Remove Basic authentication placeholder
1. At the point of the Basic auth check, user is already authorized by
UniversalAuthBackend.
2. Authentication may be done with many different ways other than Basic
Header.
Conclusion:
Remove Basic auth check as it is misleading.
Change-Id: I274e8ad5318200af3370c12e35d6bd764af2e345
diff --git a/src/main/java/com/googlesource/gerrit/plugins/lfs/LfsAuthUserProvider.java b/src/main/java/com/googlesource/gerrit/plugins/lfs/LfsAuthUserProvider.java
index f67e20e..fdb89b5 100644
--- a/src/main/java/com/googlesource/gerrit/plugins/lfs/LfsAuthUserProvider.java
+++ b/src/main/java/com/googlesource/gerrit/plugins/lfs/LfsAuthUserProvider.java
@@ -29,8 +29,6 @@
@Singleton
public class LfsAuthUserProvider {
- private static final String BASIC_AUTH_PREFIX = "Basic ";
-
private final Provider<AnonymousUser> anonymous;
private final Provider<CurrentUser> user;
private final LfsSshRequestAuthorizer sshAuth;
@@ -52,23 +50,18 @@
}
public CurrentUser getUser(String auth, String project, String operation) {
- if (!Strings.isNullOrEmpty(auth)) {
- if (auth.startsWith(BASIC_AUTH_PREFIX)) {
- return user.get();
- }
-
- if (auth.startsWith(SSH_AUTH_PREFIX)) {
- Optional<String> user =
- sshAuth.getUserFromValidToken(
- auth.substring(SSH_AUTH_PREFIX.length()), project, operation);
- if (user.isPresent()) {
- Optional<AccountState> acc = accounts.getByUsername(user.get());
- if (acc.isPresent()) {
- return userFactory.create(acc.get());
- }
+ if (!Strings.isNullOrEmpty(auth) && auth.startsWith(SSH_AUTH_PREFIX)) {
+ Optional<String> user =
+ sshAuth.getUserFromValidToken(
+ auth.substring(SSH_AUTH_PREFIX.length()), project, operation);
+ if (user.isPresent()) {
+ Optional<AccountState> acc = accounts.getByUsername(user.get());
+ if (acc.isPresent()) {
+ return userFactory.create(acc.get());
}
}
}
- return anonymous.get();
+ CurrentUser currentUser = user.get();
+ return currentUser != null ? currentUser : anonymous.get();
}
}
