Move impersonation and anonymous access logic to AuthenticationManager

designer/server/src/main/scala/pl/touk/nussknacker/ui/api/AppApiHttpService.scala

@@ -13,24 +13,24 @@ import pl.touk.nussknacker.ui.api.description.AppApiEndpoints.Dtos._
 import pl.touk.nussknacker.ui.process.ProcessService.GetScenarioWithDetailsOptions
 import pl.touk.nussknacker.ui.process.processingtype.{ProcessingTypeDataProvider, ProcessingTypeDataReload}
 import pl.touk.nussknacker.ui.process.{ProcessService, ScenarioQuery}
-import pl.touk.nussknacker.ui.security.api.{AuthenticationResources, LoggedUser, NussknackerInternalUser}
+import pl.touk.nussknacker.ui.security.api.{AuthenticationManager, LoggedUser, NussknackerInternalUser}
 
 import scala.concurrent.{ExecutionContext, Future}
 import scala.util.control.NonFatal
 
 class AppApiHttpService(
     config: Config,
-    authenticator: AuthenticationResources,
+    authenticationManager: AuthenticationManager,
     processingTypeDataReloader: ProcessingTypeDataReload,
     modelBuildInfos: ProcessingTypeDataProvider[Map[String, String], _],
     categories: ProcessingTypeDataProvider[String, _],
     processService: ProcessService,
     shouldExposeConfig: Boolean
 )(implicit executionContext: ExecutionContext)
-    extends BaseHttpService(authenticator)
+    extends BaseHttpService(authenticationManager)
     with LazyLogging {
 
-  private val appApiEndpoints = new AppApiEndpoints(authenticator.authenticationMethod())
+  private val appApiEndpoints = new AppApiEndpoints(authenticationManager.authenticationEndpointInput())
 
   expose {
     appApiEndpoints.appHealthCheckEndpoint

designer/server/src/main/scala/pl/touk/nussknacker/ui/api/BaseHttpService.scala

@@ -6,15 +6,14 @@ import pl.touk.nussknacker.restmodel.SecurityError.{AuthenticationError, Authori
 import pl.touk.nussknacker.security.AuthCredentials
 import pl.touk.nussknacker.ui.api.BaseHttpService.{CustomAuthorizationError, NoRequirementServerEndpoint}
 import pl.touk.nussknacker.ui.security.api.CreationError.ImpersonationNotAllowed
-import pl.touk.nussknacker.ui.security.api.LoggedUser.create
 import pl.touk.nussknacker.ui.security.api._
 import sttp.tapir.server.{PartialServerEndpoint, ServerEndpoint}
 
 import java.util.concurrent.atomic.AtomicReference
 import scala.concurrent.{ExecutionContext, Future}
 
 abstract class BaseHttpService(
-    authenticator: AuthenticationResources
+    authenticationManager: AuthenticationManager
 )(implicit executionContext: ExecutionContext) {
 
   // the discussion about this approach can be found here: https://github.com/TouK/nussknacker/pull/4685#discussion_r1329794444
@@ -51,13 +50,13 @@ abstract class BaseHttpService(
   protected def authorizeKnownUser[BUSINESS_ERROR](
       credentials: AuthCredentials
   ): Future[LogicResult[BUSINESS_ERROR, LoggedUser]] = {
-    authenticator
+    authenticationManager
       .authenticate(credentials)
       .map {
         case Some(user) if user.roles.nonEmpty =>
           // TODO: This is strange that we call authenticator.authenticate and the first thing that we do with the returned user is
           //       creation of another user representation based on authenticator.configuration. Shouldn't we just return the LoggedUser?
-          LoggedUser.create(user, authenticator.configuration.rules) match {
+          LoggedUser.create(user, authenticationManager.authenticationRules) match {
             case Right(loggedUser)             => success(loggedUser)
             case Left(ImpersonationNotAllowed) => securityError(AuthorizationError)
           }

designer/server/src/main/scala/pl/touk/nussknacker/ui/api/ComponentApiHttpService.scala

@@ -4,18 +4,18 @@ import com.typesafe.scalalogging.LazyLogging
 import pl.touk.nussknacker.engine.api.component.DesignerWideComponentId
 import pl.touk.nussknacker.restmodel.component.ComponentApiEndpoints
 import pl.touk.nussknacker.ui.definition.component.ComponentService
-import pl.touk.nussknacker.ui.security.api.{AuthenticationResources, LoggedUser}
+import pl.touk.nussknacker.ui.security.api.{AuthenticationManager, LoggedUser}
 
 import scala.concurrent.ExecutionContext
 
 class ComponentApiHttpService(
-    authenticator: AuthenticationResources,
+    authenticationManager: AuthenticationManager,
     componentService: ComponentService
 )(implicit executionContext: ExecutionContext)
-    extends BaseHttpService(authenticator)
+    extends BaseHttpService(authenticationManager)
     with LazyLogging {
 
-  private val componentApiEndpoints = new ComponentApiEndpoints(authenticator.authenticationMethod())
+  private val componentApiEndpoints = new ComponentApiEndpoints(authenticationManager.authenticationEndpointInput())
 
   expose {
     componentApiEndpoints.componentsListEndpoint

designer/server/src/main/scala/pl/touk/nussknacker/ui/api/DeploymentApiHttpService.scala

@@ -3,17 +3,17 @@ package pl.touk.nussknacker.ui.api
 import pl.touk.nussknacker.ui.api.description.DeploymentApiEndpoints
 import pl.touk.nussknacker.ui.api.description.DeploymentApiEndpoints.Dtos._
 import pl.touk.nussknacker.ui.process.newdeployment.{DeploymentService, RunDeploymentCommand}
-import pl.touk.nussknacker.ui.security.api.AuthenticationResources
+import pl.touk.nussknacker.ui.security.api.AuthenticationManager
 
 import scala.concurrent.ExecutionContext
 
 class DeploymentApiHttpService(
-    authenticator: AuthenticationResources,
+    authenticationManager: AuthenticationManager,
     deploymentService: DeploymentService
 )(implicit executionContext: ExecutionContext)
-    extends BaseHttpService(authenticator) {
+    extends BaseHttpService(authenticationManager) {
 
-  private val endpoints = new DeploymentApiEndpoints(authenticator.authenticationMethod())
+  private val endpoints = new DeploymentApiEndpoints(authenticationManager.authenticationEndpointInput())
 
   expose {
     endpoints.runDeploymentEndpoint

designer/server/src/main/scala/pl/touk/nussknacker/ui/api/DictApiHttpService.scala

@@ -15,18 +15,18 @@ import pl.touk.nussknacker.ui.api.description.DictApiEndpoints.DictError.{
 }
 import pl.touk.nussknacker.ui.api.description.DictApiEndpoints.Dtos.DictDto
 import pl.touk.nussknacker.ui.process.processingtype.ProcessingTypeDataProvider
-import pl.touk.nussknacker.ui.security.api.{AuthenticationResources, LoggedUser}
+import pl.touk.nussknacker.ui.security.api.{AuthenticationManager, LoggedUser}
 
 import scala.concurrent.{ExecutionContext, Future}
 
 class DictApiHttpService(
-    authenticator: AuthenticationResources,
+    authenticationManager: AuthenticationManager,
     processingTypeData: ProcessingTypeDataProvider[(DictQueryService, Map[String, DictDefinition], ClassLoader), _]
 )(implicit executionContext: ExecutionContext)
-    extends BaseHttpService(authenticator)
+    extends BaseHttpService(authenticationManager)
     with LazyLogging {
 
-  private val dictApiEndpoints = new DictApiEndpoints(authenticator.authenticationMethod())
+  private val dictApiEndpoints = new DictApiEndpoints(authenticationManager.authenticationEndpointInput())
 
   expose {
     dictApiEndpoints.dictionaryEntryQueryEndpoint

designer/server/src/main/scala/pl/touk/nussknacker/ui/api/ManagementApiHttpService.scala

@@ -14,20 +14,20 @@ import pl.touk.nussknacker.ui.api.ManagementApiEndpoints.ManagementApiError.{NoA
 import pl.touk.nussknacker.ui.api.{BaseHttpService, CustomActionValidationDto, ManagementApiEndpoints}
 import pl.touk.nussknacker.ui.process.ProcessService
 import pl.touk.nussknacker.ui.process.deployment.DeploymentManagerDispatcher
-import pl.touk.nussknacker.ui.security.api.{AuthenticationResources, LoggedUser}
+import pl.touk.nussknacker.ui.security.api.{AuthenticationManager, LoggedUser}
 import pl.touk.nussknacker.ui.validation.CustomActionValidator
 
 import scala.concurrent.{ExecutionContext, Future}
 
 class ManagementApiHttpService(
-    authenticator: AuthenticationResources,
+    authenticationManager: AuthenticationManager,
     dispatcher: DeploymentManagerDispatcher,
     processService: ProcessService
 )(implicit executionContext: ExecutionContext)
-    extends BaseHttpService(authenticator)
+    extends BaseHttpService(authenticationManager)
     with LazyLogging {
 
-  private val managementApiEndpoints = new ManagementApiEndpoints(authenticator.authenticationMethod())
+  private val managementApiEndpoints = new ManagementApiEndpoints(authenticationManager.authenticationEndpointInput())
 
   expose {
     managementApiEndpoints.customActionValidationEndpoint

designer/server/src/main/scala/pl/touk/nussknacker/ui/api/MigrationApiHttpService.scala

@@ -6,19 +6,21 @@ import pl.touk.nussknacker.ui.api.description.MigrationApiEndpoints
 import pl.touk.nussknacker.ui.api.description.MigrationApiEndpoints.Dtos._
 import pl.touk.nussknacker.ui.migrations.MigrationService.MigrationError
 import pl.touk.nussknacker.ui.migrations.{MigrateScenarioData, MigrationApiAdapterService, MigrationService}
-import pl.touk.nussknacker.ui.security.api.AuthenticationResources
+import pl.touk.nussknacker.ui.security.api.AuthenticationManager
 
 import scala.concurrent.{ExecutionContext, Future}
 
 class MigrationApiHttpService(
-    authenticator: AuthenticationResources,
+    authenticationManager: AuthenticationManager,
     migrationService: MigrationService,
     migrationApiAdapterService: MigrationApiAdapterService
 )(implicit val ec: ExecutionContext)
-    extends BaseHttpService(authenticator)
+    extends BaseHttpService(authenticationManager)
     with LazyLogging {
 
-  private val remoteEnvironmentApiEndpoints = new MigrationApiEndpoints(authenticator.authenticationMethod())
+  private val remoteEnvironmentApiEndpoints = new MigrationApiEndpoints(
+    authenticationManager.authenticationEndpointInput()
+  )
 
   expose {
     remoteEnvironmentApiEndpoints.migrateEndpoint

designer/server/src/main/scala/pl/touk/nussknacker/ui/api/NodesApiHttpService.scala

@@ -37,30 +37,30 @@ import pl.touk.nussknacker.ui.api.utils.ScenarioHttpServiceExtensions
 import pl.touk.nussknacker.ui.process.ProcessService
 import pl.touk.nussknacker.ui.process.processingtype.ProcessingTypeDataProvider
 import pl.touk.nussknacker.ui.process.repository.ProcessDBQueryRepository.ProcessNotFoundError
-import pl.touk.nussknacker.ui.security.api.{AuthenticationResources, LoggedUser}
+import pl.touk.nussknacker.ui.security.api.{AuthenticationManager, LoggedUser}
 import pl.touk.nussknacker.ui.suggester.ExpressionSuggester
 import pl.touk.nussknacker.ui.validation.{NodeValidator, ParametersValidator, UIProcessValidator}
 
 import scala.concurrent.{ExecutionContext, Future}
 
 class NodesApiHttpService(
-    authenticator: AuthenticationResources,
+    authenticationManager: AuthenticationManager,
     processingTypeToConfig: ProcessingTypeDataProvider[ModelData, _],
     processingTypeToProcessValidator: ProcessingTypeDataProvider[UIProcessValidator, _],
     processingTypeToNodeValidator: ProcessingTypeDataProvider[NodeValidator, _],
     processingTypeToExpressionSuggester: ProcessingTypeDataProvider[ExpressionSuggester, _],
     processingTypeToParametersValidator: ProcessingTypeDataProvider[ParametersValidator, _],
     protected override val scenarioService: ProcessService
 )(override protected implicit val executionContext: ExecutionContext)
-    extends BaseHttpService(authenticator)
+    extends BaseHttpService(authenticationManager)
     with ScenarioHttpServiceExtensions
     with LazyLogging {
 
   override protected type BusinessErrorType = NodesError
   override protected def noScenarioError(scenarioName: ProcessName): NodesError      = NoScenario(scenarioName)
   override protected def noPermissionError: NodesError with CustomAuthorizationError = NoPermission
 
-  private val nodesApiEndpoints = new NodesApiEndpoints(authenticator.authenticationMethod())
+  private val nodesApiEndpoints = new NodesApiEndpoints(authenticationManager.authenticationEndpointInput())
 
   private val additionalInfoProviders = new AdditionalInfoProviders(processingTypeToConfig)
 

designer/server/src/main/scala/pl/touk/nussknacker/ui/api/NotificationApiHttpService.scala

@@ -3,18 +3,20 @@ package pl.touk.nussknacker.ui.api
 import com.typesafe.scalalogging.LazyLogging
 import pl.touk.nussknacker.ui.api.description.NotificationApiEndpoints
 import pl.touk.nussknacker.ui.notifications.NotificationService
-import pl.touk.nussknacker.ui.security.api.AuthenticationResources
+import pl.touk.nussknacker.ui.security.api.AuthenticationManager
 
 import scala.concurrent.ExecutionContext
 
 class NotificationApiHttpService(
-    authenticator: AuthenticationResources,
+    authenticationManager: AuthenticationManager,
     notificationService: NotificationService
 )(implicit executionContext: ExecutionContext)
-    extends BaseHttpService(authenticator)
+    extends BaseHttpService(authenticationManager)
     with LazyLogging {
 
-  private val notificationApiEndpoints = new NotificationApiEndpoints(authenticator.authenticationMethod())
+  private val notificationApiEndpoints = new NotificationApiEndpoints(
+    authenticationManager.authenticationEndpointInput()
+  )
 
   expose {
     notificationApiEndpoints.notificationEndpoint

designer/server/src/main/scala/pl/touk/nussknacker/ui/api/ScenarioActivityApiHttpService.scala

@@ -14,7 +14,7 @@ import pl.touk.nussknacker.ui.api.description.ScenarioActivityApiEndpoints.Dtos.
 import pl.touk.nussknacker.ui.api.description.ScenarioActivityApiEndpoints.Dtos._
 import pl.touk.nussknacker.ui.process.repository.{ProcessActivityRepository, UserComment}
 import pl.touk.nussknacker.ui.process.{ProcessService, ScenarioAttachmentService}
-import pl.touk.nussknacker.ui.security.api.{AuthenticationResources, LoggedUser}
+import pl.touk.nussknacker.ui.security.api.{AuthenticationManager, LoggedUser}
 import pl.touk.nussknacker.ui.server.HeadersSupport.ContentDisposition
 import pl.touk.nussknacker.ui.server.TapirStreamEndpointProvider
 import sttp.model.MediaType
@@ -24,17 +24,19 @@ import java.net.URLConnection
 import scala.concurrent.{ExecutionContext, Future}
 
 class ScenarioActivityApiHttpService(
-    authenticator: AuthenticationResources,
+    authenticationManager: AuthenticationManager,
     scenarioActivityRepository: ProcessActivityRepository,
     scenarioService: ProcessService,
     scenarioAuthorizer: AuthorizeProcess,
     attachmentService: ScenarioAttachmentService,
     streamEndpointProvider: TapirStreamEndpointProvider
 )(implicit executionContext: ExecutionContext)
-    extends BaseHttpService(authenticator)
+    extends BaseHttpService(authenticationManager)
     with LazyLogging {
 
-  private val scenarioActivityApiEndpoints = new ScenarioActivityApiEndpoints(authenticator.authenticationMethod())
+  private val scenarioActivityApiEndpoints = new ScenarioActivityApiEndpoints(
+    authenticationManager.authenticationEndpointInput()
+  )
 
   expose {
     scenarioActivityApiEndpoints.scenarioActivityEndpoint

designer/server/src/main/scala/pl/touk/nussknacker/ui/api/ScenarioParametersApiHttpService.scala

@@ -4,18 +4,20 @@ import com.typesafe.scalalogging.LazyLogging
 import pl.touk.nussknacker.ui.api.description.ScenarioParametersApiEndpoints
 import pl.touk.nussknacker.ui.api.description.ScenarioParametersApiEndpoints.Dtos.ScenarioParametersCombinationWithEngineErrors
 import pl.touk.nussknacker.ui.process.processingtype.{ProcessingTypeDataProvider, ScenarioParametersService}
-import pl.touk.nussknacker.ui.security.api.{AuthenticationResources, LoggedUser}
+import pl.touk.nussknacker.ui.security.api.{AuthenticationManager, LoggedUser}
 
 import scala.concurrent.{ExecutionContext, Future}
 
 class ScenarioParametersApiHttpService(
-    authenticator: AuthenticationResources,
+    authenticationManager: AuthenticationManager,
     scenarioParametersService: ProcessingTypeDataProvider[_, ScenarioParametersService]
 )(implicit executionContext: ExecutionContext)
-    extends BaseHttpService(authenticator)
+    extends BaseHttpService(authenticationManager)
     with LazyLogging {
 
-  private val parametersApiEndpoints = new ScenarioParametersApiEndpoints(authenticator.authenticationMethod())
+  private val parametersApiEndpoints = new ScenarioParametersApiEndpoints(
+    authenticationManager.authenticationEndpointInput()
+  )
 
   expose {
     parametersApiEndpoints.scenarioParametersCombinationsEndpoint

designer/server/src/main/scala/pl/touk/nussknacker/ui/api/StatisticsApiHttpService.scala

@@ -9,20 +9,20 @@ import pl.touk.nussknacker.ui.api.description.StatisticsApiEndpoints.Dtos.{
   StatisticUrlResponseDto
 }
 import pl.touk.nussknacker.ui.db.timeseries.{FEStatisticsRepository, WriteFEStatisticsRepository}
-import pl.touk.nussknacker.ui.security.api.AuthenticationResources
+import pl.touk.nussknacker.ui.security.api.AuthenticationManager
 import pl.touk.nussknacker.ui.statistics.UsageStatisticsReportsSettingsService
 
 import scala.concurrent.{ExecutionContext, Future}
 
 class StatisticsApiHttpService(
-    authenticator: AuthenticationResources,
+    authenticationManager: AuthenticationManager,
     usageStatisticsReportsSettingsService: UsageStatisticsReportsSettingsService,
     repository: FEStatisticsRepository[Future]
 )(implicit ec: ExecutionContext)
-    extends BaseHttpService(authenticator)
+    extends BaseHttpService(authenticationManager)
     with LazyLogging {
 
-  private val endpoints                = new StatisticsApiEndpoints(authenticator.authenticationMethod())
+  private val endpoints                = new StatisticsApiEndpoints(authenticationManager.authenticationEndpointInput())
   private val ignoringErrorsRepository = new IgnoringErrorsStatisticsRepository(repository)
 
   expose {

designer/server/src/main/scala/pl/touk/nussknacker/ui/api/UserApiHttpService.scala

@@ -3,18 +3,18 @@ package pl.touk.nussknacker.ui.api
 import com.typesafe.scalalogging.LazyLogging
 import pl.touk.nussknacker.ui.api.description.{DisplayableUser, UserApiEndpoints}
 import pl.touk.nussknacker.ui.process.processingtype.ProcessingTypeDataProvider
-import pl.touk.nussknacker.ui.security.api.{AuthenticationResources, LoggedUser}
+import pl.touk.nussknacker.ui.security.api.{AuthenticationManager, LoggedUser}
 
 import scala.concurrent.{ExecutionContext, Future}
 
 class UserApiHttpService(
-    authenticator: AuthenticationResources,
+    authenticationManager: AuthenticationManager,
     categories: ProcessingTypeDataProvider[String, _],
 )(implicit executionContext: ExecutionContext)
-    extends BaseHttpService(authenticator)
+    extends BaseHttpService(authenticationManager)
     with LazyLogging {
 
-  private val userApiEndpoints = new UserApiEndpoints(authenticator.authenticationMethod())
+  private val userApiEndpoints = new UserApiEndpoints(authenticationManager.authenticationEndpointInput())
 
   expose {
     userApiEndpoints.userInfoEndpoint