mirror of
https://github.com/scm-manager/scm-manager.git
synced 2025-11-14 17:26:22 +01:00
added legacy plugin to support scm-manager 1.x password hashes
This commit is contained in:
Sebastian Sdorra
@@ -34,36 +34,21 @@ package sonia.scm.security;
|
||||
//~--- non-JDK imports --------------------------------------------------------
|
||||
|
||||
import com.google.common.annotations.VisibleForTesting;
|
||||
import com.google.common.base.Strings;
|
||||
import com.google.common.collect.ImmutableSet;
|
||||
import com.google.common.collect.ImmutableSet.Builder;
|
||||
|
||||
import org.apache.shiro.authc.AuthenticationException;
|
||||
import org.apache.shiro.authc.AuthenticationInfo;
|
||||
import org.apache.shiro.authc.AuthenticationToken;
|
||||
import org.apache.shiro.authc.DisabledAccountException;
|
||||
import org.apache.shiro.authc.SimpleAuthenticationInfo;
|
||||
import org.apache.shiro.authc.UnknownAccountException;
|
||||
import org.apache.shiro.authc.UsernamePasswordToken;
|
||||
import org.apache.shiro.authc.credential.PasswordMatcher;
|
||||
import org.apache.shiro.authc.credential.PasswordService;
|
||||
import org.apache.shiro.authz.AuthorizationInfo;
|
||||
import org.apache.shiro.realm.AuthorizingRealm;
|
||||
import org.apache.shiro.subject.PrincipalCollection;
|
||||
import org.apache.shiro.subject.SimplePrincipalCollection;
|
||||
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
import sonia.scm.group.Group;
|
||||
import sonia.scm.group.GroupDAO;
|
||||
import sonia.scm.group.GroupNames;
|
||||
import sonia.scm.plugin.Extension;
|
||||
import sonia.scm.user.User;
|
||||
import sonia.scm.user.UserDAO;
|
||||
|
||||
import static com.google.common.base.Preconditions.*;
|
||||
|
||||
//~--- JDK imports ------------------------------------------------------------
|
||||
|
||||
import javax.inject.Inject;
|
||||
@@ -84,12 +69,6 @@ public class DefaultRealm extends AuthorizingRealm
|
||||
@VisibleForTesting
|
||||
static final String REALM = "DefaultRealm";
|
||||
|
||||
/**
|
||||
* the logger for DefaultRealm
|
||||
*/
|
||||
private static final Logger logger =
|
||||
LoggerFactory.getLogger(DefaultRealm.class);
|
||||
|
||||
//~--- constructors ---------------------------------------------------------
|
||||
|
||||
/**
|
||||
@@ -106,8 +85,7 @@ public class DefaultRealm extends AuthorizingRealm
|
||||
AuthorizationCollector collector, UserDAO userDAO, GroupDAO groupDAO)
|
||||
{
|
||||
this.collector = collector;
|
||||
this.userDAO = userDAO;
|
||||
this.groupDAO = groupDAO;
|
||||
this.helper = new DAORealmHelper(REALM, userDAO, groupDAO);
|
||||
|
||||
PasswordMatcher matcher = new PasswordMatcher();
|
||||
|
||||
@@ -133,43 +111,7 @@ public class DefaultRealm extends AuthorizingRealm
|
||||
AuthenticationToken token)
|
||||
throws AuthenticationException
|
||||
{
|
||||
checkArgument(token instanceof UsernamePasswordToken, "%s is required",
|
||||
UsernamePasswordToken.class);
|
||||
|
||||
UsernamePasswordToken upt = (UsernamePasswordToken) token;
|
||||
String principal = upt.getUsername();
|
||||
|
||||
checkArgument(!Strings.isNullOrEmpty(principal), "username is required");
|
||||
|
||||
logger.debug("try to authenticate {}", principal);
|
||||
|
||||
User user = userDAO.get(principal);
|
||||
|
||||
if (user == null)
|
||||
{
|
||||
//J-
|
||||
throw new UnknownAccountException(
|
||||
String.format("unknown account %s", principal)
|
||||
);
|
||||
//J+
|
||||
}
|
||||
|
||||
if (!user.isActive())
|
||||
{
|
||||
//J-
|
||||
throw new DisabledAccountException(
|
||||
String.format("account %s is disabled", principal)
|
||||
);
|
||||
//J+
|
||||
}
|
||||
|
||||
SimplePrincipalCollection collection = new SimplePrincipalCollection();
|
||||
|
||||
collection.add(principal, REALM);
|
||||
collection.add(user, REALM);
|
||||
collection.add(collectGroups(principal), REALM);
|
||||
|
||||
return new SimpleAuthenticationInfo(collection, user.getPassword());
|
||||
return helper.getAuthenticationInfo(token);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -187,44 +129,11 @@ public class DefaultRealm extends AuthorizingRealm
|
||||
return collector.collect(principals);
|
||||
}
|
||||
|
||||
/**
|
||||
* Method description
|
||||
*
|
||||
*
|
||||
* @param principal
|
||||
*
|
||||
* @return
|
||||
*/
|
||||
private GroupNames collectGroups(String principal)
|
||||
{
|
||||
Builder<String> builder = ImmutableSet.builder();
|
||||
|
||||
builder.add(GroupNames.AUTHENTICATED);
|
||||
|
||||
for (Group group : groupDAO.getAll())
|
||||
{
|
||||
if (group.isMember(principal))
|
||||
{
|
||||
builder.add(group.getName());
|
||||
}
|
||||
}
|
||||
|
||||
GroupNames groups = new GroupNames(builder.build());
|
||||
|
||||
logger.debug("collected following groups for principal {}: {}", principal,
|
||||
groups);
|
||||
|
||||
return groups;
|
||||
}
|
||||
|
||||
//~--- fields ---------------------------------------------------------------
|
||||
|
||||
/** Field description */
|
||||
private final AuthorizationCollector collector;
|
||||
|
||||
/** Field description */
|
||||
private final GroupDAO groupDAO;
|
||||
|
||||
/** Field description */
|
||||
private final UserDAO userDAO;
|
||||
private final DAORealmHelper helper;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user