diktatFix & detektAll

api-gateway/src/main/kotlin/com/saveourtool/save/gateway/security/WebSecurityConfig.kt

@@ -4,28 +4,21 @@
 
 package com.saveourtool.save.gateway.security
 
-import com.saveourtool.save.authservice.utils.IdentitySourceAwareUserDetails
 import com.saveourtool.save.gateway.config.ConfigurationProperties
+import com.saveourtool.save.gateway.service.BackendService
 import com.saveourtool.save.gateway.utils.StoringServerAuthenticationSuccessHandler
-import com.saveourtool.save.utils.IdentitySourceAwareUserDetailsMixin
-import com.saveourtool.save.utils.StringResponse
 
-import com.fasterxml.jackson.databind.ObjectMapper
-import com.saveourtool.save.gateway.service.BackendService
 import org.springframework.context.annotation.Bean
 import org.springframework.core.annotation.Order
 import org.springframework.http.HttpHeaders
 import org.springframework.http.HttpStatus
-import org.springframework.http.codec.json.Jackson2JsonEncoder
 import org.springframework.security.authentication.UserDetailsRepositoryReactiveAuthenticationManager
 import org.springframework.security.authorization.AuthenticatedReactiveAuthorizationManager
 import org.springframework.security.authorization.AuthorizationDecision
 import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity
 import org.springframework.security.config.web.server.ServerHttpSecurity
-import org.springframework.security.core.userdetails.UserDetails
 import org.springframework.security.crypto.factory.PasswordEncoderFactories
 import org.springframework.security.crypto.password.PasswordEncoder
-import org.springframework.security.jackson2.CoreJackson2Module
 import org.springframework.security.web.server.SecurityWebFilterChain
 import org.springframework.security.web.server.authentication.DelegatingServerAuthenticationSuccessHandler
 import org.springframework.security.web.server.authentication.HttpStatusServerEntryPoint
@@ -38,10 +31,6 @@ import org.springframework.security.web.server.util.matcher.NegatedServerWebExch
 import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher
 import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher.MatchResult
 import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatchers
-import org.springframework.web.reactive.function.client.WebClient
-import org.springframework.web.reactive.function.client.toEntity
-import org.springframework.web.server.ResponseStatusException
-import reactor.core.publisher.Mono
 
 @EnableWebFluxSecurity
 @Suppress(

api-gateway/src/main/kotlin/com/saveourtool/save/gateway/service/BackendService.kt

@@ -1,9 +1,10 @@
 package com.saveourtool.save.gateway.service
 
-import com.fasterxml.jackson.databind.ObjectMapper
 import com.saveourtool.save.authservice.utils.IdentitySourceAwareUserDetails
 import com.saveourtool.save.gateway.config.ConfigurationProperties
 import com.saveourtool.save.utils.IdentitySourceAwareUserDetailsMixin
+
+import com.fasterxml.jackson.databind.ObjectMapper
 import org.springframework.http.codec.json.Jackson2JsonEncoder
 import org.springframework.security.core.userdetails.UserDetails
 import org.springframework.security.jackson2.CoreJackson2Module

authentication-service/src/main/kotlin/com/saveourtool/save/authservice/config/WebSecurityConfig.kt

@@ -32,6 +32,7 @@ import javax.annotation.PostConstruct
 @Suppress("MISSING_KDOC_TOP_LEVEL", "MISSING_KDOC_CLASS_ELEMENTS", "MISSING_KDOC_ON_FUNCTION")
 class WebSecurityConfig(
     private val authenticationManager: ConvertingAuthenticationManager,
+    private val customAuthenticationBasicConverter: CustomAuthenticationBasicConverter,
     @Autowired private var defaultMethodSecurityExpressionHandler: DefaultMethodSecurityExpressionHandler
 ) {
     @Bean
@@ -58,7 +59,7 @@ class WebSecurityConfig(
         }
         .addFilterBefore(
             AuthenticationWebFilter(authenticationManager).apply {
-                setServerAuthenticationConverter(CustomAuthenticationBasicConverter())
+                setServerAuthenticationConverter(customAuthenticationBasicConverter)
             },
             SecurityWebFiltersOrder.HTTP_BASIC,
         )

authentication-service/src/main/kotlin/com/saveourtool/save/authservice/repository/AuthenticationUserRepository.kt

@@ -21,9 +21,9 @@ class AuthenticationUserRepository(
             "SELECT * FROM save_cloud.user WHERE name = :name AND source = :source",
             mapOf("name" to name)
         ).singleOrNull()
-                .orNotFound {
-                    "There is no user with name $name"
-                }
+            .orNotFound {
+                "There is no user with name $name"
+            }
         return record.toUserEntity()
     }
 

authentication-service/src/main/kotlin/com/saveourtool/save/authservice/service/AuthenticationUserDetailsService.kt

@@ -19,10 +19,8 @@ class AuthenticationUserDetailsService(
      * @param username
      * @return IdentitySourceAwareUserDetails retrieved from UserDetails
      */
-    override fun findByUsername(username: String): Mono<UserDetails> {
-        return blockingToMono {
-            authenticationUserRepository.findByName(username)
-        }
-            .getIdentitySourceAwareUserDetails(username)
+    override fun findByUsername(username: String): Mono<UserDetails> = blockingToMono {
+        authenticationUserRepository.findByName(username)
     }
+        .getIdentitySourceAwareUserDetails(username)
 }

save-api/src/main/kotlin/com/saveourtool/save/api/utils/RequestUtils.kt

@@ -9,7 +9,6 @@ import com.saveourtool.save.api.config.WebClientProperties
 import com.saveourtool.save.entities.FileDto
 import com.saveourtool.save.execution.ExecutionDto
 import com.saveourtool.save.request.CreateExecutionRequest
-import com.saveourtool.save.utils.AUTHORIZATION_SOURCE
 import com.saveourtool.save.utils.supportJLocalDateTime
 import com.saveourtool.save.v1
 

save-backend/src/main/kotlin/com/saveourtool/save/backend/controllers/internal/UsersController.kt

@@ -59,6 +59,7 @@ class UsersController(
      * Find user by name
      *
      * @param userName user name
+     * @return found [IdentitySourceAwareUserDetails] as a String
      */
     @GetMapping("/find-by-name/{userName}")
     fun findByUsernameAndSource(
@@ -72,6 +73,7 @@ class UsersController(
      *
      * @param source user source
      * @param nameInSource user name
+     * @return found [IdentitySourceAwareUserDetails] as a String
      */
     @GetMapping("/find-by-original-login/{source}/{nameInSource}")
     fun findByUsernameAndSource(

save-backend/src/test/kotlin/com/saveourtool/save/backend/security/BasicSecurityTest.kt

@@ -43,7 +43,7 @@ class BasicSecurityTest {
 
     @BeforeEach
     fun setUp() {
-        whenever(authenticationUserRepository.findByName("user", "basic")).thenReturn(
+        whenever(authenticationUserRepository.findByName("user")).thenReturn(
             User("user", null, "ROLE_USER", "basic").apply {
                 id = 99
             }
@@ -52,22 +52,22 @@ class BasicSecurityTest {
 
     @Test
     fun `should allow access for registered user`() {
-        val authentication = tryAuthenticate("basic:user", "basic")
+        val authentication = tryAuthenticate("user", "basic")
 
         Assertions.assertTrue(authentication.isAuthenticated)
     }
 
     @Test
     fun `should forbid requests if user has the same name but different source`() {
         Assertions.assertThrows(BadCredentialsException::class.java) {
-            tryAuthenticate("github:user", "github")
+            tryAuthenticate("user", "github")
         }
     }
 
     @Test
     fun `should forbid requests if user has the same name but no source`() {
         Assertions.assertThrows(BadCredentialsException::class.java) {
-            tryAuthenticate(":user", "")
+            tryAuthenticate("user", "")
         }
     }
 

save-backend/src/test/kotlin/com/saveourtool/save/backend/security/ConverterTest.kt

@@ -1,19 +1,22 @@
 package com.saveourtool.save.backend.security
 
 import com.saveourtool.save.authservice.security.CustomAuthenticationBasicConverter
+import com.saveourtool.save.authservice.service.AuthenticationUserDetailsService
 import com.saveourtool.save.authservice.utils.AuthenticationDetails
 import com.saveourtool.save.authservice.utils.identitySource
 import com.saveourtool.save.utils.AUTHORIZATION_SOURCE
 import org.junit.jupiter.api.Assertions
 import org.junit.jupiter.api.Test
+import org.mockito.kotlin.mock
 import org.springframework.http.HttpHeaders
 import org.springframework.mock.http.server.reactive.MockServerHttpRequest
 import org.springframework.mock.web.server.MockServerWebExchange
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken
 import java.util.Base64
 
 class ConverterTest {
-    private val customAuthenticationBasicConverter = CustomAuthenticationBasicConverter()
+    private val authenticationUserDetailsService: AuthenticationUserDetailsService = mock()
+    private val customAuthenticationBasicConverter = CustomAuthenticationBasicConverter(authenticationUserDetailsService)
 
     @Test
     fun `should convert`() {

save-cloud-common/src/jvmMain/kotlin/com/saveourtool/save/entities/User.kt

@@ -14,7 +14,7 @@ import javax.persistence.OneToMany
  * @property name
  * @property password *in plain text*
  * @property role role of this user
- * @property source where the user identity is coming from, e.g. "github"
+ * @property source where the user identity is coming from, e.g. "github" // TODO: need to remove this field
  * @property email email of user
  * @property avatar avatar of user
  * @property company
@@ -32,7 +32,6 @@ class User(
     var name: String,
     var password: String?,
     var role: String?,
-    // TODO: need to remove this field
     var source: String,
     var email: String? = null,
     var avatar: String? = null,