woodpecker.yml aktualisiert

something went wrong during reorga of project structure

README.md

@@ -1,15 +1,34 @@
-# mavor
+[![Build Status](https://build.devloop.de/api/badges/damage/mavor/status.svg)](https://build.devloop.de/damage/mavor)
 
+# mavor
 download a maven artifact and all its dependencies as zip
 
 ## Environment Variables
-all environemnt variables are required
-* `MAVOR_MAVEN_EXECUTABLE`: path to the maven executable, e.g. `/usr/bin/mvn`
-* `MAVOR_TEMP_DIR`: path to a readable and writeable directory to temporarily store files, e.g. `/home/damage/Temp`
+this environment variables are preset in docker image:
+* `MAVOR_MAVEN_EXECUTABLE`: path to the maven executable
+* `MAVOR_TEMP_DIR`: path to a readable and writeable directory to temporarily store files
+
+this environemnt variables are required to be set in docker container:
+* `MAVOR_WEB_ROOT`: Base URL of how the client access the web page
+* `MAVOR_OPENID_CLIENT_ID`: OpenID Client ID
+* `MAVOR_OPENID_CLIENT_SECRET`: OpenID Client Secret - not yet providing docker secrets
+* `MAVOR_OPENID_REDIRECT_URL`: OpenID Redirect URL - where to redirect after authentication
+* `MAVOR_OPENID_AUTH_URL`: OpenID Authentication URL - where to redirect client for authentication
+* `MAVOR_OPENID_TOKEN_URL`: OpenID Token URL - where to get a valid token after authentication
+* `MAVOR_OPENID_USERINFO_URL`: OpenID User Info URL - where to get user informations from
+* `MOVOR_OPENID_LOGOUT_URL`: OpenID Logout URL - where to redirect client for logout
 
 ## Development
 To avoid setting environment variables during devleopment, create `src/main/resources/development.properties` with content like:
 ```
+MAVOR_WEB_ROOT=http://localhost:8080/mavor
 MAVOR_MAVEN_EXECUTABLE=/usr/bin/mvn
 MAVOR_TEMP_DIR=/home/damage/Temp
+MAVOR_OPENID_CLIENT_ID=foo
+MAVOR_OPENID_CLIENT_SECRET=bar
+MAVOR_OPENID_REDIRECT_URL=http://localhost:8080/mavor/authenticate
+MAVOR_OPENID_AUTH_URL=https://auth.devloop.de/application/o/authorize/
+MAVOR_OPENID_TOKEN_URL=https://auth.devloop.de/application/o/token/
+MAVOR_OPENID_USERINFO_URL=https://auth.devloop.de/application/o/userinfo/
+MOVOR_OPENID_LOGOUT_URL=https://auth.devloop.de/application/o/devloop-mavor-development/end-session/
 ```

build/Dockerfile

@@ -4,11 +4,16 @@ FROM tomcat:11
 RUN apt update && DEBIAN_FRONTEND=noninteractive apt install -y --no-install-recommends maven && rm -rf /var/lib/apt/lists/*
 
 # copy war
-COPY target/mavor.war /usr/local/tomcat/webapps
+COPY target/mavor.war /usr/local/tomcat/webapps/ROOT.war
 
 # create temporary directory, no need to be a volume
 RUN mkdir /mavor
 
+# this mvn command fails but is intended to fail
+# it just initializes maven subsystem so the first
+# download on the website is faster
+RUN /usr/bin/mvn dependency:copy-dependencies || echo "maven init done. fail is intended"
+
 # set required ENV
 ENV MAVOR_MAVEN_EXECUTABLE="/usr/bin/mvn"
 ENV MAVOR_TEMP_DIR="/mavor"

drone.yml

@@ -1,21 +0,0 @@
-kind: pipeline
-name: default
-
-steps:
-- name: maven
-  image: maven:3
-  commands:
-  - mvn package
-- name: docker
-  image: plugins/docker
-  settings:
-    dockerfile: build/Dockerfile
-    registry: source.devloop.de
-    repo: source.devloop.de/damage/mavor
-    username: 
-      from_secret: docker_username
-    password:
-      from_secret: docker_password
-    tags:
-      - latest
-      - '1'

src/main/de/devloop/mavor/AuthenticatedServlet.java

@@ -1,26 +0,0 @@
-package de.devloop.mavor;
-
-import java.io.IOException;
-
-import jakarta.servlet.ServletException;
-import jakarta.servlet.http.HttpServlet;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-
-public class AuthenticatedServlet extends HttpServlet {
-    protected Session session;
-
-    @Override
-    protected final void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
-        session = new Session(req.getSession(true));
-        if (!session.isAuthenticated()) {
-            resp.sendRedirect("/mavor/authenticate");
-        } else {
-            doAuthenticatedGet(req, resp);
-        }
-    }
-
-    protected void doAuthenticatedGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
-        // nooooothing
-    }
-}

src/main/de/devloop/mavor/Session.java

@@ -1,57 +0,0 @@
-package de.devloop.mavor;
-
-import jakarta.servlet.http.HttpSession;
-
-public class Session {
-    private HttpSession session;
-
-    private static final String ATTRIBUTE_USERNAME = "username";
-    private static final String ATTRIBUTE_OAUTH_STATE = "oauth.state";
-    private static final String ATTRIBUTE_OAUTH_TOKEN = "oauth.token";
-
-    public Session(HttpSession session) {
-        this.session = session;
-    }
-
-    private String getSafeString(String parameter) {
-        Object value = session.getAttribute(parameter);
-
-        if (value != null) {
-            return value.toString();
-        } else {
-            return null;
-        }
-    }
-
-    public Boolean isAuthenticated() {
-        return getUsername() != null;
-    }
-
-    public String getUsername() {
-        return getSafeString(ATTRIBUTE_USERNAME);
-    }
-
-    public void setUsername(String username) {
-        session.setAttribute(ATTRIBUTE_USERNAME, username);
-    }
-
-    public void setOAuthState(String state) {
-        session.setAttribute(ATTRIBUTE_OAUTH_STATE, state);
-    }
-
-    public String getOAuthState() {
-        return getSafeString(ATTRIBUTE_OAUTH_STATE);
-    }
-
-    public void clearOAuthState() {
-        session.removeAttribute(ATTRIBUTE_OAUTH_STATE);
-    }
-
-    public void setOAuthToken(String token) {
-        session.setAttribute(ATTRIBUTE_OAUTH_TOKEN, token);
-    }
-
-    public String getOAuthToken() {
-        return getSafeString(ATTRIBUTE_OAUTH_TOKEN);
-    }
-}

src/main/de/devloop/mavor/servlet/Main.java

@@ -1,22 +0,0 @@
-package de.devloop.mavor.servlet;
-
-import java.io.IOException;
-
-import de.devloop.mavor.AuthenticatedServlet;
-import jakarta.servlet.RequestDispatcher;
-import jakarta.servlet.ServletException;
-import jakarta.servlet.annotation.WebServlet;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-
-@WebServlet("")
-public class Main extends AuthenticatedServlet {
-
-    @Override
-    protected void doAuthenticatedGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
-        req.setAttribute("username", session.getUsername());
-        RequestDispatcher view = req.getRequestDispatcher("/main.jsp");
-        
-        view.forward(req, resp);
-    }    
-}

src/main/de/devloop/openid/AuthenticationUrl.java

@@ -1,19 +0,0 @@
-package de.devloop.openid;
-
-public class AuthenticationUrl {
-    private String url;
-    private String state;
-
-    public AuthenticationUrl(String url, String state) {
-        this.url = url;
-        this.state = state;
-    }
-
-    public String getUrl() {
-        return url;
-    }    
-
-    public String getState() {
-        return state;
-    }
-}

src/main/de/devloop/openid/OpenID.java

@@ -1,102 +0,0 @@
-package de.devloop.openid;
-
-import java.io.IOException;
-import java.net.URI;
-import java.net.URISyntaxException;
-import java.net.URLEncoder;
-import java.net.http.HttpClient;
-import java.net.http.HttpRequest;
-import java.net.http.HttpRequest.BodyPublishers;
-import java.net.http.HttpResponse;
-import java.net.http.HttpResponse.BodyHandlers;
-import java.nio.charset.StandardCharsets;
-import java.util.HashMap;
-import java.util.Map;
-import java.util.UUID;
-
-import com.google.gson.Gson;
-
-public class OpenID {
-    private static final String CLIENT_ID = "vP9xF2s1yy2n6sR05jV6dguyMeOvIxCg1GarV71O";
-    private static final String CLIENT_SECRET = "PrwGSMcucxYPkOdrb23jddWqyn31vphrxCUu9MGdLTCUnbk0OJI5oWCvO0khVhcnJNDbJaKWxNMxaC4bJ92jy8bDjtG6oaWG37qhuLRPMh5DKluZxsCMmCvQ8f9ZQckZ";
-
-    private static final String REDIRECT_URL = "http://localhost:8080/mavor/authenticate";
-
-    private static final String OAUTH_AUTH_URL = "https://auth.devloop.de/application/o/authorize/";
-    private static final String OAUTH_TOKEN_URL = "https://auth.devloop.de/application/o/token/";
-    private static final String OAUTH_USERINFO_URL = "https://auth.devloop.de/application/o/userinfo/";
-
-    public AuthenticationUrl getAuthenticationUrl() {
-        String state = UUID.randomUUID().toString();
-        String url = String.format("%s?response_type=code&client_id=%s&redirect_uri=%s&state=%s&scope=openid email", OAUTH_AUTH_URL, CLIENT_ID, REDIRECT_URL, state);
-        return new AuthenticationUrl(url, state);
-    }
-
-    private URI getUriObject(String url) throws OpenIdRequestException {
-        try {
-            return new URI(url);
-        } catch (URISyntaxException e) {
-            throw new OpenIdRequestException(String.format("Invalid URL: '%s'", url), e);
-        }
-    }
-
-    public Token requestToken(String code) throws OpenIdRequestException {
-        URI tokenUrl = getUriObject(OAUTH_TOKEN_URL);
-        HashMap<String, String> tokenParameter = new HashMap<>();
-        tokenParameter.put("grant_type", "authorization_code");
-        tokenParameter.put("client_id", CLIENT_ID);
-        tokenParameter.put("client_secret", CLIENT_SECRET);
-        tokenParameter.put("code", code);
-        tokenParameter.put("redirect_uri", REDIRECT_URL);
-
-        HttpRequest tokenRequest = HttpRequest.newBuilder()
-            .uri(tokenUrl)
-            .header("Content-Type", "application/x-www-form-urlencoded")
-            .header("Accept", "application/json")
-            .POST(BodyPublishers.ofString(getFormDataAsString(tokenParameter)))
-            .build();
-        HttpClient tokenClient = HttpClient.newHttpClient();
-        HttpResponse<String> tokenResponse;
-        try {
-            tokenResponse = tokenClient.send(tokenRequest, BodyHandlers.ofString());
-        } catch (IOException | InterruptedException e) {
-            throw new OpenIdRequestException("Requesting access token failed", e);
-        }
-
-        Gson gson = new Gson();
-        return gson.fromJson(tokenResponse.body(), Token.class);
-    }
-
-    public UserInfo requestUserInfo(Token token) throws OpenIdRequestException {
-        URI userInfoUrl = getUriObject(OAUTH_USERINFO_URL);
-        HttpRequest userInfoRequest = HttpRequest.newBuilder()
-            .uri(userInfoUrl)
-            .header("Accept", "application/json")
-            .header("Authorization", "Bearer " + token.getAccessToken())
-            .GET()
-            .build();
-        HttpClient userInfoClient = HttpClient.newHttpClient();
-        HttpResponse<String> userInfoResponse;
-        try {
-            userInfoResponse = userInfoClient.send(userInfoRequest, BodyHandlers.ofString());
-        } catch (IOException | InterruptedException e) {
-            throw new OpenIdRequestException("Requesting user info failed", e);
-        }
-
-        Gson gson = new Gson();
-        return gson.fromJson(userInfoResponse.body(), UserInfo.class);
-    }
-
-    private String getFormDataAsString(Map<String, String> formData) {
-        StringBuilder formBodyBuilder = new StringBuilder();
-        for (Map.Entry<String, String> singleEntry : formData.entrySet()) {
-            if (formBodyBuilder.length() > 0) {
-                formBodyBuilder.append("&");
-            }
-            formBodyBuilder.append(URLEncoder.encode(singleEntry.getKey(), StandardCharsets.UTF_8));
-            formBodyBuilder.append("=");
-            formBodyBuilder.append(URLEncoder.encode(singleEntry.getValue(), StandardCharsets.UTF_8));
-        }
-        return formBodyBuilder.toString();
-    }
-}

src/main/de/devloop/openid/OpenIdRequestException.java

@@ -1,7 +0,0 @@
-package de.devloop.openid;
-
-public class OpenIdRequestException extends Exception {
-    public OpenIdRequestException(String message, Throwable cause) {
-        super(message, cause);
-    }
-}

src/main/de/devloop/openid/Token.java

@@ -1,18 +0,0 @@
-package de.devloop.openid;
-
-import com.google.gson.annotations.SerializedName;
-
-public class Token {
-    
-    @SerializedName("access_token")
-    private String accessToken;
-
-    public String getAccessToken() {
-        return accessToken;
-    }
-
-    public void setAccessToken(String accessToken) {
-        this.accessToken = accessToken;
-    }
-
-}

src/main/de/devloop/openid/UserInfo.java

@@ -1,15 +0,0 @@
-package de.devloop.openid;
-
-public class UserInfo {
-    
-    private String email;
-
-    public String getEmail() {
-        return email;
-    }
-
-    public void setEmail(String email) {
-        this.email = email;
-    }
-
-}

src/main/java/de/devloop/mavor/AuthenticatedServlet.java

@@ -3,18 +3,18 @@ package de.devloop.mavor;
 import java.io.IOException;
 
 import jakarta.servlet.ServletException;
-import jakarta.servlet.http.HttpServlet;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 
-public class AuthenticatedServlet extends HttpServlet {
+public class AuthenticatedServlet extends BaseServlet {
     protected Session session;
 
     @Override
     protected final void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
+        super.doGet(req, resp);
         session = new Session(req.getSession(true));
         if (!session.isAuthenticated()) {
-            resp.sendRedirect("/mavor/authenticate");
+            resp.sendRedirect(configuration.getWebRoot() + "/authenticate");
         } else {
             doAuthenticatedGet(req, resp);
         }
@@ -22,9 +22,10 @@ public class AuthenticatedServlet extends HttpServlet {
 
     @Override
     protected final void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
+        super.doPost(req, resp);
         session = new Session(req.getSession(true));
         if (!session.isAuthenticated()) {
-            resp.sendRedirect("/mavor/authenticate");
+            resp.sendRedirect(configuration.getWebRoot() + "/authenticate");
         } else {
             doAuthenticatedPost(req, resp);
         }

src/main/java/de/devloop/mavor/BaseServlet.java

@@ -0,0 +1,31 @@
+package de.devloop.mavor;
+
+import java.io.IOException;
+
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServlet;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+
+public class BaseServlet extends HttpServlet {
+    protected Configuration configuration;
+
+    @Override
+    public void init() throws ServletException {
+        try {
+            configuration = new Configuration();
+        } catch (IOException e) {
+            throw new ServletException("Configuration Error", e);
+        }
+    }
+
+    @Override
+    protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
+        req.setAttribute("WEB_ROOT", configuration.getWebRoot());
+    }
+
+    @Override
+    protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
+        req.setAttribute("WEB_ROOT", configuration.getWebRoot());
+    }
+}

src/main/java/de/devloop/mavor/Configuration.java

@@ -2,6 +2,7 @@ package de.devloop.mavor;
 
 import java.io.IOException;
 import java.io.InputStream;
+import java.util.Map;
 import java.util.Objects;
 import java.util.Properties;
 
@@ -9,11 +10,29 @@ public class Configuration {
 
     private static final String DEVELOPMENT_PROPERTIES = "development.properties";
 
+    private static final String ENV_WEB_ROOT = "MAVOR_WEB_ROOT";
+
     private static final String ENV_MAVEN_EXECUTABLE = "MAVOR_MAVEN_EXECUTABLE";
     private static final String ENV_TEMP_DIR = "MAVOR_TEMP_DIR";
 
+    private static final String ENV_OPENID_CLIENT_ID = "MAVOR_OPENID_CLIENT_ID";
+    private static final String ENV_OPENID_CLIENT_SECRET = "MAVOR_OPENID_CLIENT_SECRET";
+    private static final String ENV_OPENID_REDIRECT_URL = "MAVOR_OPENID_REDIRECT_URL";
+    private static final String ENV_OPENID_AUTH_URL = "MAVOR_OPENID_AUTH_URL";
+    private static final String ENV_OPENID_TOKEN_URL = "MAVOR_OPENID_TOKEN_URL";
+    private static final String ENV_OPENID_USERINFO_URL = "MAVOR_OPENID_USERINFO_URL";
+    private static final String ENV_OPENID_LOGOUT_URL = "MAVOR_OPENID_LOGOUT_URL";
+
+    private String webRoot;
     private String mavenExecutable;
     private String tempDir;
+    private String openIdClientId;
+    private String openIdClientSecret;
+    private String openIdRedirectUrl;
+    private String openIdAuthUrl;
+    private String openIdTokenUrl;
+    private String openIdUserInfoUrl;
+    private String openIdLogoutUrl;
 
     public Configuration() throws IOException {
         ClassLoader classLoader = Thread.currentThread().getContextClassLoader();
@@ -23,13 +42,42 @@ public class Configuration {
             developmentProperties.load(developmentPropertiesStream);
             initByProperties(developmentProperties);
         } else {
-            initByProperties(System.getProperties());
+            initByMap(System.getenv());
         }
     }
 
+    private void initByMap(Map<String, String> map) {
+        webRoot = Objects.requireNonNull(map.get(ENV_WEB_ROOT));
+        mavenExecutable = Objects.requireNonNull(map.get(ENV_MAVEN_EXECUTABLE));
+        tempDir = Objects.requireNonNull(map.get(ENV_TEMP_DIR));
+        openIdClientId = Objects.requireNonNull(map.get(ENV_OPENID_CLIENT_ID));
+        openIdClientSecret = Objects.requireNonNull(map.get(ENV_OPENID_CLIENT_SECRET));
+        openIdRedirectUrl = Objects.requireNonNull(map.get(ENV_OPENID_REDIRECT_URL));
+        openIdAuthUrl = Objects.requireNonNull(map.get(ENV_OPENID_AUTH_URL));
+        openIdTokenUrl = Objects.requireNonNull(map.get(ENV_OPENID_TOKEN_URL));
+        openIdUserInfoUrl = Objects.requireNonNull(map.get(ENV_OPENID_USERINFO_URL));
+        openIdLogoutUrl = Objects.requireNonNull(map.get(ENV_OPENID_LOGOUT_URL));
+    }
+
     private void initByProperties(Properties properties) {
-        mavenExecutable = properties.getProperty(ENV_MAVEN_EXECUTABLE);
-        tempDir = properties.getProperty(ENV_TEMP_DIR);
+        webRoot = getNullSafeProperty(properties, ENV_WEB_ROOT);
+        mavenExecutable = getNullSafeProperty(properties, ENV_MAVEN_EXECUTABLE);
+        tempDir = getNullSafeProperty(properties, ENV_TEMP_DIR);
+        openIdClientId = getNullSafeProperty(properties, ENV_OPENID_CLIENT_ID);
+        openIdClientSecret = getNullSafeProperty(properties, ENV_OPENID_CLIENT_SECRET);
+        openIdRedirectUrl = getNullSafeProperty(properties, ENV_OPENID_REDIRECT_URL);
+        openIdAuthUrl = getNullSafeProperty(properties, ENV_OPENID_AUTH_URL);
+        openIdTokenUrl = getNullSafeProperty(properties, ENV_OPENID_TOKEN_URL);
+        openIdUserInfoUrl = getNullSafeProperty(properties, ENV_OPENID_USERINFO_URL);
+        openIdLogoutUrl = getNullSafeProperty(properties, ENV_OPENID_LOGOUT_URL);
+    }
+
+    private String getNullSafeProperty(Properties properties, String key) {
+        return Objects.requireNonNull(properties.getProperty(key));
+    }
+
+    public String getWebRoot() {
+        return webRoot;
     }
 
     public String getMavenExecutable() {
@@ -39,4 +87,32 @@ public class Configuration {
     public String getTempDir() {
         return tempDir;
     }
+
+    public String getOpenIdClientId() {
+        return openIdClientId;
+    }
+
+    public String getOpenIdClientSecret() {
+        return openIdClientSecret;
+    }
+
+    public String getOpenIdRedirectUrl() {
+        return openIdRedirectUrl;
+    }
+
+    public String getOpenIdAuthUrl() {
+        return openIdAuthUrl;
+    }
+
+    public String getOpenIdTokenUrl() {
+        return openIdTokenUrl;
+    }
+
+    public String getOpenIdUserInfoUrl() {
+        return openIdUserInfoUrl;
+    }
+
+    public String getOpenIdLogoutUrl() {
+        return openIdLogoutUrl;
+    }
 }

src/main/java/de/devloop/mavor/servlet/Authentication.java

@@ -2,30 +2,46 @@ package de.devloop.mavor.servlet;
 
 import java.io.IOException;
 
+import de.devloop.mavor.BaseServlet;
 import de.devloop.mavor.Session;
 import de.devloop.openid.AuthenticationUrl;
 import de.devloop.openid.OpenID;
+import de.devloop.openid.OpenIdConfiguration;
 import de.devloop.openid.OpenIdRequestException;
 import de.devloop.openid.Token;
 import de.devloop.openid.UserInfo;
 import jakarta.servlet.ServletException;
 import jakarta.servlet.annotation.WebServlet;
-import jakarta.servlet.http.HttpServlet;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 
 @WebServlet("/authenticate")
-public class Authentication extends HttpServlet {
+public class Authentication extends BaseServlet {
 
     private static final String PARAMETER_STATE = "state";
     private static final String PARAMETER_CODE = "code";
 
+    private OpenIdConfiguration openIdConfiguration;
+    private OpenID openID;
+
+    @Override
+    public void init() throws ServletException {
+        super.init();
+
+        openIdConfiguration = new OpenIdConfiguration();
+        openIdConfiguration.setAuthUrl(configuration.getOpenIdAuthUrl());
+        openIdConfiguration.setClientId(configuration.getOpenIdClientId());
+        openIdConfiguration.setClientSecret(configuration.getOpenIdClientSecret());
+        openIdConfiguration.setRedirectUrl(configuration.getOpenIdRedirectUrl());
+        openIdConfiguration.setTokenUrl(configuration.getOpenIdTokenUrl());
+        openIdConfiguration.setUserInfoUrl(configuration.getOpenIdUserInfoUrl());
+
+        openID = new OpenID(openIdConfiguration);
+    }
+
     @Override
     protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
         Session session = new Session(req.getSession(true));
-
-        OpenID openID = new OpenID();
-
         if (req.getParameter(PARAMETER_STATE) != null && req.getParameter(PARAMETER_CODE) != null) {
             if (req.getParameter(PARAMETER_STATE).equals(session.getOAuthState())) {
                 session.clearOAuthState();
@@ -41,7 +57,7 @@ public class Authentication extends HttpServlet {
                 
                 session.setOAuthToken(token.getAccessToken());
                 session.setUsername(userInfo.getEmail());
-                resp.sendRedirect("/mavor/");
+                resp.sendRedirect(configuration.getWebRoot());
             } else {
                 throw new ServletException("OpenID state mismatch!");
             }

src/main/java/de/devloop/mavor/servlet/DownloadJars.java

@@ -18,7 +18,6 @@ import java.util.zip.ZipOutputStream;
 
 import de.devloop.mavor.Artifact;
 import de.devloop.mavor.AuthenticatedServlet;
-import de.devloop.mavor.Configuration;
 import jakarta.servlet.RequestDispatcher;
 import jakarta.servlet.ServletException;
 import jakarta.servlet.annotation.WebServlet;
@@ -35,17 +34,6 @@ public class DownloadJars extends AuthenticatedServlet {
     private static final String PARAMETER_POM = "pom";
     private static final String PARAMETER_TYPE = "type";
 
-    private Configuration configuration;
-
-    @Override
-    public void init() throws ServletException {
-        try {
-            configuration = new Configuration();
-        } catch (IOException e) {
-            throw new ServletException("Configuration Error", e);
-        }
-    }
-
     @Override
     protected void doAuthenticatedPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
         doAuthenticatedGet(req, resp);

src/main/java/de/devloop/mavor/servlet/DownloadZip.java

@@ -5,7 +5,6 @@ import java.io.FileInputStream;
 import java.io.IOException;
 
 import de.devloop.mavor.AuthenticatedServlet;
-import de.devloop.mavor.Configuration;
 import jakarta.servlet.ServletException;
 import jakarta.servlet.annotation.WebServlet;
 import jakarta.servlet.http.HttpServletRequest;
@@ -16,17 +15,6 @@ public class DownloadZip extends AuthenticatedServlet {
 
     private static final String PARAMETER_FILENAME = "file";
 
-    private Configuration configuration;
-
-    @Override
-    public void init() throws ServletException {
-        try {
-            configuration = new Configuration();
-        } catch (IOException e) {
-            throw new ServletException("Configuration Error", e);
-        }
-    }
-
     @Override
     protected void doAuthenticatedGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
         File tempDir = new File(configuration.getTempDir());
@@ -46,7 +34,7 @@ public class DownloadZip extends AuthenticatedServlet {
                 throw new ServletException("-.-");
             }
         } else {
-            Main.redirectToMe(resp);
+            resp.sendRedirect(configuration.getWebRoot());
         }
     }
 }

src/main/java/de/devloop/mavor/servlet/Logout.java

@@ -2,23 +2,22 @@ package de.devloop.mavor.servlet;
 
 import java.io.IOException;
 
+import de.devloop.mavor.AuthenticatedServlet;
 import jakarta.servlet.ServletException;
 import jakarta.servlet.annotation.WebServlet;
-import jakarta.servlet.http.HttpServlet;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import jakarta.servlet.http.HttpSession;
 
 @WebServlet("/logout")
-public class Logout extends HttpServlet {
-    private static final String OAUTH_LOGOUT_URL = "https://auth.devloop.de/application/o/devloop-mavor/end-session/";
+public class Logout extends AuthenticatedServlet {
 
     @Override
-    protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
+    protected void doAuthenticatedGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
         HttpSession httpSession = req.getSession();
         if (httpSession != null) {
             httpSession.invalidate();
         }
-        resp.sendRedirect(OAUTH_LOGOUT_URL);
+        resp.sendRedirect(configuration.getOpenIdLogoutUrl());
     }
 }

src/main/java/de/devloop/mavor/servlet/Main.java

@@ -19,8 +19,4 @@ public class Main extends AuthenticatedServlet {
         
         view.forward(req, resp);
     }
-
-    public static void redirectToMe(HttpServletResponse resp) throws IOException {
-        resp.sendRedirect("/mavor");
-    }
 }

src/main/java/de/devloop/openid/OpenID.java

@@ -1,6 +1,7 @@
 package de.devloop.openid;
 
 import java.io.IOException;
+import java.net.HttpURLConnection;
 import java.net.URI;
 import java.net.URISyntaxException;
 import java.net.URLEncoder;
@@ -17,19 +18,23 @@ import java.util.UUID;
 import com.google.gson.Gson;
 
 public class OpenID {
-    private static final String CLIENT_ID = "vP9xF2s1yy2n6sR05jV6dguyMeOvIxCg1GarV71O";
-    private static final String CLIENT_SECRET = "PrwGSMcucxYPkOdrb23jddWqyn31vphrxCUu9MGdLTCUnbk0OJI5oWCvO0khVhcnJNDbJaKWxNMxaC4bJ92jy8bDjtG6oaWG37qhuLRPMh5DKluZxsCMmCvQ8f9ZQckZ";
 
-    private static final String REDIRECT_URL = "http://localhost:8080/mavor/authenticate";
+    private final OpenIdConfiguration configuration;
 
-    private static final String OAUTH_AUTH_URL = "https://auth.devloop.de/application/o/authorize/";
-    private static final String OAUTH_TOKEN_URL = "https://auth.devloop.de/application/o/token/";
-    private static final String OAUTH_USERINFO_URL = "https://auth.devloop.de/application/o/userinfo/";
+    public OpenID(OpenIdConfiguration configuration) {
+        this.configuration = configuration;
+    }
 
     public AuthenticationUrl getAuthenticationUrl() {
         String state = UUID.randomUUID().toString();
-        String url = String.format("%s?response_type=code&client_id=%s&redirect_uri=%s&state=%s&scope=openid email", OAUTH_AUTH_URL, CLIENT_ID, REDIRECT_URL, state);
-        return new AuthenticationUrl(url, state);
+        StringBuilder url = new StringBuilder();
+        url.append(configuration.getAuthUrl());
+        url.append("?response_type=code");
+        url.append("&client_id=" + configuration.getClientId());
+        url.append("&redirect_uri=" + configuration.getRedirectUrl());
+        url.append("&state=" + state);
+
+        return new AuthenticationUrl(url.toString(), state);
     }
 
     private URI getUriObject(String url) throws OpenIdRequestException {
@@ -41,13 +46,13 @@ public class OpenID {
     }
 
     public Token requestToken(String code) throws OpenIdRequestException {
-        URI tokenUrl = getUriObject(OAUTH_TOKEN_URL);
+        URI tokenUrl = getUriObject(configuration.getTokenUrl());
         HashMap<String, String> tokenParameter = new HashMap<>();
         tokenParameter.put("grant_type", "authorization_code");
-        tokenParameter.put("client_id", CLIENT_ID);
-        tokenParameter.put("client_secret", CLIENT_SECRET);
+        tokenParameter.put("client_id", configuration.getClientId());
+        tokenParameter.put("client_secret", configuration.getClientSecret());
         tokenParameter.put("code", code);
-        tokenParameter.put("redirect_uri", REDIRECT_URL);
+        tokenParameter.put("redirect_uri", configuration.getRedirectUrl());
 
         HttpRequest tokenRequest = HttpRequest.newBuilder()
             .uri(tokenUrl)
@@ -68,7 +73,7 @@ public class OpenID {
     }
 
     public UserInfo requestUserInfo(Token token) throws OpenIdRequestException {
-        URI userInfoUrl = getUriObject(OAUTH_USERINFO_URL);
+        URI userInfoUrl = getUriObject(configuration.getUserInfoUrl());
         HttpRequest userInfoRequest = HttpRequest.newBuilder()
             .uri(userInfoUrl)
             .header("Accept", "application/json")
@@ -83,6 +88,10 @@ public class OpenID {
             throw new OpenIdRequestException("Requesting user info failed", e);
         }
 
+        if (userInfoResponse.statusCode() != HttpURLConnection.HTTP_OK) {
+            throw new OpenIdRequestException(String.format("Requesting user info failed with HTTP code '%d'", userInfoResponse.statusCode()));
+        }
+
         Gson gson = new Gson();
         return gson.fromJson(userInfoResponse.body(), UserInfo.class);
     }

src/main/java/de/devloop/openid/OpenIdConfiguration.java

@@ -0,0 +1,58 @@
+package de.devloop.openid;
+
+public class OpenIdConfiguration {
+    private String clientId;
+    private String clientSecret;
+    private String redirectUrl;
+    private String authUrl;
+    private String tokenUrl;
+    private String userInfoUrl;
+
+    public String getClientId() {
+        return clientId;
+    }
+
+    public void setClientId(String clientId) {
+        this.clientId = clientId;
+    }
+
+    public String getClientSecret() {
+        return clientSecret;
+    }
+
+    public void setClientSecret(String clientSecret) {
+        this.clientSecret = clientSecret;
+    }
+
+    public String getRedirectUrl() {
+        return redirectUrl;
+    }
+
+    public void setRedirectUrl(String redirectUrl) {
+        this.redirectUrl = redirectUrl;
+    }
+
+    public String getAuthUrl() {
+        return authUrl;
+    }
+
+    public void setAuthUrl(String authUrl) {
+        this.authUrl = authUrl;
+    }
+
+    public String getTokenUrl() {
+        return tokenUrl;
+    }
+
+    public void setTokenUrl(String tokenUrl) {
+        this.tokenUrl = tokenUrl;
+    }
+
+    public String getUserInfoUrl() {
+        return userInfoUrl;
+    }
+
+    public void setUserInfoUrl(String userInfoUrl) {
+        this.userInfoUrl = userInfoUrl;
+    }
+}

src/main/java/de/devloop/openid/OpenIdRequestException.java

@@ -1,6 +1,10 @@
 package de.devloop.openid;
 
 public class OpenIdRequestException extends Exception {
+    public OpenIdRequestException(String message) {
+        super(message);
+    }
+
     public OpenIdRequestException(String message, Throwable cause) {
         super(message, cause);
     }

src/main/webapp/download.jsp

@@ -1,10 +1,15 @@
 <%@ taglib uri="jakarta.tags.core" prefix="c" %>
 <%@ page isELIgnored="false" %> 
 <html>
-    <body style="background-color:black; color:white">
-        Download dependencies (Link only works once!): <a href="/mavor/download/zip?file=${zipFilename}">${zipFilename}</a><br/>
-        <a href="/mavor/logout">logout</a> | <a href="/mavor">back</a><br/>
-        Maven Output:<br/>
+    <head>
+        <link rel="stylesheet" href="${WEB_ROOT}/style/main.css">
+    </head>
+    <body>
+        <h2>Hello ${username}</h2>
+        <a href="${WEB_ROOT}/logout">logout</a> | <a href="${WEB_ROOT}">back</a>
+        <h3>Download dependencies</h3>
+        (Link only works once!) <a href="${WEB_ROOT}/download/zip?file=${zipFilename}">${zipFilename}</a>
+        <h3>Maven Output:</h3>
         <pre>${stdout}</pre>
     </body>
 </html>

src/main/webapp/main.jsp

@@ -1,21 +1,59 @@
 <%@ taglib uri="jakarta.tags.core" prefix="c" %>
 <%@ page isELIgnored="false" %> 
 <html>
-<body style="background-color:black; color:white">
-<h2>Hello ${username}</h2>
-<form method="get" action="/mavor/download/jars">
-    <input type="hidden" name="type" value="artifact"/>
-    Repository: <input type="text" name="repository" value="https://source.devloop.de/api/packages/damage/maven/" /><br/>
-    Group ID: <input type="text" name="groupId" value="org.apache.activemq"/><br/>
-    Artifact ID: <input type="text" name="artifactId" value="artemis-core-client"/><br/>
-    Version: <input type="text" name="version" value="2.39.0"/><br/>
-    <input type="submit"/>
-</form>
-<form method="post" action="/mavor/download/jars">
-    <input type="hidden" name="type" value="pom"/>
-    POM: <textarea name="pom" cols="80" rows="20"></textarea><br/>
-    <input type="submit"/>
-</form>
-<a href="/mavor/logout">logout</a>
-</body>
+    <head>
+        <link rel="stylesheet" href="${WEB_ROOT}/style/main.css">
+    </head>
+    <body>
+        <h2>Hello ${username}</h2>
+        <a href="${WEB_ROOT}/logout">logout</a>
+        <h3>download dependencies of given artifact:</h3>
+        <form method="get" action="${WEB_ROOT}/download/jars">
+            <input type="hidden" name="type" value="artifact"/>
+            <div class="row">
+                <div class="label">
+                    <label for="repository">Repository:</label>
+                </div>
+                <div class="input">
+                    <input type="text" name="repository" id="repository" value="https://source.devloop.de/api/packages/damage/maven/" />
+                </div>
+            </div>
+            <div class="row">
+                <div class="label">
+                    <label for="groupId">Group ID:</label>
+                </div>
+                <div class="input small">
+                    <input type="text" name="groupId" id="groupId" value="org.apache.activemq"/>
+                </div>
+            </div>
+            <div class="row">
+                <div class="label">
+                    <label for="artifactId">Artifact ID:</label>
+                </div>
+                <div class="input small">
+                    <input type="text" name="artifactId" id="artifactId" value="artemis-core-client"/>
+                </div>
+            </div>
+            <div class="row">
+                <div class="label">
+                    <label for="version">Version:</label>
+                </div>
+                <div class="input small">
+                    <input type="text" name="version" id="version" value="2.39.0"/>
+                </div>
+            </div>
+            <input type="submit" value="download by artifact"/>
+        </form>
+
+        <h3>download dependencies as given in pom.xml:</h3>
+        <form method="post" action="${WEB_ROOT}/download/jars">
+            <input type="hidden" name="type" value="pom"/>
+            <div class="row">
+                <div class="input big">
+                    <textarea name="pom" id="pom"></textarea><br/>
+                </div>
+            </div>
+            <input type="submit" value="download by pom.xml"/>
+        </form>
+    </body>
 </html>

src/main/webapp/style/main.css

@@ -0,0 +1,46 @@
+body {
+     background-color: #1b1b1b;
+     color: #c0c0c0;
+}
+
+h3 {
+    margin-bottom: 0;
+}
+
+textarea, input {
+    background-color: #2b2b2b;
+    color: #c0c0c0;
+}
+
+.row {
+    width: 100%;
+}
+
+.row div {
+    display: inline-block;
+}
+
+.label {
+    width: 75pt;
+}
+
+.input {
+    width: 300pt;
+}
+
+.input.small {
+    width: 150pt;
+}
+
+.input.big {
+    width: 500pt;
+}
+
+.input input, .input textarea {
+    width: 100%;
+}
+
+.input textarea {
+    height: 50em;
+    white-space: pre;
+}

woodpecker.yml

@@ -0,0 +1,22 @@
+when:
+  - event: [cron, manual]
+
+steps:
+  - name: maven
+    image: maven:3
+    commands:
+    - mvn package
+  - name: tag
+    image: node
+    commands:
+      - echo -n "$(date +%Y%m%d_%H%M%S), latest, 1" > .tags
+  - name: docker
+    image: woodpeckerci/plugin-docker-buildx:5
+    settings:
+      dockerfile: build/Dockerfile
+      registry: https://source.devloop.de
+      repo: source.devloop.de/damage/mavor
+      username: 
+        from_secret: docker_username
+      password:
+        from_secret: docker_password