From 53d3033b5cade0e5e53f3f85524329ea474d414b Mon Sep 17 00:00:00 2001
From: Winston Li <winston.li12@imperial.ac.uk>
Date: Mon, 4 Jan 2016 04:14:50 +0000
Subject: [PATCH] Implement auth skipping on non-protected projects

---
 .../ac/ic/wlgitbridge/server/FileServlet.java |  1 +
 .../ic/wlgitbridge/server/Oauth2Filter.java   | 15 +++++++++++++
 .../ic/wlgitbridge/snapshot/base/Request.java |  3 ++-
 .../snapshot/base/SnapshotAPIRequest.java     | 14 ++++++------
 .../snapshot/getdoc/GetDocRequest.java        |  4 ++++
 .../snapshot/getdoc/GetDocResult.java         |  4 +++-
 .../WLGitBridgeIntegrationTest.java           | 22 -------------------
 7 files changed, 32 insertions(+), 31 deletions(-)

diff --git a/services/git-bridge/src/main/java/uk/ac/ic/wlgitbridge/server/FileServlet.java b/services/git-bridge/src/main/java/uk/ac/ic/wlgitbridge/server/FileServlet.java
index 48a2f21c8b..3bd4bdff38 100644
--- a/services/git-bridge/src/main/java/uk/ac/ic/wlgitbridge/server/FileServlet.java
+++ b/services/git-bridge/src/main/java/uk/ac/ic/wlgitbridge/server/FileServlet.java
@@ -40,6 +40,7 @@ public class FileServlet extends ResourceHandler {
             try {
                 writeLatexDataSource.checkPostbackKey(pathSections[1], key);
             } catch (InvalidPostbackKeyException e) {
+                e.printStackTrace();
                 throw new ServletException();
             }
             super.handle(target, baseRequest, request, response);
diff --git a/services/git-bridge/src/main/java/uk/ac/ic/wlgitbridge/server/Oauth2Filter.java b/services/git-bridge/src/main/java/uk/ac/ic/wlgitbridge/server/Oauth2Filter.java
index bc157c774f..d83ed1ed87 100644
--- a/services/git-bridge/src/main/java/uk/ac/ic/wlgitbridge/server/Oauth2Filter.java
+++ b/services/git-bridge/src/main/java/uk/ac/ic/wlgitbridge/server/Oauth2Filter.java
@@ -10,7 +10,10 @@ import org.eclipse.jetty.server.Request;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import uk.ac.ic.wlgitbridge.application.config.Oauth2;
+import uk.ac.ic.wlgitbridge.snapshot.base.ForbiddenException;
+import uk.ac.ic.wlgitbridge.snapshot.getdoc.GetDocRequest;
 import uk.ac.ic.wlgitbridge.util.Instance;
+import uk.ac.ic.wlgitbridge.util.Util;
 
 import javax.servlet.*;
 import javax.servlet.http.HttpServletRequest;
@@ -40,7 +43,19 @@ public class Oauth2Filter implements Filter {
     @Override
     public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)
             throws IOException, ServletException {
+        String project = Util.removeAllSuffixes(((Request) servletRequest).getRequestURI().split("/")[1], ".git");
+        GetDocRequest doc = new GetDocRequest(project);
+        doc.request();
+        try {
+            doc.getResult();
+        } catch (ForbiddenException e) {
+            getAndInjectCredentials(servletRequest, servletResponse, filterChain);
+            return;
+        }
+        filterChain.doFilter(servletRequest, servletResponse);
+    }
 
+    private void getAndInjectCredentials(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
         HttpServletRequest request = (HttpServletRequest) servletRequest;
         HttpServletResponse response = (HttpServletResponse) servletResponse;
 
diff --git a/services/git-bridge/src/main/java/uk/ac/ic/wlgitbridge/snapshot/base/Request.java b/services/git-bridge/src/main/java/uk/ac/ic/wlgitbridge/snapshot/base/Request.java
index b42228c766..9f67eb8186 100644
--- a/services/git-bridge/src/main/java/uk/ac/ic/wlgitbridge/snapshot/base/Request.java
+++ b/services/git-bridge/src/main/java/uk/ac/ic/wlgitbridge/snapshot/base/Request.java
@@ -54,7 +54,8 @@ public abstract class Request<T extends Result> {
             throw new FailedConnectionException();
         } catch (ExecutionException e) {
             Throwable cause = e.getCause();
-            if (cause instanceof HttpResponseException && ((HttpResponseException) cause).getStatusCode() == HttpServletResponse.SC_FORBIDDEN) {
+            int statusCode = ((HttpResponseException) cause).getStatusCode();
+            if (cause instanceof HttpResponseException && (statusCode == HttpServletResponse.SC_UNAUTHORIZED || statusCode == HttpServletResponse.SC_FORBIDDEN)) {
                 throw new ForbiddenException();
             } else {
                 throw new FailedConnectionException();
diff --git a/services/git-bridge/src/main/java/uk/ac/ic/wlgitbridge/snapshot/base/SnapshotAPIRequest.java b/services/git-bridge/src/main/java/uk/ac/ic/wlgitbridge/snapshot/base/SnapshotAPIRequest.java
index f300aff5f3..120f44e9f5 100644
--- a/services/git-bridge/src/main/java/uk/ac/ic/wlgitbridge/snapshot/base/SnapshotAPIRequest.java
+++ b/services/git-bridge/src/main/java/uk/ac/ic/wlgitbridge/snapshot/base/SnapshotAPIRequest.java
@@ -27,17 +27,17 @@ public abstract class SnapshotAPIRequest<T extends Result> extends Request<T> {
 
     @Override
     protected void onBeforeRequest(HttpRequest request) throws IOException {
-        request.setInterceptor(new HttpExecuteInterceptor() {
+        if (oauth2 != null) {
+            request.setInterceptor(new HttpExecuteInterceptor() {
 
-            @Override
-            public void intercept(HttpRequest request) throws IOException {
-                new BasicAuthentication(USERNAME, PASSWORD).intercept(request);
-                if (oauth2 != null) {
+                @Override
+                public void intercept(HttpRequest request) throws IOException {
+                    new BasicAuthentication(USERNAME, PASSWORD).intercept(request);
                     oauth2.intercept(request);
                 }
-            }
 
-        });
+            });
+        }
     }
 
     public static void setBasicAuth(String username, String password) {
diff --git a/services/git-bridge/src/main/java/uk/ac/ic/wlgitbridge/snapshot/getdoc/GetDocRequest.java b/services/git-bridge/src/main/java/uk/ac/ic/wlgitbridge/snapshot/getdoc/GetDocRequest.java
index 75b97f3c71..defa236c6c 100644
--- a/services/git-bridge/src/main/java/uk/ac/ic/wlgitbridge/snapshot/getdoc/GetDocRequest.java
+++ b/services/git-bridge/src/main/java/uk/ac/ic/wlgitbridge/snapshot/getdoc/GetDocRequest.java
@@ -17,6 +17,10 @@ public class GetDocRequest extends SnapshotAPIRequest<GetDocResult> {
         super(projectName, API_CALL, oauth2);
     }
 
+    public GetDocRequest(String projectName) {
+        this(null, projectName);
+    }
+
     @Override
     protected HTTPMethod httpMethod() {
         return HTTPMethod.GET;
diff --git a/services/git-bridge/src/main/java/uk/ac/ic/wlgitbridge/snapshot/getdoc/GetDocResult.java b/services/git-bridge/src/main/java/uk/ac/ic/wlgitbridge/snapshot/getdoc/GetDocResult.java
index 7ce5e7b14e..012e0af807 100644
--- a/services/git-bridge/src/main/java/uk/ac/ic/wlgitbridge/snapshot/getdoc/GetDocResult.java
+++ b/services/git-bridge/src/main/java/uk/ac/ic/wlgitbridge/snapshot/getdoc/GetDocResult.java
@@ -2,6 +2,7 @@ package uk.ac.ic.wlgitbridge.snapshot.getdoc;
 
 import com.google.gson.JsonElement;
 import com.google.gson.JsonObject;
+import uk.ac.ic.wlgitbridge.snapshot.base.ForbiddenException;
 import uk.ac.ic.wlgitbridge.snapshot.base.Result;
 import uk.ac.ic.wlgitbridge.snapshot.exception.FailedConnectionException;
 import uk.ac.ic.wlgitbridge.snapshot.getdoc.exception.InvalidProjectException;
@@ -21,6 +22,7 @@ public class GetDocResult extends Result {
     private WLUser user;
 
     private SnapshotPostException exception;
+    private ForbiddenException forbidden;
 
     public GetDocResult(Request request, JsonElement json) throws FailedConnectionException {
         super(request, json);
@@ -66,7 +68,7 @@ public class GetDocResult extends Result {
         if (jsonObject.has("status")) {
             switch (jsonObject.get("status").getAsInt()) {
             case 403:
-                exception = new ProtectedProjectException();
+                forbidden = new ForbiddenException();
                 break;
             case 404:
                 exception = new InvalidProjectException();
diff --git a/services/git-bridge/src/test/java/uk/ac/ic/wlgitbridge/WLGitBridgeIntegrationTest.java b/services/git-bridge/src/test/java/uk/ac/ic/wlgitbridge/WLGitBridgeIntegrationTest.java
index 73097658ff..33e17d9ac0 100644
--- a/services/git-bridge/src/test/java/uk/ac/ic/wlgitbridge/WLGitBridgeIntegrationTest.java
+++ b/services/git-bridge/src/test/java/uk/ac/ic/wlgitbridge/WLGitBridgeIntegrationTest.java
@@ -143,28 +143,6 @@ public class WLGitBridgeIntegrationTest {
         assertTrue(FileUtil.gitDirectoriesAreEqual(getResource("/canCloneMultipleRepositories/state/testproj2"), testproj2Dir.toPath()));
     }
 
-
-    private static final String EXPECTED_OUT_PROTECTED =
-            "Cloning into 'protected'...\n" +
-                    "fatal: remote error: Your project is protected, and can't be cloned (yet).\n";
-    @Test
-    public void cannotCloneAProtectedProject() throws IOException, GitAPIException, InterruptedException {
-        MockSnapshotServer server = new MockSnapshotServer(3861, getResource("/cannotCloneAProtectedProject").toFile());
-        server.start();
-        server.setState(states.get("cannotCloneAProtectedProject").get("state"));
-        GitBridgeApp wlgb = new GitBridgeApp(new String[] {
-                makeConfigFile(33861, 3861)
-        });
-        wlgb.run();
-        File dir = folder.newFolder();
-        Process git = runtime.exec("git clone http://127.0.0.1:33861/protected.git", null, dir);
-        String output = Util.fromStream(git.getErrorStream());
-        int exitCode = git.waitFor();
-        assertEquals(128, exitCode);
-        assertEquals(EXPECTED_OUT_PROTECTED, output);
-        wlgb.stop();
-    }
-
     @Test
     public void canPullAModifiedTexFile() throws IOException, GitAPIException, InterruptedException {
         MockSnapshotServer server = new MockSnapshotServer(3859, getResource("/canPullAModifiedTexFile").toFile());