@Override public void onSaslChallenge(Sasl sasl, Transport transport) { int challengeSize = sasl.pending(); byte[] challenge = new byte[challengeSize]; sasl.recv(challenge, 0, challengeSize); byte[] response = clientSASLMechanism.getResponse(challenge); sasl.send(response, 0, response.length); }
@Override public void onSaslChallenge(Sasl sasl, Transport transport) { int challengeSize = sasl.pending(); byte[] challenge = new byte[challengeSize]; sasl.recv(challenge, 0, challengeSize); byte[] response = clientSASLMechanism.getResponse(challenge); sasl.send(response, 0, response.length); }
private void evaluatePlainResponse(final Handler<Boolean> completionHandler) { byte[] saslResponse = new byte[sasl.pending()]; sasl.recv(saslResponse, 0, saslResponse.length); final DeliveryOptions options = new DeliveryOptions().setSendTimeout(AUTH_REQUEST_TIMEOUT_MILLIS); final JsonObject authenticationRequest = getAuthenticationRequest(MECHANISM_PLAIN, saslResponse); vertx.eventBus().send(EVENT_BUS_ADDRESS_AUTHENTICATION_IN, authenticationRequest, options, reply -> { if (reply.succeeded()) { JsonObject result = (JsonObject) reply.result().body(); LOG.debug("received result of successful authentication request: {}", result); addPrincipal(result.getString(FIELD_AUTHORIZATION_ID)); } else { LOG.debug("authentication of client failed", reply.cause()); sasl.done(SaslOutcome.PN_SASL_AUTH); } completionHandler.handle(true); }); }
private void handleSaslStep() throws SaslException { if (sasl.pending() != 0) { byte[] challenge = new byte[sasl.pending()]; sasl.recv(challenge, 0, challenge.length); byte[] response = mechanism.getChallengeResponse(challenge); sasl.send(response, 0, response.length); } }
private void handleSaslCompletion(Sasl sasl) { try { if (sasl.pending() != 0) { byte[] additionalData = new byte[sasl.pending()]; sasl.recv(additionalData, 0, additionalData.length); mechanism.getChallengeResponse(additionalData); } mechanism.verifyCompletion(); complete = true; } catch (Throwable error) { recordFailure("Exception while processing SASL exchange completion: " + error.getMessage(), error); } }
private void handleSaslStep() throws SecurityException { try { if (sasl.pending() != 0) { byte[] challenge = new byte[sasl.pending()]; sasl.recv(challenge, 0, challenge.length); byte[] response = mechanism.getChallengeResponse(challenge); sasl.send(response, 0, response.length); } } catch (SaslException se) { // TODO - Better error message. SecurityException jmsse = new SecurityException("Exception while processing SASL step."); jmsse.initCause(se); throw jmsse; } }
/** * * @param sasl the Sasl object * @param transport the related transport */ public void onSaslChallenge(Sasl sasl, Transport transport) { if (sasl == null) { this.savedException = new IllegalArgumentException("Sasl cannot be null"); } else { // Codes_SRS_SASLLISTENERIMPL_34_004: [This function shall retrieve the sasl challenge from the provided sasl object.] byte[] saslChallenge = new byte[sasl.pending()]; sasl.recv(saslChallenge, 0, saslChallenge.length); // Codes_SRS_SASLLISTENERIMPL_34_005: [This function shall give the sasl challenge bytes to the saved saslHandler and send the payload it returns.] byte[] challengeResponse; try { challengeResponse = this.saslHandler.handleChallenge(saslChallenge); sasl.send(challengeResponse, 0, challengeResponse.length); } catch (Exception e) { //Codes_SRS_SASLLISTENERIMPL_34_014: [If any exception is thrown while the saslHandler handles the challenge, this function shall save that exception and shall not send the challenge response.] this.savedException = e; } } }
private void handleSaslCompletion(Sasl sasl) { try { if (sasl.pending() != 0) { byte[] additionalData = new byte[sasl.pending()]; sasl.recv(additionalData, 0, additionalData.length); mechanism.getChallengeResponse(additionalData); } mechanism.verifyCompletion(); complete = true; } catch (Throwable error) { recordFailure("Exception while processing SASL exchange completion: " + error.getMessage(), error); } }
public void handleSaslChallenge(Sasl sasl, Transport transport) { try { if (sasl.pending() >= 0) { byte[] challenge = new byte[sasl.pending()]; sasl.recv(challenge, 0, challenge.length); byte[] response = mechanism.getChallengeResponse(challenge); if (response != null) { sasl.send(response, 0, response.length); } } } catch (Throwable error) { recordFailure("Exception while processing SASL step: " + error.getMessage(), error); } }
public void handleSaslChallenge(Sasl sasl, Transport transport) { try { if (sasl.pending() >= 0) { byte[] challenge = new byte[sasl.pending()]; sasl.recv(challenge, 0, challenge.length); byte[] response = mechanism.getChallengeResponse(challenge); if (response != null) { sasl.send(response, 0, response.length); } } } catch (Throwable error) { recordFailure("Exception while processing SASL step: " + error.getMessage(), error); } }
sasl.recv(additionalData, 0, additionalData.length); clientSASLMechanism.getResponse(additionalData);
sasl.recv(additionalData, 0, additionalData.length); clientSASLMechanism.getResponse(additionalData);
private void processPending(Sasl sasl) { byte[] dataSASL = new byte[sasl.pending()]; int received = sasl.recv(dataSASL, 0, dataSASL.length); if (log.isTraceEnabled()) { log.trace("Working on sasl, length:" + received); } byte[] response = chosenMechanism.processSASL(received != -1 ? dataSASL : null); if (response != null) { sasl.send(response, 0, response.length); } saslResult = chosenMechanism.result(); if (saslResult != null) { if (saslResult.isSuccess()) { saslComplete(sasl, Sasl.SaslOutcome.PN_SASL_OK); } else { saslComplete(sasl, Sasl.SaslOutcome.PN_SASL_AUTH); } } }
private void processPending(Sasl sasl) { byte[] dataSASL = new byte[sasl.pending()]; int received = sasl.recv(dataSASL, 0, dataSASL.length); if (log.isTraceEnabled()) { log.trace("Working on sasl, length:" + received); } byte[] response = chosenMechanism.processSASL(received != -1 ? dataSASL : null); if (response != null) { sasl.send(response, 0, response.length); } saslResult = chosenMechanism.result(); if (saslResult != null) { if (saslResult.isSuccess()) { saslComplete(sasl, Sasl.SaslOutcome.PN_SASL_OK); } else { saslComplete(sasl, Sasl.SaslOutcome.PN_SASL_AUTH); } } }
@Override public void process(final Handler<Boolean> completionHandler) { final String[] remoteMechanisms = sasl.getRemoteMechanisms(); if (remoteMechanisms.length == 0) { LOG.debug("client provided an empty list of SASL mechanisms [hostname: {}, state: {}]", sasl.getHostname(), sasl.getState().name()); completionHandler.handle(false); } else { final String chosenMechanism = remoteMechanisms[0]; LOG.debug("client wants to authenticate using SASL [mechanism: {}, host: {}, state: {}]", chosenMechanism, sasl.getHostname(), sasl.getState().name()); final Future<HonoUser> authTracker = Future.future(); authTracker.setHandler(s -> { if (s.succeeded()) { final HonoUser user = s.result(); LOG.debug("authentication of client [authorization ID: {}] succeeded", user.getName()); Constants.setClientPrincipal(protonConnection, user); succeeded = true; sasl.done(SaslOutcome.PN_SASL_OK); } else { LOG.debug("authentication failed: " + s.cause().getMessage()); sasl.done(SaslOutcome.PN_SASL_AUTH); } completionHandler.handle(Boolean.TRUE); }); final byte[] saslResponse = new byte[sasl.pending()]; sasl.recv(saslResponse, 0, saslResponse.length); verify(chosenMechanism, saslResponse, authTracker.completer()); } }
@Override public void process(final Handler<Boolean> completionHandler) { final String[] remoteMechanisms = sasl.getRemoteMechanisms(); if (remoteMechanisms.length == 0) { LOG.debug("client provided an empty list of SASL mechanisms [hostname: {}, state: {}]", sasl.getHostname(), sasl.getState().name()); completionHandler.handle(false); } else { final String chosenMechanism = remoteMechanisms[0]; LOG.debug("client wants to authenticate using SASL [mechanism: {}, host: {}, state: {}]", chosenMechanism, sasl.getHostname(), sasl.getState().name()); final Future<HonoUser> authTracker = Future.future(); authTracker.setHandler(s -> { if (s.succeeded()) { final HonoUser user = s.result(); LOG.debug("authentication of client [authorization ID: {}] succeeded", user.getName()); Constants.setClientPrincipal(protonConnection, user); succeeded = true; sasl.done(SaslOutcome.PN_SASL_OK); } else { LOG.debug("authentication failed: " + s.cause().getMessage()); sasl.done(SaslOutcome.PN_SASL_AUTH); } completionHandler.handle(Boolean.TRUE); }); final byte[] saslResponse = new byte[sasl.pending()]; sasl.recv(saslResponse, 0, saslResponse.length); verify(chosenMechanism, saslResponse, authTracker.completer()); } }
protected void checkServerSASL() { if (serverSasl != null && serverSasl.getRemoteMechanisms().length > 0) { // TODO: should we look at the first only? ServerSASL mechanism = saslHandlers.get(serverSasl.getRemoteMechanisms()[0]); if (mechanism != null) { byte[] dataSASL = new byte[serverSasl.pending()]; serverSasl.recv(dataSASL, 0, dataSASL.length); if (log.isTraceEnabled()) { log.trace("Working on sasl::" + ByteUtil.bytesToHex(dataSASL, 2)); } saslResult = mechanism.processSASL(dataSASL); if (saslResult != null && saslResult.isSuccess()) { serverSasl.done(Sasl.SaslOutcome.PN_SASL_OK); serverSasl = null; saslHandlers.clear(); saslHandlers = null; } else { serverSasl.done(Sasl.SaslOutcome.PN_SASL_AUTH); } serverSasl = null; } else { // no auth available, system error serverSasl.done(Sasl.SaslOutcome.PN_SASL_SYS); } } }
sasl.recv(data, 0, data.length); Buffer[] parts = split(new Buffer(data), (byte)0); if (parts.length > 0) {
@Override public void processSaslStep(Sasl sasl) { byte[] data = new byte[sasl.pending()]; sasl.recv(data, 0, data.length); Buffer[] parts = new Buffer(data).split((byte) 0); switch (parts.length) { case 0: // Treat this as anonymous connect to support legacy behavior // which allowed this. Connection will fail if broker is not // configured to allow anonymous connections. break; case 2: username = parts[0].utf8().toString(); password = parts[1].utf8().toString(); break; case 3: username = parts[1].utf8().toString(); password = parts[2].utf8().toString(); break; default: setFailed("Invalid encoding of Authentication credentials"); break; } }
@Override public void processSaslStep(Sasl sasl) { byte[] data = new byte[sasl.pending()]; sasl.recv(data, 0, data.length); Buffer[] parts = new Buffer(data).split((byte) 0); switch (parts.length) { case 0: // Treat this as anonymous connect to support legacy behavior // which allowed this. Connection will fail if broker is not // configured to allow anonymous connections. break; case 2: username = parts[0].utf8().toString(); password = parts[1].utf8().toString(); break; case 3: username = parts[1].utf8().toString(); password = parts[2].utf8().toString(); break; default: setFailed("Invalid encoding of Authentication credentials"); break; } }