mirror of
https://github.com/overleaf/overleaf.git
synced 2024-11-07 20:31:06 -05:00
Implement auth skipping on non-protected projects
This commit is contained in:
parent
a9a74890d2
commit
53d3033b5c
7 changed files with 32 additions and 31 deletions
|
@ -40,6 +40,7 @@ public class FileServlet extends ResourceHandler {
|
|||
try {
|
||||
writeLatexDataSource.checkPostbackKey(pathSections[1], key);
|
||||
} catch (InvalidPostbackKeyException e) {
|
||||
e.printStackTrace();
|
||||
throw new ServletException();
|
||||
}
|
||||
super.handle(target, baseRequest, request, response);
|
||||
|
|
|
@ -10,7 +10,10 @@ import org.eclipse.jetty.server.Request;
|
|||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import uk.ac.ic.wlgitbridge.application.config.Oauth2;
|
||||
import uk.ac.ic.wlgitbridge.snapshot.base.ForbiddenException;
|
||||
import uk.ac.ic.wlgitbridge.snapshot.getdoc.GetDocRequest;
|
||||
import uk.ac.ic.wlgitbridge.util.Instance;
|
||||
import uk.ac.ic.wlgitbridge.util.Util;
|
||||
|
||||
import javax.servlet.*;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
@ -40,7 +43,19 @@ public class Oauth2Filter implements Filter {
|
|||
@Override
|
||||
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)
|
||||
throws IOException, ServletException {
|
||||
String project = Util.removeAllSuffixes(((Request) servletRequest).getRequestURI().split("/")[1], ".git");
|
||||
GetDocRequest doc = new GetDocRequest(project);
|
||||
doc.request();
|
||||
try {
|
||||
doc.getResult();
|
||||
} catch (ForbiddenException e) {
|
||||
getAndInjectCredentials(servletRequest, servletResponse, filterChain);
|
||||
return;
|
||||
}
|
||||
filterChain.doFilter(servletRequest, servletResponse);
|
||||
}
|
||||
|
||||
private void getAndInjectCredentials(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
|
||||
HttpServletRequest request = (HttpServletRequest) servletRequest;
|
||||
HttpServletResponse response = (HttpServletResponse) servletResponse;
|
||||
|
||||
|
|
|
@ -54,7 +54,8 @@ public abstract class Request<T extends Result> {
|
|||
throw new FailedConnectionException();
|
||||
} catch (ExecutionException e) {
|
||||
Throwable cause = e.getCause();
|
||||
if (cause instanceof HttpResponseException && ((HttpResponseException) cause).getStatusCode() == HttpServletResponse.SC_FORBIDDEN) {
|
||||
int statusCode = ((HttpResponseException) cause).getStatusCode();
|
||||
if (cause instanceof HttpResponseException && (statusCode == HttpServletResponse.SC_UNAUTHORIZED || statusCode == HttpServletResponse.SC_FORBIDDEN)) {
|
||||
throw new ForbiddenException();
|
||||
} else {
|
||||
throw new FailedConnectionException();
|
||||
|
|
|
@ -27,17 +27,17 @@ public abstract class SnapshotAPIRequest<T extends Result> extends Request<T> {
|
|||
|
||||
@Override
|
||||
protected void onBeforeRequest(HttpRequest request) throws IOException {
|
||||
request.setInterceptor(new HttpExecuteInterceptor() {
|
||||
if (oauth2 != null) {
|
||||
request.setInterceptor(new HttpExecuteInterceptor() {
|
||||
|
||||
@Override
|
||||
public void intercept(HttpRequest request) throws IOException {
|
||||
new BasicAuthentication(USERNAME, PASSWORD).intercept(request);
|
||||
if (oauth2 != null) {
|
||||
@Override
|
||||
public void intercept(HttpRequest request) throws IOException {
|
||||
new BasicAuthentication(USERNAME, PASSWORD).intercept(request);
|
||||
oauth2.intercept(request);
|
||||
}
|
||||
}
|
||||
|
||||
});
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
public static void setBasicAuth(String username, String password) {
|
||||
|
|
|
@ -17,6 +17,10 @@ public class GetDocRequest extends SnapshotAPIRequest<GetDocResult> {
|
|||
super(projectName, API_CALL, oauth2);
|
||||
}
|
||||
|
||||
public GetDocRequest(String projectName) {
|
||||
this(null, projectName);
|
||||
}
|
||||
|
||||
@Override
|
||||
protected HTTPMethod httpMethod() {
|
||||
return HTTPMethod.GET;
|
||||
|
|
|
@ -2,6 +2,7 @@ package uk.ac.ic.wlgitbridge.snapshot.getdoc;
|
|||
|
||||
import com.google.gson.JsonElement;
|
||||
import com.google.gson.JsonObject;
|
||||
import uk.ac.ic.wlgitbridge.snapshot.base.ForbiddenException;
|
||||
import uk.ac.ic.wlgitbridge.snapshot.base.Result;
|
||||
import uk.ac.ic.wlgitbridge.snapshot.exception.FailedConnectionException;
|
||||
import uk.ac.ic.wlgitbridge.snapshot.getdoc.exception.InvalidProjectException;
|
||||
|
@ -21,6 +22,7 @@ public class GetDocResult extends Result {
|
|||
private WLUser user;
|
||||
|
||||
private SnapshotPostException exception;
|
||||
private ForbiddenException forbidden;
|
||||
|
||||
public GetDocResult(Request request, JsonElement json) throws FailedConnectionException {
|
||||
super(request, json);
|
||||
|
@ -66,7 +68,7 @@ public class GetDocResult extends Result {
|
|||
if (jsonObject.has("status")) {
|
||||
switch (jsonObject.get("status").getAsInt()) {
|
||||
case 403:
|
||||
exception = new ProtectedProjectException();
|
||||
forbidden = new ForbiddenException();
|
||||
break;
|
||||
case 404:
|
||||
exception = new InvalidProjectException();
|
||||
|
|
|
@ -143,28 +143,6 @@ public class WLGitBridgeIntegrationTest {
|
|||
assertTrue(FileUtil.gitDirectoriesAreEqual(getResource("/canCloneMultipleRepositories/state/testproj2"), testproj2Dir.toPath()));
|
||||
}
|
||||
|
||||
|
||||
private static final String EXPECTED_OUT_PROTECTED =
|
||||
"Cloning into 'protected'...\n" +
|
||||
"fatal: remote error: Your project is protected, and can't be cloned (yet).\n";
|
||||
@Test
|
||||
public void cannotCloneAProtectedProject() throws IOException, GitAPIException, InterruptedException {
|
||||
MockSnapshotServer server = new MockSnapshotServer(3861, getResource("/cannotCloneAProtectedProject").toFile());
|
||||
server.start();
|
||||
server.setState(states.get("cannotCloneAProtectedProject").get("state"));
|
||||
GitBridgeApp wlgb = new GitBridgeApp(new String[] {
|
||||
makeConfigFile(33861, 3861)
|
||||
});
|
||||
wlgb.run();
|
||||
File dir = folder.newFolder();
|
||||
Process git = runtime.exec("git clone http://127.0.0.1:33861/protected.git", null, dir);
|
||||
String output = Util.fromStream(git.getErrorStream());
|
||||
int exitCode = git.waitFor();
|
||||
assertEquals(128, exitCode);
|
||||
assertEquals(EXPECTED_OUT_PROTECTED, output);
|
||||
wlgb.stop();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void canPullAModifiedTexFile() throws IOException, GitAPIException, InterruptedException {
|
||||
MockSnapshotServer server = new MockSnapshotServer(3859, getResource("/canPullAModifiedTexFile").toFile());
|
||||
|
|
Loading…
Reference in a new issue