From 25de4bc514fb773b26eac2199d9eccf3242c71d6 Mon Sep 17 00:00:00 2001 From: Brandon Squizzato Date: Fri, 12 Apr 2019 16:20:28 -0400 Subject: [PATCH 1/3] Add BearerTokenAuth --- .../auth2/BearerTokenAuth.java | 94 +++++++++++++++++++ 1 file changed, 94 insertions(+) create mode 100644 src/main/java/org/jenkinsci/plugins/ParameterizedRemoteTrigger/auth2/BearerTokenAuth.java diff --git a/src/main/java/org/jenkinsci/plugins/ParameterizedRemoteTrigger/auth2/BearerTokenAuth.java b/src/main/java/org/jenkinsci/plugins/ParameterizedRemoteTrigger/auth2/BearerTokenAuth.java new file mode 100644 index 00000000..eeb1c28d --- /dev/null +++ b/src/main/java/org/jenkinsci/plugins/ParameterizedRemoteTrigger/auth2/BearerTokenAuth.java @@ -0,0 +1,94 @@ +package org.jenkinsci.plugins.ParameterizedRemoteTrigger.auth2; + +import java.io.IOException; +import java.net.URLConnection; + +import org.jenkinsci.Symbol; + +import org.jenkinsci.plugins.ParameterizedRemoteTrigger.BuildContext; +import org.jenkinsci.plugins.ParameterizedRemoteTrigger.utils.Base64Utils; +import org.kohsuke.stapler.DataBoundConstructor; +import org.kohsuke.stapler.DataBoundSetter; + +import hudson.Extension; +import hudson.model.Item; + + +public class BearerTokenAuth extends Auth2 { + + //private static final long serialVersionUID = 051380141338287L; + + @Extension + public static final Auth2Descriptor DESCRIPTOR = new BearerTokenAuthDescriptor(); + + private String token; + + @DataBoundConstructor + public BearerTokenAuth() { + this.token = null; + } + + @DataBoundSetter + public void setToken(String token) { + this.token = token; + } + + public String getToken() { + return this.token; + } + + @Override + public void setAuthorizationHeader(URLConnection connection, BuildContext context) throws IOException { + connection.setRequestProperty("Authorization", "Bearer: " + getToken()); + } + + @Override + public String toString() { + return "'" + getDescriptor().getDisplayName() + "'"; + } + + @Override + public String toString(Item item) { + return toString(); + } + + @Override + public Auth2Descriptor getDescriptor() { + return DESCRIPTOR; + } + + @Symbol("BearerTokenAuth") + public static class BearerTokenAuthDescriptor extends Auth2Descriptor { + @Override + public String getDisplayName() { + return "Bearer Token Authentication"; + } + } + + @Override + public int hashCode() { + final int prime = 31; + int result = 1; + result = prime * result + ((token == null) ? 0 : token.hashCode()); + return result; + } + + @Override + public boolean equals(Object obj) { + if (this == obj) + return true; + if (obj == null) + return false; + if (!this.getClass().isInstance(obj)) + return false; + BearerTokenAuth other = (BearerTokenAuth) obj; + if (token == null) { + if (other.token != null) + return false; + } else if (!token.equals(other.token)) { + return false; + } + return true; + } + +} From 91872ca0f7dba8112e34f6e1256a5023f7e04add Mon Sep 17 00:00:00 2001 From: Brandon Squizzato Date: Thu, 2 Jan 2020 14:06:07 -0500 Subject: [PATCH 2/3] Update README, add test, generate serialVersionUID --- README_PipelineConfiguration.md | 3 +++ .../auth2/BearerTokenAuth.java | 13 +++++-------- .../auth2/Auth2Test.java | 14 ++++++++++++++ 3 files changed, 22 insertions(+), 8 deletions(-) diff --git a/README_PipelineConfiguration.md b/README_PipelineConfiguration.md index 7854ed42..8945c3e8 100644 --- a/README_PipelineConfiguration.md +++ b/README_PipelineConfiguration.md @@ -74,6 +74,9 @@ Authentication can be configured globally in the system configuration or set/ove The following authentication types are available: - **Token Authentication** The specified user id and Jenkins API token is used.
```auth: TokenAuth(apiToken: '', userName: '')``` +- **Bearer Token Authentication** The specified token is inserted to a "Authentication: Bearer" header in REST API requests.
+ This is useful when the Jenkins deployment is fronted by a token authentication mechanism (such as when running on Red Hat OpenShift)
+ ```auth: BearerTokenAuth(token: '')``` - **Credentials Authentication** The specified Jenkins Credentials are used. This can be either user/password or user/API Token.
```auth: CredentialsAuth(credentials: '')``` - **No Authentication** No Authorization header will be sent, independent of the global 'remote host' settings.
diff --git a/src/main/java/org/jenkinsci/plugins/ParameterizedRemoteTrigger/auth2/BearerTokenAuth.java b/src/main/java/org/jenkinsci/plugins/ParameterizedRemoteTrigger/auth2/BearerTokenAuth.java index eeb1c28d..985f3af2 100644 --- a/src/main/java/org/jenkinsci/plugins/ParameterizedRemoteTrigger/auth2/BearerTokenAuth.java +++ b/src/main/java/org/jenkinsci/plugins/ParameterizedRemoteTrigger/auth2/BearerTokenAuth.java @@ -6,7 +6,6 @@ import org.jenkinsci.Symbol; import org.jenkinsci.plugins.ParameterizedRemoteTrigger.BuildContext; -import org.jenkinsci.plugins.ParameterizedRemoteTrigger.utils.Base64Utils; import org.kohsuke.stapler.DataBoundConstructor; import org.kohsuke.stapler.DataBoundSetter; @@ -16,7 +15,7 @@ public class BearerTokenAuth extends Auth2 { - //private static final long serialVersionUID = 051380141338287L; + private static final long serialVersionUID = 3614172320192170597L; @Extension public static final Auth2Descriptor DESCRIPTOR = new BearerTokenAuthDescriptor(); @@ -83,12 +82,10 @@ public boolean equals(Object obj) { return false; BearerTokenAuth other = (BearerTokenAuth) obj; if (token == null) { - if (other.token != null) - return false; - } else if (!token.equals(other.token)) { - return false; + if (other.token == null) { + return true; + } } - return true; + return token.equals(other.token); } - } diff --git a/src/test/java/org/jenkinsci/plugins/ParameterizedRemoteTrigger/auth2/Auth2Test.java b/src/test/java/org/jenkinsci/plugins/ParameterizedRemoteTrigger/auth2/Auth2Test.java index 816cc570..917f5074 100644 --- a/src/test/java/org/jenkinsci/plugins/ParameterizedRemoteTrigger/auth2/Auth2Test.java +++ b/src/test/java/org/jenkinsci/plugins/ParameterizedRemoteTrigger/auth2/Auth2Test.java @@ -9,6 +9,20 @@ public class Auth2Test { + @Test + public void testBearerTokenAuthCloneBehaviour() throws CloneNotSupportedException { + BearerTokenAuth original = new BearerTokenAuth(); + original.setToken("original"); + BearerTokenAuth clone = (BearerTokenAuth)original.clone(); + verifyEqualsHashCode(original, clone); + + //Test changing clone + clone.setToken("changed"); + verifyEqualsHashCode(original, clone, false); + assertEquals("original", original.getToken()); + assertEquals("changed", clone.getToken()); + } + @Test public void testCredentialsAuthCloneBehaviour() throws CloneNotSupportedException { CredentialsAuth original = new CredentialsAuth(); From 84344f712c575ab8835e6365b4ccafa40ddb7256 Mon Sep 17 00:00:00 2001 From: Brandon Squizzato Date: Thu, 2 Jan 2020 14:18:57 -0500 Subject: [PATCH 3/3] Minor tweak to handle potential NPE --- .../ParameterizedRemoteTrigger/auth2/BearerTokenAuth.java | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/main/java/org/jenkinsci/plugins/ParameterizedRemoteTrigger/auth2/BearerTokenAuth.java b/src/main/java/org/jenkinsci/plugins/ParameterizedRemoteTrigger/auth2/BearerTokenAuth.java index 985f3af2..19d51b00 100644 --- a/src/main/java/org/jenkinsci/plugins/ParameterizedRemoteTrigger/auth2/BearerTokenAuth.java +++ b/src/main/java/org/jenkinsci/plugins/ParameterizedRemoteTrigger/auth2/BearerTokenAuth.java @@ -84,6 +84,8 @@ public boolean equals(Object obj) { if (token == null) { if (other.token == null) { return true; + } else { + return false; } } return token.equals(other.token);