appserver/security/jaspic-provider-framework/src/main/java/com/sun/jaspic/config/factory/singlemodule/DefaultAuthConfigProvider.java - glassfish - Git at Google

 /*
  * Copyright (c) 2022, 2022 Contributors to the Eclipse Foundation.
  * Copyright (c) 2015, 2020 Oracle and/or its affiliates. All rights reserved.
  *
  * This program and the accompanying materials are made available under the
  * terms of the Eclipse Public License v. 2.0, which is available at
  * http://www.eclipse.org/legal/epl-2.0.
  *
  * This Source Code may also be made available under the following Secondary
  * Licenses when the conditions for such availability set forth in the
  * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
  * version 2 with the GNU Classpath Exception, which is available at
  * https://www.gnu.org/software/classpath/license.html.
  *
  * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
  */

 package com.sun.jaspic.config.factory.singlemodule;

 import java.util.Map;

 import javax.security.auth.callback.CallbackHandler;

 import jakarta.security.auth.message.AuthException;
 import jakarta.security.auth.message.config.AuthConfigFactory;
 import jakarta.security.auth.message.config.AuthConfigProvider;
 import jakarta.security.auth.message.config.ClientAuthConfig;
 import jakarta.security.auth.message.config.ServerAuthConfig;
 import jakarta.security.auth.message.config.ServerAuthContext;
 import jakarta.security.auth.message.module.ServerAuthModule;

 /**
  * This class functions as a kind of factory-factory for {@link ServerAuthConfig} instances, which are by themselves factories
  * for {@link ServerAuthContext} instances, which are delegates for the actual {@link ServerAuthModule} (SAM) that we're after.
  *
  * @author Arjan Tijms
  */
 public class DefaultAuthConfigProvider implements AuthConfigProvider {

     private static final String CALLBACK_HANDLER_PROPERTY_NAME = "authconfigprovider.client.callbackhandler";

     private Map<String, String> providerProperties;
     private ServerAuthModule serverAuthModule;

     public DefaultAuthConfigProvider(ServerAuthModule serverAuthModule) {
         this.serverAuthModule = serverAuthModule;
     }

     /**
      * Constructor with signature and implementation that's required by API.
      *
      * @param properties provider properties
      * @param factory the auth config factory
      */
     public DefaultAuthConfigProvider(Map<String, String> properties, AuthConfigFactory factory) {
         this.providerProperties = properties;

         // API requires self registration if factory is provided. Not clear
         // where the "layer" (2nd parameter)
         // and especially "appContext" (3rd parameter) values have to come from
         // at this place.
         if (factory != null) {
             // If this method ever gets called, it may throw a SecurityException.
             // Don't bother with a PrivilegedAction as we don't expect to ever be
             // constructed this way.
             factory.registerConfigProvider(this, null, null, "Auto registration");
         }
     }

     /**
      * The actual factory method that creates the factory used to eventually obtain the delegate for a SAM.
      */
     @Override
     public ServerAuthConfig getServerAuthConfig(String layer, String appContext, CallbackHandler handler) throws AuthException,
         SecurityException {
         return new DefaultServerAuthConfig(layer, appContext, handler == null ? createDefaultCallbackHandler() : handler,
             providerProperties, serverAuthModule);
     }

     @Override
     public ClientAuthConfig getClientAuthConfig(String layer, String appContext, CallbackHandler handler) throws AuthException,
         SecurityException {
         return null;
     }

     @Override
     public void refresh() {
     }

     /**
      * Creates a default callback handler via the system property "authconfigprovider.client.callbackhandler", as seemingly
      * required by the API (API uses wording "may" create default handler). TODO: Isn't
      * "authconfigprovider.client.callbackhandler" JBoss specific?
      *
      * @return
      * @throws AuthException
      */
     private CallbackHandler createDefaultCallbackHandler() throws AuthException {
         String callBackClassName = System.getProperty(CALLBACK_HANDLER_PROPERTY_NAME);

         if (callBackClassName == null) {
             throw new AuthException("No default handler set via system property: " + CALLBACK_HANDLER_PROPERTY_NAME);
         }

         try {
             return (CallbackHandler)
                 Thread.currentThread()
                       .getContextClassLoader()
                       .loadClass(callBackClassName)
                       .getDeclaredConstructor()
                       .newInstance();
         } catch (Exception e) {
             throw new AuthException(e.getMessage());
         }
     }

 }
	/*
	* Copyright (c) 2022, 2022 Contributors to the Eclipse Foundation.
	* Copyright (c) 2015, 2020 Oracle and/or its affiliates. All rights reserved.
	*
	* This program and the accompanying materials are made available under the
	* terms of the Eclipse Public License v. 2.0, which is available at
	* http://www.eclipse.org/legal/epl-2.0.
	*
	* This Source Code may also be made available under the following Secondary
	* Licenses when the conditions for such availability set forth in the
	* Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
	* version 2 with the GNU Classpath Exception, which is available at
	* https://www.gnu.org/software/classpath/license.html.
	*
	* SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
	*/

	package com.sun.jaspic.config.factory.singlemodule;

	import java.util.Map;

	import javax.security.auth.callback.CallbackHandler;

	import jakarta.security.auth.message.AuthException;
	import jakarta.security.auth.message.config.AuthConfigFactory;
	import jakarta.security.auth.message.config.AuthConfigProvider;
	import jakarta.security.auth.message.config.ClientAuthConfig;
	import jakarta.security.auth.message.config.ServerAuthConfig;
	import jakarta.security.auth.message.config.ServerAuthContext;
	import jakarta.security.auth.message.module.ServerAuthModule;

	/**
	* This class functions as a kind of factory-factory for {@link ServerAuthConfig} instances, which are by themselves factories
	* for {@link ServerAuthContext} instances, which are delegates for the actual {@link ServerAuthModule} (SAM) that we're after.
	*
	* @author Arjan Tijms
	*/
	public class DefaultAuthConfigProvider implements AuthConfigProvider {

	private static final String CALLBACK_HANDLER_PROPERTY_NAME = "authconfigprovider.client.callbackhandler";

	private Map<String, String> providerProperties;
	private ServerAuthModule serverAuthModule;

	public DefaultAuthConfigProvider(ServerAuthModule serverAuthModule) {
	this.serverAuthModule = serverAuthModule;
	}

	/**
	* Constructor with signature and implementation that's required by API.
	*
	* @param properties provider properties
	* @param factory the auth config factory
	*/
	public DefaultAuthConfigProvider(Map<String, String> properties, AuthConfigFactory factory) {
	this.providerProperties = properties;

	// API requires self registration if factory is provided. Not clear
	// where the "layer" (2nd parameter)
	// and especially "appContext" (3rd parameter) values have to come from
	// at this place.
	if (factory != null) {
	// If this method ever gets called, it may throw a SecurityException.
	// Don't bother with a PrivilegedAction as we don't expect to ever be
	// constructed this way.
	factory.registerConfigProvider(this, null, null, "Auto registration");
	}
	}

	/**
	* The actual factory method that creates the factory used to eventually obtain the delegate for a SAM.
	*/
	@Override
	public ServerAuthConfig getServerAuthConfig(String layer, String appContext, CallbackHandler handler) throws AuthException,
	SecurityException {
	return new DefaultServerAuthConfig(layer, appContext, handler == null ? createDefaultCallbackHandler() : handler,
	providerProperties, serverAuthModule);
	}

	@Override
	public ClientAuthConfig getClientAuthConfig(String layer, String appContext, CallbackHandler handler) throws AuthException,
	SecurityException {
	return null;
	}

	@Override
	public void refresh() {
	}

	/**
	* Creates a default callback handler via the system property "authconfigprovider.client.callbackhandler", as seemingly
	* required by the API (API uses wording "may" create default handler). TODO: Isn't
	* "authconfigprovider.client.callbackhandler" JBoss specific?
	*
	* @return
	* @throws AuthException
	*/
	private CallbackHandler createDefaultCallbackHandler() throws AuthException {
	String callBackClassName = System.getProperty(CALLBACK_HANDLER_PROPERTY_NAME);

	if (callBackClassName == null) {
	throw new AuthException("No default handler set via system property: " + CALLBACK_HANDLER_PROPERTY_NAME);
	}

	try {
	return (CallbackHandler)
	Thread.currentThread()
	.getContextClassLoader()
	.loadClass(callBackClassName)
	.getDeclaredConstructor()
	.newInstance();
	} catch (Exception e) {
	throw new AuthException(e.getMessage());
	}
	}

	}