Skip to content

Refactor AbstractHttpSender to use CredentialFactory to authenticate requests. #8866

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 26 commits into from
May 7, 2025
Merged

Refactor AbstractHttpSender to use CredentialFactory to authenticate requests. #8866

merged 26 commits into from
May 7, 2025

Conversation

vdegans
Copy link
Contributor

@vdegans vdegans commented Apr 23, 2025

Refactor the authentication methods for OAuth to use the CredentialFactory instead of using the local clientId, clientSecret, username and password variables. This ensures that an alias can be used for both cases, since setting an alias does not fill in the local fields it represents.

Fixes: #8838

@vdegans vdegans marked this pull request as draft April 24, 2025 08:22
@vdegans vdegans marked this pull request as ready for review April 24, 2025 12:31
@philipsens philipsens requested a review from Copilot April 24, 2025 12:36
Copilot
Copilot AI reviewed Apr 24, 2025
View reviewed changes
Copy link
Contributor

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR refactors the authentication methods for OAuth to leverage CredentialFactory instead of directly referencing local credential fields, ensuring that both user and client aliases are handled properly.

  • Updates tests to use getBasicCredentials() instead of getCredentials()
  • Refactors multiple authentication classes to retrieve credentials from CredentialFactory
  • Adjusts configuration and validation in AbstractHttpSession and related classes

Reviewed Changes

Copilot reviewed 11 out of 13 changed files in this pull request and generated no comments.

Show a summary per file
File Description
OAuthAccessTokenRequestTest.java Updated tests to use getBasicCredentials() when creating requests
OAuthAccessTokenKeycloakTest.java Modified sender setup to properly configure OAuth authentication
OAuthAccessTokenAuthenticatorTest.java Adjusted tests to use new credential handling and ensure proper authenticator behavior
HttpSenderAuthenticationTest.java Added tests for client and auth alias based basic authentication
ResourceOwnerPasswordCredentialsQueryParameters.java Replaced direct session calls with new clientId/clientSecret fields
ResourceOwnerPasswordCredentialsBasicAuth.java Updated authorization header creation to use new fields
ClientCredentialsQueryParameters.java Refactored to use member variables instead of session variables
ClientCredentialsBasicAuth.java Similar update to use new credential fields in authorization header creation
AbstractResourceOwnerPasswordCredentials.java Introduced CredentialFactory to obtain both user and client credentials and updated configuration checks
AbstractClientCredentials.java Refactored to retrieve credentials via CredentialFactory and added configuration warnings for authAlias usage
AbstractHttpSession.java Updated credential handling to use CredentialFactory and modified methods to work with getBasicCredentials()
Files not reviewed (2)
  • core/src/test/resources/Management/securityItemsResponse.json: Language not supported
  • core/src/test/resources/credentials.properties: Language not supported

@philipsens philipsens requested a review from nielsm5 April 24, 2025 12:39
nielsm5
nielsm5 requested changes Apr 24, 2025
View reviewed changes
vdegans and others added 22 commits April 28, 2025 09:56
@vdegans
rename getCredentials to getBasicCredentials to prevent name conflict
fbcee2c
@vdegans
use credentials object instead of local clientId/clientSecret
b71effd
@vdegans
remove unused import
bb96acb
@vdegans
fix execution order
686567f
@vdegans
refactor credential usage
40ccdd7
@vdegans
configure and start httpsenders in tests
8a4de44
@vdegans
remove httpsender start method call
b6b7e3b
@vdegans
fix failing tests
3f4513d
@vdegans
set credential priority based on authentication method
049804a
@vdegans
remove unused import
157ad27
@vdegans
remove test with wrong use of credentials
d60fff6
@vdegans
fix resource owner flow to use both credentials
6a7e7eb
@vdegans
fix security issue
e386d10
@vdegans
add warning when authalias is used for clientCredentials
11b09db
@vdegans
refactor getCredentialFactory
1fe483b
@vdegans
remove duplicate code
260934e
@vdegans
remove unused imports
ccb941b
@vdegans
move credential logic to AbstractOauthAuthenticator class
fe50330
@vdegans
Add test for OAuth configuration validation; refactor missing field h…
1d455a2 
…andling to throw aggregated exception
@vdegans
Aggregate missing required fields in exception message for client cre…
7e5e68f 
…dentials configuration
@vdegans
Check if exception contains both missing fields
f3a1658
@vdegans
Merge branch 'master' into fix-oauth-alias
f633c46
@nielsm5 nielsm5 requested a review from evandongen May 6, 2025 14:14
@nielsm5 nielsm5 requested a review from tnleeuw May 6, 2025 14:14
@nielsm5 nielsm5 modified the milestone: 9.2.0 May 6, 2025
evandongen
evandongen approved these changes May 7, 2025
View reviewed changes
@vdegans vdegans requested a review from a team as a code owner May 7, 2025 09:49
@nielsm5 nielsm5 enabled auto-merge (squash) May 7, 2025 11:05
@nielsm5 nielsm5 disabled auto-merge May 7, 2025 14:40
@nielsm5 nielsm5 merged commit 6dc6df5 into frankframework:master May 7, 2025
21 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

Copilot code review Copilot Copilot left review comments

@evandongen evandongen evandongen approved these changes

@nielsm5 nielsm5 nielsm5 approved these changes

@tnleeuw tnleeuw Awaiting requested review from tnleeuw

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

HttpSender 'clientAlias' doesn't resolve the authAlias and 'clientId' and 'clientSecret' not expanding authAlias reference
4 participants
@vdegans @evandongen @nielsm5 @tnleeuw