Skip to content

Commit

Permalink
convert LDAP authorization plugin configuration to YAML (#4599)
Browse files Browse the repository at this point in the history
  • Loading branch information
@vladak
vladak authored Aug 12, 2024
1 parent 9fd1f26 commit 531be32
Show file tree
Hide file tree
Showing 15 changed files with 143 additions and 291 deletions.
9 changes: 4 additions & 5 deletions opengrok-indexer/src/main/java/org/opengrok/indexer/framework/PluginClassLoader.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@
*/

/*
* Copyright (c) 2016, 2021, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2016, 2024, Oracle and/or its affiliates. All rights reserved.
* Portions Copyright (c) 2020, Chris Fraire <cfraire@me.com>.
*/
package org.opengrok.indexer.framework;
Expand Down Expand Up @@ -96,7 +96,7 @@ private Class<?> loadClassFromJar(String classname) throws ClassNotFoundExceptio
try (InputStream is = jar.getInputStream(entry)) {
byte[] bytes = loadBytes(is);
Class<?> c = defineClass(classname, bytes, 0, bytes.length);
LOGGER.log(Level.FINE, "Class \"{0}\" found in file \"{1}\"",
LOGGER.log(Level.FINE, "Class \"{0}\" found in file ''{1}''",
new Object[]{
classname,
f.getAbsolutePath()
Expand All @@ -122,7 +122,7 @@ private Class<?> loadClassFromFile(String classname) throws ClassNotFoundExcepti
byte[] bytes = loadBytes(in);

Class<?> c = defineClass(classname, bytes, 0, bytes.length);
LOGGER.log(Level.FINEST, "Class \"{0}\" found in file \"{1}\"",
LOGGER.log(Level.FINEST, "Class \"{0}\" found in file ''{1}''",
new Object[]{
classname,
f.getAbsolutePath()
Expand Down Expand Up @@ -154,8 +154,7 @@ private boolean checkWhiteList(String name) {
}

private void checkClassname(String name) throws SecurityException {
if (name.startsWith("org.opengrok.")
&& !checkWhiteList(name)) {
if (name.startsWith("org.opengrok.") && !checkWhiteList(name)) {
throw new SecurityException("Tried to load a blacklisted class \"" + name + "\"\n"
+ "Allowed classes from opengrok package are only: "
+ Arrays.toString(CLASS_WHITELIST));
Expand Down
11 changes: 6 additions & 5 deletions opengrok-indexer/src/main/java/org/opengrok/indexer/framework/PluginFramework.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@
*/

/*
* Copyright (c) 2019, 2021, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2019, 2024, Oracle and/or its affiliates. All rights reserved.
*/
package org.opengrok.indexer.framework;

Expand Down Expand Up @@ -330,11 +330,12 @@ private String getClassName(JarEntry jarEntry) {
File file = new File(pluginDirectory.getAbsolutePath(), filePath);
try {
if (!file.getCanonicalPath().startsWith(pluginDirectory.getCanonicalPath() + File.separator)) {
LOGGER.log(Level.WARNING, "canonical path for jar entry {0} leads outside the origin", filePath);
LOGGER.log(Level.WARNING, "canonical path for jar entry ''{0}'' leads outside the origin",
filePath);
return null;
}
} catch (IOException e) {
LOGGER.log(Level.WARNING, "failed to get canonical path for {0}", file);
LOGGER.log(Level.WARNING, "failed to get canonical path for ''{0}''", file);
return null;
}

Expand Down Expand Up @@ -372,12 +373,12 @@ private String getClassName(JarEntry jarEntry) {
*/
public final void reload() {
if (pluginDirectory == null || !pluginDirectory.isDirectory() || !pluginDirectory.canRead()) {
LOGGER.log(Level.WARNING, "Plugin directory not found or not readable: {0}. "
LOGGER.log(Level.WARNING, "Plugin directory ''{0}'' not found or not readable: "
+ "All requests allowed.", pluginDirectory);
return;
}

LOGGER.log(Level.INFO, "Plugins are being reloaded from {0}", pluginDirectory.getAbsolutePath());
LOGGER.log(Level.INFO, "Plugins are being reloaded from ''{0}''", pluginDirectory.getAbsolutePath());

// trashing out the old instance of the loader enables us
// to reload the stack at runtime
Expand Down
8 changes: 7 additions & 1 deletion opengrok-web/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ information: Portions Copyright [yyyy] [name of copyright owner]
CDDL HEADER END
Copyright (c) 2018, 2021, Oracle and/or its affiliates. All rights reserved.
Copyright (c) 2018, 2024, Oracle and/or its affiliates. All rights reserved.
Portions Copyright (c) 2018, 2020, Chris Fraire <cfraire@me.com>.
-->
Expand Down Expand Up @@ -96,6 +96,12 @@ Portions Copyright (c) 2018, 2020, Chris Fraire <cfraire@me.com>.
<artifactId>jersey-media-json-jackson</artifactId>
<version>${jersey.version}</version>
</dependency>
<!-- needed for the authorization plugins' configuration -->
<dependency>
<groupId>com.fasterxml.jackson.dataformat</groupId>
<artifactId>jackson-dataformat-yaml</artifactId>
<version>${jackson.version}</version>
</dependency>
<dependency>
<groupId>org.glassfish.jersey.ext</groupId>
<artifactId>jersey-bean-validation</artifactId>
Expand Down
7 changes: 6 additions & 1 deletion plugins/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ information: Portions Copyright [yyyy] [name of copyright owner]
CDDL HEADER END
Copyright (c) 2016, 2021, Oracle and/or its affiliates. All rights reserved.
Copyright (c) 2016, 2024, Oracle and/or its affiliates. All rights reserved.
Portions Copyright (c) 2020, Chris Fraire <cfraire@me.com>.
-->
Expand Down Expand Up @@ -75,6 +75,11 @@ Portions Copyright (c) 2020, Chris Fraire <cfraire@me.com>.
<artifactId>jersey-media-json-jackson</artifactId>
<version>${jersey.version}</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.dataformat</groupId>
<artifactId>jackson-dataformat-yaml</artifactId>
<version>${jackson.version}</version>
</dependency>
<dependency>
<groupId>org.glassfish.jersey.inject</groupId>
<artifactId>jersey-hk2</artifactId>
Expand Down
69 changes: 30 additions & 39 deletions plugins/src/main/java/opengrok/auth/plugin/configuration/Configuration.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,15 +18,10 @@
*/

/*
* Copyright (c) 2016, 2020, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2016, 2024, Oracle and/or its affiliates. All rights reserved.
*/
package opengrok.auth.plugin.configuration;

import java.beans.XMLDecoder;
import java.beans.XMLEncoder;
import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
Expand All @@ -36,23 +31,44 @@
import java.io.Serializable;
import java.util.ArrayList;
import java.util.List;

import com.fasterxml.jackson.annotation.JsonAutoDetect;
import com.fasterxml.jackson.annotation.JsonProperty;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.dataformat.yaml.YAMLFactory;
import com.fasterxml.jackson.dataformat.yaml.YAMLGenerator;
import opengrok.auth.plugin.ldap.LdapServer;
import opengrok.auth.plugin.util.WebHooks;

/**
* Encapsulates configuration for LDAP plugins.
*/
@JsonAutoDetect(
fieldVisibility = JsonAutoDetect.Visibility.NONE,
setterVisibility = JsonAutoDetect.Visibility.NONE,
getterVisibility = JsonAutoDetect.Visibility.NONE,
isGetterVisibility = JsonAutoDetect.Visibility.NONE,
creatorVisibility = JsonAutoDetect.Visibility.NONE
)
public class Configuration implements Serializable {

private static final long serialVersionUID = -1;

@JsonProperty
private List<LdapServer> servers = new ArrayList<>();
@JsonProperty
private int interval;
@JsonProperty
private String searchBase;
@JsonProperty
private WebHooks webHooks;
@JsonProperty
private int searchTimeout;
@JsonProperty
private int connectTimeout;
@JsonProperty
private int readTimeout;
@JsonProperty
private int countLimit;

public void setServers(List<LdapServer> servers) {
Expand Down Expand Up @@ -119,20 +135,19 @@ public void setSearchBase(String base) {
this.searchBase = base;
}

public String getXMLRepresentationAsString() {
String getObjectRepresentationAsString() throws IOException {
ByteArrayOutputStream bos = new ByteArrayOutputStream();
this.encodeObject(bos);
return bos.toString();
}

private void encodeObject(OutputStream out) {
try (XMLEncoder e = new XMLEncoder(new BufferedOutputStream(out))) {
e.writeObject(this);
}
void encodeObject(OutputStream out) throws IOException {
var mapper = new ObjectMapper(new YAMLFactory().disable(YAMLGenerator.Feature.WRITE_DOC_START_MARKER));
mapper.writeValue(out, this);
}

/**
* Read a configuration from a file in XML format.
* Read a configuration from a file.
*
* @param file input file
* @return the new configuration object
Expand All @@ -144,32 +159,8 @@ public static Configuration read(File file) throws IOException {
}
}

/**
* Read a configuration from a string in xml format.
*
* @param xmlconfig input string
* @return the new configuration object
* @throws IOException if any error occurs
*/
public static Configuration makeXMLStringAsConfiguration(String xmlconfig) throws IOException {
final Configuration ret;
final ByteArrayInputStream in = new ByteArrayInputStream(xmlconfig.getBytes());
ret = decodeObject(in);
return ret;
}

private static Configuration decodeObject(InputStream in) throws IOException {
final Object ret;

try (XMLDecoder d = new XMLDecoder(new BufferedInputStream(in), null, null,
new PluginConfigurationClassLoader())) {
ret = d.readObject();
}

if (!(ret instanceof Configuration)) {
throw new IOException("Not a valid configuration file");
}

return (Configuration) ret;
static Configuration decodeObject(InputStream in) throws IOException {
var mapper = new ObjectMapper(new YAMLFactory().disable(YAMLGenerator.Feature.WRITE_DOC_START_MARKER));
return mapper.readValue(in, Configuration.class);
}
}
58 changes: 0 additions & 58 deletions plugins/src/main/java/opengrok/auth/plugin/configuration/PluginConfigurationClassLoader.java
View file

This file was deleted.

Loading

0 comments on commit 531be32

Please sign in to comment.