public static AuthenticationType forName(String name) { return AuthenticationType.valueOf(StringUtils.upperCase(name)); } }
private static boolean addonRequiresAuth(AuthenticationBean authType) { return authType != null && !AuthenticationType.NONE.equals(authType.getType()); }
private Optional<AuthenticationType> getAuthenticationTypeFromName(String authName) { if (Strings.isNullOrEmpty(authName)) { return Optional.empty(); } try { return Optional.of(AuthenticationType.forName(authName)); } catch (IllegalArgumentException iae) { log.warn("Unknown authType encountered: " + authName); return Optional.of(AuthenticationType.NONE); } }
public static Optional<AuthenticationType> getAuthenticationType(ApplicationLink applink) { if (applink != null) { Object authMethod = applink.getProperty(JwtConstants.AppLinks.AUTH_METHOD_PROPERTY_NAME); if (AuthenticationType.JWT.toString().equals(authMethod)) { return Optional.of(AuthenticationType.JWT); } else if (AuthenticationType.NONE.toString().equals(authMethod)) { return Optional.of(AuthenticationType.NONE); } else if (authMethod != null) { log.warn("Unknown authType encountered: " + authMethod); return Optional.of(AuthenticationType.NONE); } } return Optional.empty(); } }
.setAuth(newAuthType.name()) .setOAuthClient(newOAuthClient) .setBaseUrl(addon.getBaseUrl())
@Override public Optional<String> getUserKey(@Nonnull final String addonKey) { // Although we can return username based only on addon key using usernameForAddon mapping // We want to be sure that addon actually exist. // Note: We had to move a bit of logic here to check if an addon has an authentication type JWT // This has to be done as userKey is not stored in the DB but a derived value. // We will be pushing for Crowd to create an API to get add-on users for a given key, or return no user return getAddonWithCaching(addonKey) .flatMap(addon -> addon.getAuthType().equals(AuthenticationType.JWT.toString()) ? Optional.of(ConnectAddonUserUtil.usernameForAddon(addon.getAddonKey())) : Optional.empty()); }
.setAuth(newAuthType.name()) .setOAuthClient(scopeFilteredOAuthClient) .setBaseUrl(addon.getBaseUrl())
private boolean addonUsesSymmetricSharedSecret(AuthenticationType authType, SigningAlgorithm algorithm) { return AuthenticationType.JWT.equals(authType) && algorithm.requiresSharedSecret(); }
public static AuthenticationType forName(String name) { return AuthenticationType.valueOf(StringUtils.upperCase(name)); } }
if (settings.getAuth().equals(AuthenticationType.JWT.toString())) { if (!secret.isPresent()) { // If auth is JWT but no shared secret errors.add(logErrorAndReturnMessage("add-on '%s' reported having no shared secret, but the auth type is JWT", addonKey));
@Override public Optional<AuthenticationType> getAuthenticationType(String addonKey) { final String authName = getAddonSettings(addonKey).map(AddonSettings::getAuth).orElse(null); if (Strings.isNullOrEmpty(authName)) { return Optional.empty(); } try { return Optional.of(AuthenticationType.forName(authName)); } catch (IllegalArgumentException iae) { log.error("Unknown authType encountered: " + authName); return Optional.of(AuthenticationType.NONE); } }
private boolean addonUsesSymmetricSharedSecret(AuthenticationType authType, SigningAlgorithm algorithm) { return AuthenticationType.JWT.equals(authType) && algorithm.requiresSharedSecret(); }
.withAuthentication(new AuthenticationBeanBuilder().withType(AuthenticationType.valueOf(rawConnectAddon.getAuthType())).build()) .withBaseurl(rawConnectAddon.getBaseUrl()) .withScopes(addonScopes)
@Override public void createAppLink(final ConnectAddonBean addon, final String baseUrl, final AuthenticationType authType, final String publicKey, final String addonUserKey) { transactionTemplate.execute((TransactionCallback<Void>) () -> { String pluginKey = addon.getKey(); URI baseUri = URI.create(baseUrl); final ApplicationId expectedApplicationId = ApplicationIdUtil.generate(baseUri); final RemotePluginContainerApplicationType applicationType = typeAccessor.getApplicationType(RemotePluginContainerApplicationType.class); deleteOldAppLinks(pluginKey, expectedApplicationId); final ApplicationLinkDetails details = ApplicationLinkDetails.builder() .displayUrl(baseUri) .isPrimary(false) .name(addon.getName() != null ? addon.getName() : addon.getKey()) .rpcUrl(baseUri) .build(); log.info("Creating an application link for Connect add-on with key '{}'", pluginKey); ApplicationLink link = applicationLinkService.addApplicationLink(expectedApplicationId, applicationType, details); link.putProperty(PLUGIN_KEY_PROPERTY, pluginKey); link.putProperty(JwtConstants.AppLinks.ADD_ON_USER_KEY_PROPERTY_NAME, addonUserKey); link.putProperty("IS_ACTIVITY_ITEM_PROVIDER", Boolean.FALSE.toString()); link.putProperty("system", Boolean.TRUE.toString()); link.putProperty(JwtConstants.AppLinks.AUTH_METHOD_PROPERTY_NAME, authType.toString()); if (authType == AuthenticationType.JWT) { link.putProperty(JwtConstants.AppLinks.SHARED_SECRET_PROPERTY_NAME, publicKey); } return null; }); }
@Override public Optional<AuthenticationType> getAuthenticationType(@Nonnull final String addonKey) { return getAddonWithCaching(addonKey) .flatMap(addon -> { final String authType = addon.getAuthType(); if (Strings.isNullOrEmpty(authType)) { return Optional.empty(); } else { try { return Optional.of(AuthenticationType.forName(authType)); } catch (IllegalArgumentException iae) { log.error("Unknown authType encountered: '" + authType + "'"); return Optional.of(AuthenticationType.NONE); } } }); }
private RemotablePluginAccessor create(String addonKey, String addonName, Supplier<URI> displayUrl, Optional<AuthenticationType> authenticationType, Supplier<ShallowConnectAddon> addon) { if(authenticationType.isPresent()) { if (AuthenticationType.JWT.equals(authenticationType.get())) { return new JwtSigningRemotablePluginAccessor(addon.get(), displayUrl, jwtBuilderFactory, jwtService, consumerService, httpContentRetriever, connectAddonRegistry); } else if (AuthenticationType.NONE.equals(authenticationType.get())) { return new NoAuthRemotablePluginAccessor(addonKey, addonName, displayUrl, httpContentRetriever); } } throw new IllegalStateException("No valid authentication method found for " + addonName + ".\nThis was probably caused by a data restore from a different instance.\n" + "Please refer this instance to the Atlassian Connect developer on support for remediation.\n" + "DO NOT simply re-install the affected add-ons; this can cause data loss for some add-ons.\n" + "See https://ecosystem.atlassian.net/browse/AC-1528"); } }
@Override public Optional<String> getSharedSecretOrPublicKey(ApplicationLink applink) { Optional<AuthenticationType> maybeAuthType = ConnectApplinkUtil.getAuthenticationType(applink); if (maybeAuthType.isPresent()) { if (maybeAuthType.get().equals(AuthenticationType.JWT)) { Object prop = applink.getProperty(JwtConstants.AppLinks.SHARED_SECRET_PROPERTY_NAME); if (prop instanceof String) { return Optional.of((String) prop); } } } return Optional.empty(); }
private RemotablePluginAccessor create(String addonKey, String addonName, Supplier<URI> displayUrl) { Optional<AuthenticationType> authenticationType = connectAddonInformationProvider.getAuthenticationType(addonKey); if(authenticationType.isPresent()) { if (AuthenticationType.JWT.equals(authenticationType.get())) { ConnectAddonBean addon = addonAccessor.getAddon(addonKey).get(); return new JwtSigningRemotablePluginAccessor(addon, displayUrl, jwtBuilderFactory, jwtService, consumerService, httpContentRetriever, connectAddonInformationProvider); } else if (AuthenticationType.NONE.equals(authenticationType.get())) { return new NoAuthRemotablePluginAccessor(addonKey, addonName, displayUrl, httpContentRetriever); } } throw new IllegalStateException("No valid authentication method found for " + addonName + ".\nThis was probably caused by a data restore from a different instance.\n" + "Please refer this instance to the Atlassian Connect developer on support for remediation.\n" + "DO NOT simply re-install the affected add-ons; this can cause data loss for some add-ons.\n" + "See https://ecosystem.atlassian.net/browse/AC-1528"); }
private static boolean addonUsesJwtAuthentication(ShallowConnectAddonBean addon) { return null != addon.getAuthentication() && AuthenticationType.JWT.equals(addon.getAuthentication().getType()); }
private static boolean addonRequiresAuth(ConnectAddonBean addon) { return addon.getAuthentication() != null && !AuthenticationType.NONE.equals(addon.getAuthentication().getType()); }