Update OAuth2 scribe dependency to the new scribejava (#900)

Author: nfalco79

pom.xml

@@ -145,15 +145,9 @@
       <artifactId>plain-credentials</artifactId>
    </dependency>
    <dependency>
-      <groupId>org.scribe</groupId>
-      <artifactId>scribe</artifactId>
-      <version>1.3.3</version>
-      <exclusions>
-        <exclusion>
-          <groupId>commons-codec</groupId>
-          <artifactId>commons-codec</artifactId>
-        </exclusion>
-      </exclusions>
+      <groupId>com.github.scribejava</groupId>
+      <artifactId>scribejava-httpclient-apache</artifactId>
+      <version>8.3.3</version>
     </dependency>
   </dependencies>
 

src/main/java/com/cloudbees/jenkins/plugins/bitbucket/api/credentials/BitbucketAccessTokenAuthenticatorSource.java

@@ -39,7 +39,7 @@ public BitbucketAccessTokenAuthenticator convert(@NonNull StringCredentials cred
      * @return whether this can authenticate given the context
      */
     @Override
-    public boolean isFit(AuthenticationTokenContext ctx) {
+    protected boolean isFit(AuthenticationTokenContext<? super BitbucketAccessTokenAuthenticator> ctx) {
         return ctx.mustHave(BitbucketAuthenticator.SCHEME, "https")
             && (ctx.mustHave(BitbucketAuthenticator.BITBUCKET_INSTANCE_TYPE, BitbucketAuthenticator.BITBUCKET_INSTANCE_TYPE_SERVER)
             || ctx.mustHave(BitbucketAuthenticator.BITBUCKET_INSTANCE_TYPE, BitbucketAuthenticator.BITBUCKET_INSTANCE_TYPE_CLOUD));

src/main/java/com/cloudbees/jenkins/plugins/bitbucket/api/credentials/BitbucketClientCertificateAuthenticatorSource.java

@@ -63,7 +63,7 @@ public BitbucketClientCertificateAuthenticator convert(@NonNull StandardCertific
      * @return whether this can authenticate given the context
      */
     @Override
-    public boolean isFit(AuthenticationTokenContext ctx) {
+    protected boolean isFit(AuthenticationTokenContext<? super BitbucketClientCertificateAuthenticator> ctx) {
         return ctx.mustHave(BitbucketAuthenticator.SCHEME, "https")
                 && ctx.mustHave(BitbucketAuthenticator.BITBUCKET_INSTANCE_TYPE, BitbucketAuthenticator.BITBUCKET_INSTANCE_TYPE_SERVER);
     }

src/main/java/com/cloudbees/jenkins/plugins/bitbucket/api/credentials/BitbucketOAuth.java

@@ -1,37 +1,29 @@
 package com.cloudbees.jenkins.plugins.bitbucket.api.credentials;
 
-import org.scribe.builder.api.DefaultApi20;
-import org.scribe.extractors.AccessTokenExtractor;
-import org.scribe.extractors.JsonTokenExtractor;
-import org.scribe.model.OAuthConfig;
-import org.scribe.model.Verb;
-import org.scribe.oauth.OAuthService;
+import com.github.scribejava.core.builder.api.DefaultApi20;
 
 public class BitbucketOAuth extends DefaultApi20 {
-    public static final String OAUTH_ENDPOINT = "https://bitbucket.org/site/oauth2/";
+    private static final String OAUTH_ENDPOINT = "https://bitbucket.org/site/oauth2/";
 
-    @Override
-    public String getAccessTokenEndpoint() {
-        return OAUTH_ENDPOINT + "access_token";
+    protected BitbucketOAuth() {
     }
 
-    @Override
-    public String getAuthorizationUrl(OAuthConfig config) {
-        return OAUTH_ENDPOINT + "authorize";
+    private static class InstanceHolder {
+        private static final BitbucketOAuth INSTANCE = new BitbucketOAuth();
     }
 
-    @Override
-    public Verb getAccessTokenVerb() {
-        return Verb.POST;
+    public static BitbucketOAuth instance() {
+        return InstanceHolder.INSTANCE;
     }
 
     @Override
-    public AccessTokenExtractor getAccessTokenExtractor() {
-        return new JsonTokenExtractor();
+    public String getAccessTokenEndpoint() {
+        return OAUTH_ENDPOINT + "access_token";
     }
 
     @Override
-    public OAuthService createService(OAuthConfig config) {
-        return new BitbucketOAuthService(this, config);
+    protected String getAuthorizationBaseUrl() {
+        return OAUTH_ENDPOINT + "authorize";
     }
+
 }

src/main/java/com/cloudbees/jenkins/plugins/bitbucket/api/credentials/BitbucketOAuthAuthenticator.java

@@ -5,45 +5,60 @@
 import com.cloudbees.plugins.credentials.common.StandardUsernameCredentials;
 import com.cloudbees.plugins.credentials.common.StandardUsernamePasswordCredentials;
 import com.cloudbees.plugins.credentials.impl.UsernamePasswordCredentialsImpl;
+import com.github.scribejava.core.builder.ServiceBuilder;
+import com.github.scribejava.core.httpclient.HttpClient;
+import com.github.scribejava.core.model.OAuth2AccessToken;
+import com.github.scribejava.core.model.OAuthConstants;
+import com.github.scribejava.core.oauth.OAuth20Service;
+import com.github.scribejava.httpclient.apache.ApacheHttpClientConfig;
+import com.github.scribejava.httpclient.apache.ApacheProvider;
 import hudson.model.Descriptor.FormException;
+import java.io.IOException;
+import java.util.concurrent.ExecutionException;
+import jenkins.authentication.tokens.api.AuthenticationTokenException;
 import org.apache.commons.lang.StringUtils;
 import org.apache.http.HttpRequest;
-import org.scribe.model.OAuthConfig;
-import org.scribe.model.OAuthConstants;
-import org.scribe.model.Token;
 
 public class BitbucketOAuthAuthenticator extends BitbucketAuthenticator {
 
-    private Token token;
+    private OAuth2AccessToken token;
 
     /**
      * Constructor.
      *
      * @param credentials the key/pass that will be used
+     * @throws AuthenticationTokenException
      */
-    public BitbucketOAuthAuthenticator(StandardUsernamePasswordCredentials credentials) {
+    public BitbucketOAuthAuthenticator(StandardUsernamePasswordCredentials credentials) throws AuthenticationTokenException {
         super(credentials);
 
-        OAuthConfig config = new OAuthConfig(credentials.getUsername(), credentials.getPassword().getPlainText());
+        HttpClient httpClient = new ApacheProvider().createClient(ApacheHttpClientConfig.defaultConfig());
+        OAuth20Service service = new ServiceBuilder(credentials.getUsername())
+            .apiSecret(credentials.getPassword().getPlainText())
+            .httpClient(httpClient)
+         // .httpClientConfig(ApacheHttpClientConfig.defaultConfig()) the ServiceLoader does not work well with Jenkins plugin classloader
+            .build(BitbucketOAuth.instance());
 
-        BitbucketOAuthService OAuthService = (BitbucketOAuthService) new BitbucketOAuth().createService(config);
-
-        token = OAuthService.getAccessToken(OAuthConstants.EMPTY_TOKEN, null);
+        try {
+            token = service.getAccessTokenClientCredentialsGrant();
+        } catch (IOException | InterruptedException | ExecutionException e) {
+            throw new AuthenticationTokenException(e);
+        }
     }
 
     /**
      * Set up request with token in header
      */
     @Override
     public void configureRequest(HttpRequest request) {
-        request.addHeader(OAuthConstants.HEADER, "Bearer " + this.token.getToken());
+        request.addHeader(OAuthConstants.HEADER, "Bearer " + this.token.getAccessToken());
     }
 
     @Override
     public StandardUsernameCredentials getCredentialsForSCM() {
         try {
             return new UsernamePasswordCredentialsImpl(
-                    CredentialsScope.GLOBAL, getId(), null, StringUtils.EMPTY, token.getToken());
+                    CredentialsScope.GLOBAL, getId(), null, StringUtils.EMPTY, token.getAccessToken());
         } catch (FormException e) {
             throw new RuntimeException(e);
         }

src/main/java/com/cloudbees/jenkins/plugins/bitbucket/api/credentials/BitbucketOAuthAuthenticatorSource.java

@@ -6,6 +6,7 @@
 import edu.umd.cs.findbugs.annotations.NonNull;
 import hudson.Extension;
 import jenkins.authentication.tokens.api.AuthenticationTokenContext;
+import jenkins.authentication.tokens.api.AuthenticationTokenException;
 import jenkins.authentication.tokens.api.AuthenticationTokenSource;
 
 
@@ -27,11 +28,12 @@ public BitbucketOAuthAuthenticatorSource() {
      *
      * @param standardUsernamePasswordCredentials the username/password combo
      * @return an authenticator that will use them.
+     * @throws AuthenticationTokenException if the specific credentials could not be converted.
      */
     @NonNull
     @Override
     public BitbucketOAuthAuthenticator convert(
-            @NonNull StandardUsernamePasswordCredentials standardUsernamePasswordCredentials) {
+            @NonNull StandardUsernamePasswordCredentials standardUsernamePasswordCredentials) throws AuthenticationTokenException {
         return new BitbucketOAuthAuthenticator(standardUsernamePasswordCredentials);
     }
 
@@ -43,7 +45,7 @@ public BitbucketOAuthAuthenticator convert(
      * @return whether this can authenticate given the context
      */
     @Override
-    public boolean isFit(AuthenticationTokenContext ctx) {
+    protected boolean isFit(AuthenticationTokenContext<? super BitbucketOAuthAuthenticator> ctx) {
         return ctx.mustHave(BitbucketAuthenticator.SCHEME, "https") && ctx.mustHave(
                 BitbucketAuthenticator.BITBUCKET_INSTANCE_TYPE, BitbucketAuthenticator.BITBUCKET_INSTANCE_TYPE_CLOUD);
     }