use of org.eclipse.che.api.factory.server.scm.exception.ScmUnauthorizedException in project che-server by eclipse-che.
the class BitbucketServerPersonalAccessTokenFetcher method fetchPersonalAccessToken.
@Override
public PersonalAccessToken fetchPersonalAccessToken(Subject cheUser, String scmServerUrl) throws ScmUnauthorizedException, ScmCommunicationException {
if (!bitbucketServerApiClient.isConnected(scmServerUrl)) {
LOG.debug("not a valid url {} for current fetcher ", scmServerUrl);
return null;
}
final String tokenName = format(TOKEN_NAME_TEMPLATE, cheUser.getUserId(), apiEndpoint.getHost());
try {
BitbucketUser user = bitbucketServerApiClient.getUser(EnvironmentContext.getCurrent().getSubject());
LOG.debug("Current bitbucket user {} ", user);
// cleanup existed
List<BitbucketPersonalAccessToken> existingTokens = bitbucketServerApiClient.getPersonalAccessTokens(user.getSlug()).stream().filter(p -> p.getName().equals(tokenName)).collect(Collectors.toList());
for (BitbucketPersonalAccessToken existedToken : existingTokens) {
LOG.debug("Deleting existed che token {} {}", existedToken.getId(), existedToken.getName());
bitbucketServerApiClient.deletePersonalAccessTokens(user.getSlug(), existedToken.getId());
}
BitbucketPersonalAccessToken token = bitbucketServerApiClient.createPersonalAccessTokens(user.getSlug(), tokenName, DEFAULT_TOKEN_SCOPE);
LOG.debug("Token created = {} for {}", token.getId(), token.getUser());
return new PersonalAccessToken(scmServerUrl, EnvironmentContext.getCurrent().getSubject().getUserId(), user.getName(), valueOf(user.getId()), token.getName(), valueOf(token.getId()), token.getToken());
} catch (ScmBadRequestException | ScmItemNotFoundException e) {
throw new ScmCommunicationException(e.getMessage(), e);
}
}
use of org.eclipse.che.api.factory.server.scm.exception.ScmUnauthorizedException in project devspaces-images by redhat-developer.
the class GitlabOAuthTokenFetcher method fetchPersonalAccessToken.
@Override
public PersonalAccessToken fetchPersonalAccessToken(Subject cheSubject, String scmServerUrl) throws ScmUnauthorizedException, ScmCommunicationException {
scmServerUrl = StringUtils.trimEnd(scmServerUrl, '/');
GitlabApiClient gitlabApiClient = getApiClient(scmServerUrl);
if (gitlabApiClient == null || !gitlabApiClient.isConnected(scmServerUrl)) {
LOG.debug("not a valid url {} for current fetcher ", scmServerUrl);
return null;
}
if (oAuthAPI == null) {
throw new ScmCommunicationException(format("OAuth 2 is not configured for SCM provider [%s]. For details, refer " + "the documentation in section of SCM providers configuration.", OAUTH_PROVIDER_NAME));
}
OAuthToken oAuthToken;
try {
oAuthToken = oAuthAPI.getToken(OAUTH_PROVIDER_NAME);
GitlabUser user = gitlabApiClient.getUser(oAuthToken.getToken());
PersonalAccessToken token = new PersonalAccessToken(scmServerUrl, cheSubject.getUserId(), user.getUsername(), Long.toString(user.getId()), NameGenerator.generate(OAUTH_2_PREFIX, 5), NameGenerator.generate("id-", 5), oAuthToken.getToken());
Optional<Boolean> valid = isValid(token);
if (valid.isEmpty() || !valid.get()) {
throw new ScmCommunicationException("Current token doesn't have the necessary privileges. Please make sure Che app scopes are correct and containing at least: " + DEFAULT_TOKEN_SCOPES.toString());
}
return token;
} catch (UnauthorizedException e) {
throw new ScmUnauthorizedException(cheSubject.getUserName() + " is not authorized in " + OAUTH_PROVIDER_NAME + " OAuth provider.", OAUTH_PROVIDER_NAME, "2.0", getLocalAuthenticateUrl());
} catch (NotFoundException | ServerException | ForbiddenException | BadRequestException | ScmItemNotFoundException | ScmBadRequestException | ConflictException e) {
LOG.warn(e.getMessage());
throw new ScmCommunicationException(e.getMessage(), e);
}
}
use of org.eclipse.che.api.factory.server.scm.exception.ScmUnauthorizedException in project devspaces-images by redhat-developer.
the class BitbucketServerPersonalAccessTokenFetcher method fetchPersonalAccessToken.
@Override
public PersonalAccessToken fetchPersonalAccessToken(Subject cheUser, String scmServerUrl) throws ScmUnauthorizedException, ScmCommunicationException {
if (!bitbucketServerApiClient.isConnected(scmServerUrl)) {
LOG.debug("not a valid url {} for current fetcher ", scmServerUrl);
return null;
}
final String tokenName = format(TOKEN_NAME_TEMPLATE, cheUser.getUserId(), apiEndpoint.getHost());
try {
BitbucketUser user = bitbucketServerApiClient.getUser(EnvironmentContext.getCurrent().getSubject());
LOG.debug("Current bitbucket user {} ", user);
// cleanup existed
List<BitbucketPersonalAccessToken> existingTokens = bitbucketServerApiClient.getPersonalAccessTokens(user.getSlug()).stream().filter(p -> p.getName().equals(tokenName)).collect(Collectors.toList());
for (BitbucketPersonalAccessToken existedToken : existingTokens) {
LOG.debug("Deleting existed che token {} {}", existedToken.getId(), existedToken.getName());
bitbucketServerApiClient.deletePersonalAccessTokens(user.getSlug(), existedToken.getId());
}
BitbucketPersonalAccessToken token = bitbucketServerApiClient.createPersonalAccessTokens(user.getSlug(), tokenName, DEFAULT_TOKEN_SCOPE);
LOG.debug("Token created = {} for {}", token.getId(), token.getUser());
return new PersonalAccessToken(scmServerUrl, EnvironmentContext.getCurrent().getSubject().getUserId(), user.getName(), valueOf(user.getId()), token.getName(), valueOf(token.getId()), token.getToken());
} catch (ScmBadRequestException | ScmItemNotFoundException e) {
throw new ScmCommunicationException(e.getMessage(), e);
}
}
use of org.eclipse.che.api.factory.server.scm.exception.ScmUnauthorizedException in project devspaces-images by redhat-developer.
the class HttpBitbucketServerApiClient method getUser.
@Override
public BitbucketUser getUser(Subject cheUser) throws ScmUnauthorizedException, ScmCommunicationException, ScmItemNotFoundException {
try {
// Since Bitbucket server API doesn't provide a way to get an account profile currently
// authenticated user we will try to find it and by iterating over the list available to the
// current user Bitbucket users and attempting to get their personal access tokens. To speed
// up this process first of all we will search among users that contain(somewhere in Bitbucket
// user
// entity) Che's user username. At the second step, we will search against all visible(to the
// current Che's user) bitbucket users that are not included in the first list.
Set<String> usersByName = getUsers(cheUser.getUserName()).stream().map(BitbucketUser::getSlug).collect(Collectors.toSet());
Optional<BitbucketUser> currentUser = findCurrentUser(usersByName);
if (currentUser.isPresent()) {
return currentUser.get();
}
Set<String> usersAllExceptByName = getUsers().stream().map(BitbucketUser::getSlug).filter(s -> !usersByName.contains(s)).collect(Collectors.toSet());
currentUser = findCurrentUser(usersAllExceptByName);
if (currentUser.isPresent()) {
return currentUser.get();
}
} catch (ScmBadRequestException | ScmItemNotFoundException scmException) {
throw new ScmCommunicationException(scmException.getMessage(), scmException);
}
throw new ScmItemNotFoundException("Current user not found. That is possible only if user are not authorized against " + serverUri);
}
use of org.eclipse.che.api.factory.server.scm.exception.ScmUnauthorizedException in project devspaces-images by redhat-developer.
the class GithubPersonalAccessTokenFetcher method fetchPersonalAccessToken.
@Override
public PersonalAccessToken fetchPersonalAccessToken(Subject cheSubject, String scmServerUrl) throws ScmUnauthorizedException, ScmCommunicationException {
OAuthToken oAuthToken;
if (githubApiClient == null || !githubApiClient.isConnected(scmServerUrl)) {
LOG.debug("not a valid url {} for current fetcher ", scmServerUrl);
return null;
}
try {
oAuthToken = oAuthAPI.getToken(OAUTH_PROVIDER_NAME);
// Find the user associated to the OAuth token by querying the GitHub API.
GithubUser user = githubApiClient.getUser(oAuthToken.getToken());
PersonalAccessToken token = new PersonalAccessToken(scmServerUrl, cheSubject.getUserId(), user.getLogin(), Long.toString(user.getId()), NameGenerator.generate(OAUTH_2_PREFIX, 5), NameGenerator.generate("id-", 5), oAuthToken.getToken());
Optional<Boolean> valid = isValid(token);
if (valid.isEmpty()) {
throw new ScmCommunicationException("Unable to verify if current token is a valid GitHub token. Token's scm-url needs to be '" + GithubApiClient.GITHUB_SERVER + "' and was '" + token.getScmProviderUrl() + "'");
} else if (!valid.get()) {
throw new ScmCommunicationException("Current token doesn't have the necessary privileges. Please make sure Che app scopes are correct and containing at least: " + DEFAULT_TOKEN_SCOPES.toString());
}
return token;
} catch (UnauthorizedException e) {
throw new ScmUnauthorizedException(cheSubject.getUserName() + " is not authorized in " + OAUTH_PROVIDER_NAME + " OAuth provider.", OAUTH_PROVIDER_NAME, "2.0", getLocalAuthenticateUrl());
} catch (NotFoundException | ServerException | ForbiddenException | BadRequestException | ScmItemNotFoundException | ScmBadRequestException | ConflictException e) {
LOG.error(e.getMessage());
throw new ScmCommunicationException(e.getMessage(), e);
}
}
Aggregations