You are viewing a plain text version of this content. The canonical link for it is here.
Posted to server-dev@james.apache.org by bt...@apache.org on 2020/08/11 09:39:22 UTC
[james-project] 05/10: JAMES-3351 Basic authentication strategy
This is an automated email from the ASF dual-hosted git repository.
btellier pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/james-project.git
commit 091a5785eabeedad9bd3bbb77b26c98468326a30
Author: LanKhuat <dl...@linagora.com>
AuthorDate: Tue Jul 28 14:23:39 2020 +0700
JAMES-3351 Basic authentication strategy
---
.../james/jmap/http/BasicAuthenticationStrategy.scala | 17 ++++++-----------
.../james/jmap/http/UserCredentialParserTest.scala | 14 +++++++-------
2 files changed, 13 insertions(+), 18 deletions(-)
diff --git a/server/protocols/jmap-rfc-8621/src/main/scala/org/apache/james/jmap/http/BasicAuthenticationStrategy.scala b/server/protocols/jmap-rfc-8621/src/main/scala/org/apache/james/jmap/http/BasicAuthenticationStrategy.scala
index 0f2d2ca..16a3a86 100644
--- a/server/protocols/jmap-rfc-8621/src/main/scala/org/apache/james/jmap/http/BasicAuthenticationStrategy.scala
+++ b/server/protocols/jmap-rfc-8621/src/main/scala/org/apache/james/jmap/http/BasicAuthenticationStrategy.scala
@@ -26,18 +26,16 @@ import eu.timepit.refined.auto._
import eu.timepit.refined.refineV
import eu.timepit.refined.string.MatchesRegex
import javax.inject.Inject
-
import org.apache.james.core.Username
+import org.apache.james.jmap.exceptions.UnauthorizedException
import org.apache.james.jmap.http.UserCredential._
import org.apache.james.mailbox.{MailboxManager, MailboxSession}
import org.apache.james.user.api.UsersRepository
import org.slf4j.LoggerFactory
-
import reactor.core.publisher.Mono
-import reactor.core.scala.publisher.{SFlux, SMono}
+import reactor.core.scala.publisher.SMono
import reactor.netty.http.server.HttpServerRequest
-import scala.compat.java8.StreamConverters._
import scala.util.{Failure, Success, Try}
object UserCredential {
@@ -64,8 +62,7 @@ object UserCredential {
refinedValue match {
case Left(errorMessage: String) =>
- logger.info(s"Supplied basic authentication credentials do not match expected format. $errorMessage")
- None
+ throw new UnauthorizedException(s"Supplied basic authentication credentials do not match expected format. $errorMessage")
case Right(value) => toCredential(value)
}
}
@@ -78,11 +75,10 @@ object UserCredential {
Try(UserCredential(Username.of(usernameString), passwordString)) match {
case Success(credential) => Some(credential)
case Failure(throwable:IllegalArgumentException) =>
- logger.info("Username is not valid", throwable)
- None
+ throw new UnauthorizedException("Username is not valid", throwable)
case Failure(unexpectedException) =>
logger.error("Unexpected Exception", unexpectedException)
- None
+ throw unexpectedException
}
}
}
@@ -93,13 +89,12 @@ class BasicAuthenticationStrategy @Inject()(val usersRepository: UsersRepository
val mailboxManager: MailboxManager) extends AuthenticationStrategy {
override def createMailboxSession(httpRequest: HttpServerRequest): Mono[MailboxSession] = {
- SMono.defer(() => SFlux.fromIterable(authHeaders(httpRequest).toScala[Iterable])
+ SMono.fromCallable(() => authHeaders(httpRequest))
.map(parseUserCredentials)
.handle(publishNext)
.filter(isValid)
.map(_.username)
.map(mailboxManager.createSystemSession)
- .singleOrEmpty())
.asJava()
}
diff --git a/server/protocols/jmap-rfc-8621/src/test/scala/org/apache/james/jmap/http/UserCredentialParserTest.scala b/server/protocols/jmap-rfc-8621/src/test/scala/org/apache/james/jmap/http/UserCredentialParserTest.scala
index 8ac66c8..66f83c0 100644
--- a/server/protocols/jmap-rfc-8621/src/test/scala/org/apache/james/jmap/http/UserCredentialParserTest.scala
+++ b/server/protocols/jmap-rfc-8621/src/test/scala/org/apache/james/jmap/http/UserCredentialParserTest.scala
@@ -23,8 +23,10 @@ import java.nio.charset.StandardCharsets
import java.util.Base64
import org.apache.james.core.Username
+import org.apache.james.jmap.exceptions.UnauthorizedException
import org.assertj.core.api.Assertions.assertThat
-import org.junit.jupiter.api.Test
+import org.junit.jupiter.api.Assertions.assertThrows
+import org.junit.jupiter.api.Test;
class UserCredentialParserTest {
@Test
@@ -90,11 +92,10 @@ class UserCredentialParserTest {
}
@Test
- def shouldReturnNoneWhenWrongFormatCredential(): Unit = {
+ def shouldThrowWhenWrongFormatCredential(): Unit = {
val token: String = "Basic " + toBase64("user1@password")
- assertThat(UserCredential.parseUserCredentials(token))
- .isEqualTo(None)
+ assertThrows(classOf[UnauthorizedException], () => UserCredential.parseUserCredentials(token))
}
@Test
@@ -122,11 +123,10 @@ class UserCredentialParserTest {
}
@Test
- def shouldReturnEmptyWhenCredentialWithNoUsername(): Unit = {
+ def shouldThrowWhenCredentialWithNoUsername(): Unit = {
val token: String = "Basic " + toBase64(":pass")
- assertThat(UserCredential.parseUserCredentials(token))
- .isEqualTo(None)
+ assertThrows(classOf[UnauthorizedException], () => UserCredential.parseUserCredentials(token))
}
private def toBase64(stringValue: String): String = {
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org