From e85703477073a1588cc96d034c7a759395bef9d7 Mon Sep 17 00:00:00 2001
From: Guus der Kinderen <guus.der.kinderen@gmail.com>
Date: Mon, 29 Jan 2024 20:30:21 +0100
Subject: [PATCH] fixes #5: Compatibility with Openfire 4.8.0

This commit addresses changes that are required for the plugin to be compatible with Openfire 4.8.0 and later.

As a result, this version of the plugin now requires Openfire 4.8.0 (or later).
---
 changelog.html                                |  4 ++-
 plugin.xml                                    |  6 ++---
 pom.xml                                       |  6 ++---
 .../openfire/handler/IQAuthHandler.java       | 26 +++++++++----------
 4 files changed, 22 insertions(+), 20 deletions(-)

diff --git a/changelog.html b/changelog.html
index e2ba41f..753a7bb 100644
--- a/changelog.html
+++ b/changelog.html
@@ -44,8 +44,10 @@ <h1>
     Non-SASL Authentication Plugin Changelog
 </h1>
 
-<p><b>1.0.2</b> -- To Be Determined</p>
+<p><b>1.1.0</b> -- To Be Determined</p>
 <ul>
+    <li>Requires Openfire 4.8.0 or later</li>
+    <li>[<a href='https://github.com/igniterealtime/openfire-nonSaslAuthentication-plugin/issues/5'>#5</a>] - Make compatible with Openfire 4.8.0</li>
 </ul>
 
 <p><b>1.0.1</b> -- November 21, 2023</p>
diff --git a/plugin.xml b/plugin.xml
index a12c5b9..0b4dbd0 100644
--- a/plugin.xml
+++ b/plugin.xml
@@ -3,9 +3,9 @@
 <plugin>
     <class>org.jivesoftware.openfire.plugin.NonSaslAuthenticationPlugin</class>
     <name>Non-SASL Authentication</name>
-    <description>This plugin implements a the (obsolete!) XEP-0078 specification for authentication using the jabber:iq:auth namespace.</description>
+    <description>This plugin implements the (obsolete!) XEP-0078 specification for authentication using the jabber:iq:auth namespace.</description>
     <author>Guus der Kinderen</author>
     <version>${project.version}</version>
-    <date>2023-11-21</date>
-    <minServerVersion>4.1.0</minServerVersion>
+    <date>2024-01-29</date>
+    <minServerVersion>4.8.0</minServerVersion>
 </plugin>
diff --git a/pom.xml b/pom.xml
index 07fd36f..cd5a4a0 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,13 +4,13 @@
     <parent>
         <artifactId>plugins</artifactId>
         <groupId>org.igniterealtime.openfire</groupId>
-        <version>4.3.0-beta</version>
+        <version>4.8.0</version>
     </parent>
     <groupId>org.igniterealtime.openfire.plugins</groupId>
     <artifactId>nonSaslAuthentication</artifactId>
-    <version>1.0.2-SNAPSHOT</version>
+    <version>1.1.0-SNAPSHOT</version>
     <name>non-SASL Authentication Plugin</name>
-    <description>This plugin implements a the (obsolete!) XEP-0078 specification for authentication using the jabber:iq:auth namespace.</description>
+    <description>This plugin implements the (obsolete!) XEP-0078 specification for authentication using the jabber:iq:auth namespace.</description>
 
     <developers>
         <developer>
diff --git a/src/java/org/jivesoftware/openfire/handler/IQAuthHandler.java b/src/java/org/jivesoftware/openfire/handler/IQAuthHandler.java
index f7adcec..a4feb17 100644
--- a/src/java/org/jivesoftware/openfire/handler/IQAuthHandler.java
+++ b/src/java/org/jivesoftware/openfire/handler/IQAuthHandler.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2005-2008 Jive Software. All rights reserved.
+ * Copyright (C) 2005-2008 Jive Software, 2024 Ignite Realtime Foundation. All rights reserved.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -54,7 +54,7 @@
 /**
  * Implements the TYPE_IQ jabber:iq:auth protocol (plain only). Clients
  * use this protocol to authenticate with the server. A 'get' query
- * runs an authentication probe with a given user name. Return the
+ * runs an authentication probe with a given username. Return the
  * authentication form or an error indicating the user is not
  * registered on the server.<p>
  *
@@ -74,8 +74,8 @@ public class IQAuthHandler extends IQHandler {
 
     private static final Logger Log = LoggerFactory.getLogger(IQAuthHandler.class);
 
-    private Element probeResponse;
-    private IQHandlerInfo info;
+    private final Element probeResponse;
+    private final IQHandlerInfo info;
 
     private String serverName;
     private UserManager userManager;
@@ -132,7 +132,7 @@ public IQ handleIQ(IQ packet) throws UnauthorizedException, PacketException {
                     // value we need to clean up the TO attribute and send directly the response.
                     // The TO attribute will contain an incorrect value since we are setting a fake
                     // JID until the user actually authenticates with the server.
-                    if (session.getStatus() != Session.STATUS_AUTHENTICATED) {
+                    if (session.getStatus() != Session.Status.AUTHENTICATED) {
                         response.setTo((JID)null);
                     }
                 }
@@ -141,7 +141,7 @@ public IQ handleIQ(IQ packet) throws UnauthorizedException, PacketException {
                     if (query.elements().isEmpty()) {
                         // Anonymous authentication
                         response = anonymousLogin(session, packet);
-                        resourceBound = session.getStatus() == Session.STATUS_AUTHENTICATED;
+                        resourceBound = session.getStatus() == Session.Status.AUTHENTICATED;
                     }
                     else {
                         String username = query.elementText("username");
@@ -153,9 +153,9 @@ public IQ handleIQ(IQ packet) throws UnauthorizedException, PacketException {
                         }
     
                         // If we're already logged in, this is a password reset
-                        if (session.getStatus() == Session.STATUS_AUTHENTICATED) {
+                        if (session.getStatus() == Session.Status.AUTHENTICATED) {
                             // Check that a new password has been specified
-                            if (password == null || password.trim().length() == 0) {
+                            if (password == null || password.trim().isEmpty()) {
                                 response = IQ.createResultIQ(packet);
                                 response.setError(PacketError.Condition.not_allowed);
                                 response.setType(IQ.Type.error);
@@ -179,7 +179,7 @@ else if (XMPPServer.getInstance().getAdmins()
                         else {
                             // it is an auth attempt
                             response = login(username, query, packet, password, session, digest);
-                            resourceBound = session.getStatus() == Session.STATUS_AUTHENTICATED;
+                            resourceBound = session.getStatus() == Session.Status.AUTHENTICATED;
                         }
                     }
                 }
@@ -213,7 +213,7 @@ else if (XMPPServer.getInstance().getAdmins()
     private IQ login(String username, Element iq, IQ packet, String password, LocalClientSession session, String digest)
             throws UnauthorizedException, UserNotFoundException, ConnectionException, InternalUnauthenticatedException {
         // Verify the validity of the username
-        if (username == null || username.trim().length() == 0) {
+        if (username == null || username.trim().isEmpty()) {
             throw new UnauthorizedException("Invalid username (empty or null).");
         }
         try {
@@ -228,7 +228,7 @@ private IQ login(String username, Element iq, IQ packet, String password, LocalC
             try {
                 resource = JID.resourceprep(resource);
             }
-            catch (StringprepException e) {
+            catch (IllegalArgumentException e) {
                 throw new UnauthorizedException("Invalid resource: " + resource, e);
             }
         }
@@ -298,7 +298,7 @@ private IQ passwordReset(String password, IQ packet, String username, Session se
     {
         IQ response;
         // Check if users can change their passwords and a password was specified
-        if (!registerHandler.canChangePassword() || password == null || password.length() == 0) {
+        if (!registerHandler.canChangePassword() || password == null || password.isEmpty()) {
             throw new UnauthorizedException();
         }
         else {
@@ -403,7 +403,7 @@ public static AuthToken authenticate(String username, String token, String diges
             throw new UnauthorizedException();
         }
         // Got this far, so the user must be authorized.
-        return new AuthToken(username);
+        return AuthToken.generateUserToken(username);
     }
 
 }