Revert "fix(oauth): remove circular dependency on ExternalAuthTokenFi…

…lter bean in OAuth2SsoConfig when oauth2 is enabled (spinnaker#1492)" This reverts commit 1407c05.
OpsMx · Apr 5, 2022 · 937a6f3 · 937a6f3
1 parent 1407c05
commit 937a6f3
Show file tree

Hide file tree

Showing 4 changed files with 9 additions and 66 deletions.
diff --git a/...src/main/groovy/com/netflix/spinnaker/gate/security/oauth2/ExternalAuthTokenFilter.groovy b/...src/main/groovy/com/netflix/spinnaker/gate/security/oauth2/ExternalAuthTokenFilter.groovy
@@ -23,7 +23,6 @@ import org.springframework.security.core.Authentication
 import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken
 import org.springframework.security.oauth2.common.OAuth2AccessToken
 import org.springframework.security.oauth2.provider.authentication.BearerTokenExtractor
-import org.springframework.stereotype.Component
 
 import javax.servlet.Filter
 import javax.servlet.FilterChain
@@ -38,12 +37,9 @@ import javax.servlet.http.HttpServletRequest
  * Github-issued personal access token.
  */
 @Slf4j
-@Component
 class ExternalAuthTokenFilter implements Filter {
 
-  // UserInfoRestTemplateFactory can't be Autowired if no oauth2 configurations are set.
-  // In this case, userInfoRestTemplateFactory will be null
-  @Autowired(required = false)
+  @Autowired
   UserInfoRestTemplateFactory userInfoRestTemplateFactory
 
   BearerTokenExtractor extractor = new BearerTokenExtractor()
@@ -57,10 +53,9 @@ class ExternalAuthTokenFilter implements Filter {
       // Reassign token type to be capitalized "Bearer",
       // see https://github.com/spinnaker/spinnaker/issues/2074
       token.tokenType = OAuth2AccessToken.BEARER_TYPE
-      if (userInfoRestTemplateFactory != null) {
-        def ctx = userInfoRestTemplateFactory.getUserInfoRestTemplate().getOAuth2ClientContext()
-        ctx.accessToken = token
-      }
+
+      def ctx = userInfoRestTemplateFactory.getUserInfoRestTemplate().getOAuth2ClientContext()
+      ctx.accessToken = token
     }
     chain.doFilter(request, response)
   }

diff --git a/...-oauth2/src/main/groovy/com/netflix/spinnaker/gate/security/oauth2/OAuth2SsoConfig.groovy b/...-oauth2/src/main/groovy/com/netflix/spinnaker/gate/security/oauth2/OAuth2SsoConfig.groovy
@@ -78,6 +78,11 @@ class OAuth2SsoConfig extends WebSecurityConfigurerAdapter {
     new SpinnakerUserInfoTokenServices()
   }
 
+  @Bean
+  ExternalAuthTokenFilter externalAuthTokenFilter() {
+    new ExternalAuthTokenFilter()
+  }
+
   @Override
   void configure(HttpSecurity http) throws Exception {
     defaultCookieSerializer.setSameSite(null)

diff --git a/gate-web/gate-web.gradle b/gate-web/gate-web.gradle
@@ -72,7 +72,6 @@ dependencies {
 
   testImplementation project(":gate-ldap") // TODO: Move system tests to own module
   testImplementation project(":gate-basic")
-  testImplementation project(":gate-oauth2")
   testImplementation "com.squareup.okhttp:mockwebserver"
 
   testImplementation "com.squareup.retrofit:retrofit-mock"

diff --git a/gate-web/src/test/groovy/com/netflix/spinnaker/gate/security/oauth2/OAuth2Spec.groovy b/gate-web/src/test/groovy/com/netflix/spinnaker/gate/security/oauth2/OAuth2Spec.groovy