MDC hanlder refactoring (#1911)

Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>

Author: avgustinmm

hawkbit-autoconfigure/src/main/java/org/eclipse/hawkbit/autoconfigure/security/SecurityAutoConfiguration.java

@@ -21,7 +21,7 @@
 import org.eclipse.hawkbit.security.DdiSecurityProperties;
 import org.eclipse.hawkbit.security.InMemoryUserAuthoritiesResolver;
 import org.eclipse.hawkbit.security.HawkbitSecurityProperties;
-import org.eclipse.hawkbit.security.MDCHandler;
+import org.eclipse.hawkbit.security.MdcHandler;
 import org.eclipse.hawkbit.security.SecurityContextSerializer;
 import org.eclipse.hawkbit.security.SecurityContextTenantAware;
 import org.eclipse.hawkbit.security.SecurityTokenGenerator;
@@ -124,8 +124,8 @@ public SystemSecurityContext systemSecurityContext(
 
     @Bean
     @ConditionalOnMissingBean
-    public MDCHandler mdcHandler() {
-        return MDCHandler.getInstance();
+    public MdcHandler mdcHandler() {
+        return MdcHandler.getInstance();
     }
 
     @Bean

hawkbit-autoconfigure/src/main/java/org/eclipse/hawkbit/autoconfigure/security/SecurityManagedConfiguration.java

@@ -33,7 +33,7 @@
 import org.eclipse.hawkbit.security.HttpControllerPreAuthenticateSecurityTokenFilter;
 import org.eclipse.hawkbit.security.HttpControllerPreAuthenticatedGatewaySecurityTokenFilter;
 import org.eclipse.hawkbit.security.HttpControllerPreAuthenticatedSecurityHeaderFilter;
-import org.eclipse.hawkbit.security.MDCHandler;
+import org.eclipse.hawkbit.security.MdcHandler;
 import org.eclipse.hawkbit.security.PreAuthTokenSourceTrustAuthenticationProvider;
 import org.eclipse.hawkbit.security.SystemSecurityContext;
 import org.eclipse.hawkbit.tenancy.TenantAware;
@@ -62,7 +62,6 @@
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.web.SecurityFilterChain;
-import org.springframework.security.web.access.intercept.AuthorizationFilter;
 import org.springframework.security.web.authentication.AnonymousAuthenticationFilter;
 import org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint;
 import org.springframework.security.web.firewall.FirewalledRequest;
@@ -203,7 +202,7 @@ protected SecurityFilterChain filterChainDDI(final HttpSecurity http) throws Exc
                         .sessionManagement(configurer -> configurer.sessionCreationPolicy(SessionCreationPolicy.STATELESS));
             }
 
-            MDCHandler.Filter.addLoggingFilter(http);
+            MdcHandler.Filter.addMdcFilter(http);
 
             return http.build();
         }
@@ -320,7 +319,7 @@ protected SecurityFilterChain filterChainDDIDL(final HttpSecurity http) throws E
                         .sessionManagement(configurer -> configurer.sessionCreationPolicy(SessionCreationPolicy.STATELESS));
             }
 
-            MDCHandler.Filter.addLoggingFilter(http);
+            MdcHandler.Filter.addMdcFilter(http);
 
             return http.build();
         }
@@ -453,7 +452,7 @@ SecurityFilterChain filterChainREST(
                 httpSecurityCustomizer.customize(http);
             }
 
-            MDCHandler.Filter.addLoggingFilter(http);
+            MdcHandler.Filter.addMdcFilter(http);
 
             return http.build();
         }

…eclipse/hawkbit/security/MDCHandler.java …eclipse/hawkbit/security/MdcHandler.javahawkbit-security-core/src/main/java/org/eclipse/hawkbit/security/MDCHandler.java renamed to hawkbit-security-core/src/main/java/org/eclipse/hawkbit/security/MdcHandler.java hawkbit-security-core/src/main/java/org/eclipse/hawkbit/security/MDCHandler.java renamed to hawkbit-security-core/src/main/java/org/eclipse/hawkbit/security/MdcHandler.java

@@ -30,36 +30,34 @@
 import java.util.concurrent.Callable;
 
 @NoArgsConstructor(access = AccessLevel.PRIVATE)
-public class MDCHandler {
+public class MdcHandler {
 
     public static String MDC_KEY_TENANT = "tenant";
     public static String MDC_KEY_USER = "user";
 
-    private static final MDCHandler SINGLETON = new MDCHandler();
+    private static final MdcHandler SINGLETON = new MdcHandler();
 
     @Value("${hawkbit.logging.mdchandler.enabled:true}")
     private boolean mdcEnabled;
     @Autowired(required = false)
     private SpringSecurityAuditorAware springSecurityAuditorAware = new SpringSecurityAuditorAware();
-    @Autowired(required = false)
-    private SystemSecurityContext securityContext;
 
     /**
      * @return The holder singleton instance.
      */
-    public static MDCHandler getInstance() {
+    public static MdcHandler getInstance() {
         return SINGLETON;
     }
 
     /**
-     * Executes callable and returns the result. If MDC is enabled, it sets the tenant and / or user in the MDC context.
+     * Executes callable and returns the result. If MDC is enabled, it sets the tenant and / or user from the authentication in the MDC context.
      *
      * @param <T> the return type
      * @param callable the callable to execute
      * @return the result
      * @throws Exception if thrown by the callable
      */
-    public <T> T withLogging(final Callable<T> callable) throws Exception  {
+    public <T> T callWithAuth(final Callable<T> callable) throws Exception {
         if (!mdcEnabled) {
             return callable.call();
         }
@@ -76,43 +74,84 @@ public <T> T withLogging(final Callable<T> callable) throws Exception  {
             tenant = null;
         }
 
-        final String currentTenant = MDC.get(MDC_KEY_TENANT);
-        if (Objects.equals(currentTenant, tenant)) {
-            return putUserAndCall(callable);
-        } else {
-            put(MDC_KEY_TENANT, tenant);
-            try {
-                return putUserAndCall(callable);
-            } finally {
-                put(MDC_KEY_TENANT, currentTenant);
-            }
+        final String user = springSecurityAuditorAware
+                .getCurrentAuditor()
+                .filter(username -> !username.equals("system")) // null and system are the same - system user
+                .orElse(null);
+
+        return callWithTenantAndUser0(callable, tenant, user);
+    }
+
+    /**
+     * Executes callable and returns the result. If MDC is enabled, it sets the tenant and / or user from the authentication in the MDC context.
+     * Calls the {@link #callWithAuth(Callable)} method and wraps any catchable exception into a {@link RuntimeException}.
+     *
+     * @param <T> the return type
+     * @param callable the callable to execute
+     * @return the result
+     */
+    public <T> T callWithAuthRE(final Callable<T> callable) {
+        try {
+            return callWithAuth(callable);
+        } catch (final RuntimeException re) {
+            throw re;
+        } catch (final Exception e) {
+            throw new RuntimeException(e);
         }
     }
 
     /**
-     * With logging throwing Runtime Exception (withLoggingRE). Calls the {@link #withLogging(Callable)} method and
-     * wraps any catchable exception into a {@link RuntimeException}.
+     * Executes callable and returns the result. If MDC is enabled, it sets the tenant and / or user in the MDC context.
+     *
+     * @param <T> the return type
+     * @param callable the callable to execute
+     * @param tenant the tenant to set in the MDC context
+     * @param user the user to set in the MDC context
+     * @return the result
+     */
+    public <T> T callWithTenantAndUser(final Callable<T> callable, final String tenant, final String user) throws Exception {
+        if (!mdcEnabled) {
+            return callable.call();
+        }
+
+        return callWithTenantAndUser0(callable, tenant, user);
+    }
+
+    /**
+     * Executes callable and returns the result. If MDC is enabled, it sets the tenant and / or user from the authentication in the MDC context.
+     * Calls the {@link #callWithTenantAndUser(Callable, String, String)} method and wraps any catchable exception into a {@link RuntimeException}.
      *
      * @param <T> the return type
      * @param callable the callable to execute
+     * @param tenant the tenant to set in the MDC context
+     * @param user the user to set in the MDC context
      * @return the result
      */
-    public <T> T withLoggingRE(final Callable<T> callable)  {
+    public <T> T callWithTenantAndUserRE(final Callable<T> callable, final String tenant, final String user) {
         try {
-            return withLogging(callable);
+            return callWithTenantAndUser(callable, tenant, user);
         } catch (final RuntimeException re) {
             throw re;
         } catch (final Exception e) {
             throw new RuntimeException(e);
         }
     }
 
-    private <T> T putUserAndCall(final Callable<T> callable) throws Exception {
-        final String user = springSecurityAuditorAware
-                .getCurrentAuditor()
-                .filter(username -> !username.equals("system")) // null and system are the same - system user
-                .orElse(null);
+    private static <T> T callWithTenantAndUser0(final Callable<T> callable, final String tenant, final String user) throws Exception {
+        final String currentTenant = MDC.get(MDC_KEY_TENANT);
+        if (Objects.equals(currentTenant, tenant)) {
+            return callWithUser(callable, user);
+        } else {
+            put(MDC_KEY_TENANT, tenant);
+            try {
+                return callWithUser(callable, user);
+            } finally {
+                put(MDC_KEY_TENANT, currentTenant);
+            }
+        }
+    }
 
+    private static <T> T callWithUser(final Callable<T> callable, final String user) throws Exception {
         final String currentUser = MDC.get(MDC_KEY_USER);
         if (Objects.equals(currentUser, user)) {
             return callable.call();
@@ -137,17 +176,17 @@ private static void put(final String key, final String value) {
     @NoArgsConstructor(access = AccessLevel.PRIVATE)
     public static class Filter {
 
-        public static void addLoggingFilter(final HttpSecurity httpSecurity) {
+        public static void addMdcFilter(final HttpSecurity httpSecurity) {
             httpSecurity.addFilterBefore(new OncePerRequestFilter() {
 
-                private final MDCHandler mdcFilter = MDCHandler.getInstance();
+                private final MdcHandler mdcFilter = MdcHandler.getInstance();
 
                 @Override
                 protected void doFilterInternal(
                         final HttpServletRequest request, final HttpServletResponse response, final FilterChain filterChain)
                         throws ServletException, IOException {
                     try {
-                        mdcFilter.withLogging(() -> {
+                        mdcFilter.callWithAuth(() -> {
                             filterChain.doFilter(request, response);
                             return null;
                         });

hawkbit-security-core/src/main/java/org/eclipse/hawkbit/security/SecurityContextTenantAware.java

@@ -142,7 +142,7 @@ private static <T> T runInContext(final SecurityContext securityContext, final S
         } else {
             SecurityContextHolder.setContext(securityContext);
             try {
-                return MDCHandler.getInstance().withLoggingRE(supplier::get);
+                return MdcHandler.getInstance().callWithAuthRE(supplier::get);
             } finally {
                 SecurityContextHolder.setContext(originalContext);
             }
@@ -153,7 +153,7 @@ private static <T> T runAsSystem(final TenantRunner<T> tenantRunner) {
         final SecurityContext currentContext = SecurityContextHolder.getContext();
         SystemSecurityContext.setSystemContext(currentContext);
         try {
-          return MDCHandler.getInstance().withLoggingRE(tenantRunner::run);
+          return MdcHandler.getInstance().callWithAuthRE(tenantRunner::run);
         } finally {
             SecurityContextHolder.setContext(currentContext);
         }

hawkbit-security-core/src/main/java/org/eclipse/hawkbit/security/SystemSecurityContext.java

@@ -110,7 +110,7 @@ public <T> T runAsSystemAsTenant(final Callable<T> callable, final String tenant
             log.debug("Entering system code execution");
             return tenantAware.runAsTenant(tenant, () -> {
                 setSystemContext(SecurityContextHolder.getContext());
-                return MDCHandler.getInstance().withLoggingRE(callable);
+                return MdcHandler.getInstance().callWithAuthRE(callable);
             });
         } finally {
             SecurityContextHolder.setContext(oldContext);
@@ -139,7 +139,7 @@ public <T> T runAsControllerAsTenant(@NotEmpty final String tenant, @NotNull fin
         try {
             return tenantAware.runAsTenant(tenant, () -> {
                 setCustomSecurityContext(tenant, oldContext.getAuthentication().getPrincipal(), authorities);
-                return MDCHandler.getInstance().withLoggingRE(callable);
+                return MdcHandler.getInstance().callWithAuthRE(callable);
             });
         } finally {
             SecurityContextHolder.setContext(oldContext);