From 879bbaed3b16c3b57da1231a135e0cc8e8897e03 Mon Sep 17 00:00:00 2001 From: David Ostrovsky Date: Sat, 4 Feb 2017 23:01:23 +0100 Subject: [PATCH] Prefix user id with oauth provider name To migrate the legacy user id, fixLegacyUserId property must be set to true for all providers. Bug: Issue https://github.com/davido/gerrit-oauth-provider/issues/82 Change-Id: I36833b90280b158172423180358faf90ac2b6718 --- .../plugins/oauth/BitbucketOAuthService.java | 14 ++++++++++---- .../gerrit/plugins/oauth/CasOAuthService.java | 9 ++++++++- .../gerrit/plugins/oauth/GitHubOAuthService.java | 8 ++++++-- .../gerrit/plugins/oauth/GoogleOAuthService.java | 8 ++++++-- .../gerrit/plugins/oauth/InitOAuth.java | 12 ++++++++++++ 5 files changed, 42 insertions(+), 9 deletions(-) diff --git a/src/main/java/com/googlesource/gerrit/plugins/oauth/BitbucketOAuthService.java b/src/main/java/com/googlesource/gerrit/plugins/oauth/BitbucketOAuthService.java index d2240fc..3dbd81b 100644 --- a/src/main/java/com/googlesource/gerrit/plugins/oauth/BitbucketOAuthService.java +++ b/src/main/java/com/googlesource/gerrit/plugins/oauth/BitbucketOAuthService.java @@ -47,8 +47,10 @@ public class BitbucketOAuthService implements OAuthServiceProvider { private static final Logger log = getLogger(BitbucketOAuthService.class); static final String CONFIG_SUFFIX = "-bitbucket-oauth"; + private final static String BITBUCKET_PROVIDER_PREFIX = "bitbucket-oauth:"; private static final String PROTECTED_RESOURCE_URL = "https://bitbucket.org/api/1.0/user/"; + private final boolean fixLegacyUserId; private final OAuthService service; @Inject @@ -60,7 +62,7 @@ public class BitbucketOAuthService implements OAuthServiceProvider { String canonicalWebUrl = CharMatcher.is('/').trimTrailingFrom(urlProvider.get()) + "/"; - + fixLegacyUserId = cfg.getBoolean(InitOAuth.FIX_LEGACY_USER_ID, false); service = new ServiceBuilder().provider(BitbucketApi.class) .apiKey(cfg.getString(InitOAuth.CLIENT_ID)) .apiSecret(cfg.getString(InitOAuth.CLIENT_SECRET)) @@ -93,10 +95,14 @@ public OAuthUserInfo getUserInfo(OAuthToken token) throws IOException { String username = usernameElement.getAsString(); JsonElement displayName = jsonObject.get("display_name"); - return new OAuthUserInfo(username, username, null, - displayName == null || displayName.isJsonNull() ? null + return new OAuthUserInfo( + BITBUCKET_PROVIDER_PREFIX + username, + username, + null, + displayName == null || displayName.isJsonNull() + ? null : displayName.getAsString(), - null); + fixLegacyUserId ? username : null); } throw new IOException( diff --git a/src/main/java/com/googlesource/gerrit/plugins/oauth/CasOAuthService.java b/src/main/java/com/googlesource/gerrit/plugins/oauth/CasOAuthService.java index 04b9635..f8c7b5b 100644 --- a/src/main/java/com/googlesource/gerrit/plugins/oauth/CasOAuthService.java +++ b/src/main/java/com/googlesource/gerrit/plugins/oauth/CasOAuthService.java @@ -50,10 +50,12 @@ class CasOAuthService implements OAuthServiceProvider { private static final Logger log = LoggerFactory.getLogger(CasOAuthService.class); static final String CONFIG_SUFFIX = "-cas-oauth"; + private final static String CAS_PROVIDER_PREFIX = "cas-oauth:"; private static final String PROTECTED_RESOURCE_URL = "%s/oauth2.0/profile"; private final String rootUrl; + private final boolean fixLegacyUserId; private final OAuthService service; @Inject @@ -65,6 +67,7 @@ class CasOAuthService implements OAuthServiceProvider { rootUrl = cfg.getString(InitOAuth.ROOT_URL); String canonicalWebUrl = CharMatcher.is('/').trimTrailingFrom( urlProvider.get()) + "/"; + fixLegacyUserId = cfg.getBoolean(InitOAuth.FIX_LEGACY_USER_ID, false); service = new ServiceBuilder() .provider(new CasApi(rootUrl)) .apiKey(cfg.getString(InitOAuth.CLIENT_ID)) @@ -133,7 +136,11 @@ public OAuthUserInfo getUserInfo(OAuthToken token) throws IOException { login = property; } - return new OAuthUserInfo(id.getAsString(), login, email, name, null); + return new OAuthUserInfo(CAS_PROVIDER_PREFIX + id.getAsString(), + login, + email, + name, + fixLegacyUserId ? id.getAsString() : null); } private String getStringElement(JsonObject o, String name) { diff --git a/src/main/java/com/googlesource/gerrit/plugins/oauth/GitHubOAuthService.java b/src/main/java/com/googlesource/gerrit/plugins/oauth/GitHubOAuthService.java index d66cd7f..bb135a5 100644 --- a/src/main/java/com/googlesource/gerrit/plugins/oauth/GitHubOAuthService.java +++ b/src/main/java/com/googlesource/gerrit/plugins/oauth/GitHubOAuthService.java @@ -49,10 +49,12 @@ class GitHubOAuthService implements OAuthServiceProvider { private static final Logger log = LoggerFactory.getLogger(GitHubOAuthService.class); static final String CONFIG_SUFFIX = "-github-oauth"; + private final static String GITHUB_PROVIDER_PREFIX = "github-oauth:"; private static final String PROTECTED_RESOURCE_URL = "https://api.github.com/user"; private static final String SCOPE = "user:email"; + private final boolean fixLegacyUserId; private final OAuthService service; @Inject @@ -63,6 +65,7 @@ class GitHubOAuthService implements OAuthServiceProvider { pluginName + CONFIG_SUFFIX); String canonicalWebUrl = CharMatcher.is('/').trimTrailingFrom( urlProvider.get()) + "/"; + fixLegacyUserId = cfg.getBoolean(InitOAuth.FIX_LEGACY_USER_ID, false); service = new ServiceBuilder() .provider(GitHub2Api.class) .apiKey(cfg.getString(InitOAuth.CLIENT_ID)) @@ -99,11 +102,12 @@ public OAuthUserInfo getUserInfo(OAuthToken token) throws IOException { JsonElement email = jsonObject.get("email"); JsonElement name = jsonObject.get("name"); JsonElement login = jsonObject.get("login"); - return new OAuthUserInfo(id.getAsString(), + return new OAuthUserInfo( + GITHUB_PROVIDER_PREFIX + id.getAsString(), login == null || login.isJsonNull() ? null : login.getAsString(), email == null || email.isJsonNull() ? null : email.getAsString(), name == null || name.isJsonNull() ? null : name.getAsString(), - null); + fixLegacyUserId ? id.getAsString() : null); } throw new IOException(String.format( diff --git a/src/main/java/com/googlesource/gerrit/plugins/oauth/GoogleOAuthService.java b/src/main/java/com/googlesource/gerrit/plugins/oauth/GoogleOAuthService.java index 18547f7..6e2219f 100644 --- a/src/main/java/com/googlesource/gerrit/plugins/oauth/GoogleOAuthService.java +++ b/src/main/java/com/googlesource/gerrit/plugins/oauth/GoogleOAuthService.java @@ -55,6 +55,7 @@ class GoogleOAuthService implements OAuthServiceProvider { private static final Logger log = LoggerFactory.getLogger(GoogleOAuthService.class); static final String CONFIG_SUFFIX = "-google-oauth"; + private static final String GOOGLE_PROVIDER_PREFIX = "google-oauth:"; private static final String PROTECTED_RESOURCE_URL = "https://www.googleapis.com/userinfo/v2/me"; //"https://www.googleapis.com/plus/v1/people/me/openIdConnect"; @@ -63,6 +64,7 @@ class GoogleOAuthService implements OAuthServiceProvider { private final String canonicalWebUrl; private final String domain; private final boolean useEmailAsUsername; + private final boolean fixLegacyUserId; @Inject GoogleOAuthService(PluginConfigFactory cfgFactory, @@ -76,6 +78,7 @@ class GoogleOAuthService implements OAuthServiceProvider { log.warn(String.format("The support for: %s is disconinued", InitOAuth.LINK_TO_EXISTING_OPENID_ACCOUNT)); } + fixLegacyUserId = cfg.getBoolean(InitOAuth.FIX_LEGACY_USER_ID, false); this.domain = cfg.getString(InitOAuth.DOMAIN); this.useEmailAsUsername = cfg.getBoolean( InitOAuth.USE_EMAIL_AS_USERNAME, false); @@ -137,11 +140,12 @@ public OAuthUserInfo getUserInfo(OAuthToken token) throws IOException { if (useEmailAsUsername && !email.isJsonNull()) { login = email.getAsString().split("@")[0]; } - return new OAuthUserInfo(id.getAsString() /*externalId*/, + return new OAuthUserInfo( + GOOGLE_PROVIDER_PREFIX + id.getAsString() /*externalId*/, login /*username*/, email == null || email.isJsonNull() ? null : email.getAsString() /*email*/, name == null || name.isJsonNull() ? null : name.getAsString() /*displayName*/, - null /*claimedIdentity*/); + fixLegacyUserId ? id.getAsString() : null /*claimedIdentity*/); } throw new IOException(String.format( diff --git a/src/main/java/com/googlesource/gerrit/plugins/oauth/InitOAuth.java b/src/main/java/com/googlesource/gerrit/plugins/oauth/InitOAuth.java index add1da1..ac5e33c 100644 --- a/src/main/java/com/googlesource/gerrit/plugins/oauth/InitOAuth.java +++ b/src/main/java/com/googlesource/gerrit/plugins/oauth/InitOAuth.java @@ -25,10 +25,14 @@ class InitOAuth implements InitStep { static final String CLIENT_SECRET = "client-secret"; static final String LINK_TO_EXISTING_OPENID_ACCOUNT = "link-to-existing-openid-accounts"; + static final String FIX_LEGACY_USER_ID = + "fix-legacy-user-id"; static final String DOMAIN = "domain"; static final String USE_EMAIL_AS_USERNAME = "use-email-as-username"; static final String ROOT_URL = "root-url"; + static String FIX_LEGACY_USER_ID_QUESTION = + "Fix legacy user id, without oauth provider prefix?"; private final ConsoleUI ui; private final Section googleOAuthProviderSection; @@ -59,18 +63,24 @@ public void run() throws Exception { true, "Use Google OAuth provider for Gerrit login ?"); if (configureGoogleOAuthProvider) { configureOAuth(googleOAuthProviderSection); + googleOAuthProviderSection.string(FIX_LEGACY_USER_ID_QUESTION, + FIX_LEGACY_USER_ID, "false"); } boolean configueGitHubOAuthProvider = ui.yesno( true, "Use GitHub OAuth provider for Gerrit login ?"); if (configueGitHubOAuthProvider) { configureOAuth(githubOAuthProviderSection); + githubOAuthProviderSection.string(FIX_LEGACY_USER_ID_QUESTION, + FIX_LEGACY_USER_ID, "false"); } boolean configureBitbucketOAuthProvider = ui.yesno( true, "Use Bitbucket OAuth provider for Gerrit login ?"); if (configureBitbucketOAuthProvider) { configureOAuth(bitbucketOAuthProviderSection); + bitbucketOAuthProviderSection.string(FIX_LEGACY_USER_ID_QUESTION, + FIX_LEGACY_USER_ID, "false"); } boolean configureCasOAuthProvider = ui.yesno( @@ -78,6 +88,8 @@ public void run() throws Exception { if (configureCasOAuthProvider) { casOAuthProviderSection.string("CAS Root URL", ROOT_URL, null); configureOAuth(casOAuthProviderSection); + casOAuthProviderSection.string(FIX_LEGACY_USER_ID_QUESTION, + FIX_LEGACY_USER_ID, "false"); } }