plugins/org.eclipse.emf.cdo.net4j/src/org/eclipse/emf/cdo/internal/net4j/protocol/CredentialsChallengeIndication.java - gerrit/cdo/cdo - Git at Google

 /*
  * Copyright (c) 2013, 2016 Eike Stepper (Loehne, Germany) and others.
  * All rights reserved. This program and the accompanying materials
  * are made available under the terms of the Eclipse Public License v1.0
  * which accompanies this distribution, and is available at
  * http://www.eclipse.org/legal/epl-v10.html
  *
  * Contributors:
  *    Eike Stepper - initial API and implementation
  *    Christian W. Damus (CEA LIST) - Adapted from AuthenticationIndication for 399306
  */
 package org.eclipse.emf.cdo.internal.net4j.protocol;

 import org.eclipse.emf.cdo.common.protocol.CDOProtocolConstants;
 import org.eclipse.emf.cdo.internal.net4j.bundle.OM;

 import org.eclipse.net4j.signal.IndicationWithMonitoring;
 import org.eclipse.net4j.signal.SignalProtocol;
 import org.eclipse.net4j.util.StringUtil;
 import org.eclipse.net4j.util.io.ExtendedDataInputStream;
 import org.eclipse.net4j.util.io.ExtendedDataOutputStream;
 import org.eclipse.net4j.util.om.monitor.OMMonitor;
 import org.eclipse.net4j.util.om.monitor.OMMonitor.Async;
 import org.eclipse.net4j.util.security.CredentialsUpdateOperation;
 import org.eclipse.net4j.util.security.DiffieHellman;
 import org.eclipse.net4j.util.security.DiffieHellman.Client.Response;
 import org.eclipse.net4j.util.security.DiffieHellman.Server.Challenge;
 import org.eclipse.net4j.util.security.IPasswordCredentialsProvider;
 import org.eclipse.net4j.util.security.IPasswordCredentialsUpdate;
 import org.eclipse.net4j.util.security.IPasswordCredentialsUpdateProvider;

 import org.eclipse.emf.spi.cdo.InternalCDOSession;

 import java.io.ByteArrayOutputStream;

 /**
  * Implementation of the CDO client handler for the server-initiated change-credentials protocol.
  *
  * @author Christian W. Damus (CEA LIST)
  */
 public class CredentialsChallengeIndication extends IndicationWithMonitoring
 {
   private Challenge challenge;

   private CredentialsUpdateOperation operation;

   private String userID;

   public CredentialsChallengeIndication(SignalProtocol<?> protocol)
   {
     super(protocol, CDOProtocolConstants.SIGNAL_CREDENTIALS_CHALLENGE);
   }

   @Override
   public CDOClientProtocol getProtocol()
   {
     return (CDOClientProtocol)super.getProtocol();
   }

   protected InternalCDOSession getSession()
   {
     return (InternalCDOSession)getProtocol().getSession();
   }

   @Override
   protected int getIndicatingWorkPercent()
   {
     return 1;
   }

   @Override
   protected void indicating(ExtendedDataInputStream in, OMMonitor monitor) throws Exception
   {
     operation = in.readEnum(CredentialsUpdateOperation.class);
     userID = in.readString(); // May be null if operation is not reset
     challenge = new Challenge(in);
   }

   @Override
   protected void responding(ExtendedDataOutputStream out, OMMonitor monitor) throws Exception
   {
     monitor.begin();
     Async async = monitor.forkAsync();

     try
     {
       IPasswordCredentialsProvider credentialsProvider = getSession().getCredentialsProvider();
       if (!(credentialsProvider instanceof IPasswordCredentialsUpdateProvider))
       {
         throw new IllegalStateException("No credentials update provider configured"); //$NON-NLS-1$
       }

       IPasswordCredentialsUpdate credentials = ((IPasswordCredentialsUpdateProvider)credentialsProvider).getCredentialsUpdate(userID, operation);
       if (credentials == null)
       {
         // User canceled. Fine
         out.writeBoolean(false);
         return;
       }

       String authUserID = credentials.getUserID();
       String authPassword = new String(credentials.getPassword());
       String newPassword = new String(credentials.getNewPassword());
       if (StringUtil.isEmpty(newPassword))
       {
         throw new IllegalStateException("No new password provided"); //$NON-NLS-1$
       }

       ByteArrayOutputStream baos = new ByteArrayOutputStream();
       ExtendedDataOutputStream stream = new ExtendedDataOutputStream(baos);

       switch (operation)
       {
       case CHANGE_PASSWORD:
         stream.writeString(authUserID);
         stream.writeString(authPassword);
         stream.writeString(newPassword);
         break;
       case RESET_PASSWORD:
         stream.writeString(authUserID);
         stream.writeString(authPassword);
         stream.writeString(userID);
         stream.writeString(newPassword);
         break;
       }

       stream.close();
       byte[] clearText = baos.toByteArray();

       DiffieHellman.Client client = new DiffieHellman.Client();
       Response response = client.handleChallenge(challenge, clearText);
       out.writeBoolean(true);
       response.write(out);
     }
     catch (Throwable ex)
     {
       out.writeBoolean(false);
       OM.LOG.error(ex);
     }
     finally
     {
       async.stop();
       monitor.done();
     }
   }
 }
	/*
	* Copyright (c) 2013, 2016 Eike Stepper (Loehne, Germany) and others.
	* All rights reserved. This program and the accompanying materials
	* are made available under the terms of the Eclipse Public License v1.0
	* which accompanies this distribution, and is available at
	* http://www.eclipse.org/legal/epl-v10.html
	*
	* Contributors:
	* Eike Stepper - initial API and implementation
	* Christian W. Damus (CEA LIST) - Adapted from AuthenticationIndication for 399306
	*/
	package org.eclipse.emf.cdo.internal.net4j.protocol;

	import org.eclipse.emf.cdo.common.protocol.CDOProtocolConstants;
	import org.eclipse.emf.cdo.internal.net4j.bundle.OM;

	import org.eclipse.net4j.signal.IndicationWithMonitoring;
	import org.eclipse.net4j.signal.SignalProtocol;
	import org.eclipse.net4j.util.StringUtil;
	import org.eclipse.net4j.util.io.ExtendedDataInputStream;
	import org.eclipse.net4j.util.io.ExtendedDataOutputStream;
	import org.eclipse.net4j.util.om.monitor.OMMonitor;
	import org.eclipse.net4j.util.om.monitor.OMMonitor.Async;
	import org.eclipse.net4j.util.security.CredentialsUpdateOperation;
	import org.eclipse.net4j.util.security.DiffieHellman;
	import org.eclipse.net4j.util.security.DiffieHellman.Client.Response;
	import org.eclipse.net4j.util.security.DiffieHellman.Server.Challenge;
	import org.eclipse.net4j.util.security.IPasswordCredentialsProvider;
	import org.eclipse.net4j.util.security.IPasswordCredentialsUpdate;
	import org.eclipse.net4j.util.security.IPasswordCredentialsUpdateProvider;

	import org.eclipse.emf.spi.cdo.InternalCDOSession;

	import java.io.ByteArrayOutputStream;

	/**
	* Implementation of the CDO client handler for the server-initiated change-credentials protocol.
	*
	* @author Christian W. Damus (CEA LIST)
	*/
	public class CredentialsChallengeIndication extends IndicationWithMonitoring
	{
	private Challenge challenge;

	private CredentialsUpdateOperation operation;

	private String userID;

	public CredentialsChallengeIndication(SignalProtocol<?> protocol)
	{
	super(protocol, CDOProtocolConstants.SIGNAL_CREDENTIALS_CHALLENGE);
	}

	@Override
	public CDOClientProtocol getProtocol()
	{
	return (CDOClientProtocol)super.getProtocol();
	}

	protected InternalCDOSession getSession()
	{
	return (InternalCDOSession)getProtocol().getSession();
	}

	@Override
	protected int getIndicatingWorkPercent()
	{
	return 1;
	}

	@Override
	protected void indicating(ExtendedDataInputStream in, OMMonitor monitor) throws Exception
	{
	operation = in.readEnum(CredentialsUpdateOperation.class);
	userID = in.readString(); // May be null if operation is not reset
	challenge = new Challenge(in);
	}

	@Override
	protected void responding(ExtendedDataOutputStream out, OMMonitor monitor) throws Exception
	{
	monitor.begin();
	Async async = monitor.forkAsync();

	try
	{
	IPasswordCredentialsProvider credentialsProvider = getSession().getCredentialsProvider();
	if (!(credentialsProvider instanceof IPasswordCredentialsUpdateProvider))
	{
	throw new IllegalStateException("No credentials update provider configured"); //$NON-NLS-1$
	}

	IPasswordCredentialsUpdate credentials = ((IPasswordCredentialsUpdateProvider)credentialsProvider).getCredentialsUpdate(userID, operation);
	if (credentials == null)
	{
	// User canceled. Fine
	out.writeBoolean(false);
	return;
	}

	String authUserID = credentials.getUserID();
	String authPassword = new String(credentials.getPassword());
	String newPassword = new String(credentials.getNewPassword());
	if (StringUtil.isEmpty(newPassword))
	{
	throw new IllegalStateException("No new password provided"); //$NON-NLS-1$
	}

	ByteArrayOutputStream baos = new ByteArrayOutputStream();
	ExtendedDataOutputStream stream = new ExtendedDataOutputStream(baos);

	switch (operation)
	{
	case CHANGE_PASSWORD:
	stream.writeString(authUserID);
	stream.writeString(authPassword);
	stream.writeString(newPassword);
	break;
	case RESET_PASSWORD:
	stream.writeString(authUserID);
	stream.writeString(authPassword);
	stream.writeString(userID);
	stream.writeString(newPassword);
	break;
	}

	stream.close();
	byte[] clearText = baos.toByteArray();

	DiffieHellman.Client client = new DiffieHellman.Client();
	Response response = client.handleChallenge(challenge, clearText);
	out.writeBoolean(true);
	response.write(out);
	}
	catch (Throwable ex)
	{
	out.writeBoolean(false);
	OM.LOG.error(ex);
	}
	finally
	{
	async.stop();
	monitor.done();
	}
	}
	}