Skip to content
Snippets Groups Projects

feat: Phase 1 of the openvsx publisher agreement migration from Drupal

5 unresolved threads

Related to #3 (closed)

Merge request reports

Loading
Loading

Activity

Filter activity
  • Approvals
  • Assignees & reviewers
  • Comments (from bots)
  • Comments (from users)
  • Commits & branches
  • Edits
  • Labels
  • Lock status
  • Mentions
  • Merge request status
  • Tracking
34 /**
35 * Validates whether the token scopes and valid scopes are the same.
36 *
37 * @param tokenScope The space-separated token scopes.
38 * @param validScopes The list of valid scopes.
39 * @return Returns false if any token scopes are not in the list of valid
40 * scopes. True if all match.
41 */
42 public static boolean hasScopes(String tokenScope, List<String> validScopes) {
43
44 List<String> tokenScopes = Arrays.asList(tokenScope.split(" "));
45
46 Collections.sort(tokenScopes);
47 Collections.sort(validScopes);
48
49 return tokenScopes.equals(validScopes);
  • 40 Instance<List<String>> validClientIds;
    41
    42 @ConfigProperty(name = "eclipse.openvsx.oauth-filter.enabled", defaultValue = "false")
    43 Instance<Boolean> isEnabled;
    44
    45 @Inject
    46 DrupalOAuthService oauthService;
    47
    48 @Override
    49 public void filter(ContainerRequestContext requestContext) throws IOException {
    50 if (Boolean.TRUE.equals(isEnabled.get())) {
    51 String token = stripBearerToken(requestContext.getHeaderString(AUTH_HEADER));
    52 DrupalOAuthData tokenStatus = oauthService.validateTokenStatus(token, validScopes.get(),
    53 validClientIds.get());
    54 if (tokenStatus != null && tokenStatus.getUserId() != null) {
    55 requestContext.setProperty("tokenStatus", tokenStatus);
  • 32 @Inject
    33 @RestClient
    34 DrupalOAuthAPI oauthAPI;
    35
    36 @Override
    37 public DrupalOAuthData validateTokenStatus(String token, List<String> validScopes, List<String> validClientIds) {
    38 try {
    39 LOGGER.debug("Validating token: {}", token);
    40
    41 DrupalOAuthData tokenData = oauthAPI.getTokenInfo(token);
    42
    43 if (DrupalAuthHelper.isExpired(tokenData.getExpires())) {
    44 throw new FinalForbiddenException("This token is expired");
    45 }
    46 if (!DrupalAuthHelper.hasScopes(tokenData.getScope(), validScopes)) {
    47 throw new FinalForbiddenException("This token has invalid scope(s)");
  • 154 86 <dependency>
    155 87 <groupId>io.quarkus</groupId>
    156 <artifactId>quarkus-jdbc-h2</artifactId>
    157 <scope>test</scope>
    158 </dependency>
    159 <dependency>
    160 <groupId>com.h2database</groupId>
    161 <artifactId>h2</artifactId>
    88 <artifactId>quarkus-junit5</artifactId>
    162 89 <scope>test</scope>
    163 90 </dependency>
    164 <!-- Flyway specific dependencies, used to setup tables in test -->
    165 91 <dependency>
    166 <groupId>io.quarkus</groupId>
    167 <artifactId>quarkus-flyway</artifactId>
    92 <groupId>com.fasterxml.jackson.core</groupId>
    • Jackson core should be included by the quarkus-resteasy-jackson, so you should not be adding it here

      [INFO] org.eclipsefoundation:eclipsefdn-working-group-api:jar:1.0.0-SNAPSHOT
      [INFO] +- org.eclipsefoundation:quarkus-core:jar:0.6.10:compile
      [INFO] |  +- io.quarkus:quarkus-resteasy-jackson:jar:2.11.2.Final:compile
      [INFO] |  |  +- io.quarkus:quarkus-jackson:jar:2.11.2.Final:compile
      [INFO] |  |  |  +- com.fasterxml.jackson.core:jackson-databind:jar:2.13.3:compile
      [INFO] |  |  |  +- com.fasterxml.jackson.datatype:jackson-datatype-jsr310:jar:2.13.3:compile
      [INFO] |  |  |  +- com.fasterxml.jackson.datatype:jackson-datatype-jdk8:jar:2.13.3:compile
      [INFO] |  |  |  \- com.fasterxml.jackson.module:jackson-module-parameter-names:jar:2.13.3:compile
      [INFO] |  |  +- org.jboss.resteasy:resteasy-jackson2-provider:jar:4.7.5.Final:compile
      [INFO] |  |  |  +- com.fasterxml.jackson.core:jackson-core:jar:2.13.3:compile
    • Zachary Sabourin changed this line in version 11 of the diff

      changed this line in version 11 of the diff

    • Please register or sign in to reply
  • 19 import javax.ws.rs.container.ContainerRequestContext;
    20 import javax.ws.rs.container.ContainerRequestFilter;
    21 import javax.ws.rs.ext.Provider;
    22
    23 import org.eclipse.microprofile.config.inject.ConfigProperty;
    24 import org.eclipsefoundation.core.exception.FinalForbiddenException;
    25 import org.eclipsefoundation.openvsx.api.models.DrupalOAuthData;
    26 import org.eclipsefoundation.openvsx.services.DrupalOAuthService;
    27 import org.slf4j.Logger;
    28 import org.slf4j.LoggerFactory;
    29
    30 @Provider
    31 public class OAuthFilter implements ContainerRequestFilter {
    32 private static final Logger LOGGER = LoggerFactory.getLogger(OAuthFilter.class);
    33
    34 private static final String AUTH_HEADER = "Authorization";
  • An additional note, the comments are incredibly bare in service and resource classes, both inline and block comments. We should do our best to thoroughly comment for both maintainability and in case we ever get someone from outside Java trying to figure out our code.

  • added 1 commit

    • 1e0be070 - feat: Address feedback + add docs

    Compare with previous version

  • Martin Lowe approved this merge request

    approved this merge request

  • Martin Lowe mentioned in commit f50bf8b0

    mentioned in commit f50bf8b0

  • merged

  • Please register or sign in to reply
    Loading