Return oauth1 providers on registered oauth providers list request (#624

)

Add the list of oauth1 providers to the list of registered oauth2 providers on get registered oauth providers API request.

infrastructures/infrastructure-factory/src/main/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesAuthorisationRequestManager.java

@@ -90,7 +90,10 @@ public void callback(UriInfo uriInfo, List<String> errorValues) {
     Map<String, List<String>> params = getQueryParametersFromState(getState(requestUrl));
     errorValues = errorValues == null ? uriInfo.getQueryParameters().get("error") : errorValues;
     if (errorValues != null && errorValues.contains("access_denied")) {
-      store(getParameter(params, "oauth_provider"));
+      String oauthProvider = getParameter(params, "oauth_provider");
+      if (!isNullOrEmpty(oauthProvider)) {
+        store(oauthProvider);
+      }
     }
   }
 

wsmaster/che-core-api-auth-bitbucket/src/main/java/org/eclipse/che/security/oauth1/BitbucketServerOAuthAuthenticator.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012-2021 Red Hat, Inc.
+ * Copyright (c) 2012-2023 Red Hat, Inc.
  * This program and the accompanying materials are made
  * available under the terms of the Eclipse Public License 2.0
  * which is available at https://www.eclipse.org/legal/epl-2.0/
@@ -21,6 +21,7 @@
 @Singleton
 public class BitbucketServerOAuthAuthenticator extends OAuthAuthenticator {
   public static final String AUTHENTICATOR_NAME = "bitbucket-server";
+  private final String bitbucketEndpoint;
   private final String apiEndpoint;
 
   public BitbucketServerOAuthAuthenticator(
@@ -33,6 +34,7 @@ public BitbucketServerOAuthAuthenticator(
         apiEndpoint + "/oauth/1.0/callback",
         null,
         privateKey);
+    this.bitbucketEndpoint = bitbucketEndpoint;
     this.apiEndpoint = apiEndpoint;
   }
 
@@ -48,4 +50,9 @@ public String getLocalAuthenticateUrl() {
         + AUTHENTICATOR_NAME
         + "&request_method=POST&signature_method=rsa";
   }
+
+  @Override
+  public String getEndpointUrl() {
+    return bitbucketEndpoint;
+  }
 }

wsmaster/che-core-api-auth-bitbucket/src/main/java/org/eclipse/che/security/oauth1/NoopOAuthAuthenticator.java

@@ -51,4 +51,9 @@ public String computeAuthorizationHeader(String userId, String requestMethod, St
   public String getLocalAuthenticateUrl() {
     return "Noop URL";
   }
+
+  @Override
+  public String getEndpointUrl() {
+    return "Noop URL";
+  }
 }

wsmaster/che-core-api-auth/src/main/java/org/eclipse/che/security/oauth/EmbeddedOAuthAPI.java

@@ -60,7 +60,8 @@ public class EmbeddedOAuthAPI implements OAuthAPI {
   @Named("che.auth.access_denied_error_page")
   protected String errorPage;
 
-  @Inject protected OAuthAuthenticatorProvider providers;
+  @Inject protected OAuthAuthenticatorProvider oauth2Providers;
+  @Inject protected org.eclipse.che.security.oauth1.OAuthAuthenticatorProvider oauth1Providers;
   private String redirectAfterLogin;
 
   @Override
@@ -126,7 +127,10 @@ public Set<OAuthAuthenticatorDescriptor> getRegisteredAuthenticators(UriInfo uri
     Set<OAuthAuthenticatorDescriptor> result = new HashSet<>();
     final UriBuilder uriBuilder =
         uriInfo.getBaseUriBuilder().clone().path(OAuthAuthenticationService.class);
-    for (String name : providers.getRegisteredProviderNames()) {
+    Set<String> registeredProviderNames =
+        new HashSet<>(oauth2Providers.getRegisteredProviderNames());
+    registeredProviderNames.addAll(oauth1Providers.getRegisteredProviderNames());
+    for (String name : registeredProviderNames) {
       final List<Link> links = new LinkedList<>();
       links.add(
           LinksHelper.createLink(
@@ -147,11 +151,14 @@ public Set<OAuthAuthenticatorDescriptor> getRegisteredAuthenticators(UriInfo uri
                   .withName("mode")
                   .withRequired(true)
                   .withDefaultValue("federated_login")));
-      OAuthAuthenticator authenticator = providers.getAuthenticator(name);
+      OAuthAuthenticator authenticator = oauth2Providers.getAuthenticator(name);
       result.add(
           newDto(OAuthAuthenticatorDescriptor.class)
               .withName(name)
-              .withEndpointUrl(authenticator.getEndpointUrl())
+              .withEndpointUrl(
+                  authenticator != null
+                      ? authenticator.getEndpointUrl()
+                      : oauth1Providers.getAuthenticator(name).getEndpointUrl())
               .withLinks(links));
     }
     return result;
@@ -193,7 +200,7 @@ public void invalidateToken(String oauthProvider)
   }
 
   protected OAuthAuthenticator getAuthenticator(String oauthProviderName) throws NotFoundException {
-    OAuthAuthenticator oauth = providers.getAuthenticator(oauthProviderName);
+    OAuthAuthenticator oauth = oauth2Providers.getAuthenticator(oauthProviderName);
     if (oauth == null) {
       LOG.warn("Unsupported OAuth provider {} ", oauthProviderName);
       throw new NotFoundException("Unsupported OAuth provider " + oauthProviderName);

wsmaster/che-core-api-auth/src/main/java/org/eclipse/che/security/oauth1/OAuthAuthenticator.java

@@ -243,6 +243,13 @@ String callback(final URL requestUrl) throws OAuthAuthenticationException {
    */
   public abstract String getLocalAuthenticateUrl();
 
+  /**
+   * Get endpoint URL.
+   *
+   * @return provider's endpoint URL
+   */
+  public abstract String getEndpointUrl();
+
   /**
    * Compute the Authorization header to sign the OAuth 1 request.
    *

wsmaster/che-core-api-auth/src/main/java/org/eclipse/che/security/oauth1/OAuthAuthenticatorProvider.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012-2018 Red Hat, Inc.
+ * Copyright (c) 2012-2023 Red Hat, Inc.
  * This program and the accompanying materials are made
  * available under the terms of the Eclipse Public License 2.0
  * which is available at https://www.eclipse.org/legal/epl-2.0/
@@ -11,6 +11,8 @@
  */
 package org.eclipse.che.security.oauth1;
 
+import static java.util.stream.Collectors.toUnmodifiableSet;
+
 import java.util.HashMap;
 import java.util.Map;
 import java.util.Set;
@@ -44,4 +46,15 @@ public OAuthAuthenticatorProvider(final Set<OAuthAuthenticator> oAuthAuthenticat
   public OAuthAuthenticator getAuthenticator(String oauthProviderName) {
     return oAuthAuthenticators.get(oauthProviderName);
   }
+
+  /**
+   * Gets registered OAuth1 provider names
+   *
+   * @return set of registered OAuth1 provider names
+   */
+  public Set<String> getRegisteredProviderNames() {
+    return oAuthAuthenticators.keySet().stream()
+        .filter(key -> !"Noop".equals(key))
+        .collect(toUnmodifiableSet());
+  }
 }

wsmaster/che-core-api-auth/src/test/java/org/eclipse/che/security/oauth/EmbeddedOAuthAPITest.java

@@ -20,11 +20,14 @@
 import static org.testng.Assert.assertEquals;
 
 import jakarta.ws.rs.core.Response;
+import jakarta.ws.rs.core.UriBuilder;
 import jakarta.ws.rs.core.UriInfo;
 import java.lang.reflect.Field;
 import java.net.URI;
+import java.util.Set;
 import org.eclipse.che.api.auth.shared.dto.OAuthToken;
 import org.eclipse.che.api.core.NotFoundException;
+import org.eclipse.che.security.oauth.shared.dto.OAuthAuthenticatorDescriptor;
 import org.mockito.InjectMocks;
 import org.mockito.Mock;
 import org.mockito.testng.MockitoTestNGListener;
@@ -35,7 +38,8 @@
 @Listeners(value = MockitoTestNGListener.class)
 public class EmbeddedOAuthAPITest {
 
-  @Mock OAuthAuthenticatorProvider providers;
+  @Mock OAuthAuthenticatorProvider oauth2Providers;
+  @Mock org.eclipse.che.security.oauth1.OAuthAuthenticatorProvider oauth1Providers;
 
   @InjectMocks EmbeddedOAuthAPI embeddedOAuthAPI;
 
@@ -51,7 +55,7 @@ public void shouldBeAbleToGetUserToken() throws Exception {
     String provider = "myprovider";
     String token = "token123";
     OAuthAuthenticator authenticator = mock(OAuthAuthenticator.class);
-    when(providers.getAuthenticator(eq(provider))).thenReturn(authenticator);
+    when(oauth2Providers.getAuthenticator(eq(provider))).thenReturn(authenticator);
 
     when(authenticator.getToken(anyString())).thenReturn(newDto(OAuthToken.class).withToken(token));
 
@@ -60,6 +64,26 @@ public void shouldBeAbleToGetUserToken() throws Exception {
     assertEquals(result.getToken(), token);
   }
 
+  @Test
+  public void shouldGetRegisteredAuthenticators() throws Exception {
+    // given
+    UriInfo uriInfo = mock(UriInfo.class);
+    when(uriInfo.getBaseUriBuilder()).thenReturn(UriBuilder.fromUri("http://eclipse.che"));
+    when(oauth2Providers.getRegisteredProviderNames()).thenReturn(Set.of("github"));
+    when(oauth1Providers.getRegisteredProviderNames()).thenReturn(Set.of("bitbucket"));
+    org.eclipse.che.security.oauth1.OAuthAuthenticator authenticator =
+        mock(org.eclipse.che.security.oauth1.OAuthAuthenticator.class);
+    when(oauth2Providers.getAuthenticator("github")).thenReturn(mock(OAuthAuthenticator.class));
+    when(oauth1Providers.getAuthenticator("bitbucket")).thenReturn(authenticator);
+
+    // when
+    Set<OAuthAuthenticatorDescriptor> registeredAuthenticators =
+        embeddedOAuthAPI.getRegisteredAuthenticators(uriInfo);
+
+    // then
+    assertEquals(registeredAuthenticators.size(), 2);
+  }
+
   @Test
   public void shouldEncodeRejectErrorForRedirectUrl() throws Exception {
     // given

wsmaster/che-core-api-auth/src/test/java/org/eclipse/che/security/oauth1/OAuthAuthenticatorTest.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012-2021 Red Hat, Inc.
+ * Copyright (c) 2012-2023 Red Hat, Inc.
  * This program and the accompanying materials are made
  * available under the terms of the Eclipse Public License 2.0
  * which is available at https://www.eclipse.org/legal/epl-2.0/
@@ -62,6 +62,11 @@ public String getOAuthProvider() {
           public String getLocalAuthenticateUrl() {
             return null;
           }
+
+          @Override
+          public String getEndpointUrl() {
+            return null;
+          }
         };
   }