Recognise realm callback on digest server, and make authorize callbac…

…k the last
wildfly-security · Jul 20, 2015 · 101f986 · 101f986
1 parent 840c6b0
commit 101f986
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 5 deletions.
diff --git a/src/main/java/org/wildfly/security/auth/server/ServerAuthenticationContext.java b/src/main/java/org/wildfly/security/auth/server/ServerAuthenticationContext.java
@@ -36,6 +36,7 @@
 import javax.security.auth.callback.PasswordCallback;
 import javax.security.auth.callback.UnsupportedCallbackException;
 import javax.security.sasl.AuthorizeCallback;
+import javax.security.sasl.RealmCallback;
 import javax.security.sasl.SaslException;
 import javax.security.sasl.SaslServer;
 import javax.security.sasl.SaslServerFactory;
@@ -582,7 +583,6 @@ private void handleOne(final Callback[] callbacks, final int idx) throws IOExcep
                         throw new FastUnsupportedCallbackException(callback);
                     }
                     passwordCallback.setPassword(clearPasswordSpec.getEncodedPassword());
-
                     handleOne(callbacks, idx + 1);
                 } else if (callback instanceof CredentialCallback) {
                     final CredentialCallback credentialCallback = (CredentialCallback) callback;
@@ -625,6 +625,8 @@ private void handleOne(final Callback[] callbacks, final int idx) throws IOExcep
                 } else if (callback instanceof SecurityIdentityCallback) {
                     ((SecurityIdentityCallback) callback).setSecurityIdentity(getAuthorizedIdentity());
                     handleOne(callbacks, idx + 1);
+                } else if (callback instanceof RealmCallback) {
+                    handleOne(callbacks, idx + 1);
                 } else {
                     CallbackUtil.unsupported(callback);
                 }

diff --git a/src/main/java/org/wildfly/security/sasl/digest/DigestSaslServer.java b/src/main/java/org/wildfly/security/sasl/digest/DigestSaslServer.java
@@ -18,6 +18,15 @@
 
 package org.wildfly.security.sasl.digest;
 
+import static org.wildfly.security._private.ElytronMessages.log;
+import static org.wildfly.security.sasl.digest._private.DigestUtil.H_A1;
+import static org.wildfly.security.sasl.digest._private.DigestUtil.QOP_AUTH;
+import static org.wildfly.security.sasl.digest._private.DigestUtil.QOP_AUTH_CONF;
+import static org.wildfly.security.sasl.digest._private.DigestUtil.QOP_VALUES;
+import static org.wildfly.security.sasl.digest._private.DigestUtil.digestResponse;
+import static org.wildfly.security.sasl.digest._private.DigestUtil.messageDigestAlgorithm;
+import static org.wildfly.security.sasl.digest._private.DigestUtil.userRealmPasswordDigest;
+
 import java.nio.charset.Charset;
 import java.nio.charset.StandardCharsets;
 import java.security.MessageDigest;
@@ -39,9 +48,6 @@
 import org.wildfly.security.password.interfaces.DigestPassword;
 import org.wildfly.security.util.ByteStringBuilder;
 
-import static org.wildfly.security.sasl.digest._private.DigestUtil.*;
-import static org.wildfly.security._private.ElytronMessages.log;
-
 /**
  * @author <a href="mailto:pskopek@redhat.com">Peter Skopek</a>
  *
@@ -262,7 +268,7 @@ private byte[] validateDigestResponse(HashMap<String, byte[]> parsedDigestRespon
         try {
 
             // first try pre-digested credential
-            tryHandleCallbacks(realmCallback, nameCallback, authorizeCallback, credentialCallback);
+            tryHandleCallbacks(realmCallback, nameCallback, credentialCallback, authorizeCallback);
             DigestPassword password = (DigestPassword) credentialCallback.getCredential();
             digest_urp = password.getDigest();