Mercurial > hg4j
view src/org/tmatesoft/hg/internal/remote/HttpAuthMethod.java @ 711:a62079bc422b
Keyword filtering that doesn't depend on input buffer size and the way input lines got split between filter() calls. KewordFilter got state to keep processed suspicious ...$ lines
author | Artem Tikhomirov <tikhomirov.artem@gmail.com> |
---|---|
date | Fri, 11 Oct 2013 21:35:41 +0200 |
parents | a483b2b68a2e |
children |
line wrap: on
line source
/* * Copyright (c) 2013 TMate Software Ltd * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; version 2 of the License. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * For information on how to redistribute this software under * the terms of a license other than GNU General Public License * contact TMate Software at support@hg4j.com */ package org.tmatesoft.hg.internal.remote; import static org.tmatesoft.hg.util.LogFacility.Severity.Info; import java.io.IOException; import java.io.InputStream; import java.net.HttpURLConnection; import java.net.URL; import java.security.cert.CertificateException; import java.security.cert.X509Certificate; import java.util.prefs.BackingStoreException; import java.util.prefs.Preferences; import javax.net.ssl.HttpsURLConnection; import javax.net.ssl.SSLContext; import javax.net.ssl.TrustManager; import javax.net.ssl.X509TrustManager; import org.tmatesoft.hg.auth.HgAuthFailedException; import org.tmatesoft.hg.auth.HgAuthMethod; import org.tmatesoft.hg.core.HgRemoteConnectionException; import org.tmatesoft.hg.core.SessionContext; import org.tmatesoft.hg.repo.HgInvalidStateException; /** * * @author Artem Tikhomirov * @author TMate Software Ltd. */ public class HttpAuthMethod implements HgAuthMethod { private final SessionContext ctx; private final URL url; private String authInfo; private SSLContext sslContext; /** * @param sessionContext * @param url location fully ready to attempt connection to perform authentication check, e.g. hello command (anything with *small* output will do) * @throws HgRemoteConnectionException */ HttpAuthMethod(SessionContext sessionContext, URL url) throws HgRemoteConnectionException { ctx = sessionContext; if (!"http".equals(url.getProtocol()) && !"https".equals(url.getProtocol())) { throw new HgInvalidStateException(String.format("http protocol expected: %s", url.toString())); } this.url = url; if ("https".equals(url.getProtocol())) { try { sslContext = SSLContext.getInstance("SSL"); class TrustEveryone implements X509TrustManager { public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { } public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { } public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; } }; sslContext.init(null, new TrustManager[] { new TrustEveryone() }, null); } catch (Exception ex) { throw new HgRemoteConnectionException("Can't initialize secure connection", ex); } } else { sslContext = null; } } public void tryWithUserInfo(String uriUserInfo) throws HgAuthFailedException { int colon = uriUserInfo.indexOf(':'); if (colon == -1) { withPassword(uriUserInfo, null); } else { withPassword(uriUserInfo.substring(0, colon), uriUserInfo.substring(colon+1)); } } public void noCredentials() throws HgAuthFailedException { // TODO Auto-generated method stub checkConnection(); } public boolean supportsPassword() { return true; } public void withPassword(String username, String password) throws HgAuthFailedException { authInfo = buildAuthValue(username, password == null ? "" : password); checkConnection(); } public boolean supportsPublicKey() { return false; } public void withPublicKey(String username, InputStream privateKey, String passphrase) throws HgAuthFailedException { } public boolean supportsCertificate() { return "https".equals(url.getProtocol()); } public void withCertificate(X509Certificate[] clientCert) throws HgAuthFailedException { // TODO Auto-generated method stub checkConnection(); } private void checkConnection() throws HgAuthFailedException { // we've checked the protocol to be http(s) HttpURLConnection c = null; try { c = (HttpURLConnection) url.openConnection(); c = setupConnection(c); c.connect(); InputStream is = c.getInputStream(); while (is.read() != -1) { } is.close(); final int HTTP_UNAUTHORIZED = 401; if (c.getResponseCode() == HTTP_UNAUTHORIZED) { throw new HgAuthFailedException(c.getResponseMessage(), null); } } catch (IOException ex) { throw new HgAuthFailedException("Communication failure while authenticating", ex); } finally { if (c != null) { c.disconnect(); } } } HttpURLConnection setupConnection(HttpURLConnection urlConnection) { if (authInfo != null) { urlConnection.addRequestProperty("Authorization", "Basic " + authInfo); } if (sslContext != null) { ((HttpsURLConnection) urlConnection).setSSLSocketFactory(sslContext.getSocketFactory()); } return urlConnection; } private String buildAuthValue(String username, String password) { String ai = null; try { // Hack to get Base64-encoded credentials Preferences tempNode = Preferences.userRoot().node("xxx"); tempNode.putByteArray("xxx", String.format("%s:%s", username, password).getBytes()); ai = tempNode.get("xxx", null); tempNode.removeNode(); } catch (BackingStoreException ex) { ctx.getLog().dump(getClass(), Info, ex, null); // IGNORE } return ai; } }