Skip to content

Commit

Permalink
Remove download by downloadId functionality (#1820)
Browse files Browse the repository at this point in the history 
This functionallity seems to get via AMQP (after some authentication)
a private (wihtout need of authentication) url to an artifact assigned
to the controller.

By default, DDI or DMF shall provide proper urls (for direct download)
to devices and if they have to be without authentication this shall be
solved in different ways - for instance separate download server providing
dedicated private / signed urls.

This functinallity is not a real hawkBit part but more like something
intended to solve some edge cases.
Since it is complicated, heeds support, doesn't solve wide spread use
cases, and could be achieved with other means - better to be removed.

Signed-off-by: Marinov Avgustin <[email protected]>
  • Loading branch information
@avgustinmm
avgustinmm authored Aug 14, 2024
1 parent 12928a5 commit d958d8e
Show file tree
Hide file tree
Showing 26 changed files with 36 additions and 2,448 deletions.
42 changes: 0 additions & 42 deletions ...c/main/java/org/eclipse/hawkbit/autoconfigure/cache/DownloadIdCacheAutoConfiguration.java
View file

This file was deleted.

42 changes: 2 additions & 40 deletions ...rc/main/java/org/eclipse/hawkbit/autoconfigure/security/SecurityManagedConfiguration.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,6 @@
import jakarta.servlet.http.HttpServletRequest;

import lombok.extern.slf4j.Slf4j;
import org.eclipse.hawkbit.cache.DownloadIdCache;
import org.eclipse.hawkbit.ddi.rest.api.DdiRestConstants;
import org.eclipse.hawkbit.ddi.rest.resource.DdiApiConfiguration;
import org.eclipse.hawkbit.im.authentication.SpPermission;
Expand All @@ -34,7 +33,6 @@
import org.eclipse.hawkbit.security.HttpControllerPreAuthenticateSecurityTokenFilter;
import org.eclipse.hawkbit.security.HttpControllerPreAuthenticatedGatewaySecurityTokenFilter;
import org.eclipse.hawkbit.security.HttpControllerPreAuthenticatedSecurityHeaderFilter;
import org.eclipse.hawkbit.security.HttpDownloadAuthenticationFilter;
import org.eclipse.hawkbit.security.MDCHandler;
import org.eclipse.hawkbit.security.PreAuthTokenSourceTrustAuthenticationProvider;
import org.eclipse.hawkbit.security.SystemSecurityContext;
Expand Down Expand Up @@ -76,8 +74,7 @@
import org.springframework.web.cors.CorsConfigurationSource;

/**
* All configurations related to HawkBit's authentication and authorization
* layer.
* All configurations related to HawkBit's authentication and authorization layer.
*/
@Slf4j
@Configuration
Expand Down Expand Up @@ -359,40 +356,6 @@ private static FilterRegistrationBean<DosFilter> dosFilter(final Collection<Stri
return filterRegBean;
}

/**
* Security config to handle and filter the download ids.
*/
@Configuration
@EnableWebSecurity
@ConditionalOnClass(MgmtApiConfiguration.class)
public static class IdRestSecurityConfigurationAdapter {

@Bean
@Order(320)
protected SecurityFilterChain filterChainDLID(
final HttpSecurity http,
final DdiSecurityProperties ddiSecurityConfiguration, final DownloadIdCache downloadIdCache)
throws Exception {
final AuthenticationManager authenticationManager = setAuthenticationManager(http, ddiSecurityConfiguration);

final HttpDownloadAuthenticationFilter downloadIdAuthenticationFilter = new HttpDownloadAuthenticationFilter(
downloadIdCache);
downloadIdAuthenticationFilter.setAuthenticationManager(authenticationManager);

http
.securityMatcher(MgmtRestConstants.DOWNLOAD_ID_V1_REQUEST_MAPPING_BASE + "/downloadId/*/*")
.authorizeHttpRequests(armrRepository -> armrRepository.anyRequest().authenticated())
.csrf(AbstractHttpConfigurer::disable)
.anonymous(AbstractHttpConfigurer::disable)
.addFilterBefore(downloadIdAuthenticationFilter, AuthorizationFilter.class)
.sessionManagement(configurer -> configurer.sessionCreationPolicy(SessionCreationPolicy.STATELESS));

MDCHandler.Filter.addLoggingFilter(http);

return http.build();
}
}

/**
* Security configuration for the REST management API.
*/
Expand Down Expand Up @@ -420,8 +383,7 @@ public FilterRegistrationBean<DosFilter> dosFilterREST() {
securityProperties.getDos().getFilter(), securityProperties.getClients());
filterRegBean.setUrlPatterns(List.of(
MgmtRestConstants.BASE_REST_MAPPING + "/*",
MgmtRestConstants.BASE_SYSTEM_MAPPING + "/admin/*",
MgmtRestConstants.DOWNLOAD_ID_V1_REQUEST_MAPPING_BASE + "/*"));
MgmtRestConstants.BASE_SYSTEM_MAPPING + "/admin/*"));
filterRegBean.setOrder(DOS_FILTER_ORDER);
filterRegBean.setName("dosMgmtFilter");

Expand Down
1 change: 0 additions & 1 deletion ...esources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
org.eclipse.hawkbit.autoconfigure.cache.CacheAutoConfiguration
org.eclipse.hawkbit.autoconfigure.cache.DownloadIdCacheAutoConfiguration
org.eclipse.hawkbit.autoconfigure.ddi.DDiApiAutoConfiguration
org.eclipse.hawkbit.autoconfigure.dmf.amqp.DmfApiAutoConfiguration
org.eclipse.hawkbit.autoconfigure.mgmt.MgmtApiAutoConfiguration
Expand Down
57 changes: 0 additions & 57 deletions hawkbit-core/src/main/java/org/eclipse/hawkbit/cache/DefaultDownloadIdCache.java
View file

This file was deleted.

74 changes: 0 additions & 74 deletions hawkbit-core/src/main/java/org/eclipse/hawkbit/cache/DownloadArtifactCache.java
View file

This file was deleted.

58 changes: 0 additions & 58 deletions hawkbit-core/src/main/java/org/eclipse/hawkbit/cache/DownloadIdCache.java
View file

This file was deleted.

17 changes: 0 additions & 17 deletions hawkbit-core/src/main/java/org/eclipse/hawkbit/cache/DownloadType.java
View file

This file was deleted.

Loading

0 comments on commit d958d8e

Please sign in to comment.