Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Add OpenFire plugin to authenticate users against a token generated b…
…y TikiWiki CMS
  • Loading branch information
fabiomontefuscolo authored and guusdk committed May 18, 2017
1 parent 5dcd759 commit bbd0566
Show file tree
Hide file tree
Showing 12 changed files with 532 additions and 0 deletions.
20 changes: 20 additions & 0 deletions src/plugins/tikitoken/README.md
@@ -0,0 +1,20 @@
# Openfire TikiToken plugin

This project is a plugin for the [Openfire Realtime Collaboration Server](http://www.igniterealtime.org/projects/openfire/).

This plugin adds a SASL mechanism that allows users to authenticate against a token that is generated by an instance of [Tiki Wiki CMS GroupWare](https://tiki.org/).

## Building the source
To create an Openfire plugin from the source code in this project:

- Download a copy of the sources of this project into `PLUGINDIR`
- Download a copy of the [Openfire sources](https://github.com/igniterealtime/Openfire) into `OPENFIRE_SOURCE_DIR`
- From within `OPENFIRE_SOURCE_DIR` execute: `ant -f build/build.xml -Dplugin.src.dir=PLUGINDIR/.. -Dplugin=tikitoken openfire plugin`

## Installing the plugin

After a plugin JAR file has been created, place that file in the plugin directory of a running Openfire instance.
Openfire will automatically detect and activate the plugin.

More detailed usage instructions are available in the [readme](readme.html) file that is available as part of the source
code of this project.
54 changes: 54 additions & 0 deletions src/plugins/tikitoken/changelog.html
@@ -0,0 +1,54 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">

<html>
<head>
<title>TikiToken Plugin Changelog</title>
<style type="text/css">
BODY {
font-size : 100%;
}
BODY, TD, TH {
font-family : tahoma, verdana, arial, helvetica, sans-serif;
font-size : 0.8em;
}
H2 {
font-size : 10pt;
font-weight : bold;
}
A:hover {
text-decoration : none;
}
H1 {
font-family : tahoma, arial, helvetica, sans-serif;
font-size : 1.4em;
font-weight: bold;
border-bottom : 1px #ccc solid;
padding-bottom : 2px;
}
TT {
font-family : courier new;
font-weight : bold;
color : #060;
}
PRE {
font-family : courier new;
font-size : 100%;
}
</style>
</head>
<body>

<h1>TikiToken Plugin Changelog</h1>

<p><b>0.2</b> -- March 21, 2017</p>
<ul>
<li>Replaced AuthProvider-based approach by a SASL mechanism-based approach.</li>
</ul>

<p><b>0.1</b> -- March 19, 2017</p>
<ul>
<li>Initial release</li>
</ul>

</body>
</html>
Binary file added src/plugins/tikitoken/lib/genson-1.4.jar
Binary file not shown.
Binary file added src/plugins/tikitoken/logo_large.png
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added src/plugins/tikitoken/logo_small.png
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
11 changes: 11 additions & 0 deletions src/plugins/tikitoken/plugin.xml
@@ -0,0 +1,11 @@
<plugin>
<class>org.tiki.tikitoken.TikiTokenPlugin</class>
<name>TikiToken</name>
<description>Allows users to authenticate with a Tiki token.</description>
<author>Tiki Wiki CMS GroupWare</author>
<version>0.2</version>
<date>04/24/2017</date>
<url>https://dev.tiki.org/OpenFire</url>
<minServerVersion>4.1.3</minServerVersion>
<licenseType>gpl</licenseType>
</plugin>
77 changes: 77 additions & 0 deletions src/plugins/tikitoken/readme.html
@@ -0,0 +1,77 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">

<html>
<head>
<title>TikiToken Plugin Readme</title>
<style type="text/css">
BODY {
font-size : 100%;
}

BODY, TD, TH {
font-family : tahoma, verdana, arial, helvetica, sans-serif;
font-size : 0.8em;
}

H2 {
font-size : 10pt;
font-weight : bold;
}

A:hover {
text-decoration : none;
}

H1 {
font-family : tahoma, arial, helvetica, sans-serif;
font-size : 1.4em;
font-weight: bold;
border-bottom : 1px #ccc solid;
padding-bottom : 2px;
}

TT {
font-family : courier new;
font-weight : bold;
color : #060;
}

PRE {
font-family : courier new;
font-size : 100%;
}
</style>
</head>
<body>

<h1>
TikiToken Plugin Readme
</h1>

<h2>Overview</h2>
<p>
This plugin adds a SASL mechanism to Openfire that allows users to authenticate with a Tiki-generated access token.
</p>

<h2>Installation</h2>
<p>
Copy the plugin JAR file into the plugins directory of your Openfire installation. The plugin will then be
automatically deployed.
</p>

<h2>Upgrade</h2>
<p>
To upgrade to a new version, copy the new plugin JAR file into the plugins directory of your Openfire installation,
overwriting the JAR file from the previous version. Within a minute or so, Openfire will detect the new plugin,
unload the previous version and load the new version. You can verify that the new version has been loaded by
observing the plugin version number in the Openfire Admin Console.
</p>

<h2>Configuration</h2>
<p>
The base URL of the Tiki suite against which authentication is performed needs to be defined in a property named
<tt>org.tiki.tikitoken.baseUrl</tt>
</p>

</body>
</html>
@@ -0,0 +1,28 @@
package org.tiki.tikitoken;

import org.jivesoftware.openfire.container.Plugin;
import org.jivesoftware.openfire.container.PluginManager;
import org.jivesoftware.openfire.net.SASLAuthentication;

import java.io.File;
import java.security.Security;

/**
* An Openfire plugin that adds the TikiToken SASL mechanism.
*/
public class TikiTokenPlugin implements Plugin
{
@Override
public void initializePlugin( PluginManager manager, File pluginDirectory )
{
Security.addProvider( new TikiTokenSaslProvider() );
SASLAuthentication.addSupportedMechanism( TikiTokenSaslServer.MECHANISM_NAME );
}

@Override
public void destroyPlugin()
{
SASLAuthentication.removeSupportedMechanism( TikiTokenSaslServer.MECHANISM_NAME );
Security.removeProvider( TikiTokenSaslProvider.NAME );
}
}
@@ -0,0 +1,57 @@
package org.tiki.tikitoken;

import java.io.IOException;
import java.io.InputStream;
import java.net.MalformedURLException;
import java.net.URISyntaxException;
import java.net.URL;
import java.util.Map;
import java.util.Scanner;

import org.jivesoftware.util.JiveGlobals;

import com.owlike.genson.Genson;


public class TikiTokenQuery {
private final String DEFAULT_BASE_URL = "http://tikiconverse.docker/";
private String username;
private String token;

public TikiTokenQuery(String username, String token) {
this.username = username;
this.token = token;
}

public URL getUrl() throws MalformedURLException, URISyntaxException {
String baseAddress = JiveGlobals.getProperty("org.tiki.tikitoken.baseUrl", this.DEFAULT_BASE_URL);
String script = String.format("tiki-ajax_services.php?controller=xmpp&action=check_token&user=%s&token=%s", this.username, this.token);

URL baseUrl = new URL(baseAddress);
URL fullUrl = new URL(baseUrl, script);

return fullUrl;

}

public boolean isValid() {
String content = this.fetch();
Genson genson = new Genson();
Map<String, Boolean> root = genson.deserialize(content, Map.class);
return root.get("valid");
}

public String fetch() {
try {
URL url = this.getUrl();
InputStream stream = url.openStream();
Scanner s = new java.util.Scanner( stream ).useDelimiter( "\\A" );
String result = s.hasNext() ? s.next() : "";
s.close();
return result;
} catch (IOException | URISyntaxException e) {
e.printStackTrace();
}
return null;
}
}
@@ -0,0 +1,35 @@
package org.tiki.tikitoken;

import java.security.Provider;

/**
* A Provider implementation for a SASL mechanism that uses a Tiki token.
*
* This implementation makes use of a Tiki server for token validation.
*
* @see <a href="https://tools.ietf.org/html/rfc7628">RFC 7628</a>
*/
public class TikiTokenSaslProvider extends Provider
{
/**
* The provider name.
*/
public static final String NAME = "TikiSasl";

/**
* The provider version number.
*/
public static final double VERSION = 1.0;

/**
* A description of the provider and its services.
*/
public static final String INFO = "Provides a SASL mechanism that uses a Tiki instance to verify authentication tokens.";

public TikiTokenSaslProvider()
{
super( NAME, VERSION, INFO );

put( "SaslServerFactory." + TikiTokenSaslServer.MECHANISM_NAME, TikiTokenSaslServerFactory.class.getCanonicalName() );
}
}

0 comments on commit bbd0566

Please sign in to comment.