convert checked LdapException to unchecked AuthorizationException

Author: Vladimir Kotal

opengrok-indexer/src/main/java/org/opengrok/indexer/authorization/AuthorizationException.java

@@ -0,0 +1,41 @@
+/*
+ * CDDL HEADER START
+ *
+ * The contents of this file are subject to the terms of the
+ * Common Development and Distribution License (the "License").
+ * You may not use this file except in compliance with the License.
+ *
+ * See LICENSE.txt included in this distribution for the specific
+ * language governing permissions and limitations under the License.
+ *
+ * When distributing Covered Code, include this CDDL HEADER in each
+ * file and include the License file at LICENSE.txt.
+ * If applicable, add the following below this CDDL HEADER, with the
+ * fields enclosed by brackets "[]" replaced with your own identifying
+ * information: Portions Copyright [yyyy] [name of copyright owner]
+ *
+ * CDDL HEADER END
+ */
+
+/*
+ * Copyright (c) 2019 Oracle and/or its affiliates. All rights reserved.
+ */
+
+package org.opengrok.indexer.authorization;
+
+public class AuthorizationException extends RuntimeException {
+
+    private static final long serialVersionUID = -1;
+
+    public AuthorizationException(Throwable ex) {
+        super(ex);
+    }
+
+    AuthorizationException(String msg) {
+        super(msg);
+    }
+
+    AuthorizationException(String msg, Throwable ex) {
+        super(msg, ex);
+    }
+}

opengrok-indexer/src/main/java/org/opengrok/indexer/authorization/AuthorizationStack.java

@@ -257,9 +257,9 @@ protected boolean processStack(Nameable entity,
                     overallDecision = true;
                     break;
                 }
-            } catch (LdapException ex) {
+            } catch (AuthorizationException ex) {
                 // Propagate up so that proper HTTP error can be given.
-                LOGGER.log(Level.FINEST, "got LDAP exception: " + ex.getMessage());
+                LOGGER.log(Level.FINEST, "got authorization exception: " + ex.getMessage());
                 throw ex;
             } catch (Throwable ex) {
                 LOGGER.log(Level.WARNING,

opengrok-indexer/src/main/java/org/opengrok/indexer/framework/PluginClassLoader.java

@@ -53,7 +53,7 @@ public class PluginClassLoader extends ClassLoader {
             "org.opengrok.indexer.configuration.RuntimeEnvironment",
             "org.opengrok.indexer.authorization.IAuthorizationPlugin",
             "org.opengrok.indexer.authorization.plugins.*",
-            "org.opengrok.indexer.authorization.LdapError",
+            "org.opengrok.indexer.authorization.AuthorizationException",
             "org.opengrok.indexer.util.*",
             "org.opengrok.indexer.logger.*"
     };

plugins/src/opengrok/auth/plugin/LdapAttrPlugin.java

@@ -34,6 +34,8 @@
 import javax.servlet.http.HttpServletRequest;
 import opengrok.auth.entity.LdapUser;
 import opengrok.auth.plugin.entity.User;
+import opengrok.auth.plugin.ldap.LdapException;
+import org.opengrok.indexer.authorization.AuthorizationException;
 import org.opengrok.indexer.configuration.Group;
 import org.opengrok.indexer.configuration.Project;
 
@@ -107,8 +109,12 @@ public void fillSession(HttpServletRequest req, User user) {
         if (attributeValues != null) {
             sessionAllowed = attributeValues.stream().anyMatch((t) -> whitelist.contains(t));
         } else {
-            if ((records = getLdapProvider().lookupLdapContent(user, new String[]{ldapAttr})) == null) {
-                return;
+            try {
+                if ((records = getLdapProvider().lookupLdapContent(user, new String[]{ldapAttr})) == null) {
+                    return;
+                }
+            } catch (LdapException ex) {
+                throw new AuthorizationException(ex);
             }
 
             if (records.isEmpty() || (attributeValues = records.get(ldapAttr)) == null) {

plugins/src/opengrok/auth/plugin/LdapFilterPlugin.java

@@ -31,6 +31,8 @@
 import javax.servlet.http.HttpServletRequest;
 import opengrok.auth.entity.LdapUser;
 import opengrok.auth.plugin.entity.User;
+import opengrok.auth.plugin.ldap.LdapException;
+import org.opengrok.indexer.authorization.AuthorizationException;
 import org.opengrok.indexer.configuration.Group;
 import org.opengrok.indexer.configuration.Project;
 
@@ -85,9 +87,13 @@ public void fillSession(HttpServletRequest req, User user) {
         String expandedFilter = expandFilter(ldapFilter, ldapUser, user);
         LOGGER.log(Level.FINER, "expanded filter for user {0} into ''{1}''",
                 new Object[]{user, expandedFilter});
-        if ((records = getLdapProvider().lookupLdapContent(null, expandedFilter, dn)) == null) {
-            LOGGER.log(Level.FINER, "failed to get content for user from LDAP server");
-            return;
+        try {
+            if ((records = getLdapProvider().lookupLdapContent(null, expandedFilter, dn)) == null) {
+                LOGGER.log(Level.FINER, "failed to get content for user from LDAP server");
+                return;
+            }
+        } catch (LdapException ex) {
+            throw new AuthorizationException(ex);
         }
 
         LOGGER.log(Level.FINER, "got {0} records", records.size());

plugins/src/opengrok/auth/plugin/LdapUserPlugin.java

@@ -32,6 +32,8 @@
 import javax.servlet.http.HttpServletRequest;
 import opengrok.auth.entity.LdapUser;
 import opengrok.auth.plugin.entity.User;
+import opengrok.auth.plugin.ldap.LdapException;
+import org.opengrok.indexer.authorization.AuthorizationException;
 import org.opengrok.indexer.configuration.Group;
 import org.opengrok.indexer.configuration.Project;
 import org.opengrok.indexer.util.StringUtils;
@@ -133,11 +135,15 @@ public void fillSession(HttpServletRequest req, User user) {
         }
 
         String filter = getFilter(user);
-        if ((records = getLdapProvider().lookupLdapContent(null, filter, attributes)) == null) {
-            LOGGER.log(Level.WARNING, "failed to get LDAP attributes ''{3}'' for user ''{0}'' " +
-                            "with filter ''{1}''",
-                    new Object[]{user, filter, String.join(", ", attributes)});
-            return;
+        try {
+            if ((records = getLdapProvider().lookupLdapContent(null, filter, attributes)) == null) {
+                LOGGER.log(Level.WARNING, "failed to get LDAP attributes ''{3}'' for user ''{0}'' " +
+                                "with filter ''{1}''",
+                        new Object[]{user, filter, String.join(", ", attributes)});
+                return;
+            }
+        } catch (LdapException ex) {
+            throw new AuthorizationException(ex);
         }
 
         if (records.isEmpty()) {

plugins/src/opengrok/auth/plugin/ldap/AbstractLdapProvider.java

@@ -37,7 +37,7 @@ public abstract class AbstractLdapProvider {
      * @see #lookupLdapContent(opengrok.auth.plugin.entity.User,
      * java.lang.String)
      */
-    public Map<String, Set<String>> lookupLdapContent(User user) {
+    public Map<String, Set<String>> lookupLdapContent(User user) throws LdapException {
         // calling the lookupLdapContent(user, filter)
         return lookupLdapContent(user, (String) null);
     }
@@ -52,7 +52,7 @@ public Map<String, Set<String>> lookupLdapContent(User user) {
      * @see #lookupLdapContent(opengrok.auth.plugin.entity.User,
      * java.lang.String, java.lang.String[])
      */
-    public Map<String, Set<String>> lookupLdapContent(User user, String filter) {
+    public Map<String, Set<String>> lookupLdapContent(User user, String filter) throws LdapException {
         return lookupLdapContent(user, filter, null);
     }
 
@@ -66,7 +66,7 @@ public Map<String, Set<String>> lookupLdapContent(User user, String filter) {
      * @see #lookupLdapContent(opengrok.auth.plugin.entity.User,
      * java.lang.String, java.lang.String[])
      */
-    public Map<String, Set<String>> lookupLdapContent(User user, String[] values) {
+    public Map<String, Set<String>> lookupLdapContent(User user, String[] values) throws LdapException {
         return lookupLdapContent(user, null, values);
     }
 
@@ -78,7 +78,7 @@ public Map<String, Set<String>> lookupLdapContent(User user, String[] values) {
      * @param values match these LDAP value
      * @return set of important attributes for the user
      */
-    public abstract Map<String, Set<String>> lookupLdapContent(User user, String filter, String[] values);
+    public abstract Map<String, Set<String>> lookupLdapContent(User user, String filter, String[] values) throws LdapException;
 
     /**
      * @return if the provider is correctly configured

opengrok-indexer/src/main/java/org/opengrok/indexer/authorization/LdapException.java renamed to plugins/src/opengrok/auth/plugin/ldap/LdapException.java

@@ -21,23 +21,19 @@
  * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
  */
 
-package org.opengrok.indexer.authorization;
+package opengrok.auth.plugin.ldap;
 
 /**
  * Unchecked exception to be thrown when LDAP server pool is down.
  */
-public class LdapException extends RuntimeException {
+public class LdapException extends Exception {
     public static final long serialVersionUID = -1;
 
-    public LdapException() {
-        super();
-    }
-
-    public LdapException(String str) {
+    LdapException(String str) {
         super(str);
     }
 
-    public LdapException(String str, Throwable ex) {
+    LdapException(String str, Throwable ex) {
         super(str, ex);
     }
 }

plugins/src/opengrok/auth/plugin/ldap/LdapFacade.java

@@ -45,7 +45,6 @@
 import opengrok.auth.plugin.entity.User;
 import opengrok.auth.plugin.util.WebHook;
 import opengrok.auth.plugin.util.WebHooks;
-import org.opengrok.indexer.authorization.LdapException;
 import opengrok.auth.plugin.util.RestfulClient;
 
 public class LdapFacade extends AbstractLdapProvider {
@@ -266,7 +265,7 @@ public boolean isConfigured() {
      * @return set of strings describing the user's attributes
      */
     @Override
-    public Map<String, Set<String>> lookupLdapContent(User user, String filter, String[] values) {
+    public Map<String, Set<String>> lookupLdapContent(User user, String filter, String[] values) throws LdapException {
 
         return lookup(
                 user != null ? user.getUsername() : getSearchBase(),
@@ -299,7 +298,7 @@ public SearchControls getSearchControls() {
      *
      * @return results transformed with mapper
      */
-    private <T> T lookup(String dn, String filter, String[] attributes, AttributeMapper<T> mapper) {
+    private <T> T lookup(String dn, String filter, String[] attributes, AttributeMapper<T> mapper) throws LdapException {
         return lookup(dn, filter, attributes, mapper, 0);
     }
 
@@ -314,8 +313,9 @@ private <T> T lookup(String dn, String filter, String[] attributes, AttributeMap
      * @param fail current count of failures
      *
      * @return results transformed with mapper or {@code null} on failure
+     * @throws LdapException LDAP exception
      */
-    private <T> T lookup(String dn, String filter, String[] attributes, AttributeMapper<T> mapper, int fail) {
+    private <T> T lookup(String dn, String filter, String[] attributes, AttributeMapper<T> mapper, int fail) throws LdapException {
 
         if (errorTimestamp > 0 && errorTimestamp + interval > System.currentTimeMillis()) {
             if (!reported) {