Skip to content

Commit

Permalink
Merge pull request #559 from darranl/ELY-764
Browse files Browse the repository at this point in the history 
[ELY-764] Allow the protocol to be specified.
  • Loading branch information
@fjuma
fjuma committed Nov 17, 2016
2 parents c428ae7 + 6e86fe0 commit f7d7cb0
Show file tree
Hide file tree
Showing 5 changed files with 85 additions and 3 deletions.
34 changes: 32 additions & 2 deletions src/main/java/org/wildfly/security/auth/client/AuthenticationConfiguration.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -73,6 +73,7 @@
import org.wildfly.security.password.interfaces.ClearPassword;
import org.wildfly.security.sasl.util.FilterMechanismSaslClientFactory;
import org.wildfly.security.sasl.util.PropertiesSaslClientFactory;
import org.wildfly.security.sasl.util.ProtocolSaslClientFactory;
import org.wildfly.security.sasl.util.SecurityProviderSaslClientFactory;
import org.wildfly.security.sasl.util.ServerNameSaslClientFactory;
import org.wildfly.security.ssl.CipherSuiteSelector;
Expand Down Expand Up @@ -134,6 +135,10 @@ String getHost() {
return null;
}

String getProtocol() {
return null;
}

int getPort() {
return -1;
}
Expand Down Expand Up @@ -221,6 +226,10 @@ String getHost() {
return parent.getHost();
}

String getProtocol() {
return parent.getProtocol();
}

int getPort() {
return parent.getPort();
}
Expand Down Expand Up @@ -305,7 +314,9 @@ AuthenticationConfiguration without(Class<?> clazz) {
}

AuthenticationConfiguration without(Class<?> clazz1, Class<?> clazz2) {
if (clazz1.isInstance(this) || clazz2.isInstance(this)) return parent;
if (clazz1.isInstance(this) && clazz2.isInstance(this)) return parent;
if (clazz1.isInstance(this)) return parent.without(clazz2);
if (clazz2.isInstance(this)) return parent.without(clazz1);
AuthenticationConfiguration newParent = parent.without(clazz1, clazz2);
if (parent == newParent) return this;
return reparent(newParent);
Expand Down Expand Up @@ -620,10 +631,25 @@ public final AuthenticationConfiguration useTrustManager(X509TrustManager trustM
* @return the new configuration
*/
public final AuthenticationConfiguration useHost(String hostName) {
if (hostName != null && hostName.isEmpty()) hostName = null;
if (hostName == null || hostName.isEmpty()) {
return without(SetHostAuthenticationConfiguration.class);
}
return new SetHostAuthenticationConfiguration(this, hostName);
}

/**
* Create a new configuration which is the same as this configuration, but which specifies a different protocol to be passed to the authentication mechanisms.
*
* @param protocol the protocol to pass to the authentication mechanisms.
* @return the new configuration
*/
public final AuthenticationConfiguration useProtocol(String protocol) {
if (protocol == null || protocol.isEmpty()) {
return without(SetProtocolAuthenticationConfiguration.class);
}
return new SetProtocolAuthenticationConfiguration(this, protocol);
}

/**
* Create a new configuration which is the same as this configuration, but which connects to a different port.
*
Expand Down Expand Up @@ -808,6 +834,10 @@ private SaslClientFactory getSaslClientFactory() {
if (host != null) {
saslClientFactory = new ServerNameSaslClientFactory(saslClientFactory, host);
}
String protocol = getProtocol();
if (protocol != null) {
saslClientFactory = new ProtocolSaslClientFactory(saslClientFactory, protocol);
}
saslClientFactory = new FilterMechanismSaslClientFactory(saslClientFactory, this::filterOneSaslMechanism);

this.saslClientFactory = saslClientFactory;
Expand Down
9 changes: 8 additions & 1 deletion src/main/java/org/wildfly/security/auth/client/ElytronXmlParser.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -606,6 +606,13 @@ static ExceptionUnaryOperator<RuleNode<AuthenticationConfiguration>, GeneralSecu
configuration = andThenOp(configuration, parentConfig -> parentConfig.useSaslClientFactory(new ServiceLoaderSaslClientFactory(module.getClassLoader())));
break;
}
case "set-protocol": {
if (isSet(foundBits, 14)) throw reader.unexpectedElement();
foundBits = setBit(foundBits, 14);
final String protocol = parseNameType(reader);
configuration = andThenOp(configuration, parentConfig -> parentConfig.useProtocol(protocol));
break;
}
default: {
throw reader.unexpectedElement();
}
Expand Down Expand Up @@ -1545,7 +1552,7 @@ public X509CertificateChainPrivateCredential create() throws GeneralSecurityExce
final KeyStore.Entry entry = entrySecurityFactory.create();
if (entry instanceof KeyStore.PrivateKeyEntry) {
final KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) entry;
final X509Certificate[] certificateChain = X500.asX509CertificateArray((Object[])privateKeyEntry.getCertificateChain());
final X509Certificate[] certificateChain = X500.asX509CertificateArray(privateKeyEntry.getCertificateChain());
return new X509CertificateChainPrivateCredential(privateKeyEntry.getPrivateKey(), certificateChain);
}
throw xmlLog.invalidKeyStoreEntryType("unknown", KeyStore.PrivateKeyEntry.class, entry.getClass());
Expand Down
43 changes: 43 additions & 0 deletions src/main/java/org/wildfly/security/auth/client/SetProtocolAuthenticationConfiguration.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
/*
* JBoss, Home of Professional Open Source.
* Copyright 2016 Red Hat, Inc., and individual contributors
* as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.wildfly.security.auth.client;

/**
* An {@link AuthenticationConfiguration} that sets the protocol reported to the authentication mechanisms.
*
* @author <a href="mailto:darran.lofthouse@jboss.com">Darran Lofthouse</a>
*/
public class SetProtocolAuthenticationConfiguration extends AuthenticationConfiguration {

private final String protocol;
SetProtocolAuthenticationConfiguration(final AuthenticationConfiguration parent, final String protocol) {
super(parent);
this.protocol = protocol;
}

@Override
String getProtocol() {
return protocol;
}

@Override
AuthenticationConfiguration reparent(AuthenticationConfiguration newParent) {
return new SetProtocolAuthenticationConfiguration(newParent, protocol);
}

}
1 change: 1 addition & 0 deletions src/main/resources/schema/elytron-1_0.xsd
View file
Original file line number Diff line number Diff line change
Expand Up @@ -147,6 +147,7 @@
<xsd:all>
<xsd:element name="set-host" type="name-type" minOccurs="0"/>
<xsd:element name="set-port" type="port-number-simple-type" minOccurs="0"/>
<xsd:element name="set-protocol" type="name-type" minOccurs="0"/>
<xsd:choice minOccurs="0">
<xsd:element name="set-user-name" type="name-type" minOccurs="0"/>
<xsd:element name="set-anonymous" type="empty-type" minOccurs="0"/>
Expand Down
1 change: 1 addition & 0 deletions src/test/java/org/wildfly/security/auth/client/XmlConfigurationTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,7 @@ public void testRuleConfiguration() throws Exception {
" <match-host name=\"test2\"/>\n" +
" <match-userinfo name=\"fred\"/>\n" +
" <set-host name=\"localhost\"/>\n" +
" <set-protocol name=\"HTTP\"/>\n" +
" <set-user-name name=\"jane\"/>\n" +
" <allow-all-sasl-mechanisms />\n" +
" <set-mechanism-realm name=\"mainRealm\"/>\n" +
Expand Down

0 comments on commit f7d7cb0

Please sign in to comment.