Merge pull request #3388 from cloudfoundry/dgarnier/login-server

Move login-server.xml to java-config

Author: fhanik

server/src/main/java/org/cloudfoundry/identity/uaa/authentication/AuthzAuthenticationFilter.java

@@ -7,13 +7,15 @@
 import org.cloudfoundry.identity.uaa.util.UaaStringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.http.HttpMethod;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.web.AuthenticationEntryPoint;
+import org.springframework.stereotype.Component;
 import org.springframework.util.Assert;
 
 import javax.servlet.Filter;

server/src/main/java/org/cloudfoundry/identity/uaa/authentication/LoginClientParametersAuthenticationFilter.java

@@ -15,7 +15,10 @@
 package org.cloudfoundry.identity.uaa.authentication;
 
 import org.cloudfoundry.identity.uaa.util.UaaStringUtils;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.authentication.BadCredentialsException;
+import org.springframework.stereotype.Component;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
@@ -27,10 +30,16 @@
  * It sets the authentication to a client only
  * Oauth2Authentication object as that is expected by
  * the LoginAuthenticationManager.
- *
  */
+@Component
 public class LoginClientParametersAuthenticationFilter extends AbstractClientParametersAuthenticationFilter {
 
+    public LoginClientParametersAuthenticationFilter(
+            @Qualifier("clientAuthenticationManager") AuthenticationManager authenticationManager
+    ) {
+        this.setClientAuthenticationManager(authenticationManager);
+    }
+
     @Override
     public void wrapClientCredentialLogin(HttpServletRequest req, HttpServletResponse res, Map<String, String> loginInfo, String clientId) {
         if (loginInfo.isEmpty()) {

server/src/main/java/org/cloudfoundry/identity/uaa/authentication/LoginServerTokenEndpointFilter.java

@@ -15,35 +15,48 @@
 
 package org.cloudfoundry.identity.uaa.authentication;
 
+import org.cloudfoundry.identity.uaa.authentication.manager.LoginAuthenticationManager;
 import org.cloudfoundry.identity.uaa.oauth.provider.OAuth2Authentication;
 import org.cloudfoundry.identity.uaa.oauth.provider.OAuth2RequestFactory;
 import org.cloudfoundry.identity.uaa.oauth.provider.endpoint.TokenEndpointAuthenticationFilter;
-import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.stereotype.Component;
 import org.springframework.util.StringUtils;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
-import java.util.Collections;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 
 import static org.cloudfoundry.identity.uaa.oauth.token.TokenConstants.GRANT_TYPE_PASSWORD;
 
+@Component
 public class LoginServerTokenEndpointFilter extends TokenEndpointAuthenticationFilter {
 
-
-    private List<String> parameterNames = Collections.emptyList();
+    private final List<String> parameterNames = List.of(
+            "login",
+            "username",
+            "user_id",
+            "origin",
+            "given_name",
+            "family_name",
+            "email",
+            "authorities"
+    );
 
     /**
      * @param authenticationManager an AuthenticationManager for the incoming request
      */
-    public LoginServerTokenEndpointFilter(AuthenticationManager authenticationManager, OAuth2RequestFactory oAuth2RequestFactory, List<String> addNewUserParameters) {
+    public LoginServerTokenEndpointFilter(
+            LoginAuthenticationManager authenticationManager,
+            OAuth2RequestFactory oAuth2RequestFactory,
+            UaaAuthenticationDetailsSource authenticationDetailsSource) {
         super(authenticationManager, oAuth2RequestFactory);
-        this.parameterNames = addNewUserParameters;
+        setAuthenticationDetailsSource(authenticationDetailsSource);
     }
 
     @Override

server/src/main/java/org/cloudfoundry/identity/uaa/authentication/RemoteAuthenticationEndpoint.java

@@ -1,5 +1,6 @@
 package org.cloudfoundry.identity.uaa.authentication;
 
+import org.cloudfoundry.identity.uaa.authentication.manager.LoginAuthenticationManager;
 import org.cloudfoundry.identity.uaa.constants.OriginKeys;
 import org.cloudfoundry.identity.uaa.login.AuthenticationResponse;
 import org.cloudfoundry.identity.uaa.oauth.provider.OAuth2Authentication;
@@ -39,7 +40,7 @@ public class RemoteAuthenticationEndpoint {
 
     public RemoteAuthenticationEndpoint(
             final @Qualifier("zoneAwareAuthzAuthenticationManager") AuthenticationManager authenticationManager,
-            final @Qualifier("loginAuthenticationMgr") AuthenticationManager loginAuthenticationManager) {
+            LoginAuthenticationManager loginAuthenticationManager) {
         this.authenticationManager = authenticationManager;
         this.loginAuthenticationManager = loginAuthenticationManager;
     }

server/src/main/java/org/cloudfoundry/identity/uaa/authentication/UaaAuthenticationDetailsSource.java

@@ -16,10 +16,12 @@
 import javax.servlet.http.HttpServletRequest;
 
 import org.springframework.security.authentication.AuthenticationDetailsSource;
+import org.springframework.stereotype.Component;
 
 /**
  * @author Luke Taylor
  */
+@Component
 public class UaaAuthenticationDetailsSource implements
         AuthenticationDetailsSource<HttpServletRequest, UaaAuthenticationDetails> {
     @Override

server/src/main/java/org/cloudfoundry/identity/uaa/authentication/manager/KeystoneAuthenticationManager.java

@@ -36,35 +36,30 @@
 import org.springframework.security.core.context.SecurityContext;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.stereotype.Component;
 
 import java.util.Map;
 
 import static org.cloudfoundry.identity.uaa.constants.OriginKeys.NotANumber;
 
+@Component
 public class LoginAuthenticationManager implements AuthenticationManager, ApplicationEventPublisherAware {
     private final Logger logger = LoggerFactory.getLogger(getClass());
     private final IdentityZoneManager identityZoneManager;
+    private final UaaUserDatabase userDatabase;
 
     private ApplicationEventPublisher eventPublisher;
 
-    private UaaUserDatabase userDatabase;
-
-    public LoginAuthenticationManager(IdentityZoneManager identityZoneManager) {
+    public LoginAuthenticationManager(IdentityZoneManager identityZoneManager, UaaUserDatabase userDatabase) {
         this.identityZoneManager = identityZoneManager;
+        this.userDatabase = userDatabase;
     }
 
     @Override
     public void setApplicationEventPublisher(ApplicationEventPublisher eventPublisher) {
         this.eventPublisher = eventPublisher;
     }
 
-    /**
-     * @param userDatabase the userDatabase to set
-     */
-    public void setUserDatabase(UaaUserDatabase userDatabase) {
-        this.userDatabase = userDatabase;
-    }
-
     @Override
     public Authentication authenticate(Authentication request) throws AuthenticationException {