source.dussan.org Git - archiva.git/blob

   1 package org.codehaus.plexus.redback.authentication.keystore;
   2
   3 /*
   4  * Licensed to the Apache Software Foundation (ASF) under one
   5  * or more contributor license agreements.  See the NOTICE file
   6  * distributed with this work for additional information
   7  * regarding copyright ownership.  The ASF licenses this file
   8  * to you under the Apache License, Version 2.0 (the
   9  * "License"); you may not use this file except in compliance
  10  * with the License.  You may obtain a copy of the License at
  11  *
  12  * http://www.apache.org/licenses/LICENSE-2.0
  13  *
  14  * Unless required by applicable law or agreed to in writing,
  15  * software distributed under the License is distributed on an
  16  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  17  * KIND, either express or implied.  See the License for the
  18  * specific language governing permissions and limitations
  19  * under the License.
  20  */
  21
  22 import org.apache.archiva.redback.authentication.AuthenticationDataSource;
  23 import org.apache.archiva.redback.authentication.AuthenticationException;
  24 import org.apache.archiva.redback.authentication.AuthenticationResult;
  25 import org.apache.archiva.redback.authentication.Authenticator;
  26 import org.apache.archiva.redback.authentication.TokenBasedAuthenticationDataSource;
  27 import org.codehaus.plexus.redback.keys.AuthenticationKey;
  28 import org.codehaus.plexus.redback.keys.KeyManager;
  29 import org.codehaus.plexus.redback.keys.KeyManagerException;
  30 import org.codehaus.plexus.redback.keys.KeyNotFoundException;
  31 import org.codehaus.plexus.redback.policy.AccountLockedException;
  32 import org.codehaus.plexus.redback.policy.MustChangePasswordException;
  33 import org.apache.archiva.redback.users.User;
  34 import org.apache.archiva.redback.users.UserManager;
  35 import org.apache.archiva.redback.users.UserNotFoundException;
  36 import org.slf4j.Logger;
  37 import org.slf4j.LoggerFactory;
  38 import org.springframework.stereotype.Service;
  39
  40 import javax.annotation.Resource;
  41
  42 /**
  43  * KeyStoreAuthenticator:
  44  *
  45  * @author: Jesse McConnell <jesse@codehaus.org>
  46  * @version: $Id$
  47  */
  48 @Service( "authenticator#keystore" )
  49 public class KeyStoreAuthenticator
  50     implements Authenticator
  51 {
  52     private Logger log = LoggerFactory.getLogger( getClass() );
  53
  54     @Resource( name = "keyManager#cached" )
  55     private KeyManager keystore;
  56
  57     @Resource( name = "userManager#configurable" )
  58     private UserManager userManager;
  59
  60     public String getId()
  61     {
  62         return "$Id$";
  63     }
  64
  65     public AuthenticationResult authenticate( AuthenticationDataSource source )
  66         throws AccountLockedException, AuthenticationException, MustChangePasswordException
  67     {
  68         TokenBasedAuthenticationDataSource dataSource = (TokenBasedAuthenticationDataSource) source;
  69
  70         String key = dataSource.getToken();
  71         try
  72         {
  73             AuthenticationKey authKey = keystore.findKey( key );
  74
  75             // if we find a key (exception was probably thrown if not) then we should be authentic
  76             if ( authKey != null )
  77             {
  78                 User user = userManager.findUser( dataSource.getPrincipal() );
  79
  80                 if ( user.isLocked() )
  81                 {
  82                     throw new AccountLockedException( "Account " + source.getPrincipal() + " is locked.", user );
  83                 }
  84
  85                 if ( user.isPasswordChangeRequired() && source.isEnforcePasswordChange() )
  86                 {
  87                     throw new MustChangePasswordException( "Password expired.", user );
  88                 }
  89
  90                 return new AuthenticationResult( true, dataSource.getPrincipal(), null );
  91             }
  92             else
  93             {
  94                 return new AuthenticationResult( false, dataSource.getPrincipal(),
  95                                                  new AuthenticationException( "unable to find key" ) );
  96             }
  97         }
  98         catch ( KeyNotFoundException ne )
  99         {
 100             return new AuthenticationResult( false, null, ne );
 101         }
 102         catch ( KeyManagerException ke )
 103         {
 104             throw new AuthenticationException( "underlaying keymanager issue", ke );
 105         }
 106         catch ( UserNotFoundException e )
 107         {
 108             log.warn( "Login for user " + source.getPrincipal() + " failed. user not found." );
 109             return new AuthenticationResult( false, null, e );
 110         }
 111     }
 112
 113     public boolean supportsDataSource( AuthenticationDataSource source )
 114     {
 115         return source instanceof TokenBasedAuthenticationDataSource;
 116     }
 117 }