From e7e1e55ea262b120963a0eed782538da0a4081e1 Mon Sep 17 00:00:00 2001
From: Max Shaposhnik <mshaposh@redhat.com>
Date: Wed, 24 Nov 2021 20:34:14 +0200
Subject: [PATCH 1/3] Fixup for oauth2 usernames

Signed-off-by: Max Shaposhnik <mshaposh@redhat.com>
---
 .../server/scm/kubernetes/KubernetesGitCredentialManager.java | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/infrastructures/infrastructure-factory/src/main/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesGitCredentialManager.java b/infrastructures/infrastructure-factory/src/main/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesGitCredentialManager.java
index 3b763c4ea66..902923b4219 100644
--- a/infrastructures/infrastructure-factory/src/main/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesGitCredentialManager.java
+++ b/infrastructures/infrastructure-factory/src/main/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesGitCredentialManager.java
@@ -13,6 +13,7 @@
 
 import static java.lang.String.format;
 import static java.nio.charset.StandardCharsets.UTF_8;
+import static org.eclipse.che.api.factory.server.scm.PersonalAccessTokenFetcher.OAUTH_2_PREFIX;
 import static org.eclipse.che.workspace.infrastructure.kubernetes.provision.secret.KubernetesSecretAnnotationNames.ANNOTATION_AUTOMOUNT;
 import static org.eclipse.che.workspace.infrastructure.kubernetes.provision.secret.KubernetesSecretAnnotationNames.ANNOTATION_DEV_WORKSPACE_MOUNT_PATH;
 import static org.eclipse.che.workspace.infrastructure.kubernetes.provision.secret.KubernetesSecretAnnotationNames.ANNOTATION_GIT_CREDENTIALS;
@@ -150,7 +151,8 @@ public void createOrReplace(PersonalAccessToken personalAccessToken)
                       format(
                               "%s://%s:%s@%s%s",
                               scmUrl.getProtocol(),
-                              personalAccessToken.getScmUserName(),
+                              personalAccessToken.getScmTokenName().startsWith(OAUTH_2_PREFIX) ?
+                                  "oauth2" :  personalAccessToken.getScmUserName(),
                               URLEncoder.encode(personalAccessToken.getToken(), UTF_8),
                               scmUrl.getHost(),
                               scmUrl.getPort() != 80 && scmUrl.getPort() != -1

From 5bcc309d6eef09680f690b688fc206ebac0f5269 Mon Sep 17 00:00:00 2001
From: Max Shaposhnik <mshaposh@redhat.com>
Date: Wed, 1 Dec 2021 14:13:06 +0200
Subject: [PATCH 2/3] Added test

---
 .../KubernetesGitCredentialManagerTest.java   | 38 ++++++++++++++++++-
 1 file changed, 37 insertions(+), 1 deletion(-)

diff --git a/infrastructures/infrastructure-factory/src/test/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesGitCredentialManagerTest.java b/infrastructures/infrastructure-factory/src/test/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesGitCredentialManagerTest.java
index 571bdb47d3e..eb6d39a681d 100644
--- a/infrastructures/infrastructure-factory/src/test/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesGitCredentialManagerTest.java
+++ b/infrastructures/infrastructure-factory/src/test/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesGitCredentialManagerTest.java
@@ -79,7 +79,7 @@ protected void init() {
   }
 
   @Test
-  public void testCreateAndSaveNewGitCredential() throws Exception {
+  public void testCreateAndSaveNewPATGitCredential() throws Exception {
     KubernetesNamespaceMeta meta = new KubernetesNamespaceMetaImpl("test");
     when(namespaceFactory.list()).thenReturn(Collections.singletonList(meta));
 
@@ -114,6 +114,42 @@ public void testCreateAndSaveNewGitCredential() throws Exception {
     assertFalse(createdSecret.getMetadata().getName().contains(token.getScmUserName()));
   }
 
+  @Test
+  public void testCreateAndSaveNewOAuthGitCredential() throws Exception {
+    KubernetesNamespaceMeta meta = new KubernetesNamespaceMetaImpl("test");
+    when(namespaceFactory.list()).thenReturn(Collections.singletonList(meta));
+
+    when(clientFactory.create()).thenReturn(kubeClient);
+    when(kubeClient.secrets()).thenReturn(secretsMixedOperation);
+    when(secretsMixedOperation.inNamespace(eq(meta.getName()))).thenReturn(nonNamespaceOperation);
+    when(nonNamespaceOperation.withLabels(anyMap())).thenReturn(filterWatchDeletable);
+    when(filterWatchDeletable.list()).thenReturn(secretList);
+    when(secretList.getItems()).thenReturn(emptyList());
+    ArgumentCaptor<Secret> captor = ArgumentCaptor.forClass(Secret.class);
+
+    PersonalAccessToken token =
+        new PersonalAccessToken(
+            "https://bitbucket.com",
+            "cheUser",
+            "username",
+            "userId",
+            "oauth2-token-name",
+            "tid-23434",
+            "token123");
+
+    // when
+    kubernetesGitCredentialManager.createOrReplace(token);
+    // then
+    verify(nonNamespaceOperation).createOrReplace(captor.capture());
+    Secret createdSecret = captor.getValue();
+    assertNotNull(createdSecret);
+    assertEquals(
+        new String(Base64.getDecoder().decode(createdSecret.getData().get("credentials"))),
+        "https://oauth2:token123@bitbucket.com");
+    assertTrue(createdSecret.getMetadata().getName().startsWith(NAME_PATTERN));
+    assertFalse(createdSecret.getMetadata().getName().contains(token.getScmUserName()));
+  }
+
   @Test
   public void testUpdateTokenInExistingCredential() throws Exception {
     KubernetesNamespaceMeta namespaceMeta = new KubernetesNamespaceMetaImpl("test");

From 263ecd7644e956c51114e3e678c3a735307f4cec Mon Sep 17 00:00:00 2001
From: Max Shaposhnik <mshaposh@redhat.com>
Date: Wed, 1 Dec 2021 14:43:02 +0200
Subject: [PATCH 3/3] fix: fix fmt

Signed-off-by: Max Shaposhnik <mshaposh@redhat.com>
---
 .../scm/kubernetes/KubernetesGitCredentialManager.java       | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/infrastructures/infrastructure-factory/src/main/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesGitCredentialManager.java b/infrastructures/infrastructure-factory/src/main/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesGitCredentialManager.java
index 902923b4219..4ba2344041a 100644
--- a/infrastructures/infrastructure-factory/src/main/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesGitCredentialManager.java
+++ b/infrastructures/infrastructure-factory/src/main/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesGitCredentialManager.java
@@ -151,8 +151,9 @@ public void createOrReplace(PersonalAccessToken personalAccessToken)
                       format(
                               "%s://%s:%s@%s%s",
                               scmUrl.getProtocol(),
-                              personalAccessToken.getScmTokenName().startsWith(OAUTH_2_PREFIX) ?
-                                  "oauth2" :  personalAccessToken.getScmUserName(),
+                              personalAccessToken.getScmTokenName().startsWith(OAUTH_2_PREFIX)
+                                  ? "oauth2"
+                                  : personalAccessToken.getScmUserName(),
                               URLEncoder.encode(personalAccessToken.getToken(), UTF_8),
                               scmUrl.getHost(),
                               scmUrl.getPort() != 80 && scmUrl.getPort() != -1