Skip to content

Commit

Permalink
Update OAuth2 scribe dependency to the new scribejava (#900)
Browse files Browse the repository at this point in the history
  • Loading branch information
nfalco79 authored Nov 5, 2024
1 parent cb6984f commit edf430c
Show file tree
Hide file tree
Showing 7 changed files with 47 additions and 96 deletions.
12 changes: 3 additions & 9 deletions pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -145,15 +145,9 @@
<artifactId>plain-credentials</artifactId>
</dependency>
<dependency>
<groupId>org.scribe</groupId>
<artifactId>scribe</artifactId>
<version>1.3.3</version>
<exclusions>
<exclusion>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
</exclusion>
</exclusions>
<groupId>com.github.scribejava</groupId>
<artifactId>scribejava-httpclient-apache</artifactId>
<version>8.3.3</version>
</dependency>
</dependencies>

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ public BitbucketAccessTokenAuthenticator convert(@NonNull StringCredentials cred
* @return whether this can authenticate given the context
*/
@Override
public boolean isFit(AuthenticationTokenContext ctx) {
protected boolean isFit(AuthenticationTokenContext<? super BitbucketAccessTokenAuthenticator> ctx) {
return ctx.mustHave(BitbucketAuthenticator.SCHEME, "https")
&& (ctx.mustHave(BitbucketAuthenticator.BITBUCKET_INSTANCE_TYPE, BitbucketAuthenticator.BITBUCKET_INSTANCE_TYPE_SERVER)
|| ctx.mustHave(BitbucketAuthenticator.BITBUCKET_INSTANCE_TYPE, BitbucketAuthenticator.BITBUCKET_INSTANCE_TYPE_CLOUD));
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ public BitbucketClientCertificateAuthenticator convert(@NonNull StandardCertific
* @return whether this can authenticate given the context
*/
@Override
public boolean isFit(AuthenticationTokenContext ctx) {
protected boolean isFit(AuthenticationTokenContext<? super BitbucketClientCertificateAuthenticator> ctx) {
return ctx.mustHave(BitbucketAuthenticator.SCHEME, "https")
&& ctx.mustHave(BitbucketAuthenticator.BITBUCKET_INSTANCE_TYPE, BitbucketAuthenticator.BITBUCKET_INSTANCE_TYPE_SERVER);
}
Expand Down
Original file line number Diff line number Diff line change
@@ -1,37 +1,29 @@
package com.cloudbees.jenkins.plugins.bitbucket.api.credentials;

import org.scribe.builder.api.DefaultApi20;
import org.scribe.extractors.AccessTokenExtractor;
import org.scribe.extractors.JsonTokenExtractor;
import org.scribe.model.OAuthConfig;
import org.scribe.model.Verb;
import org.scribe.oauth.OAuthService;
import com.github.scribejava.core.builder.api.DefaultApi20;

public class BitbucketOAuth extends DefaultApi20 {
public static final String OAUTH_ENDPOINT = "https://bitbucket.org/site/oauth2/";
private static final String OAUTH_ENDPOINT = "https://bitbucket.org/site/oauth2/";

@Override
public String getAccessTokenEndpoint() {
return OAUTH_ENDPOINT + "access_token";
protected BitbucketOAuth() {
}

@Override
public String getAuthorizationUrl(OAuthConfig config) {
return OAUTH_ENDPOINT + "authorize";
private static class InstanceHolder {
private static final BitbucketOAuth INSTANCE = new BitbucketOAuth();
}

@Override
public Verb getAccessTokenVerb() {
return Verb.POST;
public static BitbucketOAuth instance() {
return InstanceHolder.INSTANCE;

Check warning on line 16 in src/main/java/com/cloudbees/jenkins/plugins/bitbucket/api/credentials/BitbucketOAuth.java

View check run for this annotation

ci.jenkins.io / Code Coverage

Not covered lines

Lines 8-16 are not covered by tests
}

@Override
public AccessTokenExtractor getAccessTokenExtractor() {
return new JsonTokenExtractor();
public String getAccessTokenEndpoint() {
return OAUTH_ENDPOINT + "access_token";
}

@Override
public OAuthService createService(OAuthConfig config) {
return new BitbucketOAuthService(this, config);
protected String getAuthorizationBaseUrl() {
return OAUTH_ENDPOINT + "authorize";
}

}
Original file line number Diff line number Diff line change
Expand Up @@ -5,45 +5,60 @@
import com.cloudbees.plugins.credentials.common.StandardUsernameCredentials;
import com.cloudbees.plugins.credentials.common.StandardUsernamePasswordCredentials;
import com.cloudbees.plugins.credentials.impl.UsernamePasswordCredentialsImpl;
import com.github.scribejava.core.builder.ServiceBuilder;
import com.github.scribejava.core.httpclient.HttpClient;
import com.github.scribejava.core.model.OAuth2AccessToken;
import com.github.scribejava.core.model.OAuthConstants;
import com.github.scribejava.core.oauth.OAuth20Service;
import com.github.scribejava.httpclient.apache.ApacheHttpClientConfig;
import com.github.scribejava.httpclient.apache.ApacheProvider;
import hudson.model.Descriptor.FormException;
import java.io.IOException;
import java.util.concurrent.ExecutionException;
import jenkins.authentication.tokens.api.AuthenticationTokenException;
import org.apache.commons.lang.StringUtils;
import org.apache.http.HttpRequest;
import org.scribe.model.OAuthConfig;
import org.scribe.model.OAuthConstants;
import org.scribe.model.Token;

public class BitbucketOAuthAuthenticator extends BitbucketAuthenticator {

private Token token;
private OAuth2AccessToken token;

/**
* Constructor.
*
* @param credentials the key/pass that will be used
* @throws AuthenticationTokenException
*/
public BitbucketOAuthAuthenticator(StandardUsernamePasswordCredentials credentials) {
public BitbucketOAuthAuthenticator(StandardUsernamePasswordCredentials credentials) throws AuthenticationTokenException {
super(credentials);

OAuthConfig config = new OAuthConfig(credentials.getUsername(), credentials.getPassword().getPlainText());
HttpClient httpClient = new ApacheProvider().createClient(ApacheHttpClientConfig.defaultConfig());
OAuth20Service service = new ServiceBuilder(credentials.getUsername())
.apiSecret(credentials.getPassword().getPlainText())
.httpClient(httpClient)
// .httpClientConfig(ApacheHttpClientConfig.defaultConfig()) the ServiceLoader does not work well with Jenkins plugin classloader
.build(BitbucketOAuth.instance());

BitbucketOAuthService OAuthService = (BitbucketOAuthService) new BitbucketOAuth().createService(config);

token = OAuthService.getAccessToken(OAuthConstants.EMPTY_TOKEN, null);
try {
token = service.getAccessTokenClientCredentialsGrant();
} catch (IOException | InterruptedException | ExecutionException e) {
throw new AuthenticationTokenException(e);
}
}

/**
* Set up request with token in header
*/
@Override
public void configureRequest(HttpRequest request) {
request.addHeader(OAuthConstants.HEADER, "Bearer " + this.token.getToken());
request.addHeader(OAuthConstants.HEADER, "Bearer " + this.token.getAccessToken());
}

@Override
public StandardUsernameCredentials getCredentialsForSCM() {
try {
return new UsernamePasswordCredentialsImpl(
CredentialsScope.GLOBAL, getId(), null, StringUtils.EMPTY, token.getToken());
CredentialsScope.GLOBAL, getId(), null, StringUtils.EMPTY, token.getAccessToken());

Check warning on line 61 in src/main/java/com/cloudbees/jenkins/plugins/bitbucket/api/credentials/BitbucketOAuthAuthenticator.java

View check run for this annotation

ci.jenkins.io / Code Coverage

Not covered lines

Lines 35-61 are not covered by tests
} catch (FormException e) {
throw new RuntimeException(e);
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@
import edu.umd.cs.findbugs.annotations.NonNull;
import hudson.Extension;
import jenkins.authentication.tokens.api.AuthenticationTokenContext;
import jenkins.authentication.tokens.api.AuthenticationTokenException;
import jenkins.authentication.tokens.api.AuthenticationTokenSource;


Expand All @@ -27,11 +28,12 @@ public BitbucketOAuthAuthenticatorSource() {
*
* @param standardUsernamePasswordCredentials the username/password combo
* @return an authenticator that will use them.
* @throws AuthenticationTokenException if the specific credentials could not be converted.
*/
@NonNull
@Override
public BitbucketOAuthAuthenticator convert(
@NonNull StandardUsernamePasswordCredentials standardUsernamePasswordCredentials) {
@NonNull StandardUsernamePasswordCredentials standardUsernamePasswordCredentials) throws AuthenticationTokenException {
return new BitbucketOAuthAuthenticator(standardUsernamePasswordCredentials);
}

Expand All @@ -43,7 +45,7 @@ public BitbucketOAuthAuthenticator convert(
* @return whether this can authenticate given the context
*/
@Override
public boolean isFit(AuthenticationTokenContext ctx) {
protected boolean isFit(AuthenticationTokenContext<? super BitbucketOAuthAuthenticator> ctx) {
return ctx.mustHave(BitbucketAuthenticator.SCHEME, "https") && ctx.mustHave(
BitbucketAuthenticator.BITBUCKET_INSTANCE_TYPE, BitbucketAuthenticator.BITBUCKET_INSTANCE_TYPE_CLOUD);
}
Expand Down

This file was deleted.

0 comments on commit edf430c

Please sign in to comment.