Remove the client name from the credentials (pac4j#1021)

documentation/docs/release-notes.md

@@ -13,6 +13,7 @@ title: Release notes:
 - The `CallbackUrlResolver` computes the callback URL (using a query parameter or a path parameter to define the client), based on the `UrlResolver` which computes a URL
 - You can define an error (page) URL at the logics' level to handle unexpected exceptions
 - The SAML Keystore alias can be defined via a property
+- The client name is not set at the credential's level
 
 **v2.2.0**:
 

pac4j-cas/src/main/java/org/pac4j/cas/client/CasClient.java

@@ -46,8 +46,8 @@ protected void clientInit() {
         configuration.setUrlResolver(this.getCallbackUrlResolver().getUrlResolver());
 
         defaultRedirectActionBuilder(new CasRedirectActionBuilder(configuration, this));
-        defaultCredentialsExtractor(new TicketAndLogoutRequestExtractor(configuration, getName()));
-        defaultAuthenticator(new CasAuthenticator(configuration, getCallbackUrlResolver(), callbackUrl));
+        defaultCredentialsExtractor(new TicketAndLogoutRequestExtractor(configuration));
+        defaultAuthenticator(new CasAuthenticator(configuration, getName(), getCallbackUrlResolver(), callbackUrl));
         defaultLogoutActionBuilder(new CasLogoutActionBuilder<>(configuration.getPrefixUrl() + "logout",
             configuration.getPostLogoutUrlParameter()));
         addAuthorizationGenerator(new DefaultCasAuthorizationGenerator<>());

pac4j-cas/src/main/java/org/pac4j/cas/client/direct/DirectCasClient.java

@@ -54,9 +54,9 @@ protected void clientInit() {
         CommonHelper.assertNotNull("configuration", this.configuration);
         CommonHelper.assertTrue(!configuration.isGateway(), "the DirectCasClient can not support gateway to avoid infinite loops");
 
-        defaultCredentialsExtractor(new ParameterExtractor(CasConfiguration.TICKET_PARAMETER, true, false, getName()));
+        defaultCredentialsExtractor(new ParameterExtractor(CasConfiguration.TICKET_PARAMETER, true, false));
         // only a fake one for the initialization as we will build a new one with the current url for each request
-        super.defaultAuthenticator(new CasAuthenticator(configuration, callbackUrlResolver, "fake"));
+        super.defaultAuthenticator(new CasAuthenticator(configuration, getName(), callbackUrlResolver, "fake"));
         addAuthorizationGenerator(new DefaultCasAuthorizationGenerator<>());
     }
 
@@ -79,7 +79,7 @@ protected TokenCredentials retrieveCredentials(final WebContext context) {
             // clean url from ticket parameter
             callbackUrl = CommonHelper.substringBefore(callbackUrl, "?" + CasConfiguration.TICKET_PARAMETER + "=");
             callbackUrl = CommonHelper.substringBefore(callbackUrl, "&" + CasConfiguration.TICKET_PARAMETER + "=");
-            final CasAuthenticator casAuthenticator = new CasAuthenticator(configuration, callbackUrlResolver, callbackUrl);
+            final CasAuthenticator casAuthenticator = new CasAuthenticator(configuration, getName(), callbackUrlResolver, callbackUrl);
             casAuthenticator.init();
             casAuthenticator.validate(credentials, context);
 

pac4j-cas/src/main/java/org/pac4j/cas/client/direct/DirectCasProxyClient.java

@@ -52,8 +52,8 @@ protected void clientInit() {
         CommonHelper.assertTrue(protocol == CasProtocol.CAS20_PROXY || protocol == CasProtocol.CAS30_PROXY,
             "The DirectCasProxyClient must be configured with a CAS proxy protocol (CAS20_PROXY or CAS30_PROXY)");
 
-        defaultCredentialsExtractor(new ParameterExtractor(CasConfiguration.TICKET_PARAMETER, true, false, getName()));
-        defaultAuthenticator(new CasAuthenticator(configuration, callbackUrlResolver, this.serviceUrl));
+        defaultCredentialsExtractor(new ParameterExtractor(CasConfiguration.TICKET_PARAMETER, true, false));
+        defaultAuthenticator(new CasAuthenticator(configuration, getName(), callbackUrlResolver, this.serviceUrl));
         addAuthorizationGenerator(new DefaultCasAuthorizationGenerator<>());
     }
 

pac4j-cas/src/main/java/org/pac4j/cas/client/rest/AbstractCasRestClient.java

@@ -71,7 +71,7 @@ public TokenCredentials requestServiceTicket(final String serviceURL, final CasR
             if (responseCode == HttpConstants.OK) {
                 try (final BufferedReader in =
                          new BufferedReader(new InputStreamReader(connection.getInputStream(), StandardCharsets.UTF_8))) {
-                    return new TokenCredentials(in.readLine(), getClass().getSimpleName());
+                    return new TokenCredentials(in.readLine());
                 }
             }
             throw new TechnicalException("Service ticket request for `" + profile + "` failed: " +

pac4j-cas/src/main/java/org/pac4j/cas/client/rest/CasRestBasicAuthClient.java

@@ -33,7 +33,7 @@ protected void clientInit() {
         CommonHelper.assertNotNull("prefixHeader", this.prefixHeader);
         CommonHelper.assertNotNull("configuration", this.configuration);
 
-        defaultCredentialsExtractor(new BasicAuthExtractor(this.headerName, this.prefixHeader, getName()));
+        defaultCredentialsExtractor(new BasicAuthExtractor(this.headerName, this.prefixHeader));
         defaultAuthenticator(new CasRestAuthenticator(this.configuration));
     }
 

pac4j-cas/src/main/java/org/pac4j/cas/client/rest/CasRestFormClient.java

@@ -32,7 +32,7 @@ protected void clientInit() {
         CommonHelper.assertNotBlank("passwordParameter", this.passwordParameter);
         CommonHelper.assertNotNull("configuration", this.configuration);
 
-        defaultCredentialsExtractor(new FormExtractor(this.usernameParameter, this.passwordParameter, getName()));
+        defaultCredentialsExtractor(new FormExtractor(this.usernameParameter, this.passwordParameter));
         defaultAuthenticator(new CasRestAuthenticator(this.configuration));
     }
 

pac4j-cas/src/main/java/org/pac4j/cas/credentials/authenticator/CasAuthenticator.java

@@ -32,19 +32,24 @@ public class CasAuthenticator extends ProfileDefinitionAware<CommonProfile> impl
 
     protected CasConfiguration configuration;
 
+    protected String clientName;
+
     protected CallbackUrlResolver callbackUrlResolver;
 
     protected String callbackUrl;
 
-    public CasAuthenticator(final CasConfiguration configuration, final CallbackUrlResolver callbackUrlResolver, final String callbackUrl) {
+    public CasAuthenticator(final CasConfiguration configuration, final String clientName, final CallbackUrlResolver callbackUrlResolver,
+                            final String callbackUrl) {
         this.configuration = configuration;
+        this.clientName = clientName;
         this.callbackUrlResolver = callbackUrlResolver;
         this.callbackUrl = callbackUrl;
     }
 
     @Override
     protected void internalInit() {
         CommonHelper.assertNotNull("callbackUrlResolver", callbackUrlResolver);
+        CommonHelper.assertNotBlank("clientName", clientName);
         CommonHelper.assertNotBlank("callbackUrl", callbackUrl);
         CommonHelper.assertNotNull("configuration", configuration);
 
@@ -57,7 +62,7 @@ public void validate(final TokenCredentials credentials, final WebContext contex
 
         final String ticket = credentials.getToken();
         try {
-            final String finalCallbackUrl = callbackUrlResolver.compute(callbackUrl, credentials.getClientName(), context);
+            final String finalCallbackUrl = callbackUrlResolver.compute(callbackUrl, clientName, context);
             final Assertion assertion = configuration.retrieveTicketValidator(context).validate(ticket, finalCallbackUrl);
             final AttributePrincipal principal = assertion.getPrincipal();
             logger.debug("principal: {}", principal);

pac4j-cas/src/main/java/org/pac4j/cas/credentials/extractor/TicketAndLogoutRequestExtractor.java

@@ -31,13 +31,9 @@ public class TicketAndLogoutRequestExtractor implements CredentialsExtractor<Tok
 
     protected CasConfiguration configuration;
 
-    protected String clientName;
-
-    public TicketAndLogoutRequestExtractor(final CasConfiguration configuration, final String clientName) {
+    public TicketAndLogoutRequestExtractor(final CasConfiguration configuration) {
         CommonHelper.assertNotNull("configuration", configuration);
-        CommonHelper.assertNotBlank("clientName", clientName);
         this.configuration = configuration;
-        this.clientName = clientName;
     }
 
     @Override
@@ -50,7 +46,7 @@ public TokenCredentials extract(final WebContext context) {
             if (logoutHandler != null) {
                 logoutHandler.recordSession(context, ticket);
             }
-            final TokenCredentials casCredentials = new TokenCredentials(ticket, clientName);
+            final TokenCredentials casCredentials = new TokenCredentials(ticket);
             logger.debug("casCredentials: {}", casCredentials);
             return casCredentials;
 

pac4j-config/src/test/java/org/pac4j/config/client/PropertiesConfigFactoryTests.java

@@ -165,7 +165,7 @@ public void test() {
             assertEquals(PAC4J_BASE_URL, formClient2.getLoginUrl());
             assertTrue(formClient2.getAuthenticator() instanceof LdapProfileService);
             final LdapProfileService ldapAuthenticator = (LdapProfileService) formClient2.getAuthenticator();
-            final UsernamePasswordCredentials ldapCredentials = new UsernamePasswordCredentials(GOOD_USERNAME, PASSWORD, CLIENT_NAME);
+            final UsernamePasswordCredentials ldapCredentials = new UsernamePasswordCredentials(GOOD_USERNAME, PASSWORD);
             ldapAuthenticator.validate(ldapCredentials, MockWebContext.create());
             assertNotNull(ldapCredentials.getUserProfile());
 
@@ -179,7 +179,7 @@ public void test() {
             assertTrue(indirectBasicAuthClient2.getAuthenticator() instanceof DbProfileService);
             final DbProfileService dbAuthenticator = (DbProfileService) indirectBasicAuthClient2.getAuthenticator();
             assertNotNull(dbAuthenticator);
-            final UsernamePasswordCredentials dbCredentials = new UsernamePasswordCredentials(GOOD_USERNAME, PASSWORD, CLIENT_NAME);
+            final UsernamePasswordCredentials dbCredentials = new UsernamePasswordCredentials(GOOD_USERNAME, PASSWORD);
             dbAuthenticator.validate(dbCredentials, MockWebContext.create());
             assertNotNull(dbCredentials.getUserProfile());
 

pac4j-core/src/main/java/org/pac4j/core/credentials/Credentials.java

@@ -6,26 +6,16 @@
 
 /**
  * This class represents the base credentials.
- * 
+ *
  * @author Jerome Leleu
  * @since 1.4.0
  */
 public abstract class Credentials implements Serializable {
 
     private static final long serialVersionUID = 4864923514027378583L;
 
-    private String clientName;
-
     private CommonProfile userProfile = null;
 
-    public String getClientName() {
-        return this.clientName;
-    }
-
-    public void setClientName(final String clientName) {
-        this.clientName = clientName;
-    }
-
     public CommonProfile getUserProfile() {
         return userProfile;
     }

pac4j-core/src/main/java/org/pac4j/core/credentials/TokenCredentials.java

@@ -14,9 +14,8 @@ public class TokenCredentials extends Credentials {
 
     private String token;
 
-    public TokenCredentials(String token, final String clientName) {
+    public TokenCredentials(String token) {
         this.token = token;
-        setClientName(clientName);
     }
 
     public String getToken() {
@@ -40,6 +39,6 @@ public int hashCode() {
 
     @Override
     public String toString() {
-        return CommonHelper.toNiceString(this.getClass(), "token", this.token, "clientName", getClientName());
+        return CommonHelper.toNiceString(this.getClass(), "token", this.token);
     }
 }

pac4j-core/src/main/java/org/pac4j/core/credentials/UsernamePasswordCredentials.java

@@ -17,10 +17,9 @@ public class UsernamePasswordCredentials extends Credentials {
 
     private String password;
 
-    public UsernamePasswordCredentials(final String username, final String password, final String clientName) {
+    public UsernamePasswordCredentials(final String username, final String password) {
         this.username = username;
         this.password = password;
-        setClientName(clientName);
     }
 
     public String getUsername() {
@@ -52,6 +51,6 @@ public int hashCode() {
     @Override
     public String toString() {
         return CommonHelper.toNiceString(this.getClass(), Pac4jConstants.USERNAME, this.username,
-                Pac4jConstants.PASSWORD, "[PROTECTED]", "clientName", getClientName());
+                Pac4jConstants.PASSWORD, "[PROTECTED]");
     }
 }

pac4j-core/src/main/java/org/pac4j/core/credentials/extractor/BasicAuthExtractor.java

@@ -19,15 +19,12 @@ public class BasicAuthExtractor implements CredentialsExtractor<UsernamePassword
 
     private final HeaderExtractor extractor;
 
-    private final String clientName;
-
-    public BasicAuthExtractor(final String clientName) {
-        this(HttpConstants.AUTHORIZATION_HEADER, HttpConstants.BASIC_HEADER_PREFIX, clientName);
+    public BasicAuthExtractor() {
+        this(HttpConstants.AUTHORIZATION_HEADER, HttpConstants.BASIC_HEADER_PREFIX);
     }
 
-    public BasicAuthExtractor(final String headerName, final String prefixHeader, final String clientName) {
-        this.extractor = new HeaderExtractor(headerName, prefixHeader, clientName);
-        this.clientName = clientName;
+    public BasicAuthExtractor(final String headerName, final String prefixHeader) {
+        this.extractor = new HeaderExtractor(headerName, prefixHeader);
     }
 
     @Override
@@ -51,6 +48,6 @@ public UsernamePasswordCredentials extract(WebContext context) {
             throw new CredentialsException("Bad format of the basic auth header");
         }
         return new UsernamePasswordCredentials(token.substring(0, delim),
-                token.substring(delim + 1), clientName);
+                token.substring(delim + 1));
     }
 }

pac4j-core/src/main/java/org/pac4j/core/credentials/extractor/FormExtractor.java

@@ -15,12 +15,9 @@ public class FormExtractor implements CredentialsExtractor<UsernamePasswordCrede
 
     private final String passwordParameter;
 
-    private final String clientName;
-
-    public FormExtractor(final String usernameParameter, final String passwordParameter, final String clientName) {
+    public FormExtractor(final String usernameParameter, final String passwordParameter) {
         this.usernameParameter = usernameParameter;
         this.passwordParameter = passwordParameter;
-        this.clientName = clientName;
     }
 
     @Override
@@ -31,7 +28,7 @@ public UsernamePasswordCredentials extract(WebContext context) {
             return null;
         }
 
-        return new UsernamePasswordCredentials(username, password, clientName);
+        return new UsernamePasswordCredentials(username, password);
     }
 
     public String getUsernameParameter() {

pac4j-core/src/main/java/org/pac4j/core/credentials/extractor/HeaderExtractor.java

@@ -16,12 +16,9 @@ public class HeaderExtractor implements CredentialsExtractor<TokenCredentials> {
 
     private final String prefixHeader;
 
-    private final String clientName;
-
-    public HeaderExtractor(final String headerName, final String prefixHeader, final String clientName) {
+    public HeaderExtractor(final String headerName, final String prefixHeader) {
         this.headerName = headerName;
         this.prefixHeader = prefixHeader;
-        this.clientName = clientName;
     }
 
     @Override
@@ -36,6 +33,6 @@ public TokenCredentials extract(WebContext context) {
         }
 
         final String headerWithoutPrefix = header.substring(this.prefixHeader.length());
-        return new TokenCredentials(headerWithoutPrefix, clientName);
+        return new TokenCredentials(headerWithoutPrefix);
     }
 }

pac4j-core/src/main/java/org/pac4j/core/credentials/extractor/ParameterExtractor.java

@@ -17,22 +17,19 @@ public class ParameterExtractor implements CredentialsExtractor<TokenCredentials
 
     private final String parameterName;
 
-    private final String clientName;
-
     private boolean supportGetRequest;
 
     private boolean supportPostRequest;
 
-    public ParameterExtractor(final String parameterName, final String clientName) {
-        this(parameterName, false, true, clientName);
+    public ParameterExtractor(final String parameterName) {
+        this(parameterName, false, true);
     }
 
     public ParameterExtractor(final String parameterName, final boolean supportGetRequest,
-                              final boolean supportPostRequest, final String clientName) {
+                              final boolean supportPostRequest) {
         this.parameterName = parameterName;
         this.supportGetRequest = supportGetRequest;
         this.supportPostRequest = supportPostRequest;
-        this.clientName = clientName;
     }
 
     @Override
@@ -49,12 +46,12 @@ public TokenCredentials extract(WebContext context) {
             return null;
         }
 
-        return new TokenCredentials(value, clientName);
+        return new TokenCredentials(value);
     }
 
     @Override
     public String toString() {
-        return CommonHelper.toNiceString(this.getClass(), "parameterName", parameterName, "clientName", clientName,
+        return CommonHelper.toNiceString(this.getClass(), "parameterName", parameterName,
                 "supportGetRequest", supportGetRequest, "supportPostRequest", supportPostRequest);
     }
 }

pac4j-core/src/test/java/org/pac4j/core/credentials/authenticator/LocalCachingAuthenticatorTests.java

@@ -47,17 +47,16 @@ public void validate(final UsernamePasswordCredentials credentials, final WebCon
 
     private final Authenticator delegate = new SimpleUPAuthenticator();
 
-    private final UsernamePasswordCredentials credentials =
-            new UsernamePasswordCredentials("a", "a", this.getClass().getName());
+    private final UsernamePasswordCredentials credentials = new UsernamePasswordCredentials("a", "a");
 
     @Test
     public void testDoubleCalls() {
         final OnlyOneCallAuthenticator authenticator = new OnlyOneCallAuthenticator();
         final LocalCachingAuthenticator localCachingAuthenticator = new LocalCachingAuthenticator(authenticator, 10, 10, TimeUnit.SECONDS);
         localCachingAuthenticator.init();
-        final Credentials credentials1 = new UsernamePasswordCredentials("a", "a", this.getClass().getName());
+        final Credentials credentials1 = new UsernamePasswordCredentials("a", "a");
         localCachingAuthenticator.validate(credentials1, null);
-        final Credentials credentials2 = new UsernamePasswordCredentials("a", "a", this.getClass().getName());
+        final Credentials credentials2 = new UsernamePasswordCredentials("a", "a");
         localCachingAuthenticator.validate(credentials2, null);
     }
 

pac4j-core/src/test/java/org/pac4j/core/credentials/extractor/HeaderExtractorTests.java

@@ -23,7 +23,7 @@ public final class HeaderExtractorTests implements TestsConstants {
     private final static String GOOD_PREFIX = "goodPrefix ";
     private final static String BAD_PREFIX = "badPrefix ";
 
-    private final static HeaderExtractor extractor = new HeaderExtractor(GOOD_HEADER, GOOD_PREFIX, CLIENT_NAME);
+    private final static HeaderExtractor extractor = new HeaderExtractor(GOOD_HEADER, GOOD_PREFIX);
 
     @Test
     public void testRetrieveHeaderOk() {

pac4j-core/src/test/java/org/pac4j/core/profile/creator/AuthenticatorProfileCreatorTests.java

@@ -18,13 +18,13 @@ public final class AuthenticatorProfileCreatorTests implements TestsConstants {
 
     @Test
     public void testReturnNoProfile() {
-        assertNull(AuthenticatorProfileCreator.INSTANCE.create(new TokenCredentials(TOKEN, CLIENT_NAME), null));
+        assertNull(AuthenticatorProfileCreator.INSTANCE.create(new TokenCredentials(TOKEN), null));
     }
 
     @Test
     public void testReturnProfile() {
         final CommonProfile profile = new CommonProfile();
-        final Credentials credentials = new TokenCredentials(TOKEN, CLIENT_NAME);
+        final Credentials credentials = new TokenCredentials(TOKEN);
         credentials.setUserProfile(profile);
         final CommonProfile profile2 = AuthenticatorProfileCreator.INSTANCE.create(credentials, null);
         assertEquals(profile, profile2);