forked from nathanmarz/storm
-
Notifications
You must be signed in to change notification settings - Fork 0
/
AnonymousAuthenticationProvider.java
116 lines (99 loc) · 3.36 KB
/
AnonymousAuthenticationProvider.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
package backtype.storm.security.auth;
import java.io.IOException;
import java.util.Map;
import javax.security.auth.callback.CallbackHandler;
import javax.security.sasl.SaslClient;
import javax.security.sasl.SaslClientFactory;
import javax.security.sasl.SaslServerFactory;
import javax.security.sasl.SaslException;
import javax.security.sasl.SaslServer;
import com.google.common.annotations.VisibleForTesting;
public class AnonymousAuthenticationProvider extends java.security.Provider {
public AnonymousAuthenticationProvider() {
super("ThriftSaslAnonymous", 1.0, "Thrift Anonymous SASL provider");
put("SaslClientFactory.ANONYMOUS", SaslAnonymousFactory.class.getName());
put("SaslServerFactory.ANONYMOUS", SaslAnonymousFactory.class.getName());
}
public static class SaslAnonymousFactory implements SaslClientFactory, SaslServerFactory {
@Override
public SaslClient createSaslClient(
String[] mechanisms, String authorizationId, String protocol,
String serverName, Map<String,?> props, CallbackHandler cbh)
{
for (String mech : mechanisms) {
if ("ANONYMOUS".equals(mech)) {
return new AnonymousClient(authorizationId);
}
}
return null;
}
@Override
public SaslServer createSaslServer(
String mechanism, String protocol, String serverName, Map<String,?> props, CallbackHandler cbh)
{
if ("ANONYMOUS".equals(mechanism)) {
return new AnonymousServer();
}
return null;
}
public String[] getMechanismNames(Map<String, ?> props) {
return new String[] { "ANONYMOUS" };
}
}
}
class AnonymousClient implements SaslClient {
@VisibleForTesting
final String username;
private boolean hasProvidedInitialResponse;
public AnonymousClient(String username) {
if (username == null) {
this.username = "anonymous";
} else {
this.username = username;
}
}
public String getMechanismName() { return "ANONYMOUS"; }
public boolean hasInitialResponse() { return true; }
public byte[] evaluateChallenge(byte[] challenge) throws SaslException {
if (hasProvidedInitialResponse) {
throw new SaslException("Already complete!");
}
try {
hasProvidedInitialResponse = true;
return username.getBytes("UTF-8");
} catch (IOException e) {
throw new SaslException(e.toString());
}
}
public boolean isComplete() { return hasProvidedInitialResponse; }
public byte[] unwrap(byte[] incoming, int offset, int len) {
throw new UnsupportedOperationException();
}
public byte[] wrap(byte[] outgoing, int offset, int len) {
throw new UnsupportedOperationException();
}
public Object getNegotiatedProperty(String propName) { return null; }
public void dispose() {}
}
class AnonymousServer implements SaslServer {
private String user;
public String getMechanismName() { return "ANONYMOUS"; }
public byte[] evaluateResponse(byte[] response) throws SaslException {
try {
this.user = new String(response, "UTF-8");
} catch (IOException e) {
throw new SaslException(e.toString());
}
return null;
}
public boolean isComplete() { return user != null; }
public String getAuthorizationID() { return user; }
public byte[] unwrap(byte[] incoming, int offset, int len) {
throw new UnsupportedOperationException();
}
public byte[] wrap(byte[] outgoing, int offset, int len) {
throw new UnsupportedOperationException();
}
public Object getNegotiatedProperty(String propName) { return null; }
public void dispose() {}
}