Merge branch 'release/0.3.0'

.travis.yml

@@ -1,4 +1,6 @@
 language: java
+dist: trusty
+sudo: required
 jdk:
 - oraclejdk7
 deploy:

build.gradle

@@ -65,8 +65,8 @@ subprojects {
 
   dependencyManagement {
     imports {
-      mavenBom 'org.springframework.cloud:spring-cloud-starter-parent:Camden.SR4'
-      mavenBom 'org.springframework.boot:spring-boot-starter-parent:1.4.3.RELEASE'
+      mavenBom 'org.springframework.cloud:spring-cloud-starter-parent:Camden.SR6'
+      mavenBom 'org.springframework.boot:spring-boot-starter-parent:1.5.2.RELEASE'
     }
   }
 
@@ -77,6 +77,10 @@ subprojects {
     all*.exclude module: "spring-boot-starter-tomcat"
   }
 
+  test {
+    testLogging.showStandardStreams = true
+  }
+
   task sourcesJar(type: Jar, dependsOn: classes) {
       classifier = 'sources'
       from sourceSets.main.allSource

rcloud-gist-service/build.gradle

@@ -5,12 +5,6 @@
 *
 *******************************************************************************/
 
-repositories {
-  maven {
-    url "http://gitblit.github.io/gitblit-maven/"
-  }
-}
-
 project.description = "RCloud Gist service implementation on a git repository."
 
 dependencies {
@@ -37,6 +31,10 @@ dependencies {
   testCompile 'junit:junit'
   testCompile 'org.mockito:mockito-all:1.10.8'
   testCompile 'org.springframework.boot:spring-boot-starter-test'
+  testCompile 'org.springframework.security:spring-security-test'
+  testCompile 'org.apache.commons:commons-math3:3.6.1'
+
+
 }
 
 

rcloud-gist-service/src/main/java/com/mangosolutions/rcloud/rawgist/CacheConfiguration.java

@@ -59,10 +59,8 @@ private void createAndApplyCacheConfiguration(HazelcastInstance hazelcastInstanc
 			logger.warn("Altering existing configuration of cache config {}", mapConfigs.get(cacheName));
 		}
 		MapConfig mapConfig = new MapConfig(cacheName);//config.getMapConfig(cacheConfig.getName());
-		mapConfig.setEvictionPercentage(cacheConfig.getEvictionPercentage());
 		mapConfig.setEvictionPolicy(cacheConfig.getEvictionPolicy());
 		mapConfig.setTimeToLiveSeconds(cacheConfig.getTtl());
-		mapConfig.setMinEvictionCheckMillis(cacheConfig.getEvictionCheck());
 		config.addMapConfig(mapConfig);
 		logger.info("Configured cache {} with with settings: {}", cacheName, mapConfig);
 	}

rcloud-gist-service/src/main/java/com/mangosolutions/rcloud/rawgist/CacheConfigurationProperties.java

@@ -28,23 +28,15 @@ public void setCaches(List<GistCacheConfiguration> caches) {
 	public static class GistCacheConfiguration { 
 
 		private String name;
-        private int evictionPercentage = 25;
         private EvictionPolicy evictionPolicy = EvictionPolicy.LFU;
         private int ttl = 300;
-        private int evictionCheck = 500;
 
         public String getName() {
 			return name;
 		}
 		public void setName(String name) {
 			this.name = name;
 		}
-		public int getEvictionPercentage() {
-			return evictionPercentage;
-		}
-		public void setEvictionPercentage(int evictionPercentage) {
-			this.evictionPercentage = evictionPercentage;
-		}
 		public EvictionPolicy getEvictionPolicy() {
 			return evictionPolicy;
 		}
@@ -57,13 +49,6 @@ public int getTtl() {
 		public void setTtl(int ttl) {
 			this.ttl = ttl;
 		}
-		public int getEvictionCheck() {
-			return evictionCheck;
-		}
-		public void setEvictionCheck(int evictionCheck) {
-			this.evictionCheck = evictionCheck;
-		}
-
     }
 
 

rcloud-gist-service/src/main/java/com/mangosolutions/rcloud/rawgist/ContentNegotiationConfiguration.java

@@ -0,0 +1,81 @@
+/*******************************************************************************
+* Copyright (c) 2017 AT&T Intellectual Property, [http://www.att.com]
+*
+* SPDX-License-Identifier:   MIT
+*
+*******************************************************************************/
+package com.mangosolutions.rcloud.rawgist;
+
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.LinkedHashSet;
+import java.util.List;
+import java.util.Set;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.context.properties.EnableConfigurationProperties;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.http.MediaType;
+import org.springframework.http.converter.HttpMessageConverter;
+import org.springframework.http.converter.json.AbstractJackson2HttpMessageConverter;
+import org.springframework.web.servlet.config.annotation.ContentNegotiationConfigurer;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
+
+@Configuration
+@EnableConfigurationProperties(GistServiceProperties.class)
+public class ContentNegotiationConfiguration extends WebMvcConfigurerAdapter {
+
+	private static final List<MediaType> DEFAULT_GITHUB_MEDIA_TYPES = Arrays.asList(
+			MediaType.parseMediaType("application/vnd.github.beta+json"),
+			MediaType.parseMediaType("application/vnd.github.beta"),
+			MediaType.parseMediaType("application/vnd.github.v3+json"),
+			MediaType.parseMediaType("application/vnd.github.v3")
+			);
+
+	@Autowired
+	private GistServiceProperties serviceProperties;
+
+	@Override
+	public void configureContentNegotiation(ContentNegotiationConfigurer configurer) {
+		configurer.ignoreAcceptHeader(true);
+		configurer.defaultContentType(MediaType.APPLICATION_JSON_UTF8);
+	}
+
+	@Override
+	public void extendMessageConverters(List<HttpMessageConverter<?>> converters) {
+		super.extendMessageConverters(converters);
+		for (HttpMessageConverter<?> converter : converters) {
+			if (isJsonConverter(converter)) {
+				updateMediaTypes((AbstractJackson2HttpMessageConverter) converter);
+			}
+		}
+	}
+
+	private void updateMediaTypes(AbstractJackson2HttpMessageConverter converter) {
+		Collection<MediaType> gistMediaTypes = getMediaTypes(converter);
+		List<MediaType> mediaTypes = new ArrayList<>(gistMediaTypes);
+		converter.setSupportedMediaTypes(mediaTypes);
+	}
+
+	private Collection<MediaType> getMediaTypes(AbstractJackson2HttpMessageConverter converter) {
+		Set<MediaType> mediaTypes = new LinkedHashSet<>(converter.getSupportedMediaTypes());
+		for(String mediaType: serviceProperties.getMediatypes()) {
+			mediaTypes.add(MediaType.parseMediaType(mediaType));
+		}
+		mediaTypes.addAll(DEFAULT_GITHUB_MEDIA_TYPES);
+		return mediaTypes;
+	}
+
+	private boolean isJsonConverter(HttpMessageConverter<?> converter) {
+		if(AbstractJackson2HttpMessageConverter.class.isAssignableFrom(converter.getClass())) {
+			for (MediaType mediaType : converter.getSupportedMediaTypes()) {
+				if (mediaType.equals(MediaType.APPLICATION_JSON)) {
+					return true;
+				}
+			}
+		}
+		return false;
+	}
+
+}

rcloud-gist-service/src/main/java/com/mangosolutions/rcloud/rawgist/GistServiceConfiguration.java

@@ -8,20 +8,24 @@
 
 import java.io.IOException;
 
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.context.properties.EnableConfigurationProperties;
-import org.springframework.cache.CacheManager;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.web.filter.CommonsRequestLoggingFilter;
 
 import com.fasterxml.jackson.databind.ObjectMapper;
-import com.hazelcast.config.Config;
 import com.hazelcast.core.HazelcastInstance;
-import com.hazelcast.spring.cache.HazelcastCacheManager;
 import com.mangosolutions.rcloud.rawgist.repository.GistIdGenerator;
+import com.mangosolutions.rcloud.rawgist.repository.GistRepositoryFactory;
 import com.mangosolutions.rcloud.rawgist.repository.GistRepositoryService;
-import com.mangosolutions.rcloud.rawgist.repository.GitGistRepositoryService;
-import com.mangosolutions.rcloud.rawgist.repository.UUIDGistIdGenerator;
+import com.mangosolutions.rcloud.rawgist.repository.GistSecurityManager;
+import com.mangosolutions.rcloud.rawgist.repository.git.GitGistRepositoryService;
+import com.mangosolutions.rcloud.rawgist.repository.git.PermissiveGistSecurityManager;
+import com.mangosolutions.rcloud.rawgist.repository.git.SimpleGistSecurityManager;
+import com.mangosolutions.rcloud.rawgist.repository.git.UUIDGistIdGenerator;
 
 /**
  * Main Spring configuration
@@ -31,6 +35,8 @@
 @EnableConfigurationProperties(GistServiceProperties.class)
 public class GistServiceConfiguration {
 
+	private final Logger logger = LoggerFactory.getLogger(GistServiceConfiguration.class);
+
 	@Autowired
 	private GistServiceProperties serviceProperties;
 
@@ -39,19 +45,43 @@ public class GistServiceConfiguration {
 
 	@Autowired
 	private ObjectMapper objectMapper;
-
+
+	@Autowired 
+	private GistRepositoryFactory repositoryFactory;
+
 	@Bean
 	public GistRepositoryService getGistRepository() throws IOException {
 		GitGistRepositoryService repo = new GitGistRepositoryService(serviceProperties.getRoot(),
-				this.getGistIdGenerator(), hazelcastInstance, objectMapper);
+				this.getGistIdGenerator(), hazelcastInstance);
 		repo.setLockTimeout(serviceProperties.getLockTimeout());
+		repo.setSecurityManager(getGistSecurityManager());
+		repo.setGistRepositoryFactory(repositoryFactory);
 		return repo;
 	}
+
+	@Bean
+	public GistSecurityManager getGistSecurityManager() {
+		if(GistServiceProperties.STRICT_SECURITY_MANAGER.equals(serviceProperties.getSecurity())) {
+			logger.info("Using strict gist security manager.");
+			return new SimpleGistSecurityManager();
+		} else {
+			logger.info("Using permissive gist security manager.");
+			return new PermissiveGistSecurityManager();
+		}
+	}
 
 	@Bean
 	public GistIdGenerator getGistIdGenerator() {
 		return new UUIDGistIdGenerator();
 	}
 
+	@Bean
+	public CommonsRequestLoggingFilter requestLoggingFilter() {
+	    CommonsRequestLoggingFilter crlf = new CommonsRequestLoggingFilter();
+	    crlf.setIncludeClientInfo(true);
+	    crlf.setIncludeQueryString(true);
+	    crlf.setIncludePayload(true);
+	    return crlf;
+	}
 
 }

rcloud-gist-service/src/main/java/com/mangosolutions/rcloud/rawgist/GistServiceProperties.java

@@ -6,11 +6,18 @@
 *******************************************************************************/
 package com.mangosolutions.rcloud.rawgist;
 
+import java.util.ArrayList;
+import java.util.List;
+
 import org.springframework.boot.context.properties.ConfigurationProperties;
 
 @ConfigurationProperties(prefix = "gists")
 public class GistServiceProperties {
-
+
+	public static String STRICT_SECURITY_MANAGER = "strict";
+
+	private String security = "permissive";
+
 	private String root;
 
 	private String cache = "gists";
@@ -20,6 +27,8 @@ public class GistServiceProperties {
 	private String sessionKeyServerUrl = null;
 
 	private String sessionKeyServerRealm = "rcloud";
+
+	private List<String> mediatypes = new ArrayList<>();
 
 	public String getSessionKeyServerRealm() {
 		return sessionKeyServerRealm;
@@ -61,4 +70,20 @@ public void setSessionKeyServerUrl(String sessionKeyServerUrl) {
 		this.sessionKeyServerUrl = sessionKeyServerUrl;
 	}
 
+	public List<String> getMediatypes() {
+		return mediatypes;
+	}
+
+	public void setMediatypes(List<String> mediatypes) {
+		this.mediatypes = mediatypes;
+	}
+
+	public String getSecurity() {
+		return security;
+	}
+
+	public void setSecurity(String securityManager) {
+		this.security = securityManager;
+	}
+
 }

rcloud-gist-service/src/main/java/com/mangosolutions/rcloud/rawgist/RequestParameterAuthenticationFilter.java

@@ -0,0 +1,77 @@
+/*******************************************************************************
+* Copyright (c) 2017 AT&T Intellectual Property, [http://www.att.com]
+*
+* SPDX-License-Identifier:   MIT
+*
+*******************************************************************************/
+package com.mangosolutions.rcloud.rawgist;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter;
+import org.springframework.security.web.authentication.preauth.PreAuthenticatedCredentialsNotFoundException;
+import org.springframework.util.Assert;
+
+public class RequestParameterAuthenticationFilter extends AbstractPreAuthenticatedProcessingFilter {
+
+	private String principalRequestParameter = "session_token";
+	private String credentialsRequestParameter;
+	private boolean exceptionIfHeaderMissing = true;
+
+	/**
+	 * Read and returns the header named by {@code principalRequestHeader} from the
+	 * request.
+	 *
+	 * @throws PreAuthenticatedCredentialsNotFoundException if the header is missing and
+	 * {@code exceptionIfHeaderMissing} is set to {@code true}.
+	 */
+	@Override
+	protected Object getPreAuthenticatedPrincipal(HttpServletRequest request) {
+		String principal = request.getParameter(principalRequestParameter);
+
+		if (principal == null && exceptionIfHeaderMissing) {
+			throw new PreAuthenticatedCredentialsNotFoundException(principalRequestParameter
+					+ " parameter not found in request.");
+		}
+
+		return principal;
+	}
+
+	/**
+	 * Credentials aren't usually applicable, but if a {@code credentialsRequestHeader} is
+	 * set, this will be read and used as the credentials value. Otherwise a dummy value
+	 * will be used.
+	 */
+	@Override
+	protected Object getPreAuthenticatedCredentials(HttpServletRequest request) {
+		if (credentialsRequestParameter != null) {
+			return request.getParameter(credentialsRequestParameter);
+		}
+
+		return "N/A";
+	}
+
+	public void setPrincipalRequestParameter(String principalRequestHeader) {
+		Assert.hasText(principalRequestHeader,
+				"principalRequestHeader must not be empty or null");
+		this.principalRequestParameter = principalRequestHeader;
+	}
+
+	public void setCredentialsRequestParameter(String credentialsRequestHeader) {
+		Assert.hasText(credentialsRequestHeader,
+				"credentialsRequestHeader must not be empty or null");
+		this.credentialsRequestParameter = credentialsRequestHeader;
+	}
+
+	/**
+	 * Defines whether an exception should be raised if the principal header is missing.
+	 * Defaults to {@code true}.
+	 *
+	 * @param exceptionIfHeaderMissing set to {@code false} to override the default
+	 * behaviour and allow the request to proceed if no header is found.
+	 */
+	public void setExceptionIfHeaderMissing(boolean exceptionIfHeaderMissing) {
+		this.exceptionIfHeaderMissing = exceptionIfHeaderMissing;
+	}
+
+}