feat: Allow to configure 2 gitlab providers simultaneously (#731)

assembly/assembly-wsmaster-war/src/main/java/org/eclipse/che/api/deploy/WsMasterModule.java

@@ -49,7 +49,9 @@
 import org.eclipse.che.api.factory.server.github.GithubScmFileResolver;
 import org.eclipse.che.api.factory.server.github.GithubScmFileResolverSecond;
 import org.eclipse.che.api.factory.server.gitlab.GitlabFactoryParametersResolver;
+import org.eclipse.che.api.factory.server.gitlab.GitlabFactoryParametersResolverSecond;
 import org.eclipse.che.api.factory.server.gitlab.GitlabScmFileResolver;
+import org.eclipse.che.api.factory.server.gitlab.GitlabScmFileResolverSecond;
 import org.eclipse.che.api.system.server.ServiceTermination;
 import org.eclipse.che.api.system.server.SystemModule;
 import org.eclipse.che.api.user.server.NotImplementedTokenValidator;
@@ -157,6 +159,9 @@ protected void configure() {
         .addBinding()
         .to(BitbucketServerAuthorizingFactoryParametersResolver.class);
     factoryParametersResolverMultibinder.addBinding().to(GitlabFactoryParametersResolver.class);
+    factoryParametersResolverMultibinder
+        .addBinding()
+        .to(GitlabFactoryParametersResolverSecond.class);
     factoryParametersResolverMultibinder.addBinding().to(BitbucketFactoryParametersResolver.class);
     factoryParametersResolverMultibinder
         .addBinding()
@@ -172,6 +177,7 @@ protected void configure() {
     scmFileResolverResolverMultibinder.addBinding().to(GithubScmFileResolverSecond.class);
     scmFileResolverResolverMultibinder.addBinding().to(BitbucketScmFileResolver.class);
     scmFileResolverResolverMultibinder.addBinding().to(GitlabScmFileResolver.class);
+    scmFileResolverResolverMultibinder.addBinding().to(GitlabScmFileResolverSecond.class);
     scmFileResolverResolverMultibinder.addBinding().to(BitbucketServerScmFileResolver.class);
     scmFileResolverResolverMultibinder.addBinding().to(AzureDevOpsScmFileResolver.class);
     scmFileResolverResolverMultibinder.addBinding().to(GitSshScmFileResolver.class);

assembly/assembly-wsmaster-war/src/main/webapp/WEB-INF/classes/che/che.properties

@@ -647,19 +647,27 @@ che.workspace.devfile.async.storage.plugin=eclipse/che-async-pv-plugin/latest
 che.integration.bitbucket.server_endpoints=NULL
 
 # GitLab endpoints used for factory integrations.
-# A comma separated list of GitLab server URLs or `NULL` if no integration is expected.
-che.integration.gitlab.server_endpoints=NULL
 
 # The address of the GitLab server with configured OAuth 2 integration.
 che.integration.gitlab.oauth_endpoint=NULL
 
+# The address of the GitLab server with configured OAuth 2 integration. (The second GitLab instance).
+che.integration.gitlab.oauth_endpoint_2=NULL
+
 # Configuration of GitLab OAuth2 client. Used to obtain personal access tokens.
 # Location of the file with GitLab client ID.
 che.oauth2.gitlab.clientid_filepath=NULL
 
+# Configuration of GitLab OAuth2 client. Used to obtain personal access tokens.
+# Location of the file with GitLab client ID. (The second GitLab instance).
+che.oauth2.gitlab.clientid_filepath_2=NULL
+
 # Location of the file with GitLab client secret.
 che.oauth2.gitlab.clientsecret_filepath=NULL
 
+# Location of the file with GitLab client secret. (The second GitLab instance).
+che.oauth2.gitlab.clientsecret_filepath_2=NULL
+
 ### Advanced authorization
 # Comma separated list of users allowed to access Che.
 che.infra.kubernetes.advanced_authorization.allow_users=NULL

pom.xml

@@ -706,6 +706,11 @@
                 <artifactId>che-core-api-auth-gitlab</artifactId>
                 <version>${che.version}</version>
             </dependency>
+            <dependency>
+                <groupId>org.eclipse.che.core</groupId>
+                <artifactId>che-core-api-auth-gitlab-common</artifactId>
+                <version>${che.version}</version>
+            </dependency>
             <dependency>
                 <groupId>org.eclipse.che.core</groupId>
                 <artifactId>che-core-api-auth-openshift</artifactId>
@@ -793,6 +798,11 @@
                 <artifactId>che-core-api-factory-gitlab</artifactId>
                 <version>${che.version}</version>
             </dependency>
+            <dependency>
+                <groupId>org.eclipse.che.core</groupId>
+                <artifactId>che-core-api-factory-gitlab-common</artifactId>
+                <version>${che.version}</version>
+            </dependency>
             <dependency>
                 <groupId>org.eclipse.che.core</groupId>
                 <artifactId>che-core-api-factory-shared</artifactId>

wsmaster/che-core-api-auth-gitlab-common/pom.xml

@@ -0,0 +1,69 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+
+    Copyright (c) 2012-2024 Red Hat, Inc.
+    This program and the accompanying materials are made
+    available under the terms of the Eclipse Public License 2.0
+    which is available at https://www.eclipse.org/legal/epl-2.0/
+
+    SPDX-License-Identifier: EPL-2.0
+
+    Contributors:
+      Red Hat, Inc. - initial API and implementation
+
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <parent>
+        <artifactId>che-master-parent</artifactId>
+        <groupId>org.eclipse.che.core</groupId>
+        <version>7.94.0-SNAPSHOT</version>
+    </parent>
+    <artifactId>che-core-api-auth-gitlab-common</artifactId>
+    <packaging>jar</packaging>
+    <name>Che Core :: API :: Authentication GitLab Common</name>
+    <dependencies>
+        <dependency>
+            <groupId>com.google.guava</groupId>
+            <artifactId>guava</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>com.google.http-client</groupId>
+            <artifactId>google-http-client</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>jakarta.inject</groupId>
+            <artifactId>jakarta.inject-api</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.eclipse.che.core</groupId>
+            <artifactId>che-core-api-auth</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.eclipse.che.core</groupId>
+            <artifactId>che-core-api-auth-shared</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.eclipse.che.core</groupId>
+            <artifactId>che-core-commons-json</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.eclipse.che.core</groupId>
+            <artifactId>che-core-commons-lang</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-api</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.testng</groupId>
+            <artifactId>testng</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.wiremock</groupId>
+            <artifactId>wiremock-standalone</artifactId>
+            <scope>test</scope>
+        </dependency>
+    </dependencies>
+</project>

wsmaster/che-core-api-auth-gitlab-common/src/main/java/org/eclipse/che/security/oauth/AbstractGitLabOAuthAuthenticatorProvider.java

@@ -0,0 +1,80 @@
+/*
+ * Copyright (c) 2012-2024 Red Hat, Inc.
+ * This program and the accompanying materials are made
+ * available under the terms of the Eclipse Public License 2.0
+ * which is available at https://www.eclipse.org/legal/epl-2.0/
+ *
+ * SPDX-License-Identifier: EPL-2.0
+ *
+ * Contributors:
+ *   Red Hat, Inc. - initial API and implementation
+ */
+package org.eclipse.che.security.oauth;
+
+import static com.google.common.base.Strings.isNullOrEmpty;
+
+import java.io.IOException;
+import java.nio.file.Files;
+import java.nio.file.Path;
+import javax.inject.Provider;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * Provides implementation of GitLab {@link OAuthAuthenticator} based on available configuration.
+ *
+ * @author Pavol Baran
+ */
+public class AbstractGitLabOAuthAuthenticatorProvider implements Provider<OAuthAuthenticator> {
+  private static final Logger LOG =
+      LoggerFactory.getLogger(AbstractGitLabOAuthAuthenticatorProvider.class);
+  private final OAuthAuthenticator authenticator;
+  private final String providerName;
+
+  public AbstractGitLabOAuthAuthenticatorProvider(
+      String clientIdPath,
+      String clientSecretPath,
+      String gitlabEndpoint,
+      String cheApiEndpoint,
+      String providerName)
+      throws IOException {
+    this.providerName = providerName;
+    authenticator =
+        getOAuthAuthenticator(clientIdPath, clientSecretPath, gitlabEndpoint, cheApiEndpoint);
+    LOG.debug("{} GitLab OAuth Authenticator is used.", authenticator);
+  }
+
+  @Override
+  public OAuthAuthenticator get() {
+    return authenticator;
+  }
+
+  private OAuthAuthenticator getOAuthAuthenticator(
+      String clientIdPath, String clientSecretPath, String gitlabEndpoint, String cheApiEndpoint)
+      throws IOException {
+    if (!isNullOrEmpty(clientIdPath)
+        && !isNullOrEmpty(clientSecretPath)
+        && !isNullOrEmpty(gitlabEndpoint)) {
+      String clientId = Files.readString(Path.of(clientIdPath));
+      String clientSecret = Files.readString(Path.of(clientSecretPath));
+      if (!isNullOrEmpty(clientId) && !isNullOrEmpty(clientSecret)) {
+        return new GitLabOAuthAuthenticator(
+            clientId, clientSecret, gitlabEndpoint, cheApiEndpoint, providerName);
+      }
+    }
+    return new NoopOAuthAuthenticator();
+  }
+
+  static class NoopOAuthAuthenticator extends OAuthAuthenticator {
+
+    @Override
+    public String getOAuthProvider() {
+      return "Noop";
+    }
+
+    @Override
+    public String getEndpointUrl() {
+      return "Noop";
+    }
+  }
+}

wsmaster/che-core-api-auth-gitlab/src/main/java/org/eclipse/che/security/oauth/GitLabOAuthAuthenticator.java → wsmaster/che-core-api-auth-gitlab-common/src/main/java/org/eclipse/che/security/oauth/GitLabOAuthAuthenticator.java

@@ -40,13 +40,19 @@ public class GitLabOAuthAuthenticator extends OAuthAuthenticator {
   private final String clientId;
   private final String clientSecret;
   private final String gitlabEndpoint;
+  private final String providerName;
 
   public GitLabOAuthAuthenticator(
-      String clientId, String clientSecret, String gitlabEndpoint, String cheApiEndpoint)
+      String clientId,
+      String clientSecret,
+      String gitlabEndpoint,
+      String cheApiEndpoint,
+      String providerName)
       throws IOException {
     this.clientId = clientId;
     this.clientSecret = clientSecret;
     this.gitlabEndpoint = trimEnd(gitlabEndpoint, '/');
+    this.providerName = providerName;
     String trimmedGitlabEndpoint = trimEnd(gitlabEndpoint, '/');
     this.gitlabUserEndpoint = trimmedGitlabEndpoint + "/api/v4/user";
     this.cheApiEndpoint = cheApiEndpoint;
@@ -61,7 +67,7 @@ public GitLabOAuthAuthenticator(
 
   @Override
   public String getOAuthProvider() {
-    return "gitlab";
+    return providerName;
   }
 
   @Override

wsmaster/che-core-api-auth-gitlab/src/main/java/org/eclipse/che/security/oauth/GitLabUser.java → wsmaster/che-core-api-auth-gitlab-common/src/main/java/org/eclipse/che/security/oauth/GitLabUser.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012-2023 Red Hat, Inc.
+ * Copyright (c) 2012-2024 Red Hat, Inc.
  * This program and the accompanying materials are made
  * available under the terms of the Eclipse Public License 2.0
  * which is available at https://www.eclipse.org/legal/epl-2.0/

wsmaster/che-core-api-auth-gitlab/pom.xml

@@ -49,23 +49,15 @@
         </dependency>
         <dependency>
             <groupId>org.eclipse.che.core</groupId>
-            <artifactId>che-core-api-auth-shared</artifactId>
-        </dependency>
-        <dependency>
-            <groupId>org.eclipse.che.core</groupId>
-            <artifactId>che-core-commons-annotations</artifactId>
+            <artifactId>che-core-api-auth-gitlab-common</artifactId>
         </dependency>
         <dependency>
             <groupId>org.eclipse.che.core</groupId>
-            <artifactId>che-core-commons-json</artifactId>
+            <artifactId>che-core-api-auth-shared</artifactId>
         </dependency>
         <dependency>
             <groupId>org.eclipse.che.core</groupId>
-            <artifactId>che-core-commons-lang</artifactId>
-        </dependency>
-        <dependency>
-            <groupId>org.slf4j</groupId>
-            <artifactId>slf4j-api</artifactId>
+            <artifactId>che-core-commons-annotations</artifactId>
         </dependency>
         <dependency>
             <groupId>org.testng</groupId>

wsmaster/che-core-api-auth-gitlab/src/main/java/org/eclipse/che/security/oauth/GitLabModule.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012-2023 Red Hat, Inc.
+ * Copyright (c) 2012-2024 Red Hat, Inc.
  * This program and the accompanying materials are made
  * available under the terms of the Eclipse Public License 2.0
  * which is available at https://www.eclipse.org/legal/epl-2.0/
@@ -25,5 +25,6 @@ protected void configure() {
     Multibinder<OAuthAuthenticator> oAuthAuthenticators =
         Multibinder.newSetBinder(binder(), OAuthAuthenticator.class);
     oAuthAuthenticators.addBinding().toProvider(GitLabOAuthAuthenticatorProvider.class);
+    oAuthAuthenticators.addBinding().toProvider(GitLabOAuthAuthenticatorProviderSecond.class);
   }
 }

wsmaster/che-core-api-auth-gitlab/src/main/java/org/eclipse/che/security/oauth/GitLabOAuthAuthenticatorProvider.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012-2023 Red Hat, Inc.
+ * Copyright (c) 2012-2024 Red Hat, Inc.
  * This program and the accompanying materials are made
  * available under the terms of the Eclipse Public License 2.0
  * which is available at https://www.eclipse.org/legal/epl-2.0/
@@ -11,28 +11,20 @@
  */
 package org.eclipse.che.security.oauth;
 
-import static com.google.common.base.Strings.isNullOrEmpty;
-
 import java.io.IOException;
-import java.nio.file.Files;
-import java.nio.file.Path;
 import javax.inject.Inject;
 import javax.inject.Named;
-import javax.inject.Provider;
 import javax.inject.Singleton;
 import org.eclipse.che.commons.annotation.Nullable;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
 
 /**
  * Provides implementation of GitLab {@link OAuthAuthenticator} based on available configuration.
  *
  * @author Pavol Baran
  */
 @Singleton
-public class GitLabOAuthAuthenticatorProvider implements Provider<OAuthAuthenticator> {
-  private static final Logger LOG = LoggerFactory.getLogger(GitLabOAuthAuthenticatorProvider.class);
-  private final OAuthAuthenticator authenticator;
+public class GitLabOAuthAuthenticatorProvider extends AbstractGitLabOAuthAuthenticatorProvider {
+  private static final String PROVIDER_NAME = "gitlab";
 
   @Inject
   public GitLabOAuthAuthenticatorProvider(
@@ -41,41 +33,6 @@ public GitLabOAuthAuthenticatorProvider(
       @Nullable @Named("che.integration.gitlab.oauth_endpoint") String gitlabEndpoint,
       @Named("che.api") String cheApiEndpoint)
       throws IOException {
-    authenticator =
-        getOAuthAuthenticator(clientIdPath, clientSecretPath, gitlabEndpoint, cheApiEndpoint);
-    LOG.debug("{} GitLab OAuth Authenticator is used.", authenticator);
-  }
-
-  @Override
-  public OAuthAuthenticator get() {
-    return authenticator;
-  }
-
-  private OAuthAuthenticator getOAuthAuthenticator(
-      String clientIdPath, String clientSecretPath, String gitlabEndpoint, String cheApiEndpoint)
-      throws IOException {
-    if (!isNullOrEmpty(clientIdPath)
-        && !isNullOrEmpty(clientSecretPath)
-        && !isNullOrEmpty(gitlabEndpoint)) {
-      String clientId = Files.readString(Path.of(clientIdPath));
-      String clientSecret = Files.readString(Path.of(clientSecretPath));
-      if (!isNullOrEmpty(clientId) && !isNullOrEmpty(clientSecret)) {
-        return new GitLabOAuthAuthenticator(clientId, clientSecret, gitlabEndpoint, cheApiEndpoint);
-      }
-    }
-    return new NoopOAuthAuthenticator();
-  }
-
-  static class NoopOAuthAuthenticator extends OAuthAuthenticator {
-
-    @Override
-    public String getOAuthProvider() {
-      return "Noop";
-    }
-
-    @Override
-    public String getEndpointUrl() {
-      return "Noop";
-    }
+    super(clientIdPath, clientSecretPath, gitlabEndpoint, cheApiEndpoint, PROVIDER_NAME);
   }
 }