chibenwa commented on a change in pull request #781:
URL: https://github.com/apache/james-project/pull/781#discussion_r763103654
##########
File path: src/site/xdoc/server/config-jmap.xml
##########
@@ -84,6 +84,16 @@
<dd>Governs whether authenticated users that do not exist
locally should be created in the users repository.
</dd>
+ <dt><strong>authentication.strategy.draft</strong></dt>
+ <dd>Optional List[String]. Defaults to null.</dd>
+ <dd>Specify which authentication strategies system admin
want to use for JMAP draft server.
+ If non is specified, JMAP draft server will fallback to
default strategies.</dd>
+
+ <dt><strong>authentication.strategy.rfc8621</strong></dt>
+ <dd>Optional List[String]. Defaults to null.</dd>
Review comment:
-> 1. You need to specify the delimiter. Is it `,` ?
-> 2. Null is not really informative but rather an implementation detail
(BTW we use optionals not even null)! What authentication strategies are
applied when I do not specify this property? Would it be more informative to an
admin?
##########
File path: src/site/xdoc/server/config-jmap.xml
##########
@@ -84,6 +84,16 @@
<dd>Governs whether authenticated users that do not exist
locally should be created in the users repository.
</dd>
+ <dt><strong>authentication.strategy.draft</strong></dt>
+ <dd>Optional List[String]. Defaults to null.</dd>
+ <dd>Specify which authentication strategies system admin
want to use for JMAP draft server.
+ If non is specified, JMAP draft server will fallback to
default strategies.</dd>
Review comment:
```suggestion
If non is specified, JMAP draft server will fallback to
default strategies.</dd>
```
Which are???
##########
File path:
server/container/guice/protocols/jmap/src/main/java/org/apache/james/jmap/rfc8621/RFC8621MethodsModule.java
##########
@@ -172,13 +178,34 @@ JMAPRoutesHandler routesHandler(Set<JMAPRoutes> routes) {
@Singleton
@Named(InjectionKeys.RFC_8621)
Authenticator provideAuthenticator(MetricFactory metricFactory,
- Set<AuthenticationStrategy>
authenticationStrategies) {
+
@Named("jmapRFC8621AuthenticationStrategies") Set<AuthenticationStrategy>
authenticationStrategies) {
return Authenticator.of(
metricFactory,
authenticationStrategies);
}
+ @Provides
+ @Singleton
+ @Named("jmapRFC8621AuthenticationStrategies")
+ public Set<AuthenticationStrategy>
provideAuthenticationStrategies(GuiceGenericLoader loader,
+
JmapRfc8621Configuration configuration,
+
JWTAuthenticationStrategy jwtAuthenticationStrategy,
+
BasicAuthenticationStrategy basicAuthenticationStrategy) {
Review comment:
Please do not enforce the instanciation of authentication that are not
strictly required. THis makes the startup slower than needed.
```suggestion
public Set<AuthenticationStrategy>
provideAuthenticationStrategies(GuiceGenericLoader loader,
JmapRfc8621Configuration configuration) {
```
##########
File path:
server/protocols/jmap-draft-integration-testing/jmap-draft-integration-testing-common/src/test/java/org/apache/james/jmap/ModularizeJmapDraftAuthenticationStrategyTest.java
##########
@@ -0,0 +1,83 @@
+/****************************************************************
+ * Licensed to the Apache Software Foundation (ASF) under one *
+ * or more contributor license agreements. See the NOTICE file *
+ * distributed with this work for additional information *
+ * regarding copyright ownership. The ASF licenses this file *
+ * to you under the Apache License, Version 2.0 (the *
+ * "License"); you may not use this file except in compliance *
+ * with the License. You may obtain a copy of the License at *
+ * *
+ * http://www.apache.org/licenses/LICENSE-2.0 *
+ * *
+ * Unless required by applicable law or agreed to in writing, *
+ * software distributed under the License is distributed on an *
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY *
+ * KIND, either express or implied. See the License for the *
+ * specific language governing permissions and limitations *
+ * under the License. *
+ ****************************************************************/
+
+package org.apache.james.jmap;
+
+import static io.restassured.RestAssured.given;
+import static
org.apache.james.jmap.JMAPTestingConstants.jmapRequestSpecBuilder;
+
+import java.io.IOException;
+
+import org.apache.james.GuiceJamesServer;
+import org.apache.james.core.Username;
+import org.apache.james.jmap.draft.JmapGuiceProbe;
+import org.apache.james.mailbox.MailboxManager;
+import org.apache.james.utils.DataProbeImpl;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Test;
+
+import io.restassured.RestAssured;
+import io.restassured.http.ContentType;
+
+public abstract class ModularizeJmapDraftAuthenticationStrategyTest {
+ private static Username BOB = Username.of("[email protected]");
+ private MailboxManager mailboxManager;
+ private CustomAuthenticationStrategy allow;
+ private CustomAuthenticationStrategy deny;
+
+ protected abstract GuiceJamesServer
createJmapServer(CustomAuthenticationStrategy authenticationStrategy) throws
IOException;
+
+ private GuiceJamesServer jmapServer;
+
+ @Before
+ public void setup() throws Throwable {
+ // TODO instantiate mailboxManager
+ allow = new CustomAuthenticationStrategy(mailboxManager, BOB, true);
+ deny = new CustomAuthenticationStrategy(mailboxManager, BOB, false);
Review comment:
Use @Injects and FQDNs instead.
##########
File path:
server/container/guice/protocols/jmap/src/main/java/org/apache/james/jmap/rfc8621/RFC8621MethodsModule.java
##########
@@ -172,13 +178,34 @@ JMAPRoutesHandler routesHandler(Set<JMAPRoutes> routes) {
@Singleton
@Named(InjectionKeys.RFC_8621)
Authenticator provideAuthenticator(MetricFactory metricFactory,
- Set<AuthenticationStrategy>
authenticationStrategies) {
+
@Named("jmapRFC8621AuthenticationStrategies") Set<AuthenticationStrategy>
authenticationStrategies) {
return Authenticator.of(
metricFactory,
authenticationStrategies);
}
+ @Provides
+ @Singleton
+ @Named("jmapRFC8621AuthenticationStrategies")
+ public Set<AuthenticationStrategy>
provideAuthenticationStrategies(GuiceGenericLoader loader,
+
JmapRfc8621Configuration configuration,
+
JWTAuthenticationStrategy jwtAuthenticationStrategy,
+
BasicAuthenticationStrategy basicAuthenticationStrategy) {
+ Set<AuthenticationStrategy> specifiedStrategies =
configuration.getAuthenticationStrategiesAsJava()
+ .stream()
+ .flatMap(Collection::stream)
+ .map(ClassName::new)
+
.map(Throwing.function(loader.<AuthenticationStrategy>withNamingSheme(NamingScheme.IDENTITY)::instantiate))
+ .collect(ImmutableSet.toImmutableSet());
+
+ if (specifiedStrategies.isEmpty()) {
+ return ImmutableSet.of(basicAuthenticationStrategy,
jwtAuthenticationStrategy);
+ } else {
+ return specifiedStrategies;
+ }
Review comment:
We have an Optional. Why do we need a `IF`?
```
return configuration.getAuthenticationStrategiesAsJava()
.orElse(DEFAULT_AUTH_STRATEGIES_CLASS_NAMES)
.stream()
.map(ClassName::new)
.map(Throwing.function(loader.<AuthenticationStrategy>withNamingSheme(NamingScheme.IDENTITY)::instantiate))
.collect(ImmutableSet.toImmutableSet());
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
