Link OAuth token to Gerrit external id

lucamilanesio · lucamilanesio · commit 99a192ee4155 · 2014-07-22T13:15:31.000Z
Enrich the HTTP login request to Gerrit in order
to store the GitHub OAuth token as additional
external id into the Gerrit user’s account.

OAuth token can be used by Gerrit to propagate
the user’s identity to the GitHub API calls.

NOTE: In order to get the extra HTTP header
managed and stored into Gerrit external ids table
you need to make sure to have I8df2540a56 merged.

Change-Id: Ifcd62218a171e3420bca10c95af43c7afe9cb2bb
diff --git a/github-oauth/src/main/java/com/googlesource/gerrit/plugins/github/oauth/GitHubOAuthConfig.java b/github-oauth/src/main/java/com/googlesource/gerrit/plugins/github/oauth/GitHubOAuthConfig.java
@@ -55,13 +55,15 @@ public class GitHubOAuthConfig {
   public final int fileUpdateMaxRetryCount;
   public final int fileUpdateMaxRetryIntervalMsec;
   public final Config gerritConfig;
+  public final String oauthHttpHeader;
 
   @Inject
   public GitHubOAuthConfig(@GerritServerConfig Config config)
       throws MalformedURLException {
     this.gerritConfig = config;
 
     httpHeader = config.getString("auth", null, "httpHeader");
+    oauthHttpHeader = config.getString("auth", null, "httpExternalIdHeader");
     gitHubUrl = dropTrailingSlash(
         Objects.firstNonNull(config.getString(CONF_SECTION, null, "url"),
             GITHUB_URL));
diff --git a/github-oauth/src/main/java/com/googlesource/gerrit/plugins/github/oauth/OAuthWebFilter.java b/github-oauth/src/main/java/com/googlesource/gerrit/plugins/github/oauth/OAuthWebFilter.java
@@ -47,6 +47,7 @@ public class OAuthWebFilter implements Filter {
   private static final org.slf4j.Logger log = LoggerFactory
       .getLogger(OAuthWebFilter.class);
   public static final String GERRIT_COOKIE_NAME = "GerritAccount";
+  public static final String GITHUB_EXT_ID = "github_oauth:";
 
   private final GitHubOAuthConfig config;
   private final Random retryRandom = new Random(System.currentTimeMillis());
@@ -89,7 +90,9 @@ public void doFilter(ServletRequest request, ServletResponse response,
         if (ghLogin != null && ghLogin.isLoggedIn()) {
           httpRequest =
               new AuthenticatedHttpRequest(httpRequest, config.httpHeader,
-                  ghLogin.getMyself().getLogin());
+                  ghLogin.getMyself().getLogin(),
+                  config.oauthHttpHeader,
+                  GITHUB_EXT_ID + ghLogin.getToken().access_token);
         }
 
         if (OAuthProtocol.isOAuthFinalForOthers(httpRequest)) {
