From 86799d5fe98ee81ef080e3a9cd6e9bd9f8061ef9 Mon Sep 17 00:00:00 2001
From: Igor Vinokur <ivinokur@redhat.com>
Date: Tue, 30 Aug 2022 14:53:15 +0300
Subject: [PATCH] fix: Fix url resolving in the bitbucket api client (#346)

Fix a bug where url is not resolved correctly if a server url has path segments. URI.create(https://server-url/path-segment).resolve(/second-path) returns https://server-url/second-path, so the path-segment is ignored. See for more details.

Add a trailing / to the server url and make the rest api segments reletive to fix the problem.
---
 .../server/HttpBitbucketServerApiClient.java     | 16 ++++++++--------
 .../BitbucketServerApiClientProviderTest.java    |  8 ++++----
 2 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/wsmaster/che-core-api-factory-bitbucket-server/src/main/java/org/eclipse/che/api/factory/server/bitbucket/server/HttpBitbucketServerApiClient.java b/wsmaster/che-core-api-factory-bitbucket-server/src/main/java/org/eclipse/che/api/factory/server/bitbucket/server/HttpBitbucketServerApiClient.java
index 4790f3d781d..26466bcc3a8 100644
--- a/wsmaster/che-core-api-factory-bitbucket-server/src/main/java/org/eclipse/che/api/factory/server/bitbucket/server/HttpBitbucketServerApiClient.java
+++ b/wsmaster/che-core-api-factory-bitbucket-server/src/main/java/org/eclipse/che/api/factory/server/bitbucket/server/HttpBitbucketServerApiClient.java
@@ -70,7 +70,7 @@ public class HttpBitbucketServerApiClient implements BitbucketServerApiClient {
   private final HttpClient httpClient;
 
   public HttpBitbucketServerApiClient(String serverUrl, OAuthAuthenticator authenticator) {
-    this.serverUri = URI.create(serverUrl);
+    this.serverUri = URI.create(serverUrl.endsWith("/") ? serverUrl : serverUrl + "/");
     this.authenticator = authenticator;
     this.httpClient =
         HttpClient.newBuilder()
@@ -131,7 +131,7 @@ public BitbucketUser getUser(Subject cheUser)
   @Override
   public BitbucketUser getUser(String slug, @Nullable String token)
       throws ScmItemNotFoundException, ScmUnauthorizedException, ScmCommunicationException {
-    URI uri = serverUri.resolve("/rest/api/1.0/users/" + slug);
+    URI uri = serverUri.resolve("./rest/api/1.0/users/" + slug);
     HttpRequest request =
         HttpRequest.newBuilder(uri)
             .headers(
@@ -163,7 +163,7 @@ public BitbucketUser getUser(String slug, @Nullable String token)
   public List<BitbucketUser> getUsers()
       throws ScmBadRequestException, ScmUnauthorizedException, ScmCommunicationException {
     try {
-      return doGetItems(BitbucketUser.class, "/rest/api/1.0/users", null);
+      return doGetItems(BitbucketUser.class, "./rest/api/1.0/users", null);
     } catch (ScmItemNotFoundException e) {
       throw new ScmCommunicationException(e.getMessage(), e);
     }
@@ -173,7 +173,7 @@ public List<BitbucketUser> getUsers()
   public List<BitbucketUser> getUsers(String filter)
       throws ScmBadRequestException, ScmUnauthorizedException, ScmCommunicationException {
     try {
-      return doGetItems(BitbucketUser.class, "/rest/api/1.0/users", filter);
+      return doGetItems(BitbucketUser.class, "./rest/api/1.0/users", filter);
     } catch (ScmItemNotFoundException e) {
       throw new ScmCommunicationException(e.getMessage(), e);
     }
@@ -182,7 +182,7 @@ public List<BitbucketUser> getUsers(String filter)
   @Override
   public void deletePersonalAccessTokens(String userSlug, Long tokenId)
       throws ScmItemNotFoundException, ScmUnauthorizedException, ScmCommunicationException {
-    URI uri = serverUri.resolve("/rest/access-tokens/1.0/users/" + userSlug + "/" + tokenId);
+    URI uri = serverUri.resolve("./rest/access-tokens/1.0/users/" + userSlug + "/" + tokenId);
     HttpRequest request =
         HttpRequest.newBuilder(uri)
             .DELETE()
@@ -217,7 +217,7 @@ public void deletePersonalAccessTokens(String userSlug, Long tokenId)
   public BitbucketPersonalAccessToken createPersonalAccessTokens(
       String userSlug, String tokenName, Set<String> permissions)
       throws ScmBadRequestException, ScmUnauthorizedException, ScmCommunicationException {
-    URI uri = serverUri.resolve("/rest/access-tokens/1.0/users/" + userSlug);
+    URI uri = serverUri.resolve("./rest/access-tokens/1.0/users/" + userSlug);
 
     try {
       HttpRequest request =
@@ -256,7 +256,7 @@ public List<BitbucketPersonalAccessToken> getPersonalAccessTokens(String userSlu
       throws ScmItemNotFoundException, ScmUnauthorizedException, ScmCommunicationException {
     try {
       return doGetItems(
-          BitbucketPersonalAccessToken.class, "/rest/access-tokens/1.0/users/" + userSlug, null);
+          BitbucketPersonalAccessToken.class, "./rest/access-tokens/1.0/users/" + userSlug, null);
     } catch (ScmBadRequestException e) {
       throw new ScmCommunicationException(e.getMessage(), e);
     }
@@ -265,7 +265,7 @@ public List<BitbucketPersonalAccessToken> getPersonalAccessTokens(String userSlu
   @Override
   public BitbucketPersonalAccessToken getPersonalAccessToken(String userSlug, Long tokenId)
       throws ScmItemNotFoundException, ScmUnauthorizedException, ScmCommunicationException {
-    URI uri = serverUri.resolve("/rest/access-tokens/1.0/users/" + userSlug + "/" + tokenId);
+    URI uri = serverUri.resolve("./rest/access-tokens/1.0/users/" + userSlug + "/" + tokenId);
     HttpRequest request =
         HttpRequest.newBuilder(uri)
             .headers(
diff --git a/wsmaster/che-core-api-factory-bitbucket-server/src/test/java/org/eclipse/che/security/oauth1/BitbucketServerApiClientProviderTest.java b/wsmaster/che-core-api-factory-bitbucket-server/src/test/java/org/eclipse/che/security/oauth1/BitbucketServerApiClientProviderTest.java
index 38f66d2c1a6..6a3731c2bd4 100644
--- a/wsmaster/che-core-api-factory-bitbucket-server/src/test/java/org/eclipse/che/security/oauth1/BitbucketServerApiClientProviderTest.java
+++ b/wsmaster/che-core-api-factory-bitbucket-server/src/test/java/org/eclipse/che/security/oauth1/BitbucketServerApiClientProviderTest.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012-2021 Red Hat, Inc.
+ * Copyright (c) 2012-2022 Red Hat, Inc.
  * This program and the accompanying materials are made
  * available under the terms of the Eclipse Public License 2.0
  * which is available at https://www.eclipse.org/legal/epl-2.0/
@@ -57,15 +57,15 @@ public void shouldNormalizeURLsBeforeCreateBitbucketServerApi() {
     // given
     BitbucketServerApiProvider bitbucketServerApiProvider =
         new BitbucketServerApiProvider(
-            "https://bitbucket.server.com/, https://bitbucket2.server.com/",
-            "https://bitbucket.server.com/",
+            "https://bitbucket.server.com, https://bitbucket2.server.com",
+            "https://bitbucket.server.com",
             ImmutableSet.of(oAuthAuthenticator));
     // when
     BitbucketServerApiClient actual = bitbucketServerApiProvider.get();
     // then
     assertNotNull(actual);
     // internal representation always w/out slashes
-    assertTrue(actual.isConnected("https://bitbucket.server.com"));
+    assertTrue(actual.isConnected("https://bitbucket.server.com/"));
   }
 
   @Test(dataProvider = "noopConfig")