From 8fef1f8128b35e7378b8af1d9d76a731a74851c5 Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Thu, 29 Nov 2012 18:21:30 -0500
Subject: [PATCH] Track the authentication type in the session

---
 src/com/gitblit/GitBlit.java                  |   10 +++++++++-
 src/com/gitblit/wicket/GitBlitWebSession.java |    4 ++++
 src/com/gitblit/Constants.java                |   10 +++++++++-
 3 files changed, 22 insertions(+), 2 deletions(-)

diff --git a/src/com/gitblit/Constants.java b/src/com/gitblit/Constants.java
index cd6b070..4669c4c 100644
--- a/src/com/gitblit/Constants.java
+++ b/src/com/gitblit/Constants.java
@@ -397,7 +397,15 @@
 			return ordinal() > s.ordinal();
 		}
 	}
-	
+
+	public static enum AuthenticationType {
+		CREDENTIALS, COOKIE, CERTIFICATE;
+		
+		public boolean isStandard() {
+			return ordinal() <= COOKIE.ordinal();
+		}
+	}
+
 	@Documented
 	@Retention(RetentionPolicy.RUNTIME)
 	public @interface Unused {
diff --git a/src/com/gitblit/GitBlit.java b/src/com/gitblit/GitBlit.java
index c8deee1..6a3f98b 100644
--- a/src/com/gitblit/GitBlit.java
+++ b/src/com/gitblit/GitBlit.java
@@ -75,6 +75,7 @@
 
 import com.gitblit.Constants.AccessPermission;
 import com.gitblit.Constants.AccessRestrictionType;
+import com.gitblit.Constants.AuthenticationType;
 import com.gitblit.Constants.AuthorizationControl;
 import com.gitblit.Constants.FederationRequest;
 import com.gitblit.Constants.FederationStrategy;
@@ -107,6 +108,7 @@
 import com.gitblit.utils.ObjectCache;
 import com.gitblit.utils.StringUtils;
 import com.gitblit.utils.TimeUtils;
+import com.gitblit.wicket.GitBlitWebSession;
 import com.gitblit.wicket.WicketUtils;
 
 /**
@@ -569,6 +571,8 @@
 		UserModel model = HttpUtils.getUserModelFromCertificate(httpRequest, checkValidity, oids);
 		if (model != null) {
 			// grab real user model and preserve certificate serial number
+			GitBlitWebSession session = GitBlitWebSession.get();
+			session.authenticationType = AuthenticationType.CERTIFICATE;
 			UserModel user = getUserModel(model.username);
 			logger.info(MessageFormat.format("{0} authenticated by client certificate from {1}",
 					user.username, httpRequest.getRemoteAddr()));
@@ -580,7 +584,11 @@
 		if (allowCookieAuthentication() && cookies != null && cookies.length > 0) {
 			// Grab cookie from Browser Session
 			UserModel user = authenticate(cookies);
-			return user;
+			if (user != null) {
+				GitBlitWebSession session = GitBlitWebSession.get();
+				session.authenticationType = AuthenticationType.COOKIE;
+				return user;
+			}
 		}
 		return null;
 	}
diff --git a/src/com/gitblit/wicket/GitBlitWebSession.java b/src/com/gitblit/wicket/GitBlitWebSession.java
index 015d97a..5195a1f 100644
--- a/src/com/gitblit/wicket/GitBlitWebSession.java
+++ b/src/com/gitblit/wicket/GitBlitWebSession.java
@@ -29,6 +29,7 @@
 import org.apache.wicket.protocol.http.WebSession;
 import org.apache.wicket.protocol.http.request.WebClientInfo;
 
+import com.gitblit.Constants.AuthenticationType;
 import com.gitblit.models.UserModel;
 
 public final class GitBlitWebSession extends WebSession {
@@ -45,9 +46,12 @@
 	
 	private AtomicBoolean isForking;
 	
+	public AuthenticationType authenticationType;
+	
 	public GitBlitWebSession(Request request) {
 		super(request);
 		isForking = new AtomicBoolean();
+		authenticationType = AuthenticationType.CREDENTIALS;
 	}
 
 	public void invalidate() {

--
Gitblit v1.9.1