Skip to content

Commit

Permalink
[ELY-1719] Develop an alternative to 'wildfly-elytron-sasl-deprecated'
Browse files Browse the repository at this point in the history
  • Loading branch information
@fjuma
fjuma committed Jan 2, 2019
1 parent 79e9910 commit 6c1d927
Show file tree
Hide file tree
Showing 12 changed files with 386 additions and 2 deletions.
6 changes: 6 additions & 0 deletions pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -527,6 +527,11 @@
<artifactId>wildfly-elytron-sasl-anonymous</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.wildfly.security</groupId>
<artifactId>wildfly-elytron-sasl-auth-util</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.wildfly.security</groupId>
<artifactId>wildfly-elytron-sasl-deprecated</artifactId>
Expand Down Expand Up @@ -1205,6 +1210,7 @@
<module>wildfly-elytron-realm-token</module>
<module>wildfly-elytron-sasl</module>
<module>wildfly-elytron-sasl-anonymous</module>
<module>wildfly-elytron-sasl-auth-util</module>
<module>wildfly-elytron-sasl-deprecated</module>
<module>wildfly-elytron-sasl-digest</module>
<module>wildfly-elytron-sasl-entity</module>
Expand Down
69 changes: 69 additions & 0 deletions wildfly-elytron-sasl-auth-util/pom.xml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,69 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ JBoss, Home of Professional Open Source.
~ Copyright 2018 Red Hat, Inc., and individual contributors
~ as indicated by the @author tags.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->

<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">

<parent>
<groupId>org.wildfly.security</groupId>
<artifactId>wildfly-elytron-parent</artifactId>
<version>1.8.0.Alpha1-SNAPSHOT</version>
</parent>

<modelVersion>4.0.0</modelVersion>

<artifactId>wildfly-elytron-sasl-auth-util</artifactId>

<name>WildFly Elytron - SASL Auth Utility Classes</name>
<description>WildFly Security SASL Auth Utility Classes</description>

<dependencies>
<dependency>
<groupId>org.wildfly.security</groupId>
<artifactId>wildfly-elytron-client</artifactId>
</dependency>
<dependency>
<groupId>org.wildfly.security</groupId>
<artifactId>wildfly-elytron-sasl</artifactId>
</dependency>

<dependency>
<groupId>org.jboss.logging</groupId>
<artifactId>jboss-logging</artifactId>
</dependency>
<dependency>
<groupId>org.jboss.logging</groupId>
<artifactId>jboss-logging-annotations</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.jboss.logging</groupId>
<artifactId>jboss-logging-processor</artifactId>
<scope>provided</scope>
</dependency>

<dependency>
<groupId>org.wildfly.common</groupId>
<artifactId>wildfly-common</artifactId>
</dependency>

</dependencies>

</project>
69 changes: 69 additions & 0 deletions ...il/src/main/java/org/wildfly/security/sasl/auth/util/AuthenticationContextSaslClient.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,69 @@
/*
* JBoss, Home of Professional Open Source.
* Copyright 2014 Red Hat, Inc., and individual contributors
* as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

package org.wildfly.security.sasl.auth.util;

import javax.security.sasl.SaslClient;
import javax.security.sasl.SaslException;

import org.wildfly.security.auth.client.AuthenticationContext;
import org.wildfly.security.sasl.util.AbstractDelegatingSaslClient;

/**
* A delegating {@link SaslClient} which establishes a specific {@link AuthenticationContext} for the duration
* of the authentication process.
*
* @author <a href="mailto:david.lloyd@redhat.com">David M. Lloyd</a>
*/
public final class AuthenticationContextSaslClient extends AbstractDelegatingSaslClient {

private AuthenticationContext context;

/**
* Construct a new instance.
*
* @param delegate the delegate SASL client
* @param context the authentication context to use
*/
public AuthenticationContextSaslClient(final SaslClient delegate, final AuthenticationContext context) {
super(delegate);
this.context = context;
}

/**
* Construct a new instance.
*
* @param delegate the delegate SASL client
*/
public AuthenticationContextSaslClient(final SaslClient delegate) {
super(delegate);
context = AuthenticationContext.captureCurrent();
}

public byte[] evaluateChallenge(final byte[] challenge) throws SaslException {
return context.runExBiFunction(SaslClient::evaluateChallenge, delegate, challenge);
}

public void dispose() throws SaslException {
try {
super.dispose();
} finally {
context = null;
}
}
}
88 changes: 88 additions & 0 deletions ...main/java/org/wildfly/security/sasl/auth/util/AuthenticationContextSaslClientFactory.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,88 @@
/*
* JBoss, Home of Professional Open Source.
* Copyright 2014 Red Hat, Inc., and individual contributors
* as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

package org.wildfly.security.sasl.auth.util;

import java.util.Map;

import javax.security.auth.callback.CallbackHandler;
import javax.security.sasl.SaslClient;
import javax.security.sasl.SaslClientFactory;
import javax.security.sasl.SaslException;

import org.wildfly.common.math.HashMath;
import org.wildfly.security.auth.client.AuthenticationContext;
import org.wildfly.security.sasl.util.AbstractDelegatingSaslClientFactory;

/**
* A delegating {@link SaslClientFactory} which establishes a specific {@link AuthenticationContext} for the duration
* of the authentication process.
*
* @author <a href="mailto:david.lloyd@redhat.com">David M. Lloyd</a>
*/
public final class AuthenticationContextSaslClientFactory extends AbstractDelegatingSaslClientFactory {
private final AuthenticationContext context;

/**
* Construct a new instance.
*
* @param delegate the delegate SASL client factory
*/
public AuthenticationContextSaslClientFactory(final SaslClientFactory delegate) {
super(delegate);
context = AuthenticationContext.captureCurrent();
}

/**
* Construct a new instance.
*
* @param delegate the delegate SASL client factory
* @param context the authentication context to use
*/
public AuthenticationContextSaslClientFactory(final SaslClientFactory delegate, final AuthenticationContext context) {
super(delegate);
this.context = context;
}

public SaslClient createSaslClient(final String[] mechanisms, final String authorizationId, final String protocol, final String serverName, final Map<String, ?> props, final CallbackHandler cbh) throws SaslException {
final SaslClient delegate = super.createSaslClient(mechanisms, authorizationId, protocol, serverName, props, cbh);
if (delegate == null) {
return null;
}
return new AuthenticationContextSaslClient(delegate, context);
}

@SuppressWarnings("checkstyle:equalshashcode")
public boolean equals(final Object other) {
return other instanceof AuthenticationContextSaslClientFactory && equals((AuthenticationContextSaslClientFactory) other);
}

@SuppressWarnings("checkstyle:equalshashcode")
public boolean equals(final AbstractDelegatingSaslClientFactory other) {
return other instanceof AuthenticationContextSaslClientFactory && equals((AuthenticationContextSaslClientFactory) other);
}

@SuppressWarnings("checkstyle:equalshashcode")
public boolean equals(final AuthenticationContextSaslClientFactory other) {
return super.equals(other) && context.equals(other.context);
}

protected int calculateHashCode() {
return HashMath.multiHashOrdered(HashMath.multiHashOrdered(super.calculateHashCode(), getClass().hashCode()), context.hashCode());
}
}
72 changes: 72 additions & 0 deletions ...il/src/main/java/org/wildfly/security/sasl/auth/util/AuthenticationContextSaslServer.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,72 @@
/*
* JBoss, Home of Professional Open Source.
* Copyright 2014 Red Hat, Inc., and individual contributors
* as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

package org.wildfly.security.sasl.auth.util;

import javax.security.sasl.SaslException;
import javax.security.sasl.SaslServer;

import org.wildfly.common.function.ExceptionUnaryOperator;
import org.wildfly.security.auth.client.AuthenticationContext;
import org.wildfly.security.sasl.util.AbstractDelegatingSaslServer;

/**
* A delegating {@link SaslServer} which establishes a specific {@link AuthenticationContext} for the duration
* of the authentication process.
*
* @author <a href="mailto:david.lloyd@redhat.com">David M. Lloyd</a>
*/
public final class AuthenticationContextSaslServer extends AbstractDelegatingSaslServer {

private AuthenticationContext context;
private ExceptionUnaryOperator<byte[], SaslException> responseAction = delegate::evaluateResponse;

/**
* Construct a new instance.
*
* @param delegate the delegate SASL server
* @param context the authentication context to use
*/
public AuthenticationContextSaslServer(final SaslServer delegate, final AuthenticationContext context) {
super(delegate);
this.context = context;
}

/**
* Construct a new instance.
*
* @param delegate the delegate SASL server
*/
public AuthenticationContextSaslServer(final SaslServer delegate) {
super(delegate);
context = AuthenticationContext.captureCurrent();
}

public byte[] evaluateResponse(final byte[] response) throws SaslException {
return context.runExFunction(responseAction, response);
}

public void dispose() throws SaslException {
try {
super.dispose();
} finally {
context = null;
responseAction = null;
}
}
}
68 changes: 68 additions & 0 deletions ...main/java/org/wildfly/security/sasl/auth/util/AuthenticationContextSaslServerFactory.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,68 @@
/*
* JBoss, Home of Professional Open Source.
* Copyright 2014 Red Hat, Inc., and individual contributors
* as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

package org.wildfly.security.sasl.auth.util;

import java.util.Map;

import javax.security.auth.callback.CallbackHandler;
import javax.security.sasl.SaslServer;
import javax.security.sasl.SaslServerFactory;
import javax.security.sasl.SaslException;

import org.wildfly.security.auth.client.AuthenticationContext;
import org.wildfly.security.sasl.util.AbstractDelegatingSaslServerFactory;

/**
* A delegating {@link SaslServerFactory} which establishes a specific {@link AuthenticationContext} for the duration
* of the authentication process.
*
* @author <a href="mailto:david.lloyd@redhat.com">David M. Lloyd</a>
*/
public final class AuthenticationContextSaslServerFactory extends AbstractDelegatingSaslServerFactory {
private final AuthenticationContext context;

/**
* Construct a new instance.
*
* @param delegate the delegate SASL server factory
*/
public AuthenticationContextSaslServerFactory(final SaslServerFactory delegate) {
super(delegate);
context = AuthenticationContext.captureCurrent();
}

/**
* Construct a new instance.
*
* @param delegate the delegate SASL server factory
* @param context the authentication context to use
*/
public AuthenticationContextSaslServerFactory(final SaslServerFactory delegate, final AuthenticationContext context) {
super(delegate);
this.context = context;
}

public SaslServer createSaslServer(final String mechanism, final String protocol, final String serverName, final Map<String, ?> props, final CallbackHandler cbh) throws SaslException {
final SaslServer delegate = super.createSaslServer(mechanism, protocol, serverName, props, cbh);
if (delegate == null) {
return null;
}
return new AuthenticationContextSaslServer(delegate, context);
}
}

0 comments on commit 6c1d927

Please sign in to comment.