Prefix user id with oauth provider name

To migrate the legacy user id, fixLegacyUserId property must be set to true for all providers. Bug: Issue #82 Change-Id: I36833b90280b158172423180358faf90ac2b6718
davido · Feb 4, 2017 · 879bbae · 879bbae
1 parent 98f1be9
commit 879bbae
Show file tree

Hide file tree

Showing 5 changed files with 42 additions and 9 deletions.
diff --git a/src/main/java/com/googlesource/gerrit/plugins/oauth/BitbucketOAuthService.java b/src/main/java/com/googlesource/gerrit/plugins/oauth/BitbucketOAuthService.java
@@ -47,8 +47,10 @@
 public class BitbucketOAuthService implements OAuthServiceProvider {
   private static final Logger log = getLogger(BitbucketOAuthService.class);
   static final String CONFIG_SUFFIX = "-bitbucket-oauth";
+  private final static String BITBUCKET_PROVIDER_PREFIX = "bitbucket-oauth:";
   private static final String PROTECTED_RESOURCE_URL =
       "https://bitbucket.org/api/1.0/user/";
+  private final boolean fixLegacyUserId;
   private final OAuthService service;
 
   @Inject
@@ -60,7 +62,7 @@ public class BitbucketOAuthService implements OAuthServiceProvider {
 
     String canonicalWebUrl =
         CharMatcher.is('/').trimTrailingFrom(urlProvider.get()) + "/";
-
+    fixLegacyUserId = cfg.getBoolean(InitOAuth.FIX_LEGACY_USER_ID, false);
     service = new ServiceBuilder().provider(BitbucketApi.class)
         .apiKey(cfg.getString(InitOAuth.CLIENT_ID))
         .apiSecret(cfg.getString(InitOAuth.CLIENT_SECRET))
@@ -93,10 +95,14 @@ public OAuthUserInfo getUserInfo(OAuthToken token) throws IOException {
       String username = usernameElement.getAsString();
 
       JsonElement displayName = jsonObject.get("display_name");
-      return new OAuthUserInfo(username, username, null,
-          displayName == null || displayName.isJsonNull() ? null
+      return new OAuthUserInfo(
+          BITBUCKET_PROVIDER_PREFIX + username,
+          username,
+          null,
+          displayName == null || displayName.isJsonNull()
+              ? null
               : displayName.getAsString(),
-          null);
+          fixLegacyUserId ? username : null);
     }
 
     throw new IOException(

diff --git a/src/main/java/com/googlesource/gerrit/plugins/oauth/CasOAuthService.java b/src/main/java/com/googlesource/gerrit/plugins/oauth/CasOAuthService.java
@@ -50,10 +50,12 @@ class CasOAuthService implements OAuthServiceProvider {
   private static final Logger log =
       LoggerFactory.getLogger(CasOAuthService.class);
   static final String CONFIG_SUFFIX = "-cas-oauth";
+  private final static String CAS_PROVIDER_PREFIX = "cas-oauth:";
   private static final String PROTECTED_RESOURCE_URL =
       "%s/oauth2.0/profile";
 
   private final String rootUrl;
+  private final boolean fixLegacyUserId;
   private final OAuthService service;
 
   @Inject
@@ -65,6 +67,7 @@ class CasOAuthService implements OAuthServiceProvider {
     rootUrl = cfg.getString(InitOAuth.ROOT_URL);
     String canonicalWebUrl = CharMatcher.is('/').trimTrailingFrom(
         urlProvider.get()) + "/";
+    fixLegacyUserId = cfg.getBoolean(InitOAuth.FIX_LEGACY_USER_ID, false);
     service = new ServiceBuilder()
         .provider(new CasApi(rootUrl))
         .apiKey(cfg.getString(InitOAuth.CLIENT_ID))
@@ -133,7 +136,11 @@ public OAuthUserInfo getUserInfo(OAuthToken token) throws IOException {
         login = property;
     }
 
-    return new OAuthUserInfo(id.getAsString(), login, email, name, null);
+    return new OAuthUserInfo(CAS_PROVIDER_PREFIX + id.getAsString(),
+        login,
+        email,
+        name,
+        fixLegacyUserId ? id.getAsString() : null);
   }
 
   private String getStringElement(JsonObject o, String name) {

diff --git a/src/main/java/com/googlesource/gerrit/plugins/oauth/GitHubOAuthService.java b/src/main/java/com/googlesource/gerrit/plugins/oauth/GitHubOAuthService.java
@@ -49,10 +49,12 @@ class GitHubOAuthService implements OAuthServiceProvider {
   private static final Logger log =
       LoggerFactory.getLogger(GitHubOAuthService.class);
   static final String CONFIG_SUFFIX = "-github-oauth";
+  private final static String GITHUB_PROVIDER_PREFIX = "github-oauth:";
   private static final String PROTECTED_RESOURCE_URL =
       "https://api.github.com/user";
 
   private static final String SCOPE = "user:email";
+  private final boolean fixLegacyUserId;
   private final OAuthService service;
 
   @Inject
@@ -63,6 +65,7 @@ class GitHubOAuthService implements OAuthServiceProvider {
         pluginName + CONFIG_SUFFIX);
     String canonicalWebUrl = CharMatcher.is('/').trimTrailingFrom(
         urlProvider.get()) + "/";
+    fixLegacyUserId = cfg.getBoolean(InitOAuth.FIX_LEGACY_USER_ID, false);
     service = new ServiceBuilder()
         .provider(GitHub2Api.class)
         .apiKey(cfg.getString(InitOAuth.CLIENT_ID))
@@ -99,11 +102,12 @@ public OAuthUserInfo getUserInfo(OAuthToken token) throws IOException {
       JsonElement email = jsonObject.get("email");
       JsonElement name = jsonObject.get("name");
       JsonElement login = jsonObject.get("login");
-      return new OAuthUserInfo(id.getAsString(),
+      return new OAuthUserInfo(
+          GITHUB_PROVIDER_PREFIX + id.getAsString(),
           login == null || login.isJsonNull() ? null : login.getAsString(),
           email == null || email.isJsonNull() ? null : email.getAsString(),
           name == null || name.isJsonNull() ? null : name.getAsString(),
-          null);
+          fixLegacyUserId ? id.getAsString() : null);
     }
 
     throw new IOException(String.format(

diff --git a/src/main/java/com/googlesource/gerrit/plugins/oauth/GoogleOAuthService.java b/src/main/java/com/googlesource/gerrit/plugins/oauth/GoogleOAuthService.java
@@ -55,6 +55,7 @@ class GoogleOAuthService implements OAuthServiceProvider {
   private static final Logger log =
       LoggerFactory.getLogger(GoogleOAuthService.class);
   static final String CONFIG_SUFFIX = "-google-oauth";
+  private static final String GOOGLE_PROVIDER_PREFIX = "google-oauth:";
   private static final String PROTECTED_RESOURCE_URL =
       "https://www.googleapis.com/userinfo/v2/me";
       //"https://www.googleapis.com/plus/v1/people/me/openIdConnect";
@@ -63,6 +64,7 @@ class GoogleOAuthService implements OAuthServiceProvider {
   private final String canonicalWebUrl;
   private final String domain;
   private final boolean useEmailAsUsername;
+  private final boolean fixLegacyUserId;
 
   @Inject
   GoogleOAuthService(PluginConfigFactory cfgFactory,
@@ -76,6 +78,7 @@ class GoogleOAuthService implements OAuthServiceProvider {
       log.warn(String.format("The support for: %s is disconinued",
           InitOAuth.LINK_TO_EXISTING_OPENID_ACCOUNT));
     }
+    fixLegacyUserId = cfg.getBoolean(InitOAuth.FIX_LEGACY_USER_ID, false);
     this.domain = cfg.getString(InitOAuth.DOMAIN);
     this.useEmailAsUsername = cfg.getBoolean(
         InitOAuth.USE_EMAIL_AS_USERNAME, false);
@@ -137,11 +140,12 @@ public OAuthUserInfo getUserInfo(OAuthToken token) throws IOException {
       if (useEmailAsUsername && !email.isJsonNull()) {
         login = email.getAsString().split("@")[0];
       }
-      return new OAuthUserInfo(id.getAsString() /*externalId*/,
+      return new OAuthUserInfo(
+          GOOGLE_PROVIDER_PREFIX + id.getAsString() /*externalId*/,
           login /*username*/,
           email == null || email.isJsonNull() ? null : email.getAsString() /*email*/,
           name == null || name.isJsonNull() ? null : name.getAsString() /*displayName*/,
-	      null /*claimedIdentity*/);
+          fixLegacyUserId ? id.getAsString() : null /*claimedIdentity*/);
     }
 
     throw new IOException(String.format(

diff --git a/src/main/java/com/googlesource/gerrit/plugins/oauth/InitOAuth.java b/src/main/java/com/googlesource/gerrit/plugins/oauth/InitOAuth.java
@@ -25,10 +25,14 @@ class InitOAuth implements InitStep {
   static final String CLIENT_SECRET = "client-secret";
   static final String LINK_TO_EXISTING_OPENID_ACCOUNT =
       "link-to-existing-openid-accounts";
+  static final String FIX_LEGACY_USER_ID =
+      "fix-legacy-user-id";
   static final String DOMAIN = "domain";
   static final String USE_EMAIL_AS_USERNAME =
       "use-email-as-username";
   static final String ROOT_URL = "root-url";
+  static String FIX_LEGACY_USER_ID_QUESTION =
+      "Fix legacy user id, without oauth provider prefix?";
 
   private final ConsoleUI ui;
   private final Section googleOAuthProviderSection;
@@ -59,25 +63,33 @@ public void run() throws Exception {
         true, "Use Google OAuth provider for Gerrit login ?");
     if (configureGoogleOAuthProvider) {
       configureOAuth(googleOAuthProviderSection);
+      googleOAuthProviderSection.string(FIX_LEGACY_USER_ID_QUESTION,
+          FIX_LEGACY_USER_ID, "false");
     }
 
     boolean configueGitHubOAuthProvider = ui.yesno(
         true, "Use GitHub OAuth provider for Gerrit login ?");
     if (configueGitHubOAuthProvider) {
       configureOAuth(githubOAuthProviderSection);
+      githubOAuthProviderSection.string(FIX_LEGACY_USER_ID_QUESTION,
+          FIX_LEGACY_USER_ID, "false");
     }
 
     boolean configureBitbucketOAuthProvider = ui.yesno(
         true, "Use Bitbucket OAuth provider for Gerrit login ?");
     if (configureBitbucketOAuthProvider) {
       configureOAuth(bitbucketOAuthProviderSection);
+      bitbucketOAuthProviderSection.string(FIX_LEGACY_USER_ID_QUESTION,
+          FIX_LEGACY_USER_ID, "false");
     }
 
     boolean configureCasOAuthProvider = ui.yesno(
         true, "Use CAS OAuth provider for Gerrit login ?");
     if (configureCasOAuthProvider) {
       casOAuthProviderSection.string("CAS Root URL", ROOT_URL, null);
       configureOAuth(casOAuthProviderSection);
+      casOAuthProviderSection.string(FIX_LEGACY_USER_ID_QUESTION,
+          FIX_LEGACY_USER_ID, "false");
     }
   }