api/service/impl/AbstractWordpressServiceAdapter.java
b/components/camel-wordpress/src/main/java/org/apache/camel/component/wordpress/api/service/impl/AbstractWordpressServiceAdapter.java
index 59037e807b5..5ba844f6b2c 100644
---
a/components/camel-wordpress/src/main/java/org/apache/camel/component/wordpress/api/service/impl/AbstractWordpressServiceAdapter.java
+++
b/components/camel-wordpress/src/main/java/org/apache/camel/component/wordpress/api/service/impl/AbstractWordpressServiceAdapter.java
@@ -57,10 +57,6 @@
WebClient.getConfig(spi).getInInterceptors().add(new
LoggingInInterceptor());
WebClient.getConfig(spi).getOutInterceptors().add(new
LoggingOutInterceptor());
- if (this.authentication != null) {
- this.authentication.configureAuthentication(spi);
- }
-
LOGGER.info("******* {} API initialized *********",
spi.getClass().getSimpleName());
}
@@ -77,5 +73,8 @@ protected final String getApiVersion() {
@Override
public final void setWordpressAuthentication(WordpressAuthentication
authentication) {
this.authentication = authentication;
+ if (this.authentication != null) {
+ this.authentication.configureAuthentication(spi);
+ }
}
}
diff --git
a/components/camel-wordpress/src/test/java/org/apache/camel/component/wordpress/api/service/impl/WordpressServicePostsAdapterTest.java
b/components/camel-wordpress/src/test/java/org/apache/camel/component/wordpress/api/service/impl/WordpressServicePostsAdapterTest.java
index 9adfd6a06ff..ca49e6eb18b 100644
---
a/components/camel-wordpress/src/test/java/org/apache/camel/component/wordpress/api/service/impl/WordpressServicePostsAdapterTest.java
+++
b/components/camel-wordpress/src/test/java/org/apache/camel/component/wordpress/api/service/impl/WordpressServicePostsAdapterTest.java
@@ -17,12 +17,14 @@
package org.apache.camel.component.wordpress.api.service.impl;
import java.util.List;
+import
org.apache.camel.component.wordpress.api.auth.WordpressBasicAuthentication;
import org.apache.camel.component.wordpress.api.model.Content;
import org.apache.camel.component.wordpress.api.model.Format;
import org.apache.camel.component.wordpress.api.model.Post;
import org.apache.camel.component.wordpress.api.model.PostSearchCriteria;
import org.apache.camel.component.wordpress.api.service.WordpressServicePosts;
import
org.apache.camel.component.wordpress.api.test.WordpressMockServerTestSupport;
+import
org.apache.camel.component.wordpress.api.test.WordpressServerHttpRequestHandler;
import org.junit.BeforeClass;
import org.junit.Test;
import static org.hamcrest.CoreMatchers.is;
@@ -39,6 +41,7 @@
@BeforeClass
public static void before() {
servicePosts = serviceProvider.getService(WordpressServicePosts.class);
+ servicePosts.setWordpressAuthentication(new
WordpressBasicAuthentication(WordpressServerHttpRequestHandler.USERNAME,
WordpressServerHttpRequestHandler.PASSWORD));
}
@Test
diff --git
a/components/camel-wordpress/src/test/java/org/apache/camel/component/wordpress/api/service/impl/ignored/WordpressServiceUsersAdapterTest.java
b/components/camel-wordpress/src/test/java/org/apache/camel/component/wordpress/api/service/impl/WordpressServiceUsersAdapterTest.java
similarity index 87%
rename from
components/camel-wordpress/src/test/java/org/apache/camel/component/wordpress/api/service/impl/ignored/WordpressServiceUsersAdapterTest.java
rename to
components/camel-wordpress/src/test/java/org/apache/camel/component/wordpress/api/service/impl/WordpressServiceUsersAdapterTest.java
index c4ba5a5610b..c9c69c19597 100644
---
a/components/camel-wordpress/src/test/java/org/apache/camel/component/wordpress/api/service/impl/ignored/WordpressServiceUsersAdapterTest.java
+++
b/components/camel-wordpress/src/test/java/org/apache/camel/component/wordpress/api/service/impl/WordpressServiceUsersAdapterTest.java
@@ -14,13 +14,15 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-package org.apache.camel.component.wordpress.api.service.impl.ignored;
+package org.apache.camel.component.wordpress.api.service.impl;
import java.util.List;
+import
org.apache.camel.component.wordpress.api.auth.WordpressBasicAuthentication;
import org.apache.camel.component.wordpress.api.model.User;
import org.apache.camel.component.wordpress.api.model.UserSearchCriteria;
import org.apache.camel.component.wordpress.api.service.WordpressServiceUsers;
import
org.apache.camel.component.wordpress.api.test.WordpressMockServerTestSupport;
+import
org.apache.camel.component.wordpress.api.test.WordpressServerHttpRequestHandler;
import org.junit.BeforeClass;
import org.junit.Test;
import static org.hamcrest.CoreMatchers.is;
@@ -37,6 +39,7 @@
@BeforeClass
public static void before() {
serviceUsers = serviceProvider.getService(WordpressServiceUsers.class);
+ serviceUsers.setWordpressAuthentication(new
WordpressBasicAuthentication(WordpressServerHttpRequestHandler.USERNAME,
WordpressServerHttpRequestHandler.PASSWORD));
}
@Test
diff --git
a/components/camel-wordpress/src/test/java/org/apache/camel/component/wordpress/api/test/WordpressServerHttpRequestHandler.java
b/components/camel-wordpress/src/test/java/org/apache/camel/component/wordpress/api/test/WordpressServerHttpRequestHandler.java
index 4d5482b2c83..d68c693ac62 100644
---
a/components/camel-wordpress/src/test/java/org/apache/camel/component/wordpress/api/test/WordpressServerHttpRequestHandler.java
+++
b/components/camel-wordpress/src/test/java/org/apache/camel/component/wordpress/api/test/WordpressServerHttpRequestHandler.java
@@ -17,9 +17,12 @@
package org.apache.camel.component.wordpress.api.test;
import java.io.IOException;
+import java.nio.charset.Charset;
+import java.util.Base64;
import java.util.Collections;
import java.util.Map;
import org.apache.cxf.helpers.IOUtils;
+import org.apache.http.Header;
import org.apache.http.HttpException;
import org.apache.http.HttpRequest;
import org.apache.http.HttpResponse;
@@ -33,6 +36,9 @@
import org.slf4j.LoggerFactory;
public class WordpressServerHttpRequestHandler implements HttpRequestHandler {
+
+ public static final String USERNAME = "ben";
+ public static final String PASSWORD = "password123";
private static final Logger LOGGER =
LoggerFactory.getLogger(WordpressServerHttpRequestHandler.class);
@@ -50,6 +56,12 @@ public WordpressServerHttpRequestHandler(Map<String, String>
mockResourceJsonRes
public void handle(HttpRequest request, HttpResponse response, HttpContext
context) throws HttpException, IOException {
LOGGER.debug("received request {}", request);
final HttpRequestWrapper requestWrapper =
HttpRequestWrapper.wrap(request);
+ // make sure that our writing operations have authentication header
+ if (!authenticate(requestWrapper)) {
+ response.setStatusCode(HttpStatus.SC_FORBIDDEN);
+ response.setEntity(new StringEntity("Forbidden",
ContentType.TEXT_PLAIN));
+ return;
+ }
final String responseBody =
IOUtils.toString(this.getClass().getResourceAsStream(mockResourceJsonResponse.get(requestWrapper.getMethod())));
if (responseBody == null) {
LOGGER.warn("Resource not found on {}. Response body null.",
mockResourceJsonResponse);
@@ -58,4 +70,19 @@ public void handle(HttpRequest request, HttpResponse
response, HttpContext conte
response.setEntity(new StringEntity(responseBody,
ContentType.APPLICATION_JSON));
}
+ private boolean authenticate(HttpRequestWrapper request) {
+ // read operations don't need to authenticate
+ if (request.getMethod().contentEquals("GET")) {
+ return true;
+ }
+ for (Header authorizationHeader : request.getHeaders("Authorization"))
{
+ // Authorization: Basic base64credentials
+ String base64Credentials =
authorizationHeader.getValue().substring("Basic".length()).trim();
+ String credentials = new
String(Base64.getDecoder().decode(base64Credentials), Charset.forName("UTF-8"));
+ // credentials = username:password
+ final String[] values = credentials.split(":", 2);
+ return USERNAME.equals(values[0]) && PASSWORD.equals(values[1]);
+ }
+ return false;
+ }
}
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
> Camel Wordpress don't set basic authentication even if user and password are
> provided
> -------------------------------------------------------------------------------------
>
> Key: CAMEL-12602
> URL: https://issues.apache.org/jira/browse/CAMEL-12602
> Project: Camel
> Issue Type: Bug
> Components: camel-wordpress
> Affects Versions: 2.21.0
> Reporter: Ricardo Zanini
> Assignee: Andrea Cosentino
> Priority: Major
> Fix For: 2.22.0
>
> Original Estimate: 24h
> Remaining Estimate: 24h
>
> When setting user/password for Basic Authentication, the component misses
> adding the HTTP headers to perform the actual authentication.
> Users should see the following message in logs, even though the user/pass
> properties are set:
> {{2018-06-27 17:20:16 [main] WARN o.a.c.c.w.p.WordpressPostProducer -
> Wordpress Producer hasn't authentication. This may lead to errors during
> route execution. Wordpress writing operations need authentication.}}
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
