Merge branch 'zacharysabourin/main/26' into 'main'

feat: Standardize configs

See merge request !13

pom.xml

@@ -17,7 +17,7 @@
     <quarkus.platform.version>2.16.7.Final</quarkus.platform.version>
     <surefire-plugin.version>3.0.0-M5</surefire-plugin.version>
     <auto-value.version>1.8.2</auto-value.version>
-    <eclipse-api-version>0.7.6</eclipse-api-version>
+    <eclipse-api-version>0.7.7</eclipse-api-version>
     <fdndb-api-version>1.0.3</fdndb-api-version>
     <sonar.sources>src/main</sonar.sources>
     <sonar.tests>src/test</sonar.tests>

src/main/java/org/eclipsefoundation/openvsx/request/OAuthFilter.java

@@ -12,7 +12,6 @@
 package org.eclipsefoundation.openvsx.request;
 
 import java.io.IOException;
-import java.util.List;
 import java.util.Optional;
 
 import javax.enterprise.inject.Instance;
@@ -21,7 +20,7 @@ import javax.ws.rs.container.ContainerRequestContext;
 import javax.ws.rs.container.ContainerRequestFilter;
 import javax.ws.rs.ext.Provider;
 
-import org.eclipse.microprofile.config.inject.ConfigProperty;
+import org.eclipsefoundation.core.config.OAuth2SecurityConfig;
 import org.eclipsefoundation.core.exception.FinalForbiddenException;
 import org.eclipsefoundation.efservices.api.models.DrupalOAuthData;
 import org.eclipsefoundation.efservices.api.models.EfUser;
@@ -38,14 +37,8 @@ import org.slf4j.LoggerFactory;
 public class OAuthFilter implements ContainerRequestFilter {
     private static final Logger LOGGER = LoggerFactory.getLogger(OAuthFilter.class);
 
-    @ConfigProperty(name = "eclipse.openvsx.oauth2.scopes", defaultValue = "openvsx_publisher_agreement")
-    Instance<List<String>> validScopes;
-
-    @ConfigProperty(name = "eclipse.openvsx.oauth2.clients")
-    Instance<List<String>> validClientIds;
-
-    @ConfigProperty(name = "eclipse.openvsx.oauth2.filter.enabled", defaultValue = "false")
-    Instance<Boolean> isEnabled;
+    @Inject
+    Instance<OAuth2SecurityConfig> config;
 
     @Inject
     DrupalOAuthService oauthService;
@@ -54,14 +47,14 @@ public class OAuthFilter implements ContainerRequestFilter {
 
     @Override
     public void filter(ContainerRequestContext requestContext) throws IOException {
-        if (Boolean.TRUE.equals(isEnabled.get())) {
+        if (Boolean.TRUE.equals(config.get().filter().enabled())) {
 
             // Strip token from Auth header
             String token = DrupalAuthHelper
                     .stripBearerToken(requestContext.getHeaderString(HttpHeaderNames.AUTHORIZATION));
 
-            DrupalOAuthData tokenStatus = oauthService.validateTokenStatus(token, validScopes.get(),
-                    validClientIds.get());
+            DrupalOAuthData tokenStatus = oauthService.validateTokenStatus(token, config.get().filter().validScopes(),
+                    config.get().filter().validClientIds());
 
             // The incoming token must have a user associated with it.
             if (tokenStatus == null || tokenStatus.getUserId() == null) {

src/main/resources/application.properties

 quarkus.http.root-path=/openvsx
-
-fdndb-api/mp-rest/url=http://foundationdb:8095
-%dev.fdndb-api/mp-rest/url=http://localhost:10112
+quarkus.log.level=INFO
 
 quarkus.oidc.enabled=false
 
-eclipse.openvsx.oauth2.filter.enabled=true
+fdndb-api/mp-rest/url=http://foundationdb:8095
+%dev.fdndb-api/mp-rest/url=http://localhost:10112
 
-quarkus.log.level=INFO
\ No newline at end of file
+eclipse.security.oauth2.filter.enabled=true

src/test/java/org/eclipsefoundation/openvsx/resources/PublisherAgreementResourceTest.java

@@ -167,14 +167,6 @@ class PublisherAgreementResourceTest {
         RestAssuredTemplates.testPost_validateResponseFormat(POST_CURRENT_CONFLICT, generateSigningSample("fakeuser"));
     }
 
-    @Test
-    void testPost_currentUser_failure_invalidRequestFormat() {
-        RestAssuredTemplates.testPost(
-                TestCaseHelper.prepareTestCase(BASE_URL, new String[] {}, null).setHeaderParams(userCreds)
-                        .setRequestContentType(ContentType.TEXT).setStatusCode(500).build(),
-                generateSigningSample("fakeuser"));
-    }
-
     @Test
     void testPost_currentUser_failure_invalidHandle() {
         RestAssuredTemplates.testPost(POST_CURRENT_INVALID_HANDLE, generateSigningSample("otheruser"));

src/test/resources/application.properties

@@ -4,16 +4,16 @@ quarkus.oidc.enabled=false
 quarkus.keycloak.devservices.enabled=false
 quarkus.oidc-client.enabled=false
 
-eclipse.openvsx.oauth2.clients=test-id
-eclipse.openvsx.oauth2.scopes=read,write,admin
-eclipse.openvsx.oauth2.filter.enabled=true
+eclipse.security.oauth2.filter.valid-client-ids=test-id
+eclipse.security.oauth2.filter.valid-scopes=read,write,admin
+eclipse.security.oauth2.filter.enabled=true
 
 eclipse.openvsx.publisher-agreement.doc-id=sampleId
 eclipse.openvsx.publisher-agreement.doc-version=1
 eclipse.openvsx.publisher-agreement.admin-users=admin@email.com
 
-oauth2.client-secret=sample
-oauth2.client-id=sample
-oauth2.scope=sample
+eclipse.security.oauth2.token-generation.client-secret=sample
+eclipse.security.oauth2.token-generation.client-id=sample
+eclipse.security.oauth2.token-generation.scope=sample
 
 quarkus.jacoco.includes=**/openvsx/**/*
\ No newline at end of file