diff --git a/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/interceptors/AbstractInterceptor.java b/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/interceptors/AbstractInterceptor.java index 5d2dd5ee..dff6037a 100644 --- a/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/interceptors/AbstractInterceptor.java +++ b/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/interceptors/AbstractInterceptor.java @@ -24,9 +24,11 @@ import org.apache.cxf.jaxrs.model.OperationResourceInfo; import org.apache.cxf.message.Message; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import org.springframework.core.annotation.AnnotationUtils; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import javax.ws.rs.container.ResourceInfo; import javax.ws.rs.core.Context; import java.lang.reflect.Method; @@ -45,12 +47,12 @@ public abstract class AbstractInterceptor @Context private HttpServletResponse httpServletResponse; - public HttpServletRequest getHttpServletRequest( Message message ) + public HttpServletRequest getHttpServletRequest( ) { return httpServletRequest; } - public HttpServletResponse getHttpServletResponse( Message message ) + public HttpServletResponse getHttpServletResponse( ) { return httpServletResponse; } @@ -75,4 +77,14 @@ public abstract class AbstractInterceptor return redbackAuthorization; } + + public RedbackAuthorization getRedbackAuthorization( ResourceInfo resourceInfo ) { + Method method = resourceInfo.getResourceMethod( ); + RedbackAuthorization redbackAuthorization = AnnotationUtils.findAnnotation( method, RedbackAuthorization.class ); + log.debug( "resourceClass {}, method {}, redbackAuthorization {}", // + resourceInfo.getResourceClass( ), // + method, // + redbackAuthorization ); + return redbackAuthorization; + } } diff --git a/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/interceptors/AuthenticationInterceptor.java b/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/interceptors/AuthenticationInterceptor.java index ae16637f..c7dadfe9 100644 --- a/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/interceptors/AuthenticationInterceptor.java +++ b/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/interceptors/AuthenticationInterceptor.java @@ -34,8 +34,6 @@ import org.apache.archiva.redback.users.User; import org.apache.archiva.redback.users.UserManager; import org.apache.archiva.redback.users.UserManagerException; import org.apache.archiva.redback.users.UserNotFoundException; -import org.apache.cxf.jaxrs.utils.JAXRSUtils; -import org.apache.cxf.message.Message; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.stereotype.Service; @@ -46,6 +44,8 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.ws.rs.container.ContainerRequestContext; import javax.ws.rs.container.ContainerRequestFilter; +import javax.ws.rs.container.ResourceInfo; +import javax.ws.rs.core.Context; import javax.ws.rs.core.Response; import javax.ws.rs.ext.Provider; @@ -71,25 +71,28 @@ public class AuthenticationInterceptor @Named(value = "httpAuthenticator#basic") private HttpBasicAuthentication httpAuthenticator; + @Context + private ResourceInfo resourceInfo; + private final Logger log = LoggerFactory.getLogger( getClass() ); public void filter( ContainerRequestContext containerRequestContext ) { - Message message = JAXRSUtils.getCurrentMessage(); + // Message message = JAXRSUtils.getCurrentMessage(); - RedbackAuthorization redbackAuthorization = getRedbackAuthorization( message ); + RedbackAuthorization redbackAuthorization = getRedbackAuthorization( resourceInfo ); if ( redbackAuthorization == null ) { log.warn( "http path {} doesn't contain any informations regarding permissions ", - message.get( Message.REQUEST_URI ) ); + containerRequestContext.getUriInfo().getRequestUri()); // here we failed to authenticate so 403 as there is no detail on karma for this // it must be marked as it's exposed containerRequestContext.abortWith( Response.status( Response.Status.FORBIDDEN ).build() ); return; } - HttpServletRequest request = getHttpServletRequest( message ); - HttpServletResponse response = getHttpServletResponse( message ); + HttpServletRequest request = getHttpServletRequest( ); + HttpServletResponse response = getHttpServletResponse( ); if ( redbackAuthorization.noRestriction() ) { @@ -122,7 +125,7 @@ public class AuthenticationInterceptor new RedbackRequestInformation( user, request.getRemoteAddr() ); RedbackAuthenticationThreadLocal.set( redbackRequestInformation ); - message.put( AuthenticationResult.class, authenticationResult ); + // message.put( AuthenticationResult.class, authenticationResult ); } catch ( Exception e ) { @@ -149,29 +152,29 @@ public class AuthenticationInterceptor new RedbackRequestInformation( user, request.getRemoteAddr() ); RedbackAuthenticationThreadLocal.set( redbackRequestInformation ); - message.put( AuthenticationResult.class, authenticationResult ); + // message.put( AuthenticationResult.class, authenticationResult ); return; } catch ( UserNotFoundException e ) { - log.debug( "UserNotFoundException for path {}", message.get( Message.REQUEST_URI ) ); + log.debug( "UserNotFoundException for path {}", containerRequestContext.getUriInfo().getRequestUri() ); } catch ( AccountLockedException e ) { - log.debug( "account locked for path {}", message.get( Message.REQUEST_URI ) ); + log.debug( "account locked for path {}", containerRequestContext.getUriInfo().getRequestUri() ); } catch ( MustChangePasswordException e ) { - log.debug( "must change password for path {}", message.get( Message.REQUEST_URI ) ); + log.debug( "must change password for path {}", containerRequestContext.getUriInfo().getRequestUri() ); } catch ( AuthenticationException e ) { - log.debug( "failed to authenticate for path {}", message.get( Message.REQUEST_URI ) ); + log.debug( "failed to authenticate for path {}", containerRequestContext.getUriInfo().getRequestUri() ); } catch ( UserManagerException e ) { - log.debug( "UserManagerException: {} for path", e.getMessage(), message.get( Message.REQUEST_URI ) ); + log.debug( "UserManagerException: {} for path", e.getMessage(), containerRequestContext.getUriInfo().getRequestUri() ); } containerRequestContext.abortWith( Response.status( Response.Status.FORBIDDEN ).build() ); } diff --git a/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/interceptors/PermissionsInterceptor.java b/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/interceptors/PermissionsInterceptor.java index 714500ac..d71ba6cd 100644 --- a/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/interceptors/PermissionsInterceptor.java +++ b/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/interceptors/PermissionsInterceptor.java @@ -31,7 +31,6 @@ import org.apache.archiva.redback.system.SecuritySession; import org.apache.archiva.redback.system.SecuritySystem; import org.apache.commons.lang3.StringUtils; import org.apache.cxf.jaxrs.model.OperationResourceInfo; -import org.apache.cxf.jaxrs.model.Parameter; import org.apache.cxf.jaxrs.utils.JAXRSUtils; import org.apache.cxf.message.Message; import org.slf4j.Logger; @@ -50,8 +49,6 @@ import javax.ws.rs.core.Response; import javax.ws.rs.core.UriInfo; import javax.ws.rs.ext.Provider; import java.lang.annotation.Annotation; -import java.lang.reflect.Method; -import java.util.List; /** * @author Olivier Lamy @@ -94,7 +91,7 @@ public class PermissionsInterceptor if ( permissions != null && permissions.length > 0 // && !( permissions.length == 1 && StringUtils.isEmpty( permissions[0] ) ) ) { - HttpServletRequest request = getHttpServletRequest( message ); + HttpServletRequest request = getHttpServletRequest( ); SecuritySession securitySession = httpAuthenticator.getSecuritySession( request.getSession() ); AuthenticationResult authenticationResult = message.get( AuthenticationResult.class ); @@ -105,7 +102,7 @@ public class PermissionsInterceptor try { authenticationResult = - httpAuthenticator.getAuthenticationResult( request, getHttpServletResponse( message ) ); + httpAuthenticator.getAuthenticationResult( request, getHttpServletResponse( ) ); log.debug( "authenticationResult from request: {}", authenticationResult ); } diff --git a/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/interceptors/RequestValidationInterceptor.java b/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/interceptors/RequestValidationInterceptor.java index e654aa5f..ddd4027a 100644 --- a/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/interceptors/RequestValidationInterceptor.java +++ b/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/interceptors/RequestValidationInterceptor.java @@ -506,7 +506,7 @@ public class RequestValidationInterceptor else { Message message = JAXRSUtils.getCurrentMessage(); - return getHttpServletRequest( message ); + return getHttpServletRequest( ); } } @@ -627,7 +627,7 @@ public class RequestValidationInterceptor try { authenticationResult = - httpAuthenticator.getAuthenticationResult( request, getHttpServletResponse( message ) ); + httpAuthenticator.getAuthenticationResult( request, getHttpServletResponse( ) ); log.debug( "authenticationResult from request: {}", authenticationResult ); }