Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #11 from scoheb/ssl-cert
Update to support SSL certificate authentication.
- Loading branch information
Showing
26 changed files
with
694 additions
and
170 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
58 changes: 58 additions & 0 deletions
58
src/main/java/com/redhat/jenkins/plugins/ci/authentication/AuthenticationMethod.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,58 @@ | ||
package com.redhat.jenkins.plugins.ci.authentication; | ||
|
||
import hudson.ExtensionList; | ||
import hudson.model.Describable; | ||
import hudson.model.Descriptor; | ||
|
||
import java.io.Serializable; | ||
import java.net.URI; | ||
import java.net.URISyntaxException; | ||
import java.util.logging.Level; | ||
import java.util.logging.Logger; | ||
|
||
import jenkins.model.Jenkins; | ||
|
||
/* | ||
* The MIT License | ||
* | ||
* Copyright (c) Red Hat, Inc. | ||
* | ||
* Permission is hereby granted, free of charge, to any person obtaining a copy | ||
* of this software and associated documentation files (the "Software"), to deal | ||
* in the Software without restriction, including without limitation the rights | ||
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | ||
* copies of the Software, and to permit persons to whom the Software is | ||
* furnished to do so, subject to the following conditions: | ||
* | ||
* The above copyright notice and this permission notice shall be included in | ||
* all copies or substantial portions of the Software. | ||
* | ||
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR | ||
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | ||
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE | ||
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER | ||
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, | ||
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN | ||
* THE SOFTWARE. | ||
*/ | ||
public abstract class AuthenticationMethod implements Describable<AuthenticationMethod>, Serializable { | ||
|
||
private static final long serialVersionUID = -6077120270692721571L; | ||
private transient static final Logger log = Logger.getLogger(AuthenticationMethod.class.getName()); | ||
|
||
public abstract static class AuthenticationMethodDescriptor extends Descriptor<AuthenticationMethod> { | ||
public static ExtensionList<AuthenticationMethodDescriptor> all() { | ||
return Jenkins.getInstance().getExtensionList(AuthenticationMethodDescriptor.class); | ||
} | ||
|
||
public static boolean isValidURL(String url) { | ||
try { | ||
new URI(url); | ||
} catch (URISyntaxException e) { | ||
log.log(Level.SEVERE, "URISyntaxException, returning false."); | ||
return false; | ||
} | ||
return true; | ||
} | ||
} | ||
} |
35 changes: 35 additions & 0 deletions
35
...a/com/redhat/jenkins/plugins/ci/authentication/activemq/ActiveMQAuthenticationMethod.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,35 @@ | ||
package com.redhat.jenkins.plugins.ci.authentication.activemq; | ||
|
||
import org.apache.activemq.ActiveMQConnectionFactory; | ||
|
||
import com.redhat.jenkins.plugins.ci.authentication.AuthenticationMethod; | ||
|
||
/* | ||
* The MIT License | ||
* | ||
* Copyright (c) Red Hat, Inc. | ||
* | ||
* Permission is hereby granted, free of charge, to any person obtaining a copy | ||
* of this software and associated documentation files (the "Software"), to deal | ||
* in the Software without restriction, including without limitation the rights | ||
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | ||
* copies of the Software, and to permit persons to whom the Software is | ||
* furnished to do so, subject to the following conditions: | ||
* | ||
* The above copyright notice and this permission notice shall be included in | ||
* all copies or substantial portions of the Software. | ||
* | ||
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR | ||
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | ||
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE | ||
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER | ||
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, | ||
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN | ||
* THE SOFTWARE. | ||
*/ | ||
public abstract class ActiveMQAuthenticationMethod extends AuthenticationMethod { | ||
|
||
private static final long serialVersionUID = -6077120270692721571L; | ||
|
||
public abstract ActiveMQConnectionFactory getConnectionFactory(String broker); | ||
} |
162 changes: 162 additions & 0 deletions
162
...redhat/jenkins/plugins/ci/authentication/activemq/SSLCertificateAuthenticationMethod.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,162 @@ | ||
package com.redhat.jenkins.plugins.ci.authentication.activemq; | ||
|
||
import hudson.Extension; | ||
import hudson.model.Descriptor; | ||
import hudson.util.FormValidation; | ||
import hudson.util.Secret; | ||
|
||
import java.util.logging.Level; | ||
import java.util.logging.Logger; | ||
|
||
import javax.jms.Connection; | ||
import javax.jms.Session; | ||
import javax.servlet.ServletException; | ||
|
||
import jenkins.model.Jenkins; | ||
import net.sf.json.JSONObject; | ||
|
||
import org.apache.activemq.ActiveMQSslConnectionFactory; | ||
import org.apache.commons.lang3.StringUtils; | ||
import org.kohsuke.stapler.DataBoundConstructor; | ||
import org.kohsuke.stapler.QueryParameter; | ||
import org.kohsuke.stapler.StaplerRequest; | ||
|
||
import com.redhat.jenkins.plugins.ci.Messages; | ||
import com.redhat.jenkins.plugins.ci.authentication.AuthenticationMethod; | ||
|
||
/* | ||
* The MIT License | ||
* | ||
* Copyright (c) Red Hat, Inc. | ||
* | ||
* Permission is hereby granted, free of charge, to any person obtaining a copy | ||
* of this software and associated documentation files (the "Software"), to deal | ||
* in the Software without restriction, including without limitation the rights | ||
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | ||
* copies of the Software, and to permit persons to whom the Software is | ||
* furnished to do so, subject to the following conditions: | ||
* | ||
* The above copyright notice and this permission notice shall be included in | ||
* all copies or substantial portions of the Software. | ||
* | ||
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR | ||
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | ||
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE | ||
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER | ||
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, | ||
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN | ||
* THE SOFTWARE. | ||
*/ | ||
public class SSLCertificateAuthenticationMethod extends ActiveMQAuthenticationMethod { | ||
private static final long serialVersionUID = -5934219869726669459L; | ||
private transient static final Logger log = Logger.getLogger(SSLCertificateAuthenticationMethod.class.getName()); | ||
|
||
private String keystore; | ||
private Secret keypwd = Secret.fromString(""); | ||
private String truststore; | ||
private Secret trustpwd = Secret.fromString(""); | ||
|
||
@DataBoundConstructor | ||
public SSLCertificateAuthenticationMethod(String keystore, Secret keypwd, String truststore, Secret trustpwd) { | ||
this.setKeystore(keystore); | ||
this.setKeypwd(keypwd); | ||
this.setTruststore(truststore); | ||
this.setTrustpwd(trustpwd); | ||
} | ||
|
||
public String getKeystore() { | ||
return keystore; | ||
} | ||
|
||
public void setKeystore(String keystore) { | ||
this.keystore = keystore; | ||
} | ||
|
||
public Secret getKeypwd() { | ||
return keypwd; | ||
} | ||
|
||
public void setKeypwd(Secret password) { | ||
this.keypwd = password; | ||
} | ||
|
||
public String getTruststore() { | ||
return truststore; | ||
} | ||
|
||
public void setTruststore(String truststore) { | ||
this.truststore = truststore; | ||
} | ||
|
||
public Secret getTrustpwd() { | ||
return trustpwd; | ||
} | ||
|
||
public void setTrustpwd(Secret trustpwd) { | ||
this.trustpwd = trustpwd; | ||
} | ||
|
||
@Override | ||
public ActiveMQSslConnectionFactory getConnectionFactory(String broker) { | ||
try { | ||
ActiveMQSslConnectionFactory connectionFactory = new ActiveMQSslConnectionFactory(broker); | ||
connectionFactory.setKeyStore(getKeystore()); | ||
connectionFactory.setKeyStorePassword(Secret.toString(getKeypwd())); | ||
connectionFactory.setTrustStore(getTruststore()); | ||
connectionFactory.setTrustStorePassword(Secret.toString(getTrustpwd())); | ||
return connectionFactory; | ||
} catch (Exception e) { | ||
log.log(Level.SEVERE, "Unhandled exception creating connection factory.", e);; | ||
} | ||
return null; | ||
} | ||
|
||
@Override | ||
public Descriptor<AuthenticationMethod> getDescriptor() { | ||
return Jenkins.getInstance().getDescriptorByType(SSLCertificateAuthenticationMethodDescriptor.class); | ||
} | ||
|
||
@Extension | ||
public static class SSLCertificateAuthenticationMethodDescriptor extends AuthenticationMethodDescriptor { | ||
|
||
@Override | ||
public String getDisplayName() { | ||
return "SSL certificate"; | ||
} | ||
|
||
@Override | ||
public SSLCertificateAuthenticationMethod newInstance(StaplerRequest sr, JSONObject jo) { | ||
return new SSLCertificateAuthenticationMethod(jo.getString("keystore"), Secret.fromString(jo.getString("keypwd")), | ||
jo.getString("truststore"), Secret.fromString(jo.getString("trustpwd"))); | ||
} | ||
|
||
public String getConfigPage() { | ||
return "sslcert.jelly"; | ||
} | ||
|
||
public FormValidation doTestConnection(@QueryParameter("broker") String broker, | ||
@QueryParameter("keystore") String keystore, | ||
@QueryParameter("keypwd") String keypwd, | ||
@QueryParameter("truststore") String truststore, | ||
@QueryParameter("trustpwd") String trustpwd) throws ServletException { | ||
broker = StringUtils.strip(StringUtils.stripToNull(broker), "/"); | ||
if (broker != null && isValidURL(broker)) { | ||
try { | ||
SSLCertificateAuthenticationMethod sam = new SSLCertificateAuthenticationMethod(keystore, Secret.fromString(keypwd), truststore, Secret.fromString(trustpwd)); | ||
ActiveMQSslConnectionFactory connectionFactory = sam.getConnectionFactory(broker); | ||
Connection connection = connectionFactory.createConnection(); | ||
connection.start(); | ||
Session session = connection.createSession(false, Session.AUTO_ACKNOWLEDGE); | ||
session.close(); | ||
connection.close(); | ||
return FormValidation.ok(Messages.SuccessBrokerConnect(broker)); | ||
} catch (Exception e) { | ||
log.log(Level.SEVERE, "Unhandled exception in SSLCertificateAuthenticationMethod.doTestConnection: ", e); | ||
return FormValidation.error(Messages.Error() + ": " + e); | ||
} | ||
} else { | ||
return FormValidation.error(Messages.InvalidURI()); | ||
} | ||
} | ||
} | ||
} |
Oops, something went wrong.