Skip to content
Snippets Groups Projects

feat: Standardize configs

Merged feat: Standardize configs
zacharysabourin/eclipse-openvsx-api:zacharysabourin/main/26 into main
1 unresolved thread
Merged Zachary Sabourin requested to merge zacharysabourin/eclipse-openvsx-api:zacharysabourin/main/26 into main
1 unresolved thread
Compare
and
5 files
+ 17
33
Compare changes
  • Side-by-side
  • Inline
Files
5
src/main/java/org/eclipsefoundation/openvsx/request/OAuthFilter.java
+ 6
13
@@ -12,7 +12,6 @@
package org.eclipsefoundation.openvsx.request;
import java.io.IOException;
import java.util.List;
import java.util.Optional;
import javax.enterprise.inject.Instance;
@@ -21,7 +20,7 @@ import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.ext.Provider;
import org.eclipse.microprofile.config.inject.ConfigProperty;
import org.eclipsefoundation.core.config.OAuth2SecurityConfig;
import org.eclipsefoundation.core.exception.FinalForbiddenException;
import org.eclipsefoundation.efservices.api.models.DrupalOAuthData;
import org.eclipsefoundation.efservices.api.models.EfUser;
@@ -38,14 +37,8 @@ import org.slf4j.LoggerFactory;
public class OAuthFilter implements ContainerRequestFilter {
private static final Logger LOGGER = LoggerFactory.getLogger(OAuthFilter.class);
@ConfigProperty(name = "eclipse.openvsx.oauth2.scopes", defaultValue = "openvsx_publisher_agreement")
Instance<List<String>> validScopes;
@ConfigProperty(name = "eclipse.openvsx.oauth2.clients")
Instance<List<String>> validClientIds;
@ConfigProperty(name = "eclipse.openvsx.oauth2.filter.enabled", defaultValue = "false")
Instance<Boolean> isEnabled;
@Inject
Instance<OAuth2SecurityConfig> config;
@Inject
DrupalOAuthService oauthService;
@@ -54,14 +47,14 @@ public class OAuthFilter implements ContainerRequestFilter {
@Override
public void filter(ContainerRequestContext requestContext) throws IOException {
if (Boolean.TRUE.equals(isEnabled.get())) {
if (Boolean.TRUE.equals(config.get().filter().enabled())) {
// Strip token from Auth header
String token = DrupalAuthHelper
.stripBearerToken(requestContext.getHeaderString(HttpHeaderNames.AUTHORIZATION));
DrupalOAuthData tokenStatus = oauthService.validateTokenStatus(token, validScopes.get(),
validClientIds.get());
DrupalOAuthData tokenStatus = oauthService.validateTokenStatus(token, config.get().filter().validScopes(),
config.get().filter().validClientIds());
// The incoming token must have a user associated with it.
if (tokenStatus == null || tokenStatus.getUserId() == null) {

Copyright © Eclipse Foundation, Inc. All Rights Reserved.     Privacy Policy | Terms of Use | Copyright Agent