Add Repository Bearer Authentication

Signed-off-by: Valentijn Scholten <[email protected]>

Author: valentijnscholten

src/main/java/org/dependencytrack/resources/v1/RepositoryResource.java

@@ -226,7 +226,6 @@ public Response createRepository(Repository jsonRepository) {
     })
     @PermissionRequired(Permissions.Constants.SYSTEM_CONFIGURATION)
     public Response updateRepository(Repository jsonRepository) {
-        System.out.println("repo update");
         final Validator validator = super.getValidator();
         failOnValidationError(validator.validateProperty(jsonRepository, "identifier"),
                 validator.validateProperty(jsonRepository, "url")
@@ -235,30 +234,24 @@ public Response updateRepository(Repository jsonRepository) {
         try (QueryManager qm = new QueryManager()) {
             Repository repository = qm.getObjectByUuid(Repository.class, jsonRepository.getUuid());
             if (repository != null) {
-                System.out.println("repo update inner");
                 final String url = StringUtils.trimToNull(jsonRepository.getUrl());
                 String msg = "password";
                 try {
-                    System.out.println("repo password decrypt");
                     // The password is not passed to the front-end, so it should only be overwritten if it is not null or not set to default value coming from ui
                     final String updatedPassword = jsonRepository.getPassword()!=null && !jsonRepository.getPassword().equals(ENCRYPTED_PLACEHOLDER)
                             ? DataEncryption.encryptAsString(jsonRepository.getPassword())
                             : repository.getPassword();
 
                     // The bearerToken is not passed to the front-end, so it should only be overwritten if it is not null or not set to default value coming from ui
-                    System.out.println("repo bearer decrypt");
                     msg = "bearerToken";
                     final String updatedBearerToken = jsonRepository.getBearerToken()!=null && !jsonRepository.getBearerToken().equals(ENCRYPTED_PLACEHOLDER)
                             ? DataEncryption.encryptAsString(jsonRepository.getBearerToken())
                             : repository.getBearerToken();
 
-                    System.out.println("repo update real");
                     repository = qm.updateRepository(jsonRepository.getUuid(), repository.getIdentifier(), url,
                             jsonRepository.isInternal(), jsonRepository.isAuthenticationRequired(), jsonRepository.getUsername(), updatedPassword, updatedBearerToken, jsonRepository.isEnabled());
-                    System.out.println("repo update done");
                     return Response.ok(repository).build();
                 } catch (Exception e) {
-                    e.printStackTrace(System.out);
                     return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity("The specified repository %s could not be encrypted.".formatted(msg)).build();
                 }
             } else {

src/test/java/org/dependencytrack/resources/v1/RepositoryResourceTest.java

@@ -289,7 +289,6 @@ public void updateRepositoryTest() throws Exception {
                     repository1.setAuthenticationRequired(false);
                     response = jersey.target(V1_REPOSITORY).request().header(X_API_KEY, apiKey)
                             .post(Entity.entity(repository1, MediaType.APPLICATION_JSON));
-                    System.out.println(response.readEntity(String.class));
                     Assert.assertEquals(200, response.getStatus());
                     break;
                 }