finished /api/sync_sso and org creation

docker/hangar/application.yml

@@ -96,7 +96,7 @@ hangar:
     secure: false
     unsafe-download-max-age: 600000
     api:
-      url: "http://localhost:8000"
+      url: "http://auth:8000"
       avatar-url: "http://localhost:8000/avatar/%s?size=120x120" # only comment in if you run auth locally
 #      avatar-url: "https://paper.readthedocs.io/en/latest/_images/papermc_logomark_500.png"
       key: changeme

src/main/java/io/papermc/hangar/config/SecurityConfig.java

@@ -41,7 +41,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
     @Override
     protected void configure(HttpSecurity http) throws Exception {
         http.csrf().ignoringAntMatchers(
-                "/api/v2/authenticate", "/api/v2/sessions/current", "/api/v2/keys", "/api/v2/sync_sso"
+                "/api/v2/authenticate", "/api/v2/sessions/current", "/api/v2/keys", "/api/sync_sso"
         );
 
         http.addFilter(new HangarAuthenticationFilter());

src/main/java/io/papermc/hangar/controller/Apiv1Controller.java

@@ -34,6 +34,8 @@ import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.access.annotation.Secured;
 import org.springframework.stereotype.Controller;
+import org.springframework.util.LinkedMultiValueMap;
+import org.springframework.util.MultiValueMap;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.PostMapping;
@@ -300,7 +302,7 @@ public class Apiv1Controller extends HangarController {
     }
 
     @PostMapping(value = "/sync_sso")
-    public ResponseEntity<ObjectNode> syncSso(@RequestParam String sso, @RequestParam String sig, @RequestParam String apiKey) {
+    public ResponseEntity<MultiValueMap<String, String>> syncSso(@RequestParam String sso, @RequestParam String sig, @RequestParam("api_key") String apiKey) {
         if (!apiKey.equals(hangarConfig.sso.getApiKey())) {
             log.warn("SSO sync failed: bad API key (" + apiKey + " provided, " + hangarConfig.sso.getApiKey() + " expected)");
             return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
@@ -310,7 +312,9 @@ public class Apiv1Controller extends HangarController {
             SsoSyncData data = SsoSyncData.fromSignedPayload(map);
             userService.ssoSyncUser(data);
             log.debug("SSO sync successful: " + map.toString());
-            return new ResponseEntity<>(mapper.createObjectNode().set("status", mapper.valueToTree("success")), HttpStatus.OK);
+            MultiValueMap<String, String> ssoResponse = new LinkedMultiValueMap<>();
+            ssoResponse.set("status", "success");
+            return new ResponseEntity<>(ssoResponse, HttpStatus.OK);
         } catch (SignatureException e) {
             log.warn("SSO sync failed: invalid signature (" + sig + " for data " + sso + ")");
             return new ResponseEntity<>(HttpStatus.BAD_REQUEST);

src/main/java/io/papermc/hangar/controller/UsersController.java

@@ -153,7 +153,7 @@ public class UsersController extends HangarController {
     public ModelAndView logout(HttpSession session) {
         // TODO flash
         session.invalidate();
-        return new ModelAndView("redirect:" + hangarConfig.security.api.getUrl() + "/accounts/logout/");
+        return new ModelAndView("redirect:" + hangarConfig.getAuthUrl() + "/accounts/logout/");
     }
 
     @Secured("ROLE_USER")

src/main/java/io/papermc/hangar/service/OrgFactory.java

@@ -1,17 +1,15 @@
 package io.papermc.hangar.service;
 
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.node.ObjectNode;
 import io.papermc.hangar.config.hangar.HangarConfig;
 import io.papermc.hangar.db.dao.HangarDao;
 import io.papermc.hangar.db.dao.OrganizationDao;
 import io.papermc.hangar.db.dao.UserDao;
 import io.papermc.hangar.db.model.OrganizationsTable;
-import io.papermc.hangar.db.model.UsersTable;
 import io.papermc.hangar.model.NotificationType;
-import io.papermc.hangar.model.Prompt;
 import io.papermc.hangar.model.Role;
 import io.papermc.hangar.model.viewhelpers.UserData;
-import com.fasterxml.jackson.databind.ObjectMapper;
-import com.fasterxml.jackson.databind.node.ObjectNode;
 import io.papermc.hangar.service.sso.AuthUser;
 import io.papermc.hangar.util.HangarException;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -23,7 +21,6 @@ import org.springframework.util.LinkedMultiValueMap;
 import org.springframework.util.MultiValueMap;
 import org.springframework.web.client.RestTemplate;
 
-import java.util.List;
 import java.util.Locale;
 import java.util.Map;
 
@@ -73,9 +70,7 @@ public class OrgFactory {
         } else {
             authOrgUser = new AuthUser(-100, name, dummyEmail, "", Locale.ENGLISH, null);
         }
-
-        // TODO this will happen via /api/sync_sso, but I have no idea how to get that whole system working with Docker
-        userDao.get().insert(new UsersTable(authOrgUser.getId(), null, name, dummyEmail, null, List.of(), false, authOrgUser.getLang().toLanguageTag()));
+        // Just a note, the /api/sync_sso creates the org user here, so it will already be created when the above response is returned
         OrganizationsTable org = new OrganizationsTable(name, ownerId, authOrgUser.getId());
         org = organizationDao.get().insert(org);
         long orgId = org.getId();

src/main/java/io/papermc/hangar/service/SsoService.java

@@ -72,7 +72,7 @@ public class SsoService {
         String payload = generatePayload( returnUrl, generatedNonce);
         String sig = sign(payload);
         String urlEncoded = URLEncoder.encode(payload, StandardCharsets.UTF_8);
-        return new UrlWithNonce(String.format("%s?sso=%s&sig=%s", hangarConfig.security.api.getUrl() + baseUrl, urlEncoded, sig), generatedNonce);
+        return new UrlWithNonce(String.format("%s?sso=%s&sig=%s", hangarConfig.getAuthUrl() + baseUrl, urlEncoded, sig), generatedNonce);
     }
 
     private String nonce() {