github-oauth/src/main/java/com/googlesource/gerrit/plugins/github/oauth/GitHubOAuthConfig.java - plugins/github - Git at Google

 // Copyright (C) 2013 The Android Open Source Project
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 // http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
 package com.googlesource.gerrit.plugins.github.oauth;

 import com.google.common.base.CharMatcher;
 import com.google.common.base.MoreObjects;
 import com.google.common.base.Preconditions;
 import com.google.common.base.Strings;
 import com.google.gerrit.extensions.client.AuthType;
 import com.google.gerrit.httpd.CanonicalWebUrl;
 import com.google.gerrit.server.config.AuthConfig;
 import com.google.gerrit.server.config.ConfigUtil;
 import com.google.gerrit.server.config.GerritServerConfig;
 import com.google.inject.Inject;
 import com.google.inject.Singleton;
 import com.googlesource.gerrit.plugins.github.oauth.OAuthProtocol.Scope;
 import java.util.ArrayList;
 import java.util.Comparator;
 import java.util.List;
 import java.util.Map;
 import java.util.concurrent.TimeUnit;
 import java.util.stream.Collectors;
 import javax.servlet.http.HttpServletRequest;
 import lombok.Getter;
 import org.eclipse.jgit.lib.Config;

 @Singleton
 public class GitHubOAuthConfig {
   private final Config config;
   private final CanonicalWebUrl canonicalWebUrl;

   public static final String CONF_SECTION = "github";
   public static final String GITHUB_OAUTH_AUTHORIZE = "/login/oauth/authorize";
   public static final String GITHUB_OAUTH_ACCESS_TOKEN = "/login/oauth/access_token";
   public static final String GITHUB_GET_USER = "/user";
   public static final String GERRIT_OAUTH_FINAL = "/oauth";
   public static final String GITHUB_URL_DEFAULT = "https://github.com";
   public static final String GITHUB_API_URL_DEFAULT = "https://api.github.com";
   public static final String GERRIT_LOGIN = "/login";
   public static final String GERRIT_LOGOUT = "/logout";
   public static final String GITHUB_PLUGIN_OAUTH_SCOPE = "/plugins/github-plugin/static/scope.html";

   public final String gitHubUrl;
   public final String gitHubApiUrl;
   public final String gitHubClientId;
   public final String gitHubClientSecret;
   public final String logoutRedirectUrl;
   public final String httpHeader;
   public final String gitHubOAuthUrl;
   public final String gitHubOAuthAccessTokenUrl;
   public final boolean enabled;

   @Getter public final Map<ScopeKey, List<OAuthProtocol.Scope>> scopes;
   @Getter public final List<ScopeKey> sortedScopesKeys;

   public final int fileUpdateMaxRetryCount;
   public final int fileUpdateMaxRetryIntervalMsec;
   public final String oauthHttpHeader;

   public final long httpConnectionTimeout;
   public final long httpReadTimeout;

   @Inject
   protected GitHubOAuthConfig(
       @GerritServerConfig Config config, CanonicalWebUrl canonicalWebUrl, AuthConfig authConfig) {
     this.config = config;
     this.canonicalWebUrl = canonicalWebUrl;

     httpHeader =
         Preconditions.checkNotNull(
             config.getString("auth", null, "httpHeader"),
             "HTTP Header for GitHub user must be provided");
     gitHubUrl =
         trimTrailingSlash(
             MoreObjects.firstNonNull(
                 config.getString(CONF_SECTION, null, "url"), GITHUB_URL_DEFAULT));
     gitHubApiUrl =
         trimTrailingSlash(
             MoreObjects.firstNonNull(
                 config.getString(CONF_SECTION, null, "apiUrl"), GITHUB_API_URL_DEFAULT));
     gitHubClientId =
         Preconditions.checkNotNull(
             config.getString(CONF_SECTION, null, "clientId"), "GitHub `clientId` must be provided");
     gitHubClientSecret =
         Preconditions.checkNotNull(
             config.getString(CONF_SECTION, null, "clientSecret"),
             "GitHub `clientSecret` must be provided");

     oauthHttpHeader = config.getString("auth", null, "httpExternalIdHeader");
     gitHubOAuthUrl = gitHubUrl + GITHUB_OAUTH_AUTHORIZE;
     gitHubOAuthAccessTokenUrl = gitHubUrl + GITHUB_OAUTH_ACCESS_TOKEN;
     logoutRedirectUrl = config.getString(CONF_SECTION, null, "logoutRedirectUrl");

     enabled = config.getString("auth", null, "type").equalsIgnoreCase(AuthType.HTTP.toString());
     scopes = getScopes(config);
     sortedScopesKeys =
         scopes.keySet().stream()
             .sorted(Comparator.comparing(ScopeKey::getSequence))
             .collect(Collectors.toList());

     fileUpdateMaxRetryCount = config.getInt(CONF_SECTION, "fileUpdateMaxRetryCount", 3);
     fileUpdateMaxRetryIntervalMsec =
         config.getInt(CONF_SECTION, "fileUpdateMaxRetryIntervalMsec", 3000);

     httpConnectionTimeout =
         TimeUnit.MILLISECONDS.convert(
             ConfigUtil.getTimeUnit(
                 config, CONF_SECTION, null, "httpConnectionTimeout", 30, TimeUnit.SECONDS),
             TimeUnit.SECONDS);

     httpReadTimeout =
         TimeUnit.MILLISECONDS.convert(
             ConfigUtil.getTimeUnit(
                 config, CONF_SECTION, null, "httpReadTimeout", 30, TimeUnit.SECONDS),
             TimeUnit.SECONDS);
   }

   public String getOAuthFinalRedirectUrl(HttpServletRequest req) {
     return req == null
         ? GERRIT_OAUTH_FINAL
         : trimTrailingSlash(canonicalWebUrl.get(req)) + GERRIT_OAUTH_FINAL;
   }

   public String getScopeSelectionUrl(HttpServletRequest req) {
     String canonicalUrl = req == null ? "" : trimTrailingSlash(canonicalWebUrl.get(req));
     return canonicalUrl
         + MoreObjects.firstNonNull(
             config.getString(CONF_SECTION, null, "scopeSelectionUrl"), GITHUB_PLUGIN_OAUTH_SCOPE);
   }

   private Map<ScopeKey, List<Scope>> getScopes(Config config) {
     return config.getNames(CONF_SECTION, true).stream()
         .filter(k -> k.startsWith("scopes"))
         .filter(k -> !k.endsWith("Description"))
         .filter(k -> !k.endsWith("Sequence"))
         .collect(
             Collectors.toMap(
                 k ->
                     new ScopeKey(
                         k,
                         config.getString(CONF_SECTION, null, k + "Description"),
                         config.getInt(CONF_SECTION, k + "Sequence", 0)),
                 v -> parseScopesString(config.getString(CONF_SECTION, null, v))));
   }

   private String trimTrailingSlash(String url) {
     return CharMatcher.is('/').trimTrailingFrom(url);
   }

   private List<Scope> parseScopesString(String scopesString) {
     ArrayList<Scope> result = new ArrayList<>();
     if (Strings.emptyToNull(scopesString) != null) {
       String[] scopesStrings = scopesString.split(",");
       for (String scope : scopesStrings) {
         result.add(Enum.valueOf(Scope.class, scope.trim()));
       }
     }

     return result;
   }

   public Scope[] getDefaultScopes() {
     if (scopes == null || scopes.get("scopes") == null) {
       return new Scope[0];
     }
     return scopes.get("scopes").toArray(new Scope[0]);
   }
 }
	// Copyright (C) 2013 The Android Open Source Project
	//
	// Licensed under the Apache License, Version 2.0 (the "License");
	// you may not use this file except in compliance with the License.
	// You may obtain a copy of the License at
	//
	// http://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing, software
	// distributed under the License is distributed on an "AS IS" BASIS,
	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	// See the License for the specific language governing permissions and
	// limitations under the License.
	package com.googlesource.gerrit.plugins.github.oauth;

	import com.google.common.base.CharMatcher;
	import com.google.common.base.MoreObjects;
	import com.google.common.base.Preconditions;
	import com.google.common.base.Strings;
	import com.google.gerrit.extensions.client.AuthType;
	import com.google.gerrit.httpd.CanonicalWebUrl;
	import com.google.gerrit.server.config.AuthConfig;
	import com.google.gerrit.server.config.ConfigUtil;
	import com.google.gerrit.server.config.GerritServerConfig;
	import com.google.inject.Inject;
	import com.google.inject.Singleton;
	import com.googlesource.gerrit.plugins.github.oauth.OAuthProtocol.Scope;
	import java.util.ArrayList;
	import java.util.Comparator;
	import java.util.List;
	import java.util.Map;
	import java.util.concurrent.TimeUnit;
	import java.util.stream.Collectors;
	import javax.servlet.http.HttpServletRequest;
	import lombok.Getter;
	import org.eclipse.jgit.lib.Config;

	@Singleton
	public class GitHubOAuthConfig {
	private final Config config;
	private final CanonicalWebUrl canonicalWebUrl;

	public static final String CONF_SECTION = "github";
	public static final String GITHUB_OAUTH_AUTHORIZE = "/login/oauth/authorize";
	public static final String GITHUB_OAUTH_ACCESS_TOKEN = "/login/oauth/access_token";
	public static final String GITHUB_GET_USER = "/user";
	public static final String GERRIT_OAUTH_FINAL = "/oauth";
	public static final String GITHUB_URL_DEFAULT = "https://github.com";
	public static final String GITHUB_API_URL_DEFAULT = "https://api.github.com";
	public static final String GERRIT_LOGIN = "/login";
	public static final String GERRIT_LOGOUT = "/logout";
	public static final String GITHUB_PLUGIN_OAUTH_SCOPE = "/plugins/github-plugin/static/scope.html";

	public final String gitHubUrl;
	public final String gitHubApiUrl;
	public final String gitHubClientId;
	public final String gitHubClientSecret;
	public final String logoutRedirectUrl;
	public final String httpHeader;
	public final String gitHubOAuthUrl;
	public final String gitHubOAuthAccessTokenUrl;
	public final boolean enabled;

	@Getter public final Map<ScopeKey, List<OAuthProtocol.Scope>> scopes;
	@Getter public final List<ScopeKey> sortedScopesKeys;

	public final int fileUpdateMaxRetryCount;
	public final int fileUpdateMaxRetryIntervalMsec;
	public final String oauthHttpHeader;

	public final long httpConnectionTimeout;
	public final long httpReadTimeout;

	@Inject
	protected GitHubOAuthConfig(
	@GerritServerConfig Config config, CanonicalWebUrl canonicalWebUrl, AuthConfig authConfig) {
	this.config = config;
	this.canonicalWebUrl = canonicalWebUrl;

	httpHeader =
	Preconditions.checkNotNull(
	config.getString("auth", null, "httpHeader"),
	"HTTP Header for GitHub user must be provided");
	gitHubUrl =
	trimTrailingSlash(
	MoreObjects.firstNonNull(
	config.getString(CONF_SECTION, null, "url"), GITHUB_URL_DEFAULT));
	gitHubApiUrl =
	trimTrailingSlash(
	MoreObjects.firstNonNull(
	config.getString(CONF_SECTION, null, "apiUrl"), GITHUB_API_URL_DEFAULT));
	gitHubClientId =
	Preconditions.checkNotNull(
	config.getString(CONF_SECTION, null, "clientId"), "GitHub `clientId` must be provided");
	gitHubClientSecret =
	Preconditions.checkNotNull(
	config.getString(CONF_SECTION, null, "clientSecret"),
	"GitHub `clientSecret` must be provided");

	oauthHttpHeader = config.getString("auth", null, "httpExternalIdHeader");
	gitHubOAuthUrl = gitHubUrl + GITHUB_OAUTH_AUTHORIZE;
	gitHubOAuthAccessTokenUrl = gitHubUrl + GITHUB_OAUTH_ACCESS_TOKEN;
	logoutRedirectUrl = config.getString(CONF_SECTION, null, "logoutRedirectUrl");

	enabled = config.getString("auth", null, "type").equalsIgnoreCase(AuthType.HTTP.toString());
	scopes = getScopes(config);
	sortedScopesKeys =
	scopes.keySet().stream()
	.sorted(Comparator.comparing(ScopeKey::getSequence))
	.collect(Collectors.toList());

	fileUpdateMaxRetryCount = config.getInt(CONF_SECTION, "fileUpdateMaxRetryCount", 3);
	fileUpdateMaxRetryIntervalMsec =
	config.getInt(CONF_SECTION, "fileUpdateMaxRetryIntervalMsec", 3000);

	httpConnectionTimeout =
	TimeUnit.MILLISECONDS.convert(
	ConfigUtil.getTimeUnit(
	config, CONF_SECTION, null, "httpConnectionTimeout", 30, TimeUnit.SECONDS),
	TimeUnit.SECONDS);

	httpReadTimeout =
	TimeUnit.MILLISECONDS.convert(
	ConfigUtil.getTimeUnit(
	config, CONF_SECTION, null, "httpReadTimeout", 30, TimeUnit.SECONDS),
	TimeUnit.SECONDS);
	}

	public String getOAuthFinalRedirectUrl(HttpServletRequest req) {
	return req == null
	? GERRIT_OAUTH_FINAL
	: trimTrailingSlash(canonicalWebUrl.get(req)) + GERRIT_OAUTH_FINAL;
	}

	public String getScopeSelectionUrl(HttpServletRequest req) {
	String canonicalUrl = req == null ? "" : trimTrailingSlash(canonicalWebUrl.get(req));
	return canonicalUrl
	+ MoreObjects.firstNonNull(
	config.getString(CONF_SECTION, null, "scopeSelectionUrl"), GITHUB_PLUGIN_OAUTH_SCOPE);
	}

	private Map<ScopeKey, List<Scope>> getScopes(Config config) {
	return config.getNames(CONF_SECTION, true).stream()
	.filter(k -> k.startsWith("scopes"))
	.filter(k -> !k.endsWith("Description"))
	.filter(k -> !k.endsWith("Sequence"))
	.collect(
	Collectors.toMap(
	k ->
	new ScopeKey(
	k,
	config.getString(CONF_SECTION, null, k + "Description"),
	config.getInt(CONF_SECTION, k + "Sequence", 0)),
	v -> parseScopesString(config.getString(CONF_SECTION, null, v))));
	}

	private String trimTrailingSlash(String url) {
	return CharMatcher.is('/').trimTrailingFrom(url);
	}

	private List<Scope> parseScopesString(String scopesString) {
	ArrayList<Scope> result = new ArrayList<>();
	if (Strings.emptyToNull(scopesString) != null) {
	String[] scopesStrings = scopesString.split(",");
	for (String scope : scopesStrings) {
	result.add(Enum.valueOf(Scope.class, scope.trim()));
	}
	}

	return result;
	}

	public Scope[] getDefaultScopes() {
	if (scopes == null \|\| scopes.get("scopes") == null) {
	return new Scope[0];
	}
	return scopes.get("scopes").toArray(new Scope[0]);
	}
	}