You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@james.apache.org by bt...@apache.org on 2023/01/16 03:17:07 UTC
[james-project] 01/03: [REFACTORING] Improve SessionProvider method cardinality
This is an automated email from the ASF dual-hosted git repository.
btellier pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/james-project.git
commit c6b7c60710857a328d2e43b7c5f2a3897a2868c9
Author: Benoit Tellier <bt...@linagora.com>
AuthorDate: Thu Jan 12 09:19:34 2023 +0700
[REFACTORING] Improve SessionProvider method cardinality
---
.../org/apache/james/mailbox/SessionProvider.java | 45 +++-----------
.../mailbox/manager/ManagerTestProvisionner.java | 2 +-
.../james/mailbox/store/SessionProviderImpl.java | 72 ++++++++++++----------
.../james/mailbox/store/StoreMailboxManager.java | 18 ++----
.../mailbox/store/StoreMailboxManagerTest.java | 20 +++---
.../imap/processor/AbstractAuthProcessor.java | 5 +-
.../james/jmap/AllowAuthenticationStrategy.java | 2 +-
.../http/AccessTokenAuthenticationStrategy.java | 3 +-
...ParameterAccessTokenAuthenticationStrategy.java | 3 +-
.../james/jmap/draft/model/MailboxFactoryTest.java | 4 +-
.../AccessTokenAuthenticationStrategyTest.java | 17 ++++-
.../jmap/http/JWTAuthenticationStrategyTest.java | 17 ++++-
.../jmap/http/XUserAuthenticationStrategyTest.java | 18 +++++-
.../strategy/AllowAuthenticationStrategy.scala | 2 +-
.../jmap/http/BasicAuthenticationStrategy.scala | 2 +-
.../james/jmap/http/JWTAuthenticationStrategy.java | 3 +-
.../jmap/http/XUserAuthenticationStrategy.java | 2 +-
.../james/pop3server/core/PassCmdHandler.java | 2 +-
.../apache/james/pop3server/POP3ServerTest.java | 18 +++---
19 files changed, 134 insertions(+), 121 deletions(-)
diff --git a/mailbox/api/src/main/java/org/apache/james/mailbox/SessionProvider.java b/mailbox/api/src/main/java/org/apache/james/mailbox/SessionProvider.java
index 1e0b224c41..0b8e21dfd1 100644
--- a/mailbox/api/src/main/java/org/apache/james/mailbox/SessionProvider.java
+++ b/mailbox/api/src/main/java/org/apache/james/mailbox/SessionProvider.java
@@ -23,8 +23,10 @@ import org.apache.james.core.Username;
import org.apache.james.mailbox.exception.MailboxException;
public interface SessionProvider {
- interface DelegationLogin {
+ interface AuthorizationStep {
MailboxSession as(Username other) throws MailboxException;
+
+ MailboxSession withoutDelegation() throws MailboxException;
}
/**
@@ -38,7 +40,7 @@ public interface SessionProvider {
* Creates a new system session.<br>
* A system session is intended to be used for programmatic access.<br>
*
- * Use {@link #login(Username, String)} when accessing this API from a
+ * Use {@link #authenticate(Username)} when accessing this API from a
* protocol.
*
* @param userName
@@ -47,28 +49,6 @@ public interface SessionProvider {
*/
MailboxSession createSystemSession(Username userName);
- /**
- * Creates a session for the given user.
- *
- * Use {@link #createSystemSession(Username)} for interactions not done by the user himself.
- */
- MailboxSession login(Username userName);
-
- /**
- * Autenticates the given user against the given password.<br>
- * When authenticated and authorized, a session will be supplied
- *
- * @param userid
- * user name
- * @param passwd
- * password supplied
- * @return a <code>MailboxSession</code> when the user is authenticated and
- * authorized to access
- * @throws MailboxException
- * when the creation fails for other reasons
- */
- MailboxSession login(Username userid, String passwd) throws MailboxException;
-
/**
* Authenticates the given user against the given password,
* then switch to another user.<br>
@@ -78,37 +58,26 @@ public interface SessionProvider {
* username of the given user, matching the credentials
* @param passwd
* password supplied for the given user
- * @param otherUserId
- * username of the real user
* @return a <code>MailboxSession</code> for the real user
* when the given user is authenticated and authorized to access
* @throws MailboxException
* when the creation fails for other reasons
*/
- MailboxSession loginAsOtherUser(Username givenUserid, String passwd, Username otherUserId) throws MailboxException;
- default DelegationLogin authenticate(Username givenUserid, String passwd) {
- return otherUserId -> loginAsOtherUser(givenUserid, passwd, otherUserId);
- }
+ AuthorizationStep authenticate(Username givenUserid, String passwd);
/**
* Checking given user can log in as another user
* When delegated and authorized, a session for the other user will be supplied
*
* @param givenUserid
- * username of the given user, matching the credentials
- * @param otherUserId
- * username of the real user
+ * username of the given user
* @return a <code>MailboxSession</code> for the real user
* when the given user is authenticated and authorized to access
* @throws MailboxException
* when the creation fails for other reasons
*/
- MailboxSession loginAsOtherUser(Username givenUserid, Username otherUserId) throws MailboxException;
-
- default DelegationLogin authenticate(Username givenUserid) {
- return otherUserId -> loginAsOtherUser(givenUserid, otherUserId);
- }
+ AuthorizationStep authenticate(Username givenUserid);
/**
* <p>
diff --git a/mailbox/api/src/test/java/org/apache/james/mailbox/manager/ManagerTestProvisionner.java b/mailbox/api/src/test/java/org/apache/james/mailbox/manager/ManagerTestProvisionner.java
index 45079dcb31..bfa081e581 100644
--- a/mailbox/api/src/test/java/org/apache/james/mailbox/manager/ManagerTestProvisionner.java
+++ b/mailbox/api/src/test/java/org/apache/james/mailbox/manager/ManagerTestProvisionner.java
@@ -58,7 +58,7 @@ public class ManagerTestProvisionner {
public ManagerTestProvisionner(IntegrationResources<?> integrationResources) throws Exception {
this.integrationResources = integrationResources;
- session = integrationResources.getMailboxManager().login(USER, USER_PASS);
+ session = integrationResources.getMailboxManager().authenticate(USER, USER_PASS).withoutDelegation();
subFolder = new MailboxPath(INBOX, "INBOX.SUB");
MaxQuotaManager maxQuotaManager = integrationResources.getMaxQuotaManager();
diff --git a/mailbox/store/src/main/java/org/apache/james/mailbox/store/SessionProviderImpl.java b/mailbox/store/src/main/java/org/apache/james/mailbox/store/SessionProviderImpl.java
index 01f637a025..88cbc28b8e 100644
--- a/mailbox/store/src/main/java/org/apache/james/mailbox/store/SessionProviderImpl.java
+++ b/mailbox/store/src/main/java/org/apache/james/mailbox/store/SessionProviderImpl.java
@@ -59,40 +59,50 @@ public class SessionProviderImpl implements SessionProvider {
}
@Override
- public MailboxSession login(Username userName) {
- return createSession(userName, Optional.of(userName), MailboxSession.SessionType.System);
+ public AuthorizationStep authenticate(Username thisUserId, String passwd) {
+ return new AuthorizationStep() {
+ @Override
+ public MailboxSession as(Username otherUserId) throws MailboxException {
+ if (!isValidLogin(thisUserId, passwd)) {
+ throw new BadCredentialsException();
+ }
+ return authenticate(thisUserId).as(otherUserId);
+ }
+
+ @Override
+ public MailboxSession withoutDelegation() throws MailboxException {
+ if (isValidLogin(thisUserId, passwd)) {
+ return createSession(thisUserId, Optional.ofNullable(thisUserId), MailboxSession.SessionType.User);
+ } else {
+ throw new BadCredentialsException();
+ }
+ }
+ };
}
@Override
- public MailboxSession login(Username userid, String passwd) throws MailboxException {
- if (isValidLogin(userid, passwd)) {
- return createSession(userid, Optional.ofNullable(userid), MailboxSession.SessionType.User);
- } else {
- throw new BadCredentialsException();
- }
- }
-
- @Override
- public MailboxSession loginAsOtherUser(Username thisUserId, String passwd, Username otherUserId) throws MailboxException {
- if (!isValidLogin(thisUserId, passwd)) {
- throw new BadCredentialsException();
- }
- return loginAsOtherUser(thisUserId, otherUserId);
- }
-
- @Override
- public MailboxSession loginAsOtherUser(Username givenUserid, Username otherUserId) throws MailboxException {
- Authorizator.AuthorizationState authorizationState = authorizator.user(givenUserid).canLoginAs(otherUserId);
- switch (authorizationState) {
- case ALLOWED:
- return createSession(otherUserId, Optional.of(givenUserid), MailboxSession.SessionType.System);
- case FORBIDDEN:
- throw new ForbiddenDelegationException(givenUserid, otherUserId);
- case UNKNOWN_USER:
- throw new UserDoesNotExistException(otherUserId);
- default:
- throw new RuntimeException("Unknown AuthorizationState " + authorizationState);
- }
+ public AuthorizationStep authenticate(Username givenUserid) {
+ return new AuthorizationStep() {
+ @Override
+ public MailboxSession as(Username otherUserId) throws MailboxException {
+ Authorizator.AuthorizationState authorizationState = authorizator.user(givenUserid).canLoginAs(otherUserId);
+ switch (authorizationState) {
+ case ALLOWED:
+ return createSession(otherUserId, Optional.of(givenUserid), MailboxSession.SessionType.System);
+ case FORBIDDEN:
+ throw new ForbiddenDelegationException(givenUserid, otherUserId);
+ case UNKNOWN_USER:
+ throw new UserDoesNotExistException(otherUserId);
+ default:
+ throw new RuntimeException("Unknown AuthorizationState " + authorizationState);
+ }
+ }
+
+ @Override
+ public MailboxSession withoutDelegation() {
+ return createSession(givenUserid, Optional.of(givenUserid), MailboxSession.SessionType.System);
+ }
+ };
}
@Override
diff --git a/mailbox/store/src/main/java/org/apache/james/mailbox/store/StoreMailboxManager.java b/mailbox/store/src/main/java/org/apache/james/mailbox/store/StoreMailboxManager.java
index 80aa7f98d2..78c053f1cd 100644
--- a/mailbox/store/src/main/java/org/apache/james/mailbox/store/StoreMailboxManager.java
+++ b/mailbox/store/src/main/java/org/apache/james/mailbox/store/StoreMailboxManager.java
@@ -249,23 +249,13 @@ public class StoreMailboxManager implements MailboxManager {
}
@Override
- public MailboxSession login(Username userid, String passwd) throws MailboxException {
- return sessionProvider.login(userid, passwd);
+ public AuthorizationStep authenticate(Username givenUserid, String passwd) {
+ return sessionProvider.authenticate(givenUserid, passwd);
}
@Override
- public MailboxSession login(Username userid) {
- return sessionProvider.login(userid);
- }
-
- @Override
- public MailboxSession loginAsOtherUser(Username adminUserid, String passwd, Username otherUserId) throws MailboxException {
- return sessionProvider.loginAsOtherUser(adminUserid, passwd, otherUserId);
- }
-
- @Override
- public MailboxSession loginAsOtherUser(Username thisUserId, Username otherUserId) throws MailboxException {
- return sessionProvider.loginAsOtherUser(thisUserId, otherUserId);
+ public AuthorizationStep authenticate(Username givenUserid) {
+ return sessionProvider.authenticate(givenUserid);
}
@Override
diff --git a/mailbox/store/src/test/java/org/apache/james/mailbox/store/StoreMailboxManagerTest.java b/mailbox/store/src/test/java/org/apache/james/mailbox/store/StoreMailboxManagerTest.java
index 8ac2b58d86..a9fff1961c 100644
--- a/mailbox/store/src/test/java/org/apache/james/mailbox/store/StoreMailboxManagerTest.java
+++ b/mailbox/store/src/test/java/org/apache/james/mailbox/store/StoreMailboxManagerTest.java
@@ -168,63 +168,63 @@ class StoreMailboxManagerTest {
@Test
void loginShouldCreateSessionWhenGoodPassword() throws Exception {
- MailboxSession expected = storeMailboxManager.login(CURRENT_USER, CURRENT_USER_PASSWORD);
+ MailboxSession expected = storeMailboxManager.authenticate(CURRENT_USER, CURRENT_USER_PASSWORD).withoutDelegation();
assertThat(expected.getUser()).isEqualTo(CURRENT_USER);
}
@Test
void loginShouldThrowWhenBadPassword() {
- assertThatThrownBy(() -> storeMailboxManager.login(CURRENT_USER, BAD_PASSWORD))
+ assertThatThrownBy(() -> storeMailboxManager.authenticate(CURRENT_USER, BAD_PASSWORD).withoutDelegation())
.isInstanceOf(BadCredentialsException.class);
}
@Test
void loginAsOtherUserShouldNotCreateUserSessionWhenAdminWithBadPassword() {
- assertThatThrownBy(() -> storeMailboxManager.loginAsOtherUser(ADMIN, BAD_PASSWORD, CURRENT_USER))
+ assertThatThrownBy(() -> storeMailboxManager.authenticate(ADMIN, BAD_PASSWORD).as(CURRENT_USER))
.isInstanceOf(BadCredentialsException.class);
}
@Test
void loginAsOtherUserShouldNotCreateUserSessionWhenNotAdmin() {
- assertThatThrownBy(() -> storeMailboxManager.loginAsOtherUser(CURRENT_USER, CURRENT_USER_PASSWORD, UNKNOWN_USER))
+ assertThatThrownBy(() -> storeMailboxManager.authenticate(CURRENT_USER, CURRENT_USER_PASSWORD).as(UNKNOWN_USER))
.isInstanceOf(ForbiddenDelegationException.class);
}
@Test
void loginAsOtherUserShouldThrowBadCredentialWhenBadPasswordAndNotAdminUser() {
- assertThatThrownBy(() -> storeMailboxManager.loginAsOtherUser(CURRENT_USER, BAD_PASSWORD, CURRENT_USER))
+ assertThatThrownBy(() -> storeMailboxManager.authenticate(CURRENT_USER, BAD_PASSWORD).as(CURRENT_USER))
.isInstanceOf(BadCredentialsException.class);
}
@Test
void loginAsOtherUserShouldThrowBadCredentialWhenBadPasswordNotAdminUserAndUnknownUser() {
- assertThatThrownBy(() -> storeMailboxManager.loginAsOtherUser(CURRENT_USER, BAD_PASSWORD, UNKNOWN_USER))
+ assertThatThrownBy(() -> storeMailboxManager.authenticate(CURRENT_USER, BAD_PASSWORD).as(UNKNOWN_USER))
.isInstanceOf(BadCredentialsException.class);
}
@Test
void loginAsOtherUserShouldThrowBadCredentialsWhenBadPasswordAndUserDoesNotExists() {
- assertThatThrownBy(() -> storeMailboxManager.loginAsOtherUser(ADMIN, BAD_PASSWORD, UNKNOWN_USER))
+ assertThatThrownBy(() -> storeMailboxManager.authenticate(ADMIN, BAD_PASSWORD).as(UNKNOWN_USER))
.isInstanceOf(BadCredentialsException.class);
}
@Test
void loginAsOtherUserShouldNotCreateUserSessionWhenDelegatedUserDoesNotExist() {
- assertThatThrownBy(() -> storeMailboxManager.loginAsOtherUser(ADMIN, ADMIN_PASSWORD, UNKNOWN_USER))
+ assertThatThrownBy(() -> storeMailboxManager.authenticate(ADMIN, ADMIN_PASSWORD).as(UNKNOWN_USER))
.isInstanceOf(UserDoesNotExistException.class);
}
@Test
void loginAsOtherUserShouldCreateUserSessionWhenAdminWithGoodPassword() throws Exception {
- MailboxSession expected = storeMailboxManager.loginAsOtherUser(ADMIN, ADMIN_PASSWORD, CURRENT_USER);
+ MailboxSession expected = storeMailboxManager.authenticate(ADMIN, ADMIN_PASSWORD).as(CURRENT_USER);
assertThat(expected.getUser()).isEqualTo(CURRENT_USER);
}
@Test
void loginAsOtherUserWithoutPasswordShouldCreateUserSession() throws MailboxException {
- MailboxSession expected = storeMailboxManager.loginAsOtherUser(ADMIN, CURRENT_USER);
+ MailboxSession expected = storeMailboxManager.authenticate(ADMIN).as(CURRENT_USER);
assertThat(expected.getUser()).isEqualTo(CURRENT_USER);
}
diff --git a/protocols/imap/src/main/java/org/apache/james/imap/processor/AbstractAuthProcessor.java b/protocols/imap/src/main/java/org/apache/james/imap/processor/AbstractAuthProcessor.java
index 7f87ccba79..df82824b18 100644
--- a/protocols/imap/src/main/java/org/apache/james/imap/processor/AbstractAuthProcessor.java
+++ b/protocols/imap/src/main/java/org/apache/james/imap/processor/AbstractAuthProcessor.java
@@ -71,8 +71,9 @@ public abstract class AbstractAuthProcessor<R extends ImapRequest> extends Abstr
if (!authFailure) {
final MailboxManager mailboxManager = getMailboxManager();
try {
- final MailboxSession mailboxSession = mailboxManager.login(authenticationAttempt.getAuthenticationId(),
- authenticationAttempt.getPassword());
+ final MailboxSession mailboxSession = mailboxManager.authenticate(authenticationAttempt.getAuthenticationId(),
+ authenticationAttempt.getPassword())
+ .withoutDelegation();
session.authenticated();
session.setMailboxSession(mailboxSession);
provisionInbox(session, mailboxManager, mailboxSession);
diff --git a/server/protocols/jmap-draft-integration-testing/jmap-draft-integration-testing-common/src/test/java/org/apache/james/jmap/AllowAuthenticationStrategy.java b/server/protocols/jmap-draft-integration-testing/jmap-draft-integration-testing-common/src/test/java/org/apache/james/jmap/AllowAuthenticationStrategy.java
index 3983436993..7ccad73141 100644
--- a/server/protocols/jmap-draft-integration-testing/jmap-draft-integration-testing-common/src/test/java/org/apache/james/jmap/AllowAuthenticationStrategy.java
+++ b/server/protocols/jmap-draft-integration-testing/jmap-draft-integration-testing-common/src/test/java/org/apache/james/jmap/AllowAuthenticationStrategy.java
@@ -44,7 +44,7 @@ public class AllowAuthenticationStrategy implements AuthenticationStrategy {
@Override
public Mono<MailboxSession> createMailboxSession(HttpServerRequest httpRequest) {
- return Mono.fromCallable(() -> mailboxManager.login(BOB));
+ return Mono.fromCallable(() -> mailboxManager.authenticate(BOB).withoutDelegation());
}
@Override
diff --git a/server/protocols/jmap-draft/src/main/java/org/apache/james/jmap/http/AccessTokenAuthenticationStrategy.java b/server/protocols/jmap-draft/src/main/java/org/apache/james/jmap/http/AccessTokenAuthenticationStrategy.java
index 59471453f1..a22a1b61e5 100644
--- a/server/protocols/jmap-draft/src/main/java/org/apache/james/jmap/http/AccessTokenAuthenticationStrategy.java
+++ b/server/protocols/jmap-draft/src/main/java/org/apache/james/jmap/http/AccessTokenAuthenticationStrategy.java
@@ -28,6 +28,7 @@ import org.apache.james.jmap.exceptions.UnauthorizedException;
import org.apache.james.mailbox.MailboxManager;
import org.apache.james.mailbox.MailboxSession;
+import com.github.fge.lambdas.Throwing;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.collect.ImmutableMap;
@@ -51,7 +52,7 @@ public class AccessTokenAuthenticationStrategy implements AuthenticationStrategy
.filter(tokenString -> !tokenString.startsWith("Bearer"))
.map(AccessToken::fromString)
.flatMap(item -> Mono.from(accessTokenManager.getUsernameFromToken(item)))
- .map(mailboxManager::login)
+ .map(Throwing.function(user -> mailboxManager.authenticate(user).withoutDelegation()))
.onErrorResume(InvalidAccessToken.class, error -> Mono.error(new UnauthorizedException("Invalid access token", error)))
.onErrorResume(NotAnAccessTokenException.class, error -> Mono.error(new UnauthorizedException("Not an access token", error)));
}
diff --git a/server/protocols/jmap-draft/src/main/java/org/apache/james/jmap/http/QueryParameterAccessTokenAuthenticationStrategy.java b/server/protocols/jmap-draft/src/main/java/org/apache/james/jmap/http/QueryParameterAccessTokenAuthenticationStrategy.java
index eb30c07f5b..70d987b10e 100644
--- a/server/protocols/jmap-draft/src/main/java/org/apache/james/jmap/http/QueryParameterAccessTokenAuthenticationStrategy.java
+++ b/server/protocols/jmap-draft/src/main/java/org/apache/james/jmap/http/QueryParameterAccessTokenAuthenticationStrategy.java
@@ -31,6 +31,7 @@ import org.apache.james.jmap.draft.model.AttachmentAccessToken;
import org.apache.james.mailbox.MailboxManager;
import org.apache.james.mailbox.MailboxSession;
+import com.github.fge.lambdas.Throwing;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.collect.ImmutableMap;
@@ -57,7 +58,7 @@ public class QueryParameterAccessTokenAuthenticationStrategy implements Authenti
.filter(tokenManager::isValid)
.map(AttachmentAccessToken::getUsername)
.map(Username::of)
- .map(mailboxManager::login);
+ .map(Throwing.function(user -> mailboxManager.authenticate(user).withoutDelegation()));
}
@Override
diff --git a/server/protocols/jmap-draft/src/test/java/org/apache/james/jmap/draft/model/MailboxFactoryTest.java b/server/protocols/jmap-draft/src/test/java/org/apache/james/jmap/draft/model/MailboxFactoryTest.java
index 2d7edee171..1150366850 100644
--- a/server/protocols/jmap-draft/src/test/java/org/apache/james/jmap/draft/model/MailboxFactoryTest.java
+++ b/server/protocols/jmap-draft/src/test/java/org/apache/james/jmap/draft/model/MailboxFactoryTest.java
@@ -72,8 +72,8 @@ public class MailboxFactoryTest {
user = ManagerTestProvisionner.USER;
otherUser = OTHER_USER;
- mailboxSession = mailboxManager.login(user, ManagerTestProvisionner.USER_PASS);
- otherMailboxSession = mailboxManager.login(otherUser, ManagerTestProvisionner.OTHER_USER_PASS);
+ mailboxSession = mailboxManager.authenticate(user, ManagerTestProvisionner.USER_PASS).withoutDelegation();
+ otherMailboxSession = mailboxManager.authenticate(otherUser, ManagerTestProvisionner.OTHER_USER_PASS).withoutDelegation();
sut = new MailboxFactory(mailboxManager, quotaManager, quotaRootResolver);
}
diff --git a/server/protocols/jmap-draft/src/test/java/org/apache/james/jmap/http/AccessTokenAuthenticationStrategyTest.java b/server/protocols/jmap-draft/src/test/java/org/apache/james/jmap/http/AccessTokenAuthenticationStrategyTest.java
index f90b75e570..4a89c07705 100644
--- a/server/protocols/jmap-draft/src/test/java/org/apache/james/jmap/http/AccessTokenAuthenticationStrategyTest.java
+++ b/server/protocols/jmap-draft/src/test/java/org/apache/james/jmap/http/AccessTokenAuthenticationStrategyTest.java
@@ -26,6 +26,7 @@ import static org.mockito.Mockito.when;
import java.util.UUID;
+import org.apache.commons.lang3.NotImplementedException;
import org.apache.james.core.Username;
import org.apache.james.jmap.api.access.AccessToken;
import org.apache.james.jmap.api.access.exceptions.InvalidAccessToken;
@@ -33,6 +34,8 @@ import org.apache.james.jmap.draft.crypto.AccessTokenManagerImpl;
import org.apache.james.jmap.exceptions.UnauthorizedException;
import org.apache.james.mailbox.MailboxManager;
import org.apache.james.mailbox.MailboxSession;
+import org.apache.james.mailbox.SessionProvider;
+import org.apache.james.mailbox.exception.MailboxException;
import org.junit.Before;
import org.junit.Test;
@@ -115,8 +118,18 @@ public class AccessTokenAuthenticationStrategyTest {
Username username = Username.of("123456789");
MailboxSession fakeMailboxSession = mock(MailboxSession.class);
- when(mockedMailboxManager.login(eq(username)))
- .thenReturn(fakeMailboxSession);
+ when(mockedMailboxManager.authenticate(eq(username)))
+ .thenReturn(new SessionProvider.AuthorizationStep() {
+ @Override
+ public MailboxSession as(Username other) {
+ throw new NotImplementedException();
+ }
+
+ @Override
+ public MailboxSession withoutDelegation() {
+ return fakeMailboxSession;
+ }
+ });
UUID authHeader = UUID.randomUUID();
AccessToken accessToken = AccessToken.fromString(authHeader.toString());
diff --git a/server/protocols/jmap-draft/src/test/java/org/apache/james/jmap/http/JWTAuthenticationStrategyTest.java b/server/protocols/jmap-draft/src/test/java/org/apache/james/jmap/http/JWTAuthenticationStrategyTest.java
index 73cc2769ce..9ca3fc96d8 100644
--- a/server/protocols/jmap-draft/src/test/java/org/apache/james/jmap/http/JWTAuthenticationStrategyTest.java
+++ b/server/protocols/jmap-draft/src/test/java/org/apache/james/jmap/http/JWTAuthenticationStrategyTest.java
@@ -26,12 +26,15 @@ import static org.mockito.Mockito.when;
import java.util.Optional;
+import org.apache.commons.lang3.NotImplementedException;
import org.apache.james.core.Username;
import org.apache.james.domainlist.api.DomainList;
import org.apache.james.jmap.exceptions.UnauthorizedException;
import org.apache.james.jwt.JwtTokenVerifier;
import org.apache.james.mailbox.MailboxManager;
import org.apache.james.mailbox.MailboxSession;
+import org.apache.james.mailbox.SessionProvider;
+import org.apache.james.mailbox.exception.MailboxException;
import org.apache.james.user.memory.MemoryUsersRepository;
import org.junit.Before;
import org.junit.Test;
@@ -122,8 +125,18 @@ public class JWTAuthenticationStrategyTest {
MailboxSession fakeMailboxSession = mock(MailboxSession.class);
when(stubTokenVerifier.verifyAndExtractLogin(validAuthHeader)).thenReturn(Optional.of(username));
- when(mockedMailboxManager.login(eq(Username.of(username))))
- .thenReturn(fakeMailboxSession);
+ when(mockedMailboxManager.authenticate(eq(Username.of(username))))
+ .thenReturn(new SessionProvider.AuthorizationStep() {
+ @Override
+ public MailboxSession as(Username other) throws MailboxException {
+ throw new NotImplementedException();
+ }
+
+ @Override
+ public MailboxSession withoutDelegation() throws MailboxException {
+ return fakeMailboxSession;
+ }
+ });
when(mockedHeaders.get(AUTHORIZATION_HEADERS))
.thenReturn(fakeAuthHeaderWithPrefix);
diff --git a/server/protocols/jmap-draft/src/test/java/org/apache/james/jmap/http/XUserAuthenticationStrategyTest.java b/server/protocols/jmap-draft/src/test/java/org/apache/james/jmap/http/XUserAuthenticationStrategyTest.java
index a52951bfe1..1a3bc2fad3 100644
--- a/server/protocols/jmap-draft/src/test/java/org/apache/james/jmap/http/XUserAuthenticationStrategyTest.java
+++ b/server/protocols/jmap-draft/src/test/java/org/apache/james/jmap/http/XUserAuthenticationStrategyTest.java
@@ -24,12 +24,16 @@ import static org.mockito.ArgumentMatchers.any;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
+import org.apache.commons.lang3.NotImplementedException;
+import org.apache.james.core.Username;
import org.apache.james.dnsservice.api.DNSService;
import org.apache.james.domainlist.lib.DomainListConfiguration;
import org.apache.james.domainlist.memory.MemoryDomainList;
import org.apache.james.jmap.exceptions.UnauthorizedException;
import org.apache.james.mailbox.MailboxManager;
import org.apache.james.mailbox.MailboxSession;
+import org.apache.james.mailbox.SessionProvider;
+import org.apache.james.mailbox.exception.MailboxException;
import org.apache.james.user.memory.MemoryUsersRepository;
import org.junit.Before;
import org.junit.Test;
@@ -57,8 +61,18 @@ public class XUserAuthenticationStrategyTest {
when(mockedMailboxManager.createSystemSession(any()))
.thenReturn(fakeMailboxSession);
- when(mockedMailboxManager.login(any()))
- .thenReturn(fakeMailboxSession);
+ when(mockedMailboxManager.authenticate(any()))
+ .thenReturn(new SessionProvider.AuthorizationStep() {
+ @Override
+ public MailboxSession as(Username other) {
+ throw new NotImplementedException();
+ }
+
+ @Override
+ public MailboxSession withoutDelegation() {
+ return fakeMailboxSession;
+ }
+ });
when(mockedRequest.requestHeaders())
.thenReturn(mockedHeaders);
diff --git a/server/protocols/jmap-rfc-8621-integration-tests/jmap-rfc-8621-integration-tests-common/src/main/scala/org/apache/james/jmap/rfc8621/contract/custom/authentication/strategy/AllowAuthenticationStrategy.scala b/server/protocols/jmap-rfc-8621-integration-tests/jmap-rfc-8621-integration-tests-common/src/main/scala/org/apache/james/jmap/rfc8621/contract/custom/authentication/strategy/AllowAuthenticationStrategy.scala
index 9f9a1cad40..9b90e3b153 100644
--- a/server/protocols/jmap-rfc-8621-integration-tests/jmap-rfc-8621-integration-tests-common/src/main/scala/org/apache/james/jmap/rfc8621/contract/custom/authentication/strategy/AllowAuthenticationStrategy.scala
+++ b/server/protocols/jmap-rfc-8621-integration-tests/jmap-rfc-8621-integration-tests-common/src/main/scala/org/apache/james/jmap/rfc8621/contract/custom/authentication/strategy/AllowAuthenticationStrategy.scala
@@ -30,7 +30,7 @@ import reactor.netty.http.server.HttpServerRequest
case class AllowAuthenticationStrategy @Inject() (mailboxManager: MailboxManager) extends AuthenticationStrategy {
override def createMailboxSession(httpRequest: HttpServerRequest): Mono[MailboxSession] =
- SMono.fromCallable(() => mailboxManager.login(Fixture.BOB))
+ SMono.fromCallable(() => mailboxManager.authenticate(Fixture.BOB).withoutDelegation())
.asJava()
override def correspondingChallenge(): AuthenticationChallenge =
diff --git a/server/protocols/jmap-rfc-8621/src/main/scala/org/apache/james/jmap/http/BasicAuthenticationStrategy.scala b/server/protocols/jmap-rfc-8621/src/main/scala/org/apache/james/jmap/http/BasicAuthenticationStrategy.scala
index 309f54b84f..de235f22eb 100644
--- a/server/protocols/jmap-rfc-8621/src/main/scala/org/apache/james/jmap/http/BasicAuthenticationStrategy.scala
+++ b/server/protocols/jmap-rfc-8621/src/main/scala/org/apache/james/jmap/http/BasicAuthenticationStrategy.scala
@@ -118,7 +118,7 @@ class BasicAuthenticationStrategy @Inject()(val usersRepository: UsersRepository
.handle(publishNext)
.filterWhen(isValid)
.map(_.username)
- .map(mailboxManager.login)
+ .map(mailboxManager.authenticate(_).withoutDelegation())
.asJava()
diff --git a/server/protocols/jmap/src/main/java/org/apache/james/jmap/http/JWTAuthenticationStrategy.java b/server/protocols/jmap/src/main/java/org/apache/james/jmap/http/JWTAuthenticationStrategy.java
index 17cbcfee79..de95dc0b66 100644
--- a/server/protocols/jmap/src/main/java/org/apache/james/jmap/http/JWTAuthenticationStrategy.java
+++ b/server/protocols/jmap/src/main/java/org/apache/james/jmap/http/JWTAuthenticationStrategy.java
@@ -30,6 +30,7 @@ import org.apache.james.user.api.UsersRepository;
import org.apache.james.user.api.UsersRepositoryException;
import org.apache.james.util.ReactorUtils;
+import com.github.fge.lambdas.Throwing;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.collect.ImmutableMap;
@@ -71,7 +72,7 @@ public class JWTAuthenticationStrategy implements AuthenticationStrategy {
return username;
}).subscribeOn(ReactorUtils.BLOCKING_CALL_WRAPPER))
- .map(mailboxManager::login);
+ .map(Throwing.function(user -> mailboxManager.authenticate(user).withoutDelegation()));
}
@Override
diff --git a/server/protocols/jmap/src/main/java/org/apache/james/jmap/http/XUserAuthenticationStrategy.java b/server/protocols/jmap/src/main/java/org/apache/james/jmap/http/XUserAuthenticationStrategy.java
index e915bc1adf..022d75f92b 100644
--- a/server/protocols/jmap/src/main/java/org/apache/james/jmap/http/XUserAuthenticationStrategy.java
+++ b/server/protocols/jmap/src/main/java/org/apache/james/jmap/http/XUserAuthenticationStrategy.java
@@ -68,7 +68,7 @@ public class XUserAuthenticationStrategy implements AuthenticationStrategy {
} catch (UsersRepositoryException e) {
throw new UnauthorizedException("Invalid username", e);
}
- return mailboxManager.login(username);
+ return mailboxManager.authenticate(username).withoutDelegation();
}).subscribeOn(ReactorUtils.BLOCKING_CALL_WRAPPER);
}
diff --git a/server/protocols/protocols-pop3/src/main/java/org/apache/james/pop3server/core/PassCmdHandler.java b/server/protocols/protocols-pop3/src/main/java/org/apache/james/pop3server/core/PassCmdHandler.java
index 07b4e93aa1..6a7444fa9f 100644
--- a/server/protocols/protocols-pop3/src/main/java/org/apache/james/pop3server/core/PassCmdHandler.java
+++ b/server/protocols/protocols-pop3/src/main/java/org/apache/james/pop3server/core/PassCmdHandler.java
@@ -87,7 +87,7 @@ public class PassCmdHandler extends AbstractPassCmdHandler {
private Mailbox auth(POP3Session session, String password) throws IOException {
MailboxSession mSession = null;
try {
- mSession = manager.login(session.getUsername(), password);
+ mSession = manager.authenticate(session.getUsername(), password).withoutDelegation();
session.stopDetectingCommandInjection();
manager.startProcessingRequest(mSession);
MailboxPath inbox = MailboxPath.inbox(mSession);
diff --git a/server/protocols/protocols-pop3/src/test/java/org/apache/james/pop3server/POP3ServerTest.java b/server/protocols/protocols-pop3/src/test/java/org/apache/james/pop3server/POP3ServerTest.java
index 3fa6ff6e06..46646e5e57 100644
--- a/server/protocols/protocols-pop3/src/test/java/org/apache/james/pop3server/POP3ServerTest.java
+++ b/server/protocols/protocols-pop3/src/test/java/org/apache/james/pop3server/POP3ServerTest.java
@@ -272,7 +272,7 @@ public class POP3ServerTest {
pop3Client.disconnect();
MailboxPath mailboxPath = MailboxPath.inbox(username);
- MailboxSession session = mailboxManager.login(username, "bar");
+ MailboxSession session = mailboxManager.authenticate(username, "bar").withoutDelegation();
if (!mailboxManager.mailboxExists(mailboxPath, session).block()) {
mailboxManager.createMailbox(mailboxPath, session);
}
@@ -352,7 +352,7 @@ public class POP3ServerTest {
Username username = Username.of("foo2");
usersRepository.addUser(username, "bar2");
MailboxPath mailboxPath = MailboxPath.inbox(username);
- MailboxSession session = mailboxManager.login(username, "bar2");
+ MailboxSession session = mailboxManager.authenticate(username, "bar2").withoutDelegation();
mailboxManager.createMailbox(mailboxPath, session);
byte[] content = ("Return-path: return@test.com\r\n"
+ "Content-Transfer-Encoding: plain\r\n"
@@ -389,7 +389,7 @@ public class POP3ServerTest {
Username username = Username.of("foo2");
usersRepository.addUser(username, "bar2");
MailboxPath mailboxPath = MailboxPath.inbox(username);
- MailboxSession session = mailboxManager.login(username, "bar2");
+ MailboxSession session = mailboxManager.authenticate(username, "bar2").withoutDelegation();
mailboxManager.createMailbox(mailboxPath, session);
byte[] content = ("Return-path: return@test.com\r\n"
+ "Content-Transfer-Encoding: plain\r\n"
@@ -426,7 +426,7 @@ public class POP3ServerTest {
Username username = Username.of("foo2");
usersRepository.addUser(username, "bar2");
MailboxPath mailboxPath = MailboxPath.inbox(username);
- MailboxSession session = mailboxManager.login(username, "bar2");
+ MailboxSession session = mailboxManager.authenticate(username, "bar2").withoutDelegation();
mailboxManager.createMailbox(mailboxPath, session);
byte[] content = ("Return-path: return@test.com\r\n"
+ "Content-Transfer-Encoding: plain\r\n"
@@ -469,7 +469,7 @@ public class POP3ServerTest {
usersRepository.addUser(username, "bar2");
MailboxPath mailboxPath = MailboxPath.inbox(username);
- MailboxSession session = mailboxManager.login(username, "bar2");
+ MailboxSession session = mailboxManager.authenticate(username, "bar2").withoutDelegation();
if (!mailboxManager.mailboxExists(mailboxPath, session).block()) {
mailboxManager.createMailbox(mailboxPath, session);
@@ -556,7 +556,7 @@ public class POP3ServerTest {
usersRepository.addUser(username, "bar2");
MailboxPath mailboxPath = MailboxPath.inbox(username);
- MailboxSession session = mailboxManager.login(username, "bar2");
+ MailboxSession session = mailboxManager.authenticate(username, "bar2").withoutDelegation();
if (!mailboxManager.mailboxExists(mailboxPath, session).block()) {
mailboxManager.createMailbox(mailboxPath, session);
@@ -602,7 +602,7 @@ public class POP3ServerTest {
usersRepository.addUser(username, "bar2");
MailboxPath mailboxPath = MailboxPath.inbox(username);
- MailboxSession session = mailboxManager.login(username, "bar2");
+ MailboxSession session = mailboxManager.authenticate(username, "bar2").withoutDelegation();
if (!mailboxManager.mailboxExists(mailboxPath, session).block()) {
mailboxManager.createMailbox(mailboxPath, session);
@@ -652,7 +652,7 @@ public class POP3ServerTest {
usersRepository.addUser(username, "bar2");
MailboxPath mailboxPath = MailboxPath.inbox(username);
- MailboxSession session = mailboxManager.login(username, "bar2");
+ MailboxSession session = mailboxManager.authenticate(username, "bar2").withoutDelegation();
if (!mailboxManager.mailboxExists(mailboxPath, session).block()) {
mailboxManager.createMailbox(mailboxPath, session);
@@ -861,7 +861,7 @@ public class POP3ServerTest {
Username username = Username.of("foo6");
usersRepository.addUser(username, "bar6");
- MailboxSession session = mailboxManager.login(username, "bar6");
+ MailboxSession session = mailboxManager.authenticate(username, "bar6").withoutDelegation();
MailboxPath mailboxPath = MailboxPath.inbox(username);
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@james.apache.org
For additional commands, e-mail: notifications-help@james.apache.org