Merge branch...

Merge branch '100-download-von-ergebnissen-mit-guest-user-funktioniert-mit-geschutzten-usern-nicht-mehr' into 'development' Resolve "Download von Ergebnissen mit Guest User funktioniert mit geschützten Usern nicht mehr" See merge request sharing/codeability-sharing-platform!21

Merge branch...
Merge branch '100-download-von-ergebnissen-mit-guest-user-funktioniert-mit-geschutzten-usern-nicht-mehr' into 'development' Resolve "Download von Ergebnissen mit Guest User funktioniert mit geschützten Usern nicht mehr" See merge request sharing/codeability-sharing-platform!21
c362eb4d · Michael Breu · 95bbe69e · 4a370d60 · c362eb4d · c362eb4d
Commit c362eb4d authored 4 years ago by Michael Breu
--- a/.externalToolBuilders/mvnw clean generate-sources.launch
+++ b/.externalToolBuilders/mvnw clean generate-sources.launch
@@ -2,8 +2,9 @@
 <launchConfiguration type="org.eclipse.ui.externaltools.ProgramBuilderLaunchConfigurationType">
    <stringAttribute key="org.eclipse.debug.core.ATTR_REFRESH_SCOPE" value="${working_set:&lt;?xml version=&quot;1.0&quot; encoding=&quot;UTF-8&quot;?&gt;&#13;&#10;&lt;resources&gt;&#13;&#10;&lt;item path=&quot;/gitsearch/target/generated-sources&quot; type=&quot;2&quot;/&gt;&#13;&#10;&lt;item path=&quot;/gitsearch/target/generated-test-sources&quot; type=&quot;2&quot;/&gt;&#13;&#10;&lt;/resources&gt;}"/>
    <booleanAttribute key="org.eclipse.debug.ui.ATTR_LAUNCH_IN_BACKGROUND" value="false"/>
+    <booleanAttribute key="org.eclipse.ui.externaltools.ATTR_BUILDER_ENABLED" value="false"/>
    <stringAttribute key="org.eclipse.ui.externaltools.ATTR_LOCATION" value="${workspace_loc:/gitsearch/mvnw.cmd}"/>
-    <stringAttribute key="org.eclipse.ui.externaltools.ATTR_RUN_BUILD_KINDS" value="full,incremental,"/>
+    <stringAttribute key="org.eclipse.ui.externaltools.ATTR_RUN_BUILD_KINDS" value="incremental,"/>
    <stringAttribute key="org.eclipse.ui.externaltools.ATTR_TOOL_ARGUMENTS" value="generate-sources"/>
    <booleanAttribute key="org.eclipse.ui.externaltools.ATTR_TRIGGERS_CONFIGURED" value="true"/>
    <stringAttribute key="org.eclipse.ui.externaltools.ATTR_WORKING_DIRECTORY" value="${workspace_loc:/gitsearch}"/>

--- a/.project
+++ b/.project
@@ -13,6 +13,10 @@
 					<key>LaunchConfigHandle</key>
 					<value>&lt;project&gt;/.externalToolBuilders/mvnw clean generate-sources.launch</value>
 				</dictionary>
+				<dictionary>
+					<key>incclean</key>
+					<value>true</value>
+				</dictionary>
 			</arguments>
 		</buildCommand>
 		<buildCommand>

--- a/pom.xml
+++ b/pom.xml
@@ -5,7 +5,7 @@

    <groupId>at.ac.uibk.gitsearch</groupId>
    <artifactId>gitsearch</artifactId>
-    <version>0.1.0-SNAPSHOT</version>
+    <version>1.0.0</version>
    <packaging>jar</packaging>
    <name>Gitsearch</name>


--- a/src/main/docker/gitsearch.yml
+++ b/src/main/docker/gitsearch.yml
@@ -9,7 +9,7 @@ services:
      - SPRING_PROFILES_ACTIVE=staging,swagger
      - MANAGEMENT_METRICS_EXPORT_PROMETHEUS_ENABLED=true
      - SPRING_DATASOURCE_URL=jdbc:mysql://sharing_mysql:3306/gitsearch?useUnicode=true&characterEncoding=utf8&useSSL=false&useLegacyDatetimeCode=false&serverTimezone=UTC&createDatabaseIfNotExist=true
-      - JHIPSTER_SLEEP=30 # gives time for other services to boot before the application
+      - JHIPSTER_SLEEP=10 # gives time for other services to boot before the application
      - SPRING_DATA_JEST_URI=http://sharing_elasticsearch:9200
      - SPRING_ELASTICSEARCH_REST_URIS=http://sharing_elasticsearch:9200
      # see https://stackoverflow.com/questions/62676762/how-can-a-variable-set-in-the-docker-env-file-be-used-in-application-yml

--- a/src/main/java/at/ac/uibk/gitsearch/config/LoggingConfiguration.java
+++ b/src/main/java/at/ac/uibk/gitsearch/config/LoggingConfiguration.java
@@ -55,10 +55,12 @@ public class LoggingConfiguration {
        
        // disabling some nasty debug logging
        context.getLogger("io.netty.util.internal.PlatformDependent0").setLevel(Level.INFO);
+        context.getLogger("javax.management.mbeanserver").setLevel(Level.INFO);
        context.getLogger("org.glassfish.jersey.client.ClientExecutorProvidersConfigurator").setLevel(Level.INFO);
        context.getLogger("org.springframework.boot.liquibase.SpringPackageScanClassResolver").setLevel(Level.INFO); // zu spät hier :-(
        context.getLogger("org.springframework.boot.liquibase.LiquibaseServiceLocatorApplicationListener").setLevel(Level.INFO);
        context.getLogger("org.springframework.boot.autoconfigure.logging.ConditionEvaluationReportLoggingListener").setLevel(Level.INFO);
        context.getLogger("io.netty").setLevel(Level.INFO);
+        context.getLogger("org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter").setLevel(Level.DEBUG);
    }
 }
--- a/src/main/java/at/ac/uibk/gitsearch/config/SecurityConfiguration.java
+++ b/src/main/java/at/ac/uibk/gitsearch/config/SecurityConfiguration.java
@@ -4,7 +4,9 @@ import static org.springframework.http.MediaType.APPLICATION_FORM_URLENCODED_VAL

 import java.net.URI;
 import java.util.Collections;
+import java.util.HashMap;
 import java.util.HashSet;
+import java.util.Map;
 import java.util.Optional;
 import java.util.Set;

@@ -47,6 +49,7 @@ import org.springframework.security.oauth2.core.OAuth2TokenValidator;
 import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange;
 import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
 import org.springframework.security.oauth2.core.endpoint.PkceParameterNames;
+import org.springframework.security.oauth2.core.oidc.OidcUserInfo;
 import org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser;
 import org.springframework.security.oauth2.core.oidc.user.OidcUser;
 import org.springframework.security.oauth2.jwt.Jwt;
@@ -402,9 +405,13 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
 	        	userService.createUser(u);
 	        }

-			
+//	       oidcUser.getUserInfo().getClaims().put(TokenProvider.GITLAB_ACCESS_TOKEN, userRequest.getAccessToken());
+	       Map<String, Object> claims = new HashMap<>( oidcUser.getUserInfo().getClaims());
+	       claims.put(TokenProvider.GITLAB_ACCESS_TOKEN, userRequest.getAccessToken().getTokenValue());
+	       claims.put(TokenProvider.GITLAB_ACCESS_ISSUER, userRequest.getClientRegistration().getRegistrationId());
+	       OidcUserInfo userInfo = new OidcUserInfo(claims);
 	           
-           oidcUser = new DefaultOidcUser(mappedAuthorities, oidcUser.getIdToken(), oidcUser.getUserInfo());
+           oidcUser = new DefaultOidcUser(mappedAuthorities, oidcUser.getIdToken(), userInfo);

           return oidcUser;
       };

--- a/src/main/java/at/ac/uibk/gitsearch/repository/gitlab/GitLabRepository.java
+++ b/src/main/java/at/ac/uibk/gitsearch/repository/gitlab/GitLabRepository.java
@@ -31,14 +31,9 @@ public class GitLabRepository {
 		GitLabApi gitLabApi = null;
 		if(isPresent) {
 			String idToken = accessTokenO.get();
-			final Optional<String> gitLabAccessIssuer = tokenProvider.getGitLabAccessIssuer();
-			if(! gitLabAccessIssuer.isPresent()) {
-				log.warn("accessToken defined, but no gitlabAccess Issuer found?");
-			} else {
-
-	         gitLabApi = new GitLabApi(gitLabAccessIssuer.get(), TokenType.OAUTH2_ACCESS, idToken);
-
-	        }
+	         gitLabApi = new GitLabApi(applicationProperties.getGitLab().getUrl(), TokenType.OAUTH2_ACCESS, idToken);
+		} else {
+	         gitLabApi = new GitLabApi(applicationProperties.getGitLab().getUrl(), TokenType.PRIVATE, applicationProperties.getGitLab().getGeneralAccessToken());
 		}
 		return gitLabApi;
 	}

--- a/src/main/java/at/ac/uibk/gitsearch/security/jwt/TokenProvider.java
+++ b/src/main/java/at/ac/uibk/gitsearch/security/jwt/TokenProvider.java
@@ -21,6 +21,7 @@ import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.context.SecurityContext;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.core.userdetails.User;
+import org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser;
 import org.springframework.stereotype.Component;
 import org.springframework.util.StringUtils;

@@ -144,14 +145,18 @@ public class TokenProvider {
            .setSubject(authentication.getName())
            .claim(AUTHORITIES_KEY, authorities);
 		// copy from preToken
-		final Object userDetails = authentication.getDetails();
 		String authenticationToken = null;
 		String authenticationIssuer = null;
-		if (userDetails instanceof Map<?,?>) {
+		if (authentication.getDetails() instanceof Map) {
 			@SuppressWarnings("unchecked")
-			Map<String, String> userDetailsMap = (Map<String, String>) userDetails;
-			authenticationToken = userDetailsMap.get(GITLAB_ACCESS_TOKEN);
-			authenticationIssuer = userDetailsMap.get(GITLAB_ACCESS_ISSUER);
+			Map<String, String> details = (Map) authentication.getDetails();
+			authenticationToken = details.get(GITLAB_ACCESS_TOKEN);
+			authenticationIssuer = details.get(GITLAB_ACCESS_ISSUER);
+		}
+		if (authentication.getPrincipal() instanceof DefaultOidcUser) {
+			DefaultOidcUser oidcInfo = (DefaultOidcUser) authentication.getPrincipal();
+			authenticationToken = oidcInfo.getClaimAsString(GITLAB_ACCESS_TOKEN);
+			authenticationIssuer = oidcInfo.getClaimAsString(GITLAB_ACCESS_ISSUER);
 		}
 		
 		if (authenticationToken!=null) {

--- a/src/main/java/at/ac/uibk/gitsearch/service/GitlabService.java
+++ b/src/main/java/at/ac/uibk/gitsearch/service/GitlabService.java
@@ -4,24 +4,14 @@ import java.io.IOException;
 import java.io.InputStream;
 import java.io.PipedInputStream;
 import java.io.PipedOutputStream;
-import java.time.Duration;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.List;
 import java.util.Optional;
-import java.util.UUID;
 import java.util.zip.ZipEntry;
 import java.util.zip.ZipInputStream;
 import java.util.zip.ZipOutputStream;

-import org.checkerframework.checker.nullness.qual.Nullable;
-import org.codeability.sharing.plugins.api.ShoppingBasket;
-import org.codeability.sharing.plugins.api.ShoppingBasket.ExerciseInfo;
-import org.codeability.sharing.plugins.api.ShoppingBasket.UserInfo;
 import org.gitlab4j.api.GitLabApi;
 import org.gitlab4j.api.GitLabApiException;
 import org.gitlab4j.api.ProjectApi;
-import org.gitlab4j.api.RepositoryApi;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -29,13 +19,7 @@ import org.springframework.stereotype.Service;
 import org.springframework.util.StreamUtils;
 import org.springframework.util.StringUtils;

-import com.google.common.cache.CacheBuilder;
-import com.google.common.cache.CacheLoader;
-import com.google.common.cache.LoadingCache;
-
 import at.ac.uibk.gitsearch.repository.gitlab.GitLabRepository;
-import at.ac.uibk.gitsearch.security.jwt.TokenProvider.GitLabAccessInfo;
-import at.ac.uibk.gitsearch.service.dto.SearchResultDTO;

 /**
 * Service for exercise/course search results
@@ -44,22 +28,14 @@ import at.ac.uibk.gitsearch.service.dto.SearchResultDTO;
 @Service
 public class GitlabService {
 	
-	@Autowired
-	private PluginManagementService pluginManagementService;
 	@Autowired
 	private GitLabRepository gitLabRepository;
 	
-	
-		
-		
-
-	
-
 	private final Logger log = LoggerFactory.getLogger(ShoppingBasketService.class);


    public Boolean repositoryExists(String projectID) {
-        final GitLabApi gitLabApi = gitLabRepository.getGitLabApi(Optional.empty());
+        final GitLabApi gitLabApi = gitLabRepository.getGitLabApi();
 		final ProjectApi gitLabProjectApi = gitLabApi.getProjectApi();
 		try{
 			return gitLabProjectApi.getProject(projectID) != null;}

--- a/src/main/resources/config/application-prod.yml
+++ b/src/main/resources/config/application-prod.yml
@@ -68,11 +68,11 @@ spring:
      client:
        provider:
          gitlabOidc:
-            issuer-uri: TODO https://sharing.codeability-austria.uibk.ac.at
+            issuer-uri: ${SECURITY_OAUTH2_CLIENT_PROVIDER_GITLABOIDC_ISSUERURI}
        registration:
          gitlabOidc:
-            client-id: TODO 149276ac11138d9ba72fb3cd12815e3fa2f372866df0eac0f7d1aae5fdffea24
-            client-secret: TODO 6f480635241f420a361581f4837594ea6f48f5ee6f515c1aa89f325dd922dbb0
+            client-id: ${SECURITY_OAUTH2_CLIENT_REGISTRATION_GITLABOIDC_CLIENTID}
+            client-secret: ${SECURITY_OAUTH2_CLIENT_REGISTRATION_GITLABOIDC_CLIENTSECRET}


 # ===================================================================
@@ -123,14 +123,10 @@ jhipster:
        # - In the JHipster Registry (which includes a Spring Cloud Config server)
        # - In a separate `application-prod.yml` file, in the same folder as your executable JAR file
        # - In the `JHIPSTER_SECURITY_AUTHENTICATION_JWT_BASE64_SECRET` environment variable
-        base64-secret: ZTY3OGIwZWZhMzdhYTQ2NjAwNTdlNDQ2NWM4YjQyMzlhMWVkMTJlYTExYzMwMzBjOWIzM2E1OTRmZWZkZmYzYzZhNWQ5N2EzZjMyNTFkMjM0ZjNmOWRhYTYzNGEzZDE3NThkYTNmZGVmNTQ1MmRlZjg1YWY4NTU4OGVmNDBkZDI=
+        base64-secret: ${JHIPSTER_SECURITY_AUTHENTICATION_JWT_BASE64SECRET}
        # Token is valid 24 hours
        token-validity-in-seconds: 86400
        token-validity-in-seconds-for-remember-me: 2592000
-    oauth2:
-# TODO: audience seems not really relevant, could be omitted? It is identical with client-id above
-      audience:
-        - TODO or omit
  mail: # specific JHipster mail property, for standard properties see MailProperties
    base-url: http://my-server-url-to-change # Modify according to your server's URL
  metrics:
@@ -158,8 +154,7 @@ jhipster:

 application:
  registeredPlugins:
-   - "http://localhost:8081/api/sharing/config" 
-   - "http://localhost:8082/api/sharingPluginConfig"
+   - "https://artemis.codeability.uibk.ac.at/api/sharing/config" 
  gitlab:
   url: https://sharing-codeability.uibk.ac.at/
-   generalAccessToken: ${APPLICATION_GITLAB_GENERALACCESSTOKEN}
\ No newline at end of file
+   generalAccessToken: ${APPLICATION_GITLAB_GENERALACCESSTOKEN}