From b4a63aad7f56486c164a15ae2477bcd251b0bb1b Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Tue, 18 Mar 2014 21:10:48 -0400
Subject: [PATCH] Fix authentication security hole with external providers
---
src/main/java/com/gitblit/DaggerModule.java | 99 ++++++++++---------------------------------------
1 files changed, 20 insertions(+), 79 deletions(-)
diff --git a/src/main/java/com/gitblit/DaggerModule.java b/src/main/java/com/gitblit/DaggerModule.java
index 1fad779..5ae8b25 100644
--- a/src/main/java/com/gitblit/DaggerModule.java
+++ b/src/main/java/com/gitblit/DaggerModule.java
@@ -17,44 +17,22 @@
import javax.inject.Singleton;
-import org.apache.wicket.protocol.http.WebApplication;
-
-import com.gitblit.git.GitServlet;
+import com.gitblit.manager.AuthenticationManager;
import com.gitblit.manager.FederationManager;
-import com.gitblit.manager.GitblitManager;
+import com.gitblit.manager.IAuthenticationManager;
import com.gitblit.manager.IFederationManager;
-import com.gitblit.manager.IGitblitManager;
+import com.gitblit.manager.IGitblit;
import com.gitblit.manager.INotificationManager;
import com.gitblit.manager.IProjectManager;
import com.gitblit.manager.IRepositoryManager;
import com.gitblit.manager.IRuntimeManager;
-import com.gitblit.manager.IServicesManager;
-import com.gitblit.manager.ISessionManager;
import com.gitblit.manager.IUserManager;
import com.gitblit.manager.NotificationManager;
import com.gitblit.manager.ProjectManager;
import com.gitblit.manager.RepositoryManager;
import com.gitblit.manager.RuntimeManager;
-import com.gitblit.manager.ServicesManager;
-import com.gitblit.manager.SessionManager;
import com.gitblit.manager.UserManager;
-import com.gitblit.servlet.BranchGraphServlet;
-import com.gitblit.servlet.DownloadZipFilter;
-import com.gitblit.servlet.DownloadZipServlet;
-import com.gitblit.servlet.EnforceAuthenticationFilter;
-import com.gitblit.servlet.FederationServlet;
-import com.gitblit.servlet.GitFilter;
-import com.gitblit.servlet.LogoServlet;
-import com.gitblit.servlet.PagesFilter;
-import com.gitblit.servlet.PagesServlet;
-import com.gitblit.servlet.RobotsTxtServlet;
-import com.gitblit.servlet.RpcFilter;
-import com.gitblit.servlet.RpcServlet;
-import com.gitblit.servlet.SparkleShareInviteServlet;
-import com.gitblit.servlet.SyndicationFilter;
-import com.gitblit.servlet.SyndicationServlet;
import com.gitblit.wicket.GitBlitWebApp;
-import com.gitblit.wicket.GitblitWicketFilter;
import dagger.Module;
import dagger.Provides;
@@ -74,34 +52,16 @@
IRuntimeManager.class,
INotificationManager.class,
IUserManager.class,
- ISessionManager.class,
+ IAuthenticationManager.class,
IRepositoryManager.class,
IProjectManager.class,
- IGitblitManager.class,
IFederationManager.class,
- IServicesManager.class,
// the monolithic manager
- Gitblit.class,
+ IGitblit.class,
- // filters & servlets
- GitServlet.class,
- GitFilter.class,
- PagesServlet.class,
- PagesFilter.class,
- RpcServlet.class,
- RpcFilter.class,
- DownloadZipServlet.class,
- DownloadZipFilter.class,
- SyndicationServlet.class,
- SyndicationFilter.class,
- FederationServlet.class,
- SparkleShareInviteServlet.class,
- BranchGraphServlet.class,
- RobotsTxtServlet.class,
- LogoServlet.class,
- EnforceAuthenticationFilter.class,
- GitblitWicketFilter.class
+ // the Gitblit Wicket app
+ GitBlitWebApp.class
}
)
public class DaggerModule {
@@ -122,11 +82,11 @@
return new UserManager(runtimeManager);
}
- @Provides @Singleton ISessionManager provideSessionManager(
+ @Provides @Singleton IAuthenticationManager provideAuthenticationManager(
IRuntimeManager runtimeManager,
IUserManager userManager) {
- return new SessionManager(
+ return new AuthenticationManager(
runtimeManager,
userManager);
}
@@ -154,70 +114,51 @@
@Provides @Singleton IFederationManager provideFederationManager(
IRuntimeManager runtimeManager,
INotificationManager notificationManager,
- IUserManager userManager,
IRepositoryManager repositoryManager) {
return new FederationManager(
runtimeManager,
notificationManager,
- userManager,
repositoryManager);
}
- @Provides @Singleton IGitblitManager provideGitblitManager(
- IRuntimeManager runtimeManager,
- IUserManager userManager,
- IRepositoryManager repositoryManager) {
-
- return new GitblitManager(
- runtimeManager,
- userManager,
- repositoryManager);
- }
-
- @Provides @Singleton Gitblit provideGitblit(
+ @Provides @Singleton IGitblit provideGitblit(
IRuntimeManager runtimeManager,
INotificationManager notificationManager,
IUserManager userManager,
- ISessionManager sessionManager,
+ IAuthenticationManager authenticationManager,
IRepositoryManager repositoryManager,
IProjectManager projectManager,
- IGitblitManager gitblitManager,
IFederationManager federationManager) {
- return new Gitblit(
+ return new GitBlit(
runtimeManager,
notificationManager,
userManager,
- sessionManager,
+ authenticationManager,
repositoryManager,
projectManager,
- gitblitManager,
federationManager);
}
- @Provides @Singleton IServicesManager provideServicesManager(Gitblit gitblit) {
- return new ServicesManager(gitblit);
- }
-
- @Provides @Singleton WebApplication provideWebApplication(
+ @Provides @Singleton GitBlitWebApp provideWebApplication(
IRuntimeManager runtimeManager,
INotificationManager notificationManager,
IUserManager userManager,
- ISessionManager sessionManager,
+ IAuthenticationManager authenticationManager,
IRepositoryManager repositoryManager,
IProjectManager projectManager,
- IGitblitManager gitblitManager,
- IFederationManager federationManager) {
+ IFederationManager federationManager,
+ IGitblit gitblit) {
return new GitBlitWebApp(
runtimeManager,
notificationManager,
userManager,
- sessionManager,
+ authenticationManager,
repositoryManager,
projectManager,
- gitblitManager,
- federationManager);
+ federationManager,
+ gitblit);
}
}
\ No newline at end of file
--
Gitblit v1.9.1