diff --git a/src/main/java/org/opendevstack/provision/authentication/crowd/CrowdAuthenticationAdapter.java b/src/main/java/org/opendevstack/provision/authentication/crowd/CrowdAuthenticationAdapter.java index 08a1876e..1d5ebedd 100644 --- a/src/main/java/org/opendevstack/provision/authentication/crowd/CrowdAuthenticationAdapter.java +++ b/src/main/java/org/opendevstack/provision/authentication/crowd/CrowdAuthenticationAdapter.java @@ -61,7 +61,7 @@ public String getUserName() { /** @see IODSAuthnzAdapter#getToken() */ public String getToken() { - return userPassword.getPassword(); + return userPassword.getToken(); } /** @see IODSAuthnzAdapter#getUserEmail() () */ diff --git a/src/main/java/org/opendevstack/provision/authentication/crowd/CrowdSecurityConfiguration.java b/src/main/java/org/opendevstack/provision/authentication/crowd/CrowdSecurityConfiguration.java index ace4a5e5..a9b011cd 100644 --- a/src/main/java/org/opendevstack/provision/authentication/crowd/CrowdSecurityConfiguration.java +++ b/src/main/java/org/opendevstack/provision/authentication/crowd/CrowdSecurityConfiguration.java @@ -14,6 +14,8 @@ package org.opendevstack.provision.authentication.crowd; +import com.atlassian.crowd.embedded.api.PasswordCredential; +import com.atlassian.crowd.exception.*; import com.atlassian.crowd.integration.http.CrowdHttpAuthenticator; import com.atlassian.crowd.integration.http.CrowdHttpAuthenticatorImpl; import com.atlassian.crowd.integration.http.util.CrowdHttpTokenHelper; @@ -25,6 +27,8 @@ import com.atlassian.crowd.integration.springsecurity.user.CrowdUserDetails; import com.atlassian.crowd.integration.springsecurity.user.CrowdUserDetailsService; import com.atlassian.crowd.integration.springsecurity.user.CrowdUserDetailsServiceImpl; +import com.atlassian.crowd.model.authentication.UserAuthenticationContext; +import com.atlassian.crowd.model.authentication.ValidationFactor; import com.atlassian.crowd.service.client.ClientProperties; import com.atlassian.crowd.service.client.ClientPropertiesImpl; import com.atlassian.crowd.service.client.CrowdClient; @@ -32,6 +36,7 @@ import java.io.IOException; import java.io.InputStream; import java.util.ArrayList; +import java.util.List; import java.util.Properties; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; @@ -39,6 +44,7 @@ import javax.servlet.http.HttpSessionListener; import org.jetbrains.annotations.NotNull; import org.opendevstack.provision.authentication.ProvAppHttpSessionListener; +import org.opendevstack.provision.authentication.SessionAwarePasswordHolder; import org.opendevstack.provision.authentication.filter.SSOAuthProcessingFilter; import org.opendevstack.provision.authentication.filter.SSOAuthProcessingFilterBasicAuthHandler; import org.opendevstack.provision.authentication.filter.SSOAuthProcessingFilterBasicAuthStrategy; @@ -99,6 +105,8 @@ public class CrowdSecurityConfiguration extends WebSecurityConfigurerAdapter { @Autowired(required = false) private BasicAuthenticationEntryPoint basicAuthEntryPoint; + @Autowired private SessionAwarePasswordHolder userPassword; + @Override protected void configure(HttpSecurity http) throws Exception { @@ -351,6 +359,42 @@ public RemoteCrowdAuthenticationProvider crowdAuthenticationProvider() throws IO return new RemoteCrowdAuthenticationProvider( crowdClient(), httpAuthenticator(), crowdUserDetailsService()) { + /** + * Added suppport for store password to connect with Atlassian. + * + * @param username username of the remote user. + * @param password password of the remote user. + * @param validationFactors validation factors from the remote user. + * @return + * @throws InactiveAccountException + * @throws ExpiredCredentialException + * @throws ApplicationPermissionException + * @throws InvalidAuthenticationException + * @throws OperationFailedException + * @throws ApplicationAccessDeniedException + */ + @Override + protected String authenticate( + String username, String password, List validationFactors) + throws InactiveAccountException, ExpiredCredentialException, + ApplicationPermissionException, InvalidAuthenticationException, + OperationFailedException, ApplicationAccessDeniedException { + UserAuthenticationContext userAuthenticationContext = + new UserAuthenticationContext( + username, + PasswordCredential.unencrypted(password), + validationFactors.toArray(new ValidationFactor[validationFactors.size()]), + null); + String token = authenticationManager.authenticateSSOUser(userAuthenticationContext); + + // Store credentials info in + userPassword.setToken(token); + userPassword.setUsername(userAuthenticationContext.getName()); + userPassword.setPassword(userAuthenticationContext.getCredential().getCredential()); + + return token; + } + /** * Added support for Basic Authentication using WebAuthenticationDetails * diff --git a/src/main/java/org/opendevstack/provision/controller/DefaultController.java b/src/main/java/org/opendevstack/provision/controller/DefaultController.java index 88cbd79d..9d22351e 100644 --- a/src/main/java/org/opendevstack/provision/controller/DefaultController.java +++ b/src/main/java/org/opendevstack/provision/controller/DefaultController.java @@ -255,10 +255,7 @@ private boolean isAuthenticated() { return authentication.isAuthenticated(); } - manager.setUserName(authentication.getName()); - manager.setUserPassword(authentication.getCredentials().toString()); - - return (authentication.isAuthenticated() && manager.getUserPassword() != null); + return (authentication.isAuthenticated() && manager.getToken() != null); } return false; diff --git a/src/test/java/org/opendevstack/provision/controller/DefaultControllerTest.java b/src/test/java/org/opendevstack/provision/controller/DefaultControllerTest.java index 4a316339..54e3f445 100644 --- a/src/test/java/org/opendevstack/provision/controller/DefaultControllerTest.java +++ b/src/test/java/org/opendevstack/provision/controller/DefaultControllerTest.java @@ -85,7 +85,7 @@ public void homeWithoutAuth() throws Exception { @Test @WithMockUser(username = "test") public void homeWithAuth() throws Exception { - Mockito.when(crowdAuthenticationAdapter.getUserPassword()).thenReturn("logged_in"); + Mockito.when(crowdAuthenticationAdapter.getToken()).thenReturn("logged_in"); defaultController.setCustomAuthenticationManager(crowdAuthenticationAdapter); mockMvc .perform(get("/home")) @@ -96,7 +96,7 @@ public void homeWithAuth() throws Exception { @Test @WithMockUser(username = "test") public void provisionWithAuth() throws Exception { - Mockito.when(crowdAuthenticationAdapter.getUserPassword()).thenReturn("logged_in"); + Mockito.when(crowdAuthenticationAdapter.getToken()).thenReturn("logged_in"); Mockito.when(jobExecutionAdapter.getQuickstarterJobs()).thenReturn(new ArrayList<>()); defaultController.setJobExecutionAdapter(jobExecutionAdapter); defaultController.setCustomAuthenticationManager(crowdAuthenticationAdapter); @@ -136,7 +136,7 @@ public void history() throws Exception { @Test @WithMockUser(username = "test") public void historyWithAuth() throws Exception { - Mockito.when(crowdAuthenticationAdapter.getUserPassword()).thenReturn("logged_in"); + Mockito.when(crowdAuthenticationAdapter.getToken()).thenReturn("logged_in"); Mockito.when(storageAdapter.listProjectHistory()).thenReturn(new HashMap<>()); defaultController.setStorageAdapter(storageAdapter); defaultController.setCustomAuthenticationManager(crowdAuthenticationAdapter); @@ -151,7 +151,7 @@ public void logoutPage() throws Exception { @Test @WithMockUser(username = "test") public void aboutWithAuth() throws Exception { - Mockito.when(crowdAuthenticationAdapter.getUserPassword()).thenReturn("logged_in"); + Mockito.when(crowdAuthenticationAdapter.getToken()).thenReturn("logged_in"); Mockito.when(storageAdapter.listAboutChangesData()).thenReturn(new AboutChangesData()); defaultController.setStorageAdapter(storageAdapter); defaultController.setCustomAuthenticationManager(crowdAuthenticationAdapter);