From a575691d8688a012c0c61a315a72889fece473bf Mon Sep 17 00:00:00 2001 From: Markus Florian Date: Thu, 6 Feb 2025 13:39:30 +0100 Subject: [PATCH] enable OAuth 1.0/2.0 support in SOAP --- .../submit/filters/OAuth2RequestFilter.java | 45 +++++++++++-------- .../inspectors/auth/ProfileSelectionForm.java | 33 +++++++------- 2 files changed, 41 insertions(+), 37 deletions(-) diff --git a/soapui/src/main/java/com/eviware/soapui/impl/wsdl/submit/filters/OAuth2RequestFilter.java b/soapui/src/main/java/com/eviware/soapui/impl/wsdl/submit/filters/OAuth2RequestFilter.java index c52acae844..9bed4283c0 100644 --- a/soapui/src/main/java/com/eviware/soapui/impl/wsdl/submit/filters/OAuth2RequestFilter.java +++ b/soapui/src/main/java/com/eviware/soapui/impl/wsdl/submit/filters/OAuth2RequestFilter.java @@ -1,17 +1,17 @@ /* * SoapUI, Copyright (C) 2004-2022 SmartBear Software * - * Licensed under the EUPL, Version 1.1 or - as soon as they will be approved by the European Commission - subsequent - * versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * - * http://ec.europa.eu/idabc/eupl - * - * Unless required by applicable law or agreed to in writing, software distributed under the Licence is - * distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either - * express or implied. See the Licence for the specific language governing permissions and limitations - * under the Licence. + * Licensed under the EUPL, Version 1.1 or - as soon as they will be approved by the European Commission - subsequent + * versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * + * http://ec.europa.eu/idabc/eupl + * + * Unless required by applicable law or agreed to in writing, software distributed under the Licence is + * distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either + * express or implied. See the Licence for the specific language governing permissions and limitations + * under the Licence. */ package com.eviware.soapui.impl.wsdl.submit.filters; @@ -27,6 +27,7 @@ import com.eviware.soapui.impl.rest.actions.oauth.OAuth2ClientFacade; import com.eviware.soapui.impl.rest.actions.oauth.OltuOAuth2ClientFacade; import com.eviware.soapui.impl.support.AbstractHttpRequest; +import com.eviware.soapui.impl.wsdl.WsdlRequest; import com.eviware.soapui.impl.wsdl.submit.transports.http.BaseHttpRequestTransport; import com.eviware.soapui.model.iface.SubmitContext; import com.eviware.soapui.model.propertyexpansion.PropertyExpander; @@ -45,7 +46,7 @@ public class OAuth2RequestFilter extends AbstractRequestFilter { private static Logger log = LogManager.getLogger(OAuth2RequestFilter.class); - /* setLog() and getLog() should only be used for testing */ + /* setLog() and getLog() should only be used for testing */ static Logger getLog() { return log; @@ -55,15 +56,23 @@ static void setLog(Logger newLog) { log = newLog; } + @Override + public void filterWsdlRequest(SubmitContext context, WsdlRequest request) { + filter(context, request); + } + @Override public void filterRestRequest(SubmitContext context, RestRequestInterface request) { + filter(context, (AbstractHttpRequest)request); + } + + private void filter(SubmitContext context, AbstractHttpRequest request) { HttpRequestBase httpMethod = (HttpRequestBase) context.getProperty(BaseHttpRequestTransport.HTTP_METHOD); if (O_AUTH_2_0.toString().equals(request.getAuthType())) { - OAuth2ProfileContainer profileContainer = request.getResource().getService().getProject() - .getOAuth2ProfileContainer(); - OAuth2Profile profile = profileContainer.getProfileByName(((AbstractHttpRequest) request).getSelectedAuthProfile()); + OAuth2ProfileContainer profileContainer = request.getProject().getOAuth2ProfileContainer(); + OAuth2Profile profile = profileContainer.getProfileByName((request).getSelectedAuthProfile()); if (profile == null || StringUtils.isNullOrEmpty(profile.getAccessToken())) { return; } @@ -78,10 +87,8 @@ public void filterRestRequest(SubmitContext context, RestRequestInterface reques } oAuth2Client.applyAccessToken(profile, httpMethod, request.getRequestContent()); } else if (O_AUTH_1_0.toString().equals(request.getAuthType())) { - OAuth1ProfileContainer profileContainer = request.getResource().getService().getProject() - .getOAuth1ProfileContainer(); - OAuth1Profile profile = profileContainer.getProfileByName( - ((AbstractHttpRequest) request).getSelectedAuthProfile()); + OAuth1ProfileContainer profileContainer = request.getProject().getOAuth1ProfileContainer(); + OAuth1Profile profile = profileContainer.getProfileByName((request).getSelectedAuthProfile()); if (profile == null || StringUtils.isNullOrEmpty(profile.getAccessToken())) { return; diff --git a/soapui/src/main/java/com/eviware/soapui/support/editor/inspectors/auth/ProfileSelectionForm.java b/soapui/src/main/java/com/eviware/soapui/support/editor/inspectors/auth/ProfileSelectionForm.java index 0473d48f6d..d16448435e 100644 --- a/soapui/src/main/java/com/eviware/soapui/support/editor/inspectors/auth/ProfileSelectionForm.java +++ b/soapui/src/main/java/com/eviware/soapui/support/editor/inspectors/auth/ProfileSelectionForm.java @@ -25,7 +25,6 @@ import com.eviware.soapui.impl.rest.OAuth2Profile; import com.eviware.soapui.impl.rest.OAuth2ProfileContainer; import com.eviware.soapui.impl.rest.OAuth2ProfileListener; -import com.eviware.soapui.impl.rest.RestRequest; import com.eviware.soapui.impl.support.AbstractHttpRequest; import com.eviware.soapui.impl.support.actions.ShowOnlineHelpAction; import com.eviware.soapui.impl.wsdl.WsdlRequest; @@ -68,8 +67,7 @@ import static com.eviware.soapui.analytics.SoapUIActions.ASSIGN_O_AUTH10_FOR_TEST_REQUEST; import static com.eviware.soapui.analytics.SoapUIActions.ASSIGN_SPNEGO_KERBEROS_AUTH; import static com.eviware.soapui.analytics.SoapUIActions.ASSIGN_SPNEGO_KERBEROS_AUTH_FOR_TEST_REQUEST; -import static com.eviware.soapui.config.CredentialsConfig.AuthType.NTLM; -import static com.eviware.soapui.config.CredentialsConfig.AuthType.SPNEGO_KERBEROS; +import static com.eviware.soapui.config.CredentialsConfig.AuthType.*; public class ProfileSelectionForm extends AbstractXmlInspector { @@ -243,7 +241,7 @@ private void setAuthenticationTypeAndShowCard(String selectedOption) { changeAuthorizationType(BASIC_FORM_LABEL, selectedOption); trackBasicTypes(selectedOption); } - } else if (isRestRequest(request) && getOAuth2ProfileContainer().getOAuth2ProfileNameList().contains(selectedOption)) { + } else if (getOAuth2ProfileContainer().getOAuth2ProfileNameList().contains(selectedOption)) { setTitle(AuthInspectorFactory.INSPECTOR_ID + " (" + selectedOption + ")"); request.setSelectedAuthProfileAndAuthType(selectedOption, CredentialsConfig.AuthType.O_AUTH_2_0); oAuth2Form = new OAuth2Form(getOAuth2ProfileContainer().getProfileByName(selectedOption), this); @@ -257,7 +255,7 @@ private void setAuthenticationTypeAndShowCard(String selectedOption) { Analytics.trackAction(SoapUIActions.ASSIGN_O_AUTH20, "OAuth2Flow", oAuth2Form.getProfile().getOAuth2Flow().name()); } - } else if (isRestRequest(request) && getOAuth1ProfileContainer().getOAuth1ProfileNameList().contains(selectedOption)) { + } else if (getOAuth1ProfileContainer().getOAuth1ProfileNameList().contains(selectedOption)) { setTitle(AuthInspectorFactory.INSPECTOR_ID + " (" + selectedOption + ")"); request.setSelectedAuthProfileAndAuthType(selectedOption, CredentialsConfig.AuthType.O_AUTH_1_0); oAuth1Form = new OAuth1Form(getOAuth1ProfileContainer().getProfileByName(selectedOption), this); @@ -308,7 +306,10 @@ private void performAddEditOperation(final String currentProfile, String selecte SwingUtilities.invokeLater(new Runnable() { @Override public void run() { - new AuthorizationSelectionDialog(request, getBasicAuthenticationTypes()); + ArrayList options= getBasicAuthenticationTypes(); + options.add(O_AUTH_2_0.toString()); + options.add(O_AUTH_1_0.toString()); + new AuthorizationSelectionDialog(request, options); refreshProfileSelectionComboBox(request.getSelectedAuthProfile()); } }); @@ -368,9 +369,9 @@ private void deleteCurrentProfile(String profileName) { return; } - if (isRestRequest(request) && getOAuth2ProfileContainer().getOAuth2ProfileNameList().contains(profileName)) { + if ( getOAuth2ProfileContainer().getOAuth2ProfileNameList().contains(profileName)) { getOAuth2ProfileContainer().removeProfile(profileName); - } else if (isRestRequest(request) && getOAuth1ProfileContainer().getOAuth1ProfileNameList().contains(profileName)) { + } else if (getOAuth1ProfileContainer().getOAuth1ProfileNameList().contains(profileName)) { getOAuth1ProfileContainer().removeProfile(profileName); } else if (getBasicAuthenticationTypes().contains(profileName)) { request.removeBasicAuthenticationProfile(profileName); @@ -423,12 +424,12 @@ private String[] createOptionsForAuthorizationCombo(String selectedAuthProfile) ArrayList oAuth2Profiles = null; ArrayList oAuth1Profiles = null; - if (isRestRequest(request)) { - oAuth2Profiles = getOAuth2ProfileContainer().getOAuth2ProfileNameList(); - oAuth1Profiles = getOAuth1ProfileContainer().getOAuth1ProfileNameList(); - options.addAll(oAuth2Profiles); - options.addAll(oAuth1Profiles); - } + + oAuth2Profiles = getOAuth2ProfileContainer().getOAuth2ProfileNameList(); + oAuth1Profiles = getOAuth1ProfileContainer().getOAuth1ProfileNameList(); + options.addAll(oAuth2Profiles); + options.addAll(oAuth1Profiles); + if (isSoapRequest(request)) { if (basicAuthenticationProfiles.size() >= getBasicAuthenticationTypes().size()) { addEditOptions.remove(AddEditOptions.ADD.getDescription()); @@ -450,10 +451,6 @@ private String[] createOptionsForAuthorizationCombo(String selectedAuthProfile) return options.toArray(new String[options.size()]); } - private boolean isRestRequest(T request) { - return request instanceof RestRequest; - } - private ArrayList getAddEditOptions() { ArrayList addEditOptions = new ArrayList(); addEditOptions.add(AddEditOptions.ADD.getDescription());