commit | author | age
|
04a985
|
1 |
/* |
JM |
2 |
* Copyright 2013 gitblit.com. |
|
3 |
* |
|
4 |
* Licensed under the Apache License, Version 2.0 (the "License"); |
|
5 |
* you may not use this file except in compliance with the License. |
|
6 |
* You may obtain a copy of the License at |
|
7 |
* |
|
8 |
* http://www.apache.org/licenses/LICENSE-2.0 |
|
9 |
* |
|
10 |
* Unless required by applicable law or agreed to in writing, software |
|
11 |
* distributed under the License is distributed on an "AS IS" BASIS, |
|
12 |
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
|
13 |
* See the License for the specific language governing permissions and |
|
14 |
* limitations under the License. |
|
15 |
*/ |
|
16 |
package com.gitblit.auth; |
|
17 |
|
|
18 |
import java.io.File; |
f6cbed
|
19 |
import java.math.BigInteger; |
04a985
|
20 |
|
46f61d
|
21 |
import javax.servlet.http.HttpServletRequest; |
JJ |
22 |
|
04a985
|
23 |
import org.slf4j.Logger; |
JM |
24 |
import org.slf4j.LoggerFactory; |
|
25 |
|
|
26 |
import com.gitblit.Constants.AccountType; |
6e3481
|
27 |
import com.gitblit.Constants.Role; |
46f61d
|
28 |
import com.gitblit.Constants.AuthenticationType; |
04a985
|
29 |
import com.gitblit.IStoredSettings; |
JM |
30 |
import com.gitblit.manager.IRuntimeManager; |
|
31 |
import com.gitblit.manager.IUserManager; |
|
32 |
import com.gitblit.models.TeamModel; |
|
33 |
import com.gitblit.models.UserModel; |
c1b0e4
|
34 |
import com.gitblit.utils.ArrayUtils; |
45ed92
|
35 |
import com.gitblit.utils.DeepCopier; |
c1b0e4
|
36 |
import com.gitblit.utils.StringUtils; |
04a985
|
37 |
|
JM |
38 |
public abstract class AuthenticationProvider { |
|
39 |
|
|
40 |
public static NullProvider NULL_PROVIDER = new NullProvider(); |
|
41 |
|
|
42 |
protected final Logger logger = LoggerFactory.getLogger(getClass()); |
|
43 |
|
|
44 |
protected final String serviceName; |
|
45 |
|
|
46 |
protected File baseFolder; |
|
47 |
|
|
48 |
protected IStoredSettings settings; |
|
49 |
|
|
50 |
protected IRuntimeManager runtimeManager; |
|
51 |
|
|
52 |
protected IUserManager userManager; |
|
53 |
|
|
54 |
protected AuthenticationProvider(String serviceName) { |
|
55 |
this.serviceName = serviceName; |
|
56 |
} |
|
57 |
|
|
58 |
/** |
|
59 |
* Returns the file object for the specified configuration key. |
|
60 |
* |
|
61 |
* @return the file |
|
62 |
*/ |
|
63 |
public File getFileOrFolder(String key, String defaultFileOrFolder) { |
|
64 |
return runtimeManager.getFileOrFolder(key, defaultFileOrFolder); |
|
65 |
} |
|
66 |
|
|
67 |
public final void setup(IRuntimeManager runtimeManager, IUserManager userManager) { |
|
68 |
this.baseFolder = runtimeManager.getBaseFolder(); |
|
69 |
this.settings = runtimeManager.getSettings(); |
|
70 |
this.runtimeManager = runtimeManager; |
|
71 |
this.userManager = userManager; |
|
72 |
setup(); |
|
73 |
} |
|
74 |
|
|
75 |
public String getServiceName() { |
|
76 |
return serviceName; |
|
77 |
} |
|
78 |
|
46f61d
|
79 |
public abstract AuthenticationType getAuthenticationType(); |
JJ |
80 |
|
c1b0e4
|
81 |
protected void setCookie(UserModel user, char [] password) { |
JM |
82 |
// create a user cookie |
|
83 |
if (StringUtils.isEmpty(user.cookie) && !ArrayUtils.isEmpty(password)) { |
|
84 |
user.cookie = StringUtils.getSHA1(user.username + new String(password)); |
|
85 |
} |
|
86 |
} |
|
87 |
|
04a985
|
88 |
protected void updateUser(UserModel userModel) { |
f6cbed
|
89 |
final UserModel userLocalDB = userManager.getUserModel(userModel.getName()); |
04a985
|
90 |
|
45ed92
|
91 |
// Establish the checksum of the current version of the user |
JM |
92 |
final BigInteger userCurrentCheck = DeepCopier.checksum(userModel); |
04a985
|
93 |
|
45ed92
|
94 |
// Establish the checksum of the stored version of the user |
JM |
95 |
final BigInteger userLocalDBcheck = DeepCopier.checksum(userLocalDB); |
|
96 |
|
|
97 |
// Compare the checksums |
|
98 |
if (!userCurrentCheck.equals(userLocalDBcheck)) { |
|
99 |
// If mismatch, save the new instance. |
|
100 |
userManager.updateUserModel(userModel); |
f6cbed
|
101 |
} |
04a985
|
102 |
} |
JM |
103 |
|
|
104 |
protected void updateTeam(TeamModel teamModel) { |
f6cbed
|
105 |
final TeamModel teamLocalDB = userManager.getTeamModel(teamModel.name); |
04a985
|
106 |
|
45ed92
|
107 |
// Establish the checksum of the current version of the team |
JM |
108 |
final BigInteger teamCurrentCheck = DeepCopier.checksum(teamModel); |
04a985
|
109 |
|
45ed92
|
110 |
// Establish the checksum of the stored version of the team |
JM |
111 |
final BigInteger teamLocalDBcheck = DeepCopier.checksum(teamLocalDB); |
|
112 |
|
|
113 |
// Compare the checksums |
|
114 |
if (!teamCurrentCheck.equals(teamLocalDBcheck)) { |
|
115 |
// If mismatch, save the new instance. |
|
116 |
userManager.updateTeamModel(teamModel); |
f6cbed
|
117 |
} |
04a985
|
118 |
} |
JM |
119 |
|
|
120 |
public abstract void setup(); |
|
121 |
|
6659fa
|
122 |
public abstract void stop(); |
JM |
123 |
|
46f61d
|
124 |
/** |
JJ |
125 |
* Used to handle requests for requests for pages requiring authentication. |
|
126 |
* This allows authentication to occur based on the contents of the request |
|
127 |
* itself. |
|
128 |
* |
|
129 |
* @param httpRequest |
|
130 |
* @return |
|
131 |
*/ |
|
132 |
public abstract UserModel authenticate(HttpServletRequest httpRequest); |
|
133 |
|
|
134 |
/** |
|
135 |
* Used to authentication user/password credentials, both for login form |
|
136 |
* and HTTP Basic authentication processing. |
|
137 |
* |
|
138 |
* @param username |
|
139 |
* @param password |
|
140 |
* @return |
|
141 |
*/ |
04a985
|
142 |
public abstract UserModel authenticate(String username, char[] password); |
JM |
143 |
|
|
144 |
public abstract AccountType getAccountType(); |
|
145 |
|
|
146 |
/** |
46f61d
|
147 |
* Returns true if the users's credentials can be changed. |
04a985
|
148 |
* |
46f61d
|
149 |
* @return true if the authentication provider supports credential changes |
04a985
|
150 |
* @since 1.0.0 |
JM |
151 |
*/ |
|
152 |
public abstract boolean supportsCredentialChanges(); |
|
153 |
|
|
154 |
/** |
|
155 |
* Returns true if the user's display name can be changed. |
|
156 |
* |
|
157 |
* @param user |
46f61d
|
158 |
* @return true if the authentication provider supports display name changes |
04a985
|
159 |
*/ |
JM |
160 |
public abstract boolean supportsDisplayNameChanges(); |
|
161 |
|
|
162 |
/** |
|
163 |
* Returns true if the user's email address can be changed. |
|
164 |
* |
|
165 |
* @param user |
46f61d
|
166 |
* @return true if the authentication provider supports email address changes |
04a985
|
167 |
*/ |
JM |
168 |
public abstract boolean supportsEmailAddressChanges(); |
|
169 |
|
|
170 |
/** |
|
171 |
* Returns true if the user's team memberships can be changed. |
|
172 |
* |
|
173 |
* @param user |
46f61d
|
174 |
* @return true if the authentication provider supports team membership changes |
04a985
|
175 |
*/ |
JM |
176 |
public abstract boolean supportsTeamMembershipChanges(); |
|
177 |
|
6e3481
|
178 |
/** |
JM |
179 |
* Returns true if the user's role can be changed. |
|
180 |
* |
|
181 |
* @param user |
|
182 |
* @param role |
|
183 |
* @return true if the user's role can be changed |
|
184 |
*/ |
|
185 |
public abstract boolean supportsRoleChanges(UserModel user, Role role); |
|
186 |
|
|
187 |
/** |
|
188 |
* Returns true if the team's role can be changed. |
|
189 |
* |
|
190 |
* @param user |
|
191 |
* @param role |
|
192 |
* @return true if the team's role can be changed |
|
193 |
*/ |
|
194 |
public abstract boolean supportsRoleChanges(TeamModel team, Role role); |
|
195 |
|
04a985
|
196 |
@Override |
JM |
197 |
public String toString() { |
|
198 |
return getServiceName() + " (" + getClass().getName() + ")"; |
|
199 |
} |
|
200 |
|
|
201 |
public abstract static class UsernamePasswordAuthenticationProvider extends AuthenticationProvider { |
|
202 |
protected UsernamePasswordAuthenticationProvider(String serviceName) { |
|
203 |
super(serviceName); |
|
204 |
} |
6659fa
|
205 |
|
46f61d
|
206 |
@Override |
JJ |
207 |
public UserModel authenticate(HttpServletRequest httpRequest) { |
|
208 |
return null; |
|
209 |
} |
|
210 |
|
|
211 |
@Override |
|
212 |
public AuthenticationType getAuthenticationType() { |
|
213 |
return AuthenticationType.CREDENTIALS; |
|
214 |
} |
|
215 |
|
6659fa
|
216 |
@Override |
JM |
217 |
public void stop() { |
|
218 |
|
|
219 |
} |
04a985
|
220 |
} |
JM |
221 |
|
|
222 |
public static class NullProvider extends AuthenticationProvider { |
|
223 |
|
|
224 |
protected NullProvider() { |
|
225 |
super("NULL"); |
|
226 |
} |
|
227 |
|
|
228 |
@Override |
|
229 |
public void setup() { |
|
230 |
|
|
231 |
} |
|
232 |
|
|
233 |
@Override |
6659fa
|
234 |
public void stop() { |
JM |
235 |
|
|
236 |
} |
|
237 |
|
|
238 |
@Override |
46f61d
|
239 |
public UserModel authenticate(HttpServletRequest httpRequest) { |
JJ |
240 |
return null; |
|
241 |
} |
|
242 |
|
|
243 |
@Override |
04a985
|
244 |
public UserModel authenticate(String username, char[] password) { |
JM |
245 |
return null; |
|
246 |
} |
|
247 |
|
|
248 |
@Override |
|
249 |
public AccountType getAccountType() { |
|
250 |
return AccountType.LOCAL; |
|
251 |
} |
|
252 |
|
|
253 |
@Override |
46f61d
|
254 |
public AuthenticationType getAuthenticationType() { |
JJ |
255 |
return null; |
|
256 |
} |
|
257 |
|
|
258 |
@Override |
04a985
|
259 |
public boolean supportsCredentialChanges() { |
d97ee9
|
260 |
return true; |
04a985
|
261 |
} |
JM |
262 |
|
|
263 |
@Override |
|
264 |
public boolean supportsDisplayNameChanges() { |
d97ee9
|
265 |
return true; |
04a985
|
266 |
} |
JM |
267 |
|
|
268 |
@Override |
|
269 |
public boolean supportsEmailAddressChanges() { |
d97ee9
|
270 |
return true; |
04a985
|
271 |
} |
JM |
272 |
|
|
273 |
@Override |
|
274 |
public boolean supportsTeamMembershipChanges() { |
d97ee9
|
275 |
return true; |
04a985
|
276 |
} |
6e3481
|
277 |
|
JM |
278 |
@Override |
|
279 |
public boolean supportsRoleChanges(UserModel user, Role role) { |
|
280 |
return true; |
|
281 |
} |
|
282 |
|
|
283 |
@Override |
|
284 |
public boolean supportsRoleChanges(TeamModel team, Role role) { |
|
285 |
return true; |
|
286 |
} |
|
287 |
|
04a985
|
288 |
} |
JM |
289 |
} |