Merge branch 'stable-3.9' into master
Change-Id: I0816eacb94e8f3301e1f11866ad014bde05a7bd9
diff --git a/github-oauth/pom.xml b/github-oauth/pom.xml
index d0594a3..256abc8 100644
--- a/github-oauth/pom.xml
+++ b/github-oauth/pom.xml
@@ -21,7 +21,7 @@
<parent>
<groupId>com.googlesource.gerrit.plugins.github</groupId>
<artifactId>github-parent</artifactId>
- <version>3.9.0-rc0</version>
+ <version>3.9.0-rc2</version>
</parent>
<artifactId>github-oauth</artifactId>
<name>Gerrit Code Review - GitHub OAuth login</name>
diff --git a/github-oauth/src/main/java/com/googlesource/gerrit/plugins/github/oauth/CanonicalWebUrls.java b/github-oauth/src/main/java/com/googlesource/gerrit/plugins/github/oauth/CanonicalWebUrls.java
new file mode 100644
index 0000000..faca0f9
--- /dev/null
+++ b/github-oauth/src/main/java/com/googlesource/gerrit/plugins/github/oauth/CanonicalWebUrls.java
@@ -0,0 +1,54 @@
+// Copyright (C) 2023 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package com.googlesource.gerrit.plugins.github.oauth;
+
+import static com.googlesource.gerrit.plugins.github.oauth.GitHubOAuthConfig.GERRIT_OAUTH_FINAL;
+import static com.googlesource.gerrit.plugins.github.oauth.GitHubOAuthConfig.GITHUB_PLUGIN_OAUTH_SCOPE;
+
+import com.google.common.base.CharMatcher;
+import com.google.common.base.MoreObjects;
+import com.google.gerrit.httpd.HttpCanonicalWebUrlProvider;
+import com.google.inject.Inject;
+import com.google.inject.Singleton;
+
+@Singleton
+public class CanonicalWebUrls {
+ private final GitHubOAuthConfig oauthConf;
+ private final HttpCanonicalWebUrlProvider canonicalWebUrlProvider;
+
+ static String trimTrailingSlash(String url) {
+ return CharMatcher.is('/').trimTrailingFrom(url);
+ }
+
+ @Inject
+ CanonicalWebUrls(
+ GitHubOAuthConfig oauthConf, HttpCanonicalWebUrlProvider canonicalWebUrlProvider) {
+ this.oauthConf = oauthConf;
+ this.canonicalWebUrlProvider = canonicalWebUrlProvider;
+ }
+
+ public String getScopeSelectionUrl() {
+ return getCannonicalWebUrl()
+ + MoreObjects.firstNonNull(oauthConf.scopeSelectionUrl, GITHUB_PLUGIN_OAUTH_SCOPE);
+ }
+
+ String getOAuthFinalRedirectUrl() {
+ return getCannonicalWebUrl() + GERRIT_OAUTH_FINAL;
+ }
+
+ private String getCannonicalWebUrl() {
+ return trimTrailingSlash(canonicalWebUrlProvider.get());
+ }
+}
diff --git a/github-oauth/src/main/java/com/googlesource/gerrit/plugins/github/oauth/GitHubLogin.java b/github-oauth/src/main/java/com/googlesource/gerrit/plugins/github/oauth/GitHubLogin.java
index f65ad02..adfe5e3 100644
--- a/github-oauth/src/main/java/com/googlesource/gerrit/plugins/github/oauth/GitHubLogin.java
+++ b/github-oauth/src/main/java/com/googlesource/gerrit/plugins/github/oauth/GitHubLogin.java
@@ -64,6 +64,8 @@
private SortedSet<Scope> loginScopes;
private final GitHubOAuthConfig config;
+ private final CanonicalWebUrls canonicalWebUrls;
+ private final VirtualDomainConfig virtualDomainConfig;
private final GitHubConnector gitHubConnector;
public GHMyself getMyself() throws IOException {
@@ -81,8 +83,14 @@
}
@Inject
- public GitHubLogin(GitHubOAuthConfig config, GitHubHttpConnector httpConnector) {
+ public GitHubLogin(
+ GitHubOAuthConfig config,
+ CanonicalWebUrls canonicalWebUrls,
+ VirtualDomainConfig virutalDomainConfig,
+ GitHubHttpConnector httpConnector) {
this.config = config;
+ this.canonicalWebUrls = canonicalWebUrls;
+ this.virtualDomainConfig = virutalDomainConfig;
this.gitHubConnector = GitHubConnectorHttpConnectorAdapter.adapt(httpConnector);
}
@@ -108,12 +116,13 @@
response.sendRedirect(OAuthProtocol.getTargetUrl(request));
}
} else {
- Set<ScopeKey> configuredScopesProfiles = config.scopes.keySet();
+ Set<ScopeKey> configuredScopesProfiles = virtualDomainConfig.getScopes(request).keySet();
String scopeRequested = getScopesKey(request, response);
if (Strings.isNullOrEmpty(scopeRequested) && configuredScopesProfiles.size() > 1) {
- response.sendRedirect(config.getScopeSelectionUrl(request));
+ response.sendRedirect(canonicalWebUrls.getScopeSelectionUrl());
} else {
- this.loginScopes = getScopes(MoreObjects.firstNonNull(scopeRequested, "scopes"), scopes);
+ this.loginScopes =
+ getScopes(request, MoreObjects.firstNonNull(scopeRequested, "scopes"), scopes);
log.debug("Login-PHASE1 " + this);
state = oauth.loginPhase1(request, response, loginScopes);
}
@@ -179,15 +188,15 @@
return null;
}
- private SortedSet<Scope> getScopes(String baseScopeKey, Scope... scopes) {
- HashSet<Scope> fullScopes = new HashSet<>(scopesForKey(baseScopeKey));
+ private SortedSet<Scope> getScopes(HttpServletRequest req, String baseScopeKey, Scope... scopes) {
+ HashSet<Scope> fullScopes = new HashSet<>(scopesForKey(req, baseScopeKey));
fullScopes.addAll(Arrays.asList(scopes));
return new TreeSet<>(fullScopes);
}
- private List<Scope> scopesForKey(String baseScopeKey) {
- return config.scopes.entrySet().stream()
+ private List<Scope> scopesForKey(HttpServletRequest req, String baseScopeKey) {
+ return virtualDomainConfig.getScopes(req).entrySet().stream()
.filter(entry -> entry.getKey().name.equals(baseScopeKey))
.map(entry -> entry.getValue())
.findFirst()
diff --git a/github-oauth/src/main/java/com/googlesource/gerrit/plugins/github/oauth/GitHubOAuthConfig.java b/github-oauth/src/main/java/com/googlesource/gerrit/plugins/github/oauth/GitHubOAuthConfig.java
index d86feda..16fcb28 100644
--- a/github-oauth/src/main/java/com/googlesource/gerrit/plugins/github/oauth/GitHubOAuthConfig.java
+++ b/github-oauth/src/main/java/com/googlesource/gerrit/plugins/github/oauth/GitHubOAuthConfig.java
@@ -13,14 +13,14 @@
// limitations under the License.
package com.googlesource.gerrit.plugins.github.oauth;
+import static com.googlesource.gerrit.plugins.github.oauth.CanonicalWebUrls.trimTrailingSlash;
import static com.googlesource.gerrit.plugins.github.oauth.GitHubOAuthConfig.KeyConfig.PASSWORD_DEVICE_CONFIG_LABEL;
-import com.google.common.base.CharMatcher;
import com.google.common.base.MoreObjects;
import com.google.common.base.Preconditions;
import com.google.common.base.Strings;
+import com.google.common.collect.ImmutableSortedMap;
import com.google.gerrit.extensions.client.AuthType;
-import com.google.gerrit.httpd.CanonicalWebUrl;
import com.google.gerrit.server.config.ConfigUtil;
import com.google.gerrit.server.config.GerritServerConfig;
import com.google.inject.Inject;
@@ -35,17 +35,16 @@
import java.util.List;
import java.util.Map;
import java.util.Optional;
+import java.util.SortedMap;
import java.util.concurrent.TimeUnit;
import java.util.function.Function;
import java.util.stream.Collectors;
-import javax.servlet.http.HttpServletRequest;
import lombok.Getter;
import org.eclipse.jgit.lib.Config;
@Singleton
public class GitHubOAuthConfig {
private final Config config;
- private final CanonicalWebUrl canonicalWebUrl;
public static final String CONF_SECTION = "github";
public static final String CONF_KEY_SECTION = "github-key";
@@ -66,10 +65,11 @@
public final String httpHeader;
public final String gitHubOAuthUrl;
public final String gitHubOAuthAccessTokenUrl;
+ public final String scopeSelectionUrl;
public final boolean enabled;
- @Getter public final Map<ScopeKey, List<OAuthProtocol.Scope>> scopes;
- @Getter public final List<ScopeKey> sortedScopesKeys;
+ @Getter public final SortedMap<ScopeKey, List<OAuthProtocol.Scope>> scopes;
+ @Getter public final Map<String, SortedMap<ScopeKey, List<OAuthProtocol.Scope>>> virtualScopes;
public final int fileUpdateMaxRetryCount;
public final int fileUpdateMaxRetryIntervalMsec;
@@ -82,9 +82,8 @@
private final Optional<String> cookieDomain;
@Inject
- protected GitHubOAuthConfig(@GerritServerConfig Config config, CanonicalWebUrl canonicalWebUrl) {
+ protected GitHubOAuthConfig(@GerritServerConfig Config config) {
this.config = config;
- this.canonicalWebUrl = canonicalWebUrl;
httpHeader =
Preconditions.checkNotNull(
@@ -105,6 +104,7 @@
Preconditions.checkNotNull(
config.getString(CONF_SECTION, null, "clientSecret"),
"GitHub `clientSecret` must be provided");
+ scopeSelectionUrl = config.getString(CONF_SECTION, null, "scopeSelectionUrl");
oauthHttpHeader = config.getString("auth", null, "httpExternalIdHeader");
gitHubOAuthUrl = gitHubUrl + GITHUB_OAUTH_AUTHORIZE;
@@ -114,10 +114,7 @@
enabled = config.getString("auth", null, "type").equalsIgnoreCase(AuthType.HTTP.toString());
cookieDomain = Optional.ofNullable(config.getString("auth", null, "cookieDomain"));
scopes = getScopes(config);
- sortedScopesKeys =
- scopes.keySet().stream()
- .sorted(Comparator.comparing(ScopeKey::getSequence))
- .collect(Collectors.toList());
+ virtualScopes = getVirtualScopes(config);
fileUpdateMaxRetryCount = config.getInt(CONF_SECTION, "fileUpdateMaxRetryCount", 3);
fileUpdateMaxRetryIntervalMsec =
@@ -151,36 +148,29 @@
currentKeyConfig = currentKeyConfigs.get(0);
}
- public String getOAuthFinalRedirectUrl(HttpServletRequest req) {
- return req == null
- ? GERRIT_OAUTH_FINAL
- : trimTrailingSlash(canonicalWebUrl.get(req)) + GERRIT_OAUTH_FINAL;
+ private SortedMap<ScopeKey, List<Scope>> getScopes(Config config) {
+ return getScopesInSection(config, null);
}
- public String getScopeSelectionUrl(HttpServletRequest req) {
- String canonicalUrl = req == null ? "" : trimTrailingSlash(canonicalWebUrl.get(req));
- return canonicalUrl
- + MoreObjects.firstNonNull(
- config.getString(CONF_SECTION, null, "scopeSelectionUrl"), GITHUB_PLUGIN_OAUTH_SCOPE);
+ private Map<String, SortedMap<ScopeKey, List<Scope>>> getVirtualScopes(Config config) {
+ return config.getSubsections(CONF_SECTION).stream()
+ .collect(Collectors.toMap(k -> k, v -> getScopesInSection(config, v)));
}
- private Map<ScopeKey, List<Scope>> getScopes(Config config) {
- return config.getNames(CONF_SECTION, true).stream()
+ private SortedMap<ScopeKey, List<Scope>> getScopesInSection(Config config, String subsection) {
+ return config.getNames(CONF_SECTION, subsection, true).stream()
.filter(k -> k.startsWith("scopes"))
.filter(k -> !k.endsWith("Description"))
.filter(k -> !k.endsWith("Sequence"))
.collect(
- Collectors.toMap(
+ ImmutableSortedMap.toImmutableSortedMap(
+ Comparator.comparing(ScopeKey::getSequence),
k ->
new ScopeKey(
k,
- config.getString(CONF_SECTION, null, k + "Description"),
- config.getInt(CONF_SECTION, k + "Sequence", 0)),
- v -> parseScopesString(config.getString(CONF_SECTION, null, v))));
- }
-
- private String trimTrailingSlash(String url) {
- return CharMatcher.is('/').trimTrailingFrom(url);
+ config.getString(CONF_SECTION, subsection, k + "Description"),
+ config.getInt(CONF_SECTION, subsection, k + "Sequence", 0)),
+ v -> parseScopesString(config.getString(CONF_SECTION, subsection, v))));
}
private List<Scope> parseScopesString(String scopesString) {
diff --git a/github-oauth/src/main/java/com/googlesource/gerrit/plugins/github/oauth/IdentifiedUserGitHubLoginProvider.java b/github-oauth/src/main/java/com/googlesource/gerrit/plugins/github/oauth/IdentifiedUserGitHubLoginProvider.java
index 5449347..63414b2 100644
--- a/github-oauth/src/main/java/com/googlesource/gerrit/plugins/github/oauth/IdentifiedUserGitHubLoginProvider.java
+++ b/github-oauth/src/main/java/com/googlesource/gerrit/plugins/github/oauth/IdentifiedUserGitHubLoginProvider.java
@@ -36,23 +36,20 @@
ExternalId.SCHEME_EXTERNAL + ":" + OAuthWebFilter.GITHUB_EXT_ID;
private final Provider<IdentifiedUser> userProvider;
- private final GitHubOAuthConfig config;
private final AccountCache accountCache;
- private final GitHubHttpConnector httpConnector;
private final OAuthTokenCipher oAuthTokenCipher;
+ private final Provider<GitHubLogin> gitHubLoginProvider;
@Inject
public IdentifiedUserGitHubLoginProvider(
+ Provider<GitHubLogin> gitHubLoginaprovider,
Provider<IdentifiedUser> identifiedUserProvider,
- GitHubOAuthConfig config,
- GitHubHttpConnector httpConnector,
AccountCache accountCache,
OAuthTokenCipher oAuthTokenCipher) {
this.userProvider = identifiedUserProvider;
- this.config = config;
this.accountCache = accountCache;
- this.httpConnector = httpConnector;
this.oAuthTokenCipher = oAuthTokenCipher;
+ this.gitHubLoginProvider = gitHubLoginaprovider;
}
@Override
@@ -67,7 +64,7 @@
try {
AccessToken accessToken = newAccessTokenFromUser(username);
if (accessToken != null) {
- GitHubLogin login = new GitHubLogin(config, httpConnector);
+ GitHubLogin login = gitHubLoginProvider.get();
login.login(accessToken);
return login;
}
diff --git a/github-oauth/src/main/java/com/googlesource/gerrit/plugins/github/oauth/OAuthProtocol.java b/github-oauth/src/main/java/com/googlesource/gerrit/plugins/github/oauth/OAuthProtocol.java
index b93837b..035f1ce 100644
--- a/github-oauth/src/main/java/com/googlesource/gerrit/plugins/github/oauth/OAuthProtocol.java
+++ b/github-oauth/src/main/java/com/googlesource/gerrit/plugins/github/oauth/OAuthProtocol.java
@@ -155,6 +155,7 @@
private static SecureRandom randomState = newRandomGenerator();
private final GitHubOAuthConfig config;
+ private final CanonicalWebUrls canonicalWebUrls;
private final Gson gson;
private final Provider<HttpClient> httpProvider;
@@ -231,6 +232,7 @@
@Inject
public OAuthProtocol(
GitHubOAuthConfig config,
+ CanonicalWebUrls canonicalWebUrls,
PooledHttpClientProvider httpClientProvider,
/*
* We need to explicitly tell Guice which Provider<> we need as this class
@@ -239,6 +241,7 @@
*/
GsonProvider gsonProvider) {
this.config = config;
+ this.canonicalWebUrls = canonicalWebUrls;
this.httpProvider = httpClientProvider;
this.gson = gsonProvider.get();
}
@@ -256,7 +259,7 @@
+ "?client_id="
+ config.gitHubClientId
+ getURLEncodedParameter("&scope=", scopesString)
- + getURLEncodedParameter("&redirect_uri=", config.getOAuthFinalRedirectUrl(req))
+ + getURLEncodedParameter("&redirect_uri=", canonicalWebUrls.getOAuthFinalRedirectUrl())
+ getURLEncodedParameter("&state=", state);
}
diff --git a/github-oauth/src/main/java/com/googlesource/gerrit/plugins/github/oauth/VirtualDomainConfig.java b/github-oauth/src/main/java/com/googlesource/gerrit/plugins/github/oauth/VirtualDomainConfig.java
new file mode 100644
index 0000000..a6b2b17
--- /dev/null
+++ b/github-oauth/src/main/java/com/googlesource/gerrit/plugins/github/oauth/VirtualDomainConfig.java
@@ -0,0 +1,38 @@
+// Copyright (C) 2023 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package com.googlesource.gerrit.plugins.github.oauth;
+
+import com.google.inject.Inject;
+import com.google.inject.Singleton;
+import java.util.List;
+import java.util.Optional;
+import java.util.SortedMap;
+import javax.servlet.http.HttpServletRequest;
+
+@Singleton
+public class VirtualDomainConfig {
+ private final GitHubOAuthConfig oauthConfig;
+
+ @Inject
+ VirtualDomainConfig(GitHubOAuthConfig oauthConfig) {
+ this.oauthConfig = oauthConfig;
+ }
+
+ public SortedMap<ScopeKey, List<OAuthProtocol.Scope>> getScopes(HttpServletRequest req) {
+ String serverName = req.getServerName();
+ return Optional.ofNullable(oauthConfig.virtualScopes.get(serverName))
+ .orElse(oauthConfig.scopes);
+ }
+}
diff --git a/github-oauth/src/test/java/com/googlesource/gerrit/plugins/github/oauth/GitHubOAuthConfigTest.java b/github-oauth/src/test/java/com/googlesource/gerrit/plugins/github/oauth/GitHubOAuthConfigTest.java
index 9f90c56..7808ff4 100644
--- a/github-oauth/src/test/java/com/googlesource/gerrit/plugins/github/oauth/GitHubOAuthConfigTest.java
+++ b/github-oauth/src/test/java/com/googlesource/gerrit/plugins/github/oauth/GitHubOAuthConfigTest.java
@@ -22,20 +22,20 @@
import static com.googlesource.gerrit.plugins.github.oauth.GitHubOAuthConfig.KeyConfig.SECRET_KEY_CONFIG_LABEL;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertThrows;
+import static org.junit.Assert.assertTrue;
import com.google.gerrit.extensions.client.AuthType;
-import com.google.gerrit.httpd.CanonicalWebUrl;
-import com.google.inject.AbstractModule;
-import com.google.inject.Guice;
-import com.google.inject.util.Providers;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
import java.util.Optional;
+import java.util.SortedMap;
import org.eclipse.jgit.lib.Config;
import org.junit.Before;
import org.junit.Test;
public class GitHubOAuthConfigTest {
- CanonicalWebUrl canonicalWebUrl;
Config config;
private static final String testPasswordDevice = "/dev/zero";
@@ -46,18 +46,6 @@
config.setString(CONF_SECTION, null, "clientId", "theClientId");
config.setString("auth", null, "httpHeader", "GITHUB_USER");
config.setString("auth", null, "type", AuthType.HTTP.toString());
-
- canonicalWebUrl =
- Guice.createInjector(
- new AbstractModule() {
- @Override
- protected void configure() {
- bind(String.class)
- .annotatedWith(com.google.gerrit.server.config.CanonicalWebUrl.class)
- .toProvider(Providers.of(null));
- }
- })
- .getInstance(CanonicalWebUrl.class);
}
@Test
@@ -178,8 +166,46 @@
assertEquals(Optional.of(myDomain), githubOAuthConfig().getCookieDomain());
}
+ @Test
+ public void shouldReturnOverridesForSpecificHostName() {
+ setupEncryptionConfig();
+ String vhost = "v.host.com";
+ String scope1Name = "scopesRepo";
+ String scope1Description = "repo scope description";
+ String scope2Name = "scopesVHost";
+ String scope2Description = "scope description";
+
+ // virtual host scopes
+ config.setString(CONF_SECTION, vhost, scope2Name, "USER_EMAIL");
+ config.setInt(CONF_SECTION, vhost, scope2Name + "Sequence", 1);
+ config.setString(CONF_SECTION, vhost, scope2Name + "Description", scope2Description);
+ config.setString(CONF_SECTION, vhost, scope1Name, "REPO");
+ config.setInt(CONF_SECTION, vhost, scope1Name + "Sequence", 0);
+ config.setString(CONF_SECTION, vhost, scope1Name + "Description", scope1Description);
+
+ Map<String, SortedMap<ScopeKey, List<OAuthProtocol.Scope>>> virtualScopes =
+ githubOAuthConfig().getVirtualScopes();
+
+ assertTrue(virtualScopes.containsKey(vhost));
+
+ SortedMap<ScopeKey, List<OAuthProtocol.Scope>> vhostConfig = virtualScopes.get(vhost);
+ List<Map.Entry<ScopeKey, List<OAuthProtocol.Scope>>> entries =
+ new ArrayList<>(vhostConfig.entrySet());
+ Map.Entry<ScopeKey, List<OAuthProtocol.Scope>> firstEntry = entries.get(0);
+ Map.Entry<ScopeKey, List<OAuthProtocol.Scope>> secondEntry = entries.get(1);
+
+ assertEquals(firstEntry.getKey().name, scope1Name);
+ assertEquals(firstEntry.getKey().description, scope1Description);
+ assertEquals(firstEntry.getKey().sequence, 0);
+ assertEquals(List.of(OAuthProtocol.Scope.REPO), firstEntry.getValue());
+ assertEquals(secondEntry.getKey().name, scope2Name);
+ assertEquals(secondEntry.getKey().description, scope2Description);
+ assertEquals(secondEntry.getKey().sequence, 1);
+ assertEquals(List.of(OAuthProtocol.Scope.USER_EMAIL), secondEntry.getValue());
+ }
+
private GitHubOAuthConfig githubOAuthConfig() {
- return new GitHubOAuthConfig(config, canonicalWebUrl);
+ return new GitHubOAuthConfig(config);
}
private void setupEncryptionConfig() {
diff --git a/github-oauth/src/test/java/com/googlesource/gerrit/plugins/github/oauth/OAuthTokenCipherTest.java b/github-oauth/src/test/java/com/googlesource/gerrit/plugins/github/oauth/OAuthTokenCipherTest.java
index 3e31d6b..f3dfb71 100644
--- a/github-oauth/src/test/java/com/googlesource/gerrit/plugins/github/oauth/OAuthTokenCipherTest.java
+++ b/github-oauth/src/test/java/com/googlesource/gerrit/plugins/github/oauth/OAuthTokenCipherTest.java
@@ -26,10 +26,6 @@
import static org.junit.Assert.assertThrows;
import com.google.gerrit.extensions.client.AuthType;
-import com.google.gerrit.httpd.CanonicalWebUrl;
-import com.google.inject.AbstractModule;
-import com.google.inject.Guice;
-import com.google.inject.util.Providers;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.nio.file.Path;
@@ -43,7 +39,6 @@
public class OAuthTokenCipherTest {
- CanonicalWebUrl canonicalWebUrl;
Config config;
@ClassRule public static TemporaryFolder temporaryFolder = new TemporaryFolder();
@@ -63,18 +58,6 @@
CONF_KEY_SECTION, VERSION1_KEY_ID, PASSWORD_DEVICE_CONFIG_LABEL, testPasswordDevice);
config.setString(
CONF_KEY_SECTION, VERSION2_KEY_ID, PASSWORD_DEVICE_CONFIG_LABEL, testPasswordDevice);
-
- canonicalWebUrl =
- Guice.createInjector(
- new AbstractModule() {
- @Override
- protected void configure() {
- bind(String.class)
- .annotatedWith(com.google.gerrit.server.config.CanonicalWebUrl.class)
- .toProvider(Providers.of(null));
- }
- })
- .getInstance(CanonicalWebUrl.class);
}
@Test
@@ -193,7 +176,7 @@
}
private OAuthTokenCipher objectUnderTest(Config testConfig) throws IOException {
- return new OAuthTokenCipher(new GitHubOAuthConfig(testConfig, canonicalWebUrl));
+ return new OAuthTokenCipher(new GitHubOAuthConfig(testConfig));
}
private static Config createCommonConfig() {
diff --git a/github-plugin/pom.xml b/github-plugin/pom.xml
index 15cfa79..96d3290 100644
--- a/github-plugin/pom.xml
+++ b/github-plugin/pom.xml
@@ -20,7 +20,7 @@
<parent>
<artifactId>github-parent</artifactId>
<groupId>com.googlesource.gerrit.plugins.github</groupId>
- <version>3.9.0-rc0</version>
+ <version>3.9.0-rc2</version>
</parent>
<artifactId>github-plugin</artifactId>
diff --git a/github-plugin/src/main/java/com/google/gerrit/server/account/AccountImporter.java b/github-plugin/src/main/java/com/google/gerrit/server/account/AccountImporter.java
index e826880..1c0fe3b 100644
--- a/github-plugin/src/main/java/com/google/gerrit/server/account/AccountImporter.java
+++ b/github-plugin/src/main/java/com/google/gerrit/server/account/AccountImporter.java
@@ -15,10 +15,10 @@
import com.google.common.base.MoreObjects;
import com.google.gerrit.entities.Account;
+import com.google.gerrit.server.Sequences;
import com.google.gerrit.server.ServerInitiated;
import com.google.gerrit.server.account.externalids.ExternalId;
import com.google.gerrit.server.account.externalids.ExternalIdFactory;
-import com.google.gerrit.server.notedb.Sequences;
import com.google.inject.Inject;
import com.google.inject.Provider;
import java.io.IOException;
diff --git a/github-plugin/src/main/java/com/googlesource/gerrit/plugins/github/GitHubConfig.java b/github-plugin/src/main/java/com/googlesource/gerrit/plugins/github/GitHubConfig.java
index a22126d..2bacafd 100644
--- a/github-plugin/src/main/java/com/googlesource/gerrit/plugins/github/GitHubConfig.java
+++ b/github-plugin/src/main/java/com/googlesource/gerrit/plugins/github/GitHubConfig.java
@@ -17,7 +17,6 @@
import com.google.common.collect.HashBasedTable;
import com.google.common.collect.Table;
import com.google.gerrit.entities.Account;
-import com.google.gerrit.httpd.CanonicalWebUrl;
import com.google.gerrit.server.config.AllProjectsName;
import com.google.gerrit.server.config.GerritServerConfig;
import com.google.gerrit.server.config.SitePaths;
@@ -75,10 +74,9 @@
public GitHubConfig(
@GerritServerConfig Config config,
final SitePaths site,
- Provider<AllProjectsName> allProjectsNameProvider,
- CanonicalWebUrl canonicalWebUrl)
+ Provider<AllProjectsName> allProjectsNameProvider)
throws MalformedURLException {
- super(config, canonicalWebUrl);
+ super(config);
parseWizardFlow(config.getStringList(CONF_SECTION, null, CONF_WIZARD_FLOW), DEFAULT_SERVER);
// Virtual host specific sections
diff --git a/github-plugin/src/main/java/com/googlesource/gerrit/plugins/github/GitHubTopMenu.java b/github-plugin/src/main/java/com/googlesource/gerrit/plugins/github/GitHubTopMenu.java
index 5ff5363..d345556 100644
--- a/github-plugin/src/main/java/com/googlesource/gerrit/plugins/github/GitHubTopMenu.java
+++ b/github-plugin/src/main/java/com/googlesource/gerrit/plugins/github/GitHubTopMenu.java
@@ -47,7 +47,7 @@
new MenuEntry(
"GitHub",
Arrays.asList(
- getItem("Scope", ghConfig.getScopeSelectionUrl(null)),
+ getItem("Scope", baseUrl + "/static/scope.html"),
getItem("Profile", baseUrl + "/static/account.html"),
getItem("Repositories", baseUrl + "/static/repositories.html"),
getItem("Pull Requests", baseUrl + "/static/pullrequests.html"))));
diff --git a/github-plugin/src/main/java/com/googlesource/gerrit/plugins/github/git/PullRequestCreateChange.java b/github-plugin/src/main/java/com/googlesource/gerrit/plugins/github/git/PullRequestCreateChange.java
index f2a7f06..810acd8 100644
--- a/github-plugin/src/main/java/com/googlesource/gerrit/plugins/github/git/PullRequestCreateChange.java
+++ b/github-plugin/src/main/java/com/googlesource/gerrit/plugins/github/git/PullRequestCreateChange.java
@@ -27,10 +27,10 @@
import com.google.gerrit.server.ChangeUtil;
import com.google.gerrit.server.IdentifiedUser;
import com.google.gerrit.server.IdentifiedUser.GenericFactory;
+import com.google.gerrit.server.Sequences;
import com.google.gerrit.server.change.ChangeInserter;
import com.google.gerrit.server.change.PatchSetInserter;
import com.google.gerrit.server.notedb.ChangeNotes;
-import com.google.gerrit.server.notedb.Sequences;
import com.google.gerrit.server.project.InvalidChangeOperationException;
import com.google.gerrit.server.project.NoSuchChangeException;
import com.google.gerrit.server.query.change.ChangeData;
diff --git a/github-plugin/src/main/java/com/googlesource/gerrit/plugins/github/velocity/VelocityViewServlet.java b/github-plugin/src/main/java/com/googlesource/gerrit/plugins/github/velocity/VelocityViewServlet.java
index 85197dd..b7dc08f 100644
--- a/github-plugin/src/main/java/com/googlesource/gerrit/plugins/github/velocity/VelocityViewServlet.java
+++ b/github-plugin/src/main/java/com/googlesource/gerrit/plugins/github/velocity/VelocityViewServlet.java
@@ -20,8 +20,10 @@
import com.google.inject.Singleton;
import com.google.inject.name.Named;
import com.googlesource.gerrit.plugins.github.GitHubConfig;
+import com.googlesource.gerrit.plugins.github.oauth.CanonicalWebUrls;
import com.googlesource.gerrit.plugins.github.oauth.GitHubLogin;
import com.googlesource.gerrit.plugins.github.oauth.ScopedProvider;
+import com.googlesource.gerrit.plugins.github.oauth.VirtualDomainConfig;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.Map.Entry;
@@ -49,6 +51,8 @@
private final ScopedProvider<GitHubLogin> loginProvider;
private final Provider<CurrentUser> userProvider;
private final GitHubConfig config;
+ private final VirtualDomainConfig virtualDomainConfig;
+ private final CanonicalWebUrls canonicalWebUrls;
@Inject
public VelocityViewServlet(
@@ -56,13 +60,17 @@
Provider<PluginVelocityModel> modelProvider,
ScopedProvider<GitHubLogin> loginProvider,
Provider<CurrentUser> userProvider,
- GitHubConfig config) {
+ GitHubConfig config,
+ VirtualDomainConfig virutalDomainConfig,
+ CanonicalWebUrls canonicalWebUrls) {
this.velocityRuntime = velocityRuntime;
this.modelProvider = modelProvider;
this.loginProvider = loginProvider;
this.userProvider = userProvider;
this.config = config;
+ this.virtualDomainConfig = virutalDomainConfig;
+ this.canonicalWebUrls = canonicalWebUrls;
}
@Override
@@ -96,6 +104,8 @@
GitHubLogin gitHubLogin = loginProvider.get(request);
model.put("myself", gitHubLogin.getMyself());
model.put("config", config);
+ model.put("scopeSelectionUrl", canonicalWebUrls.getScopeSelectionUrl());
+ model.put("scopes", virtualDomainConfig.getScopes(request));
CurrentUser user = userProvider.get();
if (user.isIdentifiedUser()) {
diff --git a/github-plugin/src/main/resources/Documentation/config.md b/github-plugin/src/main/resources/Documentation/config.md
index c9eebc5..4adcd41 100644
--- a/github-plugin/src/main/resources/Documentation/config.md
+++ b/github-plugin/src/main/resources/Documentation/config.md
@@ -77,6 +77,10 @@
Default is empty read-only access to public
information (includes public user profile info, public repository info, and gists).
+github.<domain>.scopes
+: Use only in conjunction with the `virtualhost` plugin to provide different GitHub scopes
+ selections for each virtual domain. It works the same way as `github.scopes`.
+
github.httpConnectionTimeout
: Maximum time to wait for GitHub API to answer to a new HTTP connection attempt.
Values should use common common unit unit suffixes to express their setting:
diff --git a/github-plugin/src/main/resources/static/repositories.html b/github-plugin/src/main/resources/static/repositories.html
index 9db7e3f..5a3df08 100644
--- a/github-plugin/src/main/resources/static/repositories.html
+++ b/github-plugin/src/main/resources/static/repositories.html
@@ -53,7 +53,7 @@
</select>
<input type="text" id="filter" class="filter" name="filter" placeholder="Filter by name" />
</li>
- <li class="info"><p>Not seeing your organizations or repositories? <a href="$config.getScopeSelectionUrl(null)">Login with a different GitHub Scope</a> and try again.</p></li>
+ <li class="info"><p>Not seeing your organizations or repositories? <a href="$scopeSelectionUrl">Login with a different GitHub Scope</a> and try again.</p></li>
</ul>
<div class="loading">
<p>Loading list of GitHub repositories ...</p>
diff --git a/github-plugin/src/main/resources/static/scope.html b/github-plugin/src/main/resources/static/scope.html
index af86139..ebc2580 100644
--- a/github-plugin/src/main/resources/static/scope.html
+++ b/github-plugin/src/main/resources/static/scope.html
@@ -44,7 +44,7 @@
<form class="signupform" method="get" action="/login">
<h5>Which level of GitHub access do you need?</h5>
<ul class="scopes">
- #foreach ( $scope in $config.sortedScopesKeys )
+ #foreach ( $scope in $scopes.keySet() )
<li>
#set ( $scopeName = $scope.name.substring(6) )
#set ( $scopeDescription = $scope.description )
@@ -60,7 +60,7 @@
#end
<p class="scopeDescription">$scopeDescription</p>
<p class="scopePermissions">Allow to:
- #set ( $scopeItems = $config.scopes.get($scope) )
+ #set ( $scopeItems = $scopes.get($scope) )
#foreach ( $scopeItem in $scopeItems )
$scopeItem.description
#if ( $foreach.count < $scopeItems.size())
diff --git a/github-plugin/src/test/java/com/googlesource/gerrit/plugins/github/GitHubConfigTest.java b/github-plugin/src/test/java/com/googlesource/gerrit/plugins/github/GitHubConfigTest.java
index 56f7b90..b7dfc60 100644
--- a/github-plugin/src/test/java/com/googlesource/gerrit/plugins/github/GitHubConfigTest.java
+++ b/github-plugin/src/test/java/com/googlesource/gerrit/plugins/github/GitHubConfigTest.java
@@ -117,6 +117,6 @@
+ "clientId = myclientid\n"
+ "clientSecret = mysecret\n"
+ configText);
- return new GitHubConfig(gerritConfig, site, ALL_PROJECTS_NAME_PROVIDER, null);
+ return new GitHubConfig(gerritConfig, site, ALL_PROJECTS_NAME_PROVIDER);
}
}
diff --git a/pom.xml b/pom.xml
index 71dbe03..a0c4c21 100644
--- a/pom.xml
+++ b/pom.xml
@@ -18,7 +18,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>com.googlesource.gerrit.plugins.github</groupId>
<artifactId>github-parent</artifactId>
- <version>3.9.0-rc0</version>
+ <version>3.9.0-rc2</version>
<name>Gerrit Code Review - GitHub integration</name>
<url>http://www.gerritforge.com</url>
<packaging>pom</packaging>
