CCM NG:

- LoginManager finished, works now
    - Utility class for looking up CDI beans in classes which are not eligible for injection
    - Some clean up (removing FindBugs and PMD warnings)


git-svn-id: https://svn.libreccm.org/ccm/ccm_ng@3528 8810af33-2d31-482b-a856-94f89814c4df

ccm-core/src/main/java/org/libreccm/cdi/utils/CdiLookupException.java

@@ -0,0 +1,67 @@
+/*
+ * Copyright (C) 2015 LibreCCM Foundation.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ * MA 02110-1301  USA
+ */
+
+package org.libreccm.cdi.utils;
+
+/**
+ *
+ * @author <a href="mailto:jens.pelzetter@googlemail.com">Jens Pelzetter</a>
+ */
+public class CdiLookupException extends Exception {
+
+    private static final long serialVersionUID = 1L;
+
+    /**
+     * Creates a new instance of <code>CdiLookupException</code> without detail message.
+     */
+    public CdiLookupException() {
+        super();
+    }
+
+
+    /**
+     * Constructs an instance of <code>CdiLookupException</code> with the specified detail message.
+     *
+     * @param msg The detail message.
+     */
+    public CdiLookupException(final String msg) {
+        super(msg);
+    }
+
+    /**
+      * Constructs an instance of <code>CdiLookupException</code> which wraps the 
+      * specified exception.
+      *
+      * @param exception The exception to wrap.
+      */
+    public CdiLookupException(final Exception exception) {
+        super(exception);
+    }
+
+    /**
+      * Constructs an instance of <code>CdiLookupException</code> with the specified message which also wraps the 
+      * specified exception.
+      *
+      * @param msg The detail message.
+      * @param exception The exception to wrap.
+      */
+    public CdiLookupException(final String msg, final Exception exception) {
+        super(msg, exception);
+    }
+}

ccm-core/src/main/java/org/libreccm/cdi/utils/CdiUtil.java

@@ -0,0 +1,64 @@
+/*
+ * Copyright (C) 2015 LibreCCM Foundation.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ * MA 02110-1301  USA
+ */
+package org.libreccm.cdi.utils;
+
+import org.apache.log4j.LogManager;
+import org.apache.log4j.Logger;
+import org.apache.logging.log4j.message.ParameterizedMessage;
+
+import java.util.Iterator;
+import java.util.Set;
+
+import javax.enterprise.context.spi.CreationalContext;
+import javax.enterprise.inject.spi.Bean;
+import javax.enterprise.inject.spi.BeanManager;
+import javax.enterprise.inject.spi.CDI;
+
+/**
+ *
+ * @author <a href="mailto:jens.pelzetter@googlemail.com">Jens Pelzetter</a>
+ */
+public class CdiUtil {
+
+    private final static Logger LOGGER = LogManager.getLogger(CdiUtil.class);
+    
+    private final transient BeanManager beanManager;
+
+    public CdiUtil() {
+        beanManager = CDI.current().getBeanManager();
+    }
+
+    @SuppressWarnings("unchecked")
+    public <T> T findBean(final Class<T> beanType) throws CdiLookupException {
+        final Set<Bean<?>> beans = beanManager.getBeans(beanType);
+        final Iterator<Bean<?>> iterator = beans.iterator();
+        if (iterator.hasNext()) {
+            @SuppressWarnings("unchecked")
+            final Bean<T> bean = (Bean<T>) iterator.next();
+            final CreationalContext<T> ctx = beanManager.createCreationalContext(bean);
+            
+            return (T) beanManager.getReference(bean, beanType, ctx);
+        } else {
+            LOGGER.error(new ParameterizedMessage(
+                "No CDI Bean for type {0} found.", beanType.getName()));
+            throw new CdiLookupException(String.format(
+                "No CDI Bean for type \"%s\" found", beanType.getName()));
+        }
+    }
+}

ccm-core/src/main/java/org/libreccm/core/UserManager.java

@@ -18,11 +18,9 @@
  */
 package org.libreccm.core;
 
-import static org.libreccm.core.CoreConstants.*;
 
 import org.apache.commons.codec.binary.Base64;
 
-import java.io.UnsupportedEncodingException;
 import java.nio.charset.StandardCharsets;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;

ccm-core/src/main/java/org/libreccm/core/authentication/AbstractPasswordLoginModule.java

@@ -43,7 +43,7 @@ import javax.security.auth.spi.LoginModule;
  * the shared data for use by other {@code LoginModule}s.
  *
  * This class in a reworked version of
- * {@code org.arsdigita.kernel.security.PasswordLoginModule} developed by Sameer
+ * {@code org.arsdigita.kernel.security.AbstractPasswordLoginModule} developed by Sameer
  * Ajmani (according to the JavaDoc). The main differences is that the new
  * version uses generics and multi-catch for exceptions. Also the code,
  * especially if clauses have been reworked to match the conventions enforced by
@@ -59,10 +59,9 @@ import javax.security.auth.spi.LoginModule;
  *
  * @author <a href="mailto:jens.pelzetter@googlemail.com">Jens Pelzetter</a>
  */
-public abstract class PasswordLoginModule implements LoginModule {
+public abstract class AbstractPasswordLoginModule implements LoginModule {
 
-    private static final Logger LOGGER = LogManager.getLogger(
+    private static final Logger LOGGER = LogManager.getLogger(AbstractPasswordLoginModule.class);
-        PasswordLoginModule.class);
     /**
      * Key for username in shared data map.
      */
@@ -78,8 +77,8 @@ public abstract class PasswordLoginModule implements LoginModule {
      * method.
      * We only set the fields we use in this class.
      */
-    private CallbackHandler callbackHandler;
+    private transient CallbackHandler callbackHandler;
-    private Map<String, ?> sharedState;
+    private transient Map<String, ?> sharedState;
 
     /**
      * {@inheritDoc }
@@ -155,6 +154,7 @@ public abstract class PasswordLoginModule implements LoginModule {
      *
      * @throws LoginException if an error occurs.
      */
+    @SuppressWarnings("PMD.PreserveStackTrace")
     private String retrieveUsername() throws LoginException {
         String username = (String) sharedState.get(NAME_KEY);
         if (username == null) {
@@ -178,6 +178,7 @@ public abstract class PasswordLoginModule implements LoginModule {
      *
      * @throws LoginException if an error occurs.
      */
+    @SuppressWarnings("PMD.StackTraceLost")
     private String retrievePassword() throws LoginException {
         String password = (String) sharedState.get(PASSWORD_KEY);
 

ccm-core/src/main/java/org/libreccm/core/authentication/LocalLoginModule.java

@@ -20,15 +20,14 @@ package org.libreccm.core.authentication;
 
 import com.arsdigita.kernel.KernelConfig;
 
+import org.libreccm.cdi.utils.CdiLookupException;
+import org.libreccm.cdi.utils.CdiUtil;
 import org.libreccm.core.User;
 import org.libreccm.core.UserManager;
 import org.libreccm.core.UserRepository;
 
-import java.security.MessageDigest;
-import java.security.NoSuchAlgorithmException;
 import java.util.Map;
 
-import javax.inject.Inject;
 import javax.security.auth.Subject;
 import javax.security.auth.callback.CallbackHandler;
 import javax.security.auth.login.AccountNotFoundException;
@@ -39,17 +38,7 @@ import javax.security.auth.login.LoginException;
  *
  * @author <a href="mailto:jens.pelzetter@googlemail.com">Jens Pelzetter</a>
  */
-public class LocalLoginModule extends PasswordLoginModule {
+public class LocalLoginModule extends AbstractPasswordLoginModule {
-
-    /**
-     * {@link UserRepository} instance for getting user accounts from the
-     * database.
-     */
-    @Inject
-    private transient UserRepository userRepository;
-    
-    @Inject
-    private transient UserManager userManager;
 
     private transient Subject subject;
 
@@ -85,16 +74,38 @@ public class LocalLoginModule extends PasswordLoginModule {
      * @param password The password to verify.
      *
      * @return {@code true} if the password matches the password in the
-     * database, {@code false} if not or if there is no user account identified
+     *         database, {@code false} if not or if there is no user account
-     * by the provided user name.
+     *         identified by the provided user name.
      *
      * @throws LoginException If an error occurs in the process.
      */
     @Override
+    @SuppressWarnings("PMD.StackTraceLost")
     protected boolean checkPassword(final String username,
                                     final String password)
         throws LoginException {
 
+        final CdiUtil cdiUtil = new CdiUtil();
+
+        final UserRepository userRepository;
+        try {
+            userRepository = cdiUtil.findBean(UserRepository.class);
+        } catch (CdiLookupException ex) {
+            throw new LoginException(
+                String.format(
+                    "Failed to obtain reference for UserRepository: %s",
+                    ex.getMessage()));
+        }
+
+        final UserManager userManager;
+        try {
+            userManager = cdiUtil.findBean(UserManager.class);
+        } catch (CdiLookupException ex) {
+            throw new LoginException(String.format(
+                "Failed to obtain reference for UserManager: %s",
+                ex.getMessage()));
+        }
+
         //Depending on the configured user identifier retrieve the user account
         //using the screen name or the email address.
         final User user;
@@ -110,7 +121,15 @@ public class LocalLoginModule extends PasswordLoginModule {
                 "No user account identified by '%s' found.", username));
         }
 
-        return userManager.verifyPasswordForUser(user, password);
+        final boolean result = userManager.verifyPasswordForUser(user, password);
+        
+        if (result) {
+            final UserPrincipal userPrincipal = new UserPrincipal(user);
+            subject.getPrincipals().add(userPrincipal);
+            return true;
+        } else {
+            return false;
+        }
 
         // Verify the password. The algorithm used for hashing is stored in the 
         // database so we need to retrieve the correct MessageDigest instance 
@@ -137,7 +156,6 @@ public class LocalLoginModule extends PasswordLoginModule {
 //                            + "which is not avialable.",
 //                    username, user.getHashAlgorithm()));
 //        }
-
     }
 
 }

ccm-core/src/main/java/org/libreccm/core/authentication/LoginConfig.java

@@ -46,7 +46,7 @@ public class LoginConfig extends Configuration {
     /**
      * The configuration entries.
      */
-    private final Map<String, AppConfigurationEntry[]> appConfigs;
+    private final transient Map<String, AppConfigurationEntry[]> appConfigs;
 
     private LoginConfig() {
         this.appConfigs = new HashMap<>();

ccm-core/src/main/java/org/libreccm/core/authentication/LoginConfigBuilder.java

@@ -24,6 +24,7 @@ import com.arsdigita.runtime.ConfigError;
 import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.List;
+import java.util.Locale;
 import java.util.Map;
 
 import javax.security.auth.login.AppConfigurationEntry;
@@ -108,8 +109,10 @@ public class LoginConfigBuilder {
      *               be created, as array of strings as provided by
      *               {@link SecurityConfig#getLoginConfig()}.
      */
+    @SuppressWarnings("PMD.UseVarargs") //Can't use varargs here
     public LoginConfigBuilder(final String[] config) {
-        this.config = config;
+        this.config = new String[config.length];
+        System.arraycopy(config, 0, this.config, 0, config.length);
     }
 
     /**
@@ -259,7 +262,7 @@ public class LoginConfigBuilder {
      */
     private AppConfigurationEntry.LoginModuleControlFlag parseFlag(
         final String flag) {
-        switch (flag.toUpperCase()) {
+        switch (flag.toUpperCase(Locale.ROOT)) {
             case "REQUISITE":
                 return AppConfigurationEntry.LoginModuleControlFlag.REQUISITE;
 

ccm-core/src/main/java/org/libreccm/core/authentication/LoginManager.java

@@ -20,7 +20,6 @@ package org.libreccm.core.authentication;
 
 import org.libreccm.core.CcmSessionContext;
 import org.libreccm.core.User;
-import org.libreccm.core.UserRepository;
 
 import java.io.IOException;
 import java.util.Iterator;
@@ -53,7 +52,7 @@ public class LoginManager {
     /**
      * Name of the register login context.
      */
-    private static final String REGISTER_LOGIN_CONTEXT = "Register";
+    private static final String LOGIN_CONTEXT = "Register";
 
     @Inject
     private transient CcmSessionContext sessionContext;
@@ -67,7 +66,7 @@ public class LoginManager {
         final CallbackHandler callbackHandler = new LoginCallbackHandler(
             username, password);
         final LoginContext loginContext = new LoginContext(
-            REGISTER_LOGIN_CONTEXT,
+            LOGIN_CONTEXT,
             callbackHandler);
         loginContext.login();
         final Subject subject = loginContext.getSubject();
@@ -85,10 +84,10 @@ public class LoginManager {
         }
     }
     
-    private class LoginCallbackHandler implements CallbackHandler {
+    private static class LoginCallbackHandler implements CallbackHandler {
 
-        private final String username;
+        private final transient String username;
-        private final String password;
+        private final transient String password;
 
         public LoginCallbackHandler(final String username,
                                     final String password) {
@@ -97,10 +96,11 @@ public class LoginManager {
         }
 
         @Override
+        @SuppressWarnings("PMD.UseVarargs") //Can't use varargs here
         public void handle(final Callback[] callbacks)
             throws IOException, UnsupportedCallbackException {
 
-            for (Callback callback : callbacks) {
+            for (final Callback callback : callbacks) {
                 if (callback instanceof NameCallback) {
                     ((NameCallback) callback).setName(username);
                 } else if (callback instanceof PasswordCallback) {

ccm-core/src/main/java/org/libreccm/core/authentication/UserPrincipal.java

@@ -51,7 +51,7 @@ public final class UserPrincipal implements Principal {
     }
 
     @Override
-    public boolean equals(Object obj) {
+    public boolean equals(final Object obj) {
         if (obj == null) {
             return false;
         }

ccm-core/src/main/java/org/libreccm/portal/Portal.java

@@ -24,7 +24,6 @@ import java.io.Serializable;
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.List;
-import java.util.Objects;
 
 import javax.persistence.Column;
 import javax.persistence.Entity;
@@ -107,7 +106,7 @@ public class Portal extends Resource implements Serializable {
             return false;
         }
 
-        return (template == other.isTemplate());
+        return template == other.isTemplate();
     }
 
     @Override

ccm-core/src/main/java/org/libreccm/web/ApplicationType.java

@@ -23,13 +23,13 @@ import java.util.ArrayList;
 import java.util.Collections;
 import java.util.List;
 import java.util.Objects;
+
 import javax.persistence.Entity;
-import javax.persistence.ForeignKey;
 import javax.persistence.JoinColumn;
-import javax.persistence.JoinColumns;
 import javax.persistence.ManyToOne;
 import javax.persistence.OneToMany;
 import javax.persistence.Table;
+
 import org.libreccm.core.Group;
 import org.libreccm.core.Privilege;
 import org.libreccm.core.ResourceType;
@@ -43,9 +43,11 @@ import org.libreccm.core.ResourceType;
 public class ApplicationType extends ResourceType implements Serializable {
 
     private static final long serialVersionUID = -1175728067001112457L;
+    private static final String PMD_LONG_VARIABLE = "PMD.LongVariable";
 
     @OneToMany
     @JoinColumn(name = "relevant_privilege_id")
+    @SuppressWarnings(PMD_LONG_VARIABLE)
     private List<Privilege> relevantPrivileges;
 
     @ManyToOne
@@ -54,9 +56,11 @@ public class ApplicationType extends ResourceType implements Serializable {
 
     @ManyToOne
     @JoinColumn(name = "provider_app_type_id")
+    @SuppressWarnings(PMD_LONG_VARIABLE)
     private ApplicationType providerApplicationType;
 
     @OneToMany(mappedBy = "providerApplicationType")
+    @SuppressWarnings(PMD_LONG_VARIABLE)
     private List<ApplicationType> dependentApplicationTypes;
 
     public ApplicationType() {
@@ -70,6 +74,7 @@ public class ApplicationType extends ResourceType implements Serializable {
         return Collections.unmodifiableList(relevantPrivileges);
     }
 
+    @SuppressWarnings(PMD_LONG_VARIABLE)
     protected void setRelevantPrivileges(
         final List<Privilege> relevantPrivileges) {
         this.relevantPrivileges = relevantPrivileges;
@@ -95,15 +100,18 @@ public class ApplicationType extends ResourceType implements Serializable {
         return providerApplicationType;
     }
 
+    @SuppressWarnings(PMD_LONG_VARIABLE)
     protected void setProviderApplicationType(
         final ApplicationType providerApplicationType) {
         this.providerApplicationType = providerApplicationType;
     }
 
+    @SuppressWarnings(PMD_LONG_VARIABLE)
     public List<ApplicationType> getDependentApplicationTypes() {
         return Collections.unmodifiableList(dependentApplicationTypes);
     }
 
+    @SuppressWarnings(PMD_LONG_VARIABLE)
     protected void setDependentApplicationTypes(
         final List<ApplicationType> dependentApplicationTypes) {
         this.dependentApplicationTypes = dependentApplicationTypes;
@@ -167,4 +175,5 @@ public class ApplicationType extends ResourceType implements Serializable {
                 providerApplicationType),
             data));
     }
+
 }

ccm-core/src/test/java/org/libreccm/core/authentication/LoginManagerTest.java

@@ -115,8 +115,9 @@ public class LoginManagerTest {
             .addPackage(org.libreccm.web.Application.class.getPackage())
             .addPackage(org.libreccm.categorization.Category.class.
                 getPackage())
-            .addPackage(org.libreccm.l10n.LocalizedString.class.getPackage()).
+            .addPackage(org.libreccm.l10n.LocalizedString.class.getPackage())
-            addPackage(org.libreccm.jpa.EntityManagerProducer.class
+            .addPackage(org.libreccm.cdi.utils.CdiUtil.class.getPackage())
+            .addPackage(org.libreccm.jpa.EntityManagerProducer.class
                 .getPackage())
             .addPackage(org.libreccm.jpa.utils.MimeTypeConverter.class
                 .getPackage())
@@ -130,6 +131,10 @@ public class LoginManagerTest {
                 .getPackage())
             .addPackage(com.arsdigita.util.UncheckedWrapperException.class
                 .getPackage())
+            .addPackage(com.arsdigita.xml.XML.class
+                .getPackage())
+            .addPackage(com.arsdigita.xml.formatters.DateTimeFormatter.class
+                .getPackage())
             .addPackage(org.libreccm.tests.categories.IntegrationTest.class
                 .getPackage())
             .addPackage(com.arsdigita.web.CCMApplicationContextListener.class
@@ -168,11 +173,11 @@ public class LoginManagerTest {
         "datasets/org/libreccm/core/authentication/LoginManagerTest/data.json")
     @InSequence(10)
     public void loginValidCredentials() throws LoginException {
-        loginManager.login("jdoe@example.com", "correct-pw");
+        loginManager.login("jdoe@example.com", "foobar");
 
         assertThat(ccmSessionContext.getCurrentParty(), is(not(nullValue())));
         final EmailAddress emailAddress = new EmailAddress();
-        emailAddress.setAddress("jdoe@example.org");
+        emailAddress.setAddress("jdoe@example.com");
         emailAddress.setBouncing(false);
         emailAddress.setVerified(true);
         assertThat(ccmSessionContext.getCurrentParty().getEmailAddresses(),
@@ -188,6 +193,7 @@ public class LoginManagerTest {
             loginManager.login("jdoe@example.com", "wrong-pw");
         } catch (LoginException ex) {
             assertThat(ccmSessionContext.getCurrentParty(), is(nullValue()));
+            return;
         }
 
         fail("No login exception was thrown.");
@@ -202,6 +208,7 @@ public class LoginManagerTest {
             loginManager.login("jdoe@example.com", "");
         } catch (LoginException ex) {
             assertThat(ccmSessionContext.getCurrentParty(), is(nullValue()));
+            return;
         }
 
         fail("No login exception was thrown.");
@@ -216,6 +223,7 @@ public class LoginManagerTest {
             loginManager.login("", "correct-pw");
         } catch (LoginException ex) {
             assertThat(ccmSessionContext.getCurrentParty(), is(nullValue()));
+            return;
         }
 
         fail("No login exception was thrown.");
@@ -230,6 +238,7 @@ public class LoginManagerTest {
             loginManager.login("jdoe@example.com", null);
         } catch (LoginException ex) {
             assertThat(ccmSessionContext.getCurrentParty(), is(nullValue()));
+            return;
         }
 
         fail("No login exception was thrown.");
@@ -244,6 +253,7 @@ public class LoginManagerTest {
             loginManager.login(null, "correct-pw");
         } catch (LoginException ex) {
             assertThat(ccmSessionContext.getCurrentParty(), is(nullValue()));
+            return;
         }
 
         fail("No login exception was thrown.");

ccm-core/src/test/resources/datasets/org/libreccm/core/authentication/LoginManagerTest/data.json

@@ -21,8 +21,9 @@
                     "hash_algorithm": "SHA-512",
                     "family_name": "Doe",
                     "given_name": "John",
-                    "password": "abc8f796612f5c5b5d0c89cf86ea3b8d1c7d15f9c06851f85708013b0248b2e6d9b315b48f586168fe6cc29296e5a9090a5aab14a85b3ffd0633ca8ccc587a09",
+                    "password": "C+o2w6mp+eLrbluMEgKMVSdP50A9BMethXN8R3yihtkbzt7WfWsde2nmq/t5gq6im3J8i3jw4Y3YrKHou8JQ2A==",
-                    "salt": "fiagaifa",
+                    "salt": "Fu8FPgqAal4GZp1hDjkOB+t6ITRCcO7HBoN5Xqf29UnVj5NUdUFZRTyKYMBEx6JmZGmHcMDG9OGVCKcEM9oyScSRreJs4B51wM44NM6KeRwbCf+VhBn14DkBrl40ygraNf+AJacKpMyCpFI0O/Am7mMDWL4flskBsylkxaQn3vKfzgN5MVG2szW//I6Q6YEH9AuL8LauS6fKaVynMzzu3xzD8Hjqvvlnzym898eom2lqScPfg5g4e8Ww13HCHAYe6twupAW/BjUNax5HSioEisZN/P1UGrde8uFEj+hbbavrWYZuilPuEu25+/98jyXx6542agqrWN8j0SFYcIyOgA==",
+                    "password_reset_required": false,
                     "screen_name": "jdoe",
                     "subject_id": -10
                 }