TSK-1520: introduced taskana-common-security as a dedicated module.

2021-02-02 13:33:30 +01:00 · 2021-02-02 13:33:30 +01:00 · e87de29761
parent 67fcfbf9db
commit e87de29761
8 changed files with 47 additions and 9 deletions
--- a/.github/workflows/continuous-integration.yml
+++ b/.github/workflows/continuous-integration.yml
@ -218,6 +218,7 @@ jobs:
      matrix:
        module:
          - taskana-common
+          - taskana-common-security
          - taskana-common-data
          - taskana-common-test
          - taskana-core
@ -347,7 +348,7 @@ jobs:
          ./mvnw -B deploy -P $([[ "$GITHUB_REF" =~ ^refs/tags/v[0-9]+\.[0-9]+\.[0-9]+$ ]] && echo "release" || echo "snapshot") \
          --settings ci/mvnsettings.xml -DskipTests -Dcheckstyle.skip -Dasciidoctor.skip -Djacoco.skip \
          -pl :taskana-parent,\
-          :taskana-common-parent,:taskana-common,:taskana-common-data,:taskana-common-test,\
+          :taskana-common-parent,:taskana-common,:taskana-common-security,:taskana-common-data,:taskana-common-test,\
          :taskana-lib-parent,:taskana-core,:taskana-cdi,:taskana-spring,\
          :taskana-rest-parent,:taskana-web,:taskana-rest-spring,\
          :taskana-history-parent,:taskana-simplehistory-provider,:taskana-simplehistory-rest-spring,:taskana-loghistory-provider
--- a/common/pom.xml
+++ b/common/pom.xml
@ -18,6 +18,7 @@

  <modules>
    <module>taskana-common</module>
+    <module>taskana-common-security</module>
    <module>taskana-common-data</module>
    <module>taskana-common-test</module>
  </modules>
--- a/common/taskana-common-security/pom.xml
+++ b/common/taskana-common-security/pom.xml
@ -0,0 +1,23 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+  <modelVersion>4.0.0</modelVersion>
+  <artifactId>taskana-common-security</artifactId>
+
+  <name>${project.groupId}:${project.artifactId}</name>
+  <description>The global security principals needed for user and group authentication</description>
+
+  <parent>
+    <artifactId>taskana-common-parent</artifactId>
+    <groupId>pro.taskana</groupId>
+    <version>4.3.1-SNAPSHOT</version>
+  </parent>
+
+  <dependencies>
+    <dependency>
+      <groupId>org.slf4j</groupId>
+      <artifactId>slf4j-api</artifactId>
+    </dependency>
+  </dependencies>
+</project>
--- a/common/taskana-common-security/src/main/java/pro/taskana/common/api/security/CurrentUserContext.java
+++ b/common/taskana-common-security/src/main/java/pro/taskana/common/api/security/CurrentUserContext.java
--- a/common/taskana-common-security/src/main/java/pro/taskana/common/api/security/GroupPrincipal.java
+++ b/common/taskana-common-security/src/main/java/pro/taskana/common/api/security/GroupPrincipal.java
--- a/common/taskana-common-security/src/main/java/pro/taskana/common/api/security/UserPrincipal.java
+++ b/common/taskana-common-security/src/main/java/pro/taskana/common/api/security/UserPrincipal.java
--- a/common/taskana-common-security/src/main/java/pro/taskana/common/internal/security/CurrentUserContextImpl.java
+++ b/common/taskana-common-security/src/main/java/pro/taskana/common/internal/security/CurrentUserContextImpl.java
@ -1,7 +1,5 @@
 package pro.taskana.common.internal.security;

-import static pro.taskana.common.internal.util.CheckedFunction.wrap;
-
 import java.lang.reflect.Method;
 import java.security.AccessController;
 import java.security.Principal;
@ -87,12 +85,22 @@ public class CurrentUserContextImpl implements CurrentUserContext {
        LOGGER.debug("Public credentials of caller: {}", publicCredentials);
        return publicCredentials.stream()
            .map(
-                wrap(
-                    credential ->
-                        credential
-                            .getClass()
-                            .getMethod(GET_UNIQUE_SECURITY_NAME_METHOD, (Class<?>[]) null)
-                            .invoke(credential, (Object[]) null)))
+                // we could use CheckedFunction#wrap here, but this either requires a dependency
+                // to taskana-common or an inclusion of the class CheckedFunction in this module.
+                // The first is not possible due to a cyclic dependency.
+                // The second is not desired, since this module is a very slim security module and
+                // the inclusion of CheckedFunction and its transitive dependencies would increase
+                // the module scope and introduce inconsistency.
+                credential -> {
+                  try {
+                    return credential
+                        .getClass()
+                        .getMethod(GET_UNIQUE_SECURITY_NAME_METHOD, (Class<?>[]) null)
+                        .invoke(credential, (Object[]) null);
+                  } catch (Exception e) {
+                    throw new SecurityException("Could not retrieve principal", e);
+                  }
+                })
            .peek(
                o ->
                    LOGGER.debug(
--- a/common/taskana-common/pom.xml
+++ b/common/taskana-common/pom.xml
@ -15,6 +15,11 @@
  </parent>

  <dependencies>
+    <dependency>
+      <groupId>pro.taskana</groupId>
+      <artifactId>taskana-common-security</artifactId>
+      <version>${project.version}</version>
+    </dependency>
    <dependency>
      <groupId>org.json</groupId>
      <artifactId>json</artifactId>