Merge pull request #95 from davco01a/latest

check github config

src/main/java/kabasec/Authentication.java

@@ -147,6 +147,40 @@ private List<String> convertJsonArrayToList(JsonArray array) {
         return convertedList;
     }
 
+    public boolean areGithubTeamsConfigured() {
+        org.eclipse.microprofile.config.Config config = ConfigProvider.getConfig();
+        // look for KABANERO_CLI_GROUP which in the container environment implies that teams have been set up.
+        boolean configured = false;
+        try{
+            configured =   config.getValue("KABANERO_CLI_GROUP", String.class) != null;
+        } catch (NoSuchElementException e) {
+            // not there
+        }
+        if(!configured) {
+            System.out.println("ERROR: areGithubTeamsConfigured returns false because environment variable KABANERO_CLI_GROUP is not defined");
+            return configured;
+        }
+
+        // now to check the teams 
+        Iterable<String> props = ConfigProvider.getConfig().getPropertyNames();
+        Iterator<String> it = props.iterator();
+        while(it.hasNext()) {
+            String prop = it.next();
+            if (prop.startsWith(Constants.ROLESPREFIX) || prop.startsWith(Constants.ROLESPREFIXOLD)) {
+                return true;
+            }
+        }
+        System.out.println("ERROR: areGithubTeamsConfigured returns false because " + 
+                "no environment variables starting with "+ Constants.ROLESPREFIX + " or "+ Constants.ROLESPREFIXOLD + " are defined");
+        return false;
+
+
+    }
+
+    public boolean isGithubURLConfigured() {
+        return (new Config()).getApiUrlBase() != null;
+    }
+
 
     private List<String> addGroupNamesForTeamsFromEnvironment(JsonArray array,  List<String> groupsList) {
         for (int i = 0; i < array.size(); i++) {

src/main/java/kabasec/Config.java

@@ -12,6 +12,10 @@
 public class Config {
     private String gitHubApiUrlBase = null;
 
+    public String getApiUrlBase() {
+        init();
+        return gitHubApiUrlBase;
+    }
 
     public String getUserInfoUrl() {
        init();
@@ -38,10 +42,12 @@ private void init() {
         } catch (NoSuchElementException e) {
             // it's not there
         }
+        /*
         if (key == null || key.isEmpty()) {            
             key = Constants.GITHUB_API_URL_BASE;
         }
+        */
         gitHubApiUrlBase = key;
     }
 
-}
+}

src/main/java/kabasec/Login.java

@@ -81,6 +81,7 @@ public Properties login(Properties args) {
         String jwt = null;
         try {
             Authentication auth = new Authentication();
+            checkTeamsAndGithubURL(auth);
             jwt = auth.getJwt(creds);  // check id, password/PAT, and team membership here.
         } catch (KabaneroSecurityException e) {
             return returnError(e.getStatusCode(), "An error occurred during authentication for user [" + creds.getId() + "].", e);
@@ -89,6 +90,21 @@ public Properties login(Properties args) {
         }
         return returnSuccess(jwt);
     }
+
+    private void checkTeamsAndGithubURL(Authentication auth) throws KabaneroSecurityException {
+        String errmsg = "";
+        String preamble = "The Github configuration is not complete: ";
+        if(! auth.areGithubTeamsConfigured()) {
+            errmsg = "Github teams or organization have not been defined";
+        }
+        if(! auth.isGithubURLConfigured()) {
+            errmsg += " Github API URL has not been defined.";
+        }
+        if (!"".equals(errmsg)) {
+            //539 is agreed upon with cli.
+            throw new KabaneroSecurityException(539, preamble + errmsg);
+        }
+    }
 
     private Properties returnError(int responseStatus, String errorMsg, Exception e) {
         if (responseStatus == HttpServletResponse.SC_INTERNAL_SERVER_ERROR) {

src/main/liberty/config/server.xml

@@ -48,7 +48,8 @@
     <variable name="jwt.issuer" defaultValue="https://kabasec.com" />
 
     <!-- this will be the default base url for github api calls -->
-    <variable defaultValue="https://api.github.com" name="github.api.url" />
+    <!-- removed so we can fail with meaningful message if it hasn't been set in the instance deployment -->
+    <!-- <variable defaultValue="https://api.github.com" name="github.api.url" /> --> 
 
 
   <!-- Automatically expand WAR files and EAR files -->