You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by co...@apache.org on 2017/07/21 11:27:24 UTC
[37/50] [abbrv] directory-kerby git commit: Make it easier to pass
custom tokens through via KrbToken. Currently, the code is tied to "KrbToken",
which enforces the use of encoders/decoders.
Make it easier to pass custom tokens through via KrbToken.
Currently, the code is tied to "KrbToken", which enforces the use of encoders/decoders.
Project: http://git-wip-us.apache.org/repos/asf/directory-kerby/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerby/commit/56f69587
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerby/tree/56f69587
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerby/diff/56f69587
Branch: refs/heads/gssapi
Commit: 56f69587c733ed88802aa75559f66417f2e1373d
Parents: a2beb88
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Thu Jun 16 12:12:55 2016 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Fri Jul 21 12:25:51 2017 +0100
----------------------------------------------------------------------
.../kerb/client/preauth/token/TokenPreauth.java | 4 +-
.../kerby/kerberos/kerb/type/base/KrbToken.java | 64 +------------
.../kerberos/kerb/type/base/KrbTokenBase.java | 97 ++++++++++++++++++++
.../kerb/type/pa/token/PaTokenRequest.java | 10 +-
.../kerb/server/preauth/token/TokenPreauth.java | 4 +-
5 files changed, 108 insertions(+), 71 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/56f69587/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/token/TokenPreauth.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/token/TokenPreauth.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/token/TokenPreauth.java
index 15f9874..0830f20 100644
--- a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/token/TokenPreauth.java
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/token/TokenPreauth.java
@@ -36,7 +36,7 @@ import org.apache.kerby.kerberos.kerb.type.base.AuthToken;
import org.apache.kerby.kerberos.kerb.type.base.EncryptedData;
import org.apache.kerby.kerberos.kerb.type.base.EncryptionType;
import org.apache.kerby.kerberos.kerb.type.base.KeyUsage;
-import org.apache.kerby.kerberos.kerb.type.base.KrbToken;
+import org.apache.kerby.kerberos.kerb.type.base.KrbTokenBase;
import org.apache.kerby.kerberos.kerb.type.pa.PaData;
import org.apache.kerby.kerberos.kerb.type.pa.PaDataEntry;
import org.apache.kerby.kerberos.kerb.type.pa.PaDataType;
@@ -187,7 +187,7 @@ public class TokenPreauth extends AbstractPreauthPlugin {
}
PaTokenRequest tokenPa = new PaTokenRequest();
- tokenPa.setToken((KrbToken) authToken);
+ tokenPa.setToken((KrbTokenBase) authToken);
TokenInfo info = new TokenInfo();
info.setTokenVendor(authToken.getIssuer());
tokenPa.setTokenInfo(info);
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/56f69587/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/base/KrbToken.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/base/KrbToken.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/base/KrbToken.java
index 597d531..68d3a3b 100644
--- a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/base/KrbToken.java
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/base/KrbToken.java
@@ -23,17 +23,11 @@ import java.util.Date;
import java.util.List;
import java.util.Map;
-import org.apache.kerby.asn1.Asn1FieldInfo;
-import org.apache.kerby.asn1.EnumType;
-import org.apache.kerby.asn1.ExplicitField;
-import org.apache.kerby.asn1.type.Asn1Integer;
-import org.apache.kerby.asn1.type.Asn1OctetString;
import org.apache.kerby.kerberos.kerb.KrbConstant;
import org.apache.kerby.kerberos.kerb.KrbException;
import org.apache.kerby.kerberos.kerb.KrbRuntime;
import org.apache.kerby.kerberos.kerb.provider.TokenDecoder;
import org.apache.kerby.kerberos.kerb.provider.TokenEncoder;
-import org.apache.kerby.kerberos.kerb.type.KrbSequenceType;
/**
* KRB-TOKEN_VALUE ::= SEQUENCE {
@@ -41,38 +35,17 @@ import org.apache.kerby.kerberos.kerb.type.KrbSequenceType;
* token-value [1] OCTET STRING,
* }
*/
-public class KrbToken extends KrbSequenceType implements AuthToken {
+public class KrbToken extends KrbTokenBase implements AuthToken {
private static TokenEncoder tokenEncoder;
private static TokenDecoder tokenDecoder;
- protected enum KrbTokenField implements EnumType {
- TOKEN_FORMAT,
- TOKEN_VALUE;
-
- @Override
- public int getValue() {
- return ordinal();
- }
-
- @Override
- public String getName() {
- return name();
- }
- }
-
private AuthToken innerToken = null;
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[]{
- new ExplicitField(KrbTokenField.TOKEN_FORMAT, Asn1Integer.class),
- new ExplicitField(KrbTokenField.TOKEN_VALUE, Asn1OctetString.class)
- };
-
-
/**
* Default constructor.
*/
public KrbToken() {
- super(fieldInfos);
+ super();
}
/**
@@ -149,39 +122,6 @@ public class KrbToken extends KrbSequenceType implements AuthToken {
}
/**
- * Get token format.
- * @return The token format
- */
- public TokenFormat getTokenFormat() {
- Integer value = getFieldAsInteger(KrbTokenField.TOKEN_FORMAT);
- return TokenFormat.fromValue(value);
- }
-
- /**
- * Set token format.
- * @param tokenFormat The token format
- */
- public void setTokenFormat(TokenFormat tokenFormat) {
- setFieldAsInt(KrbTokenField.TOKEN_FORMAT, tokenFormat.getValue());
- }
-
- /**
- * Get token value.
- * @return The token value
- */
- public byte[] getTokenValue() {
- return getFieldAsOctets(KrbTokenField.TOKEN_VALUE);
- }
-
- /**
- * Set token value.
- * @param tokenValue The token value
- */
- public void setTokenValue(byte[] tokenValue) {
- setFieldAsOctets(KrbTokenField.TOKEN_VALUE, tokenValue);
- }
-
- /**
* {@inheritDoc}
*/
@Override
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/56f69587/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/base/KrbTokenBase.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/base/KrbTokenBase.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/base/KrbTokenBase.java
new file mode 100644
index 0000000..ddca54e
--- /dev/null
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/base/KrbTokenBase.java
@@ -0,0 +1,97 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.type.base;
+
+import org.apache.kerby.asn1.Asn1FieldInfo;
+import org.apache.kerby.asn1.EnumType;
+import org.apache.kerby.asn1.ExplicitField;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.asn1.type.Asn1OctetString;
+import org.apache.kerby.kerberos.kerb.type.KrbSequenceType;
+
+/**
+ * KRB-TOKEN_VALUE ::= SEQUENCE {
+ * token-format [0] INTEGER,
+ * token-value [1] OCTET STRING,
+ * }
+ */
+public class KrbTokenBase extends KrbSequenceType {
+
+ protected enum KrbTokenField implements EnumType {
+ TOKEN_FORMAT,
+ TOKEN_VALUE;
+
+ @Override
+ public int getValue() {
+ return ordinal();
+ }
+
+ @Override
+ public String getName() {
+ return name();
+ }
+ }
+
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[]{
+ new ExplicitField(KrbTokenField.TOKEN_FORMAT, Asn1Integer.class),
+ new ExplicitField(KrbTokenField.TOKEN_VALUE, Asn1OctetString.class)
+ };
+
+ /**
+ * Default constructor.
+ */
+ public KrbTokenBase() {
+ super(fieldInfos);
+ }
+
+ /**
+ * Get token format.
+ * @return The token format
+ */
+ public TokenFormat getTokenFormat() {
+ Integer value = getFieldAsInteger(KrbTokenField.TOKEN_FORMAT);
+ return TokenFormat.fromValue(value);
+ }
+
+ /**
+ * Set token format.
+ * @param tokenFormat The token format
+ */
+ public void setTokenFormat(TokenFormat tokenFormat) {
+ setFieldAsInt(KrbTokenField.TOKEN_FORMAT, tokenFormat.getValue());
+ }
+
+ /**
+ * Get token value.
+ * @return The token value
+ */
+ public byte[] getTokenValue() {
+ return getFieldAsOctets(KrbTokenField.TOKEN_VALUE);
+ }
+
+ /**
+ * Set token value.
+ * @param tokenValue The token value
+ */
+ public void setTokenValue(byte[] tokenValue) {
+ setFieldAsOctets(KrbTokenField.TOKEN_VALUE, tokenValue);
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/56f69587/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/pa/token/PaTokenRequest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/pa/token/PaTokenRequest.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/pa/token/PaTokenRequest.java
index 7819f16..b0dab16 100644
--- a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/pa/token/PaTokenRequest.java
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/pa/token/PaTokenRequest.java
@@ -23,7 +23,7 @@ import org.apache.kerby.asn1.Asn1FieldInfo;
import org.apache.kerby.asn1.EnumType;
import org.apache.kerby.asn1.ExplicitField;
import org.apache.kerby.kerberos.kerb.type.KrbSequenceType;
-import org.apache.kerby.kerberos.kerb.type.base.KrbToken;
+import org.apache.kerby.kerberos.kerb.type.base.KrbTokenBase;
/**
PA-TOKEN-REQUEST ::= SEQUENCE {
@@ -49,18 +49,18 @@ public class PaTokenRequest extends KrbSequenceType {
static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
new ExplicitField(PaTokenRequestField.TOKEN_INFO, TokenInfo.class),
- new ExplicitField(PaTokenRequestField.TOKEN, KrbToken.class)
+ new ExplicitField(PaTokenRequestField.TOKEN, KrbTokenBase.class)
};
public PaTokenRequest() {
super(fieldInfos);
}
- public KrbToken getToken() {
- return getFieldAs(PaTokenRequestField.TOKEN, KrbToken.class);
+ public KrbTokenBase getToken() {
+ return getFieldAs(PaTokenRequestField.TOKEN, KrbTokenBase.class);
}
- public void setToken(KrbToken token) {
+ public void setToken(KrbTokenBase token) {
setFieldAs(PaTokenRequestField.TOKEN, token);
}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/56f69587/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/token/TokenPreauth.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/token/TokenPreauth.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/token/TokenPreauth.java
index 34fec85..5abca91 100644
--- a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/token/TokenPreauth.java
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/token/TokenPreauth.java
@@ -37,7 +37,7 @@ import org.apache.kerby.kerberos.kerb.type.base.AuthToken;
import org.apache.kerby.kerberos.kerb.type.base.EncryptedData;
import org.apache.kerby.kerberos.kerb.type.base.EncryptionKey;
import org.apache.kerby.kerberos.kerb.type.base.KeyUsage;
-import org.apache.kerby.kerberos.kerb.type.base.KrbToken;
+import org.apache.kerby.kerberos.kerb.type.base.KrbTokenBase;
import org.apache.kerby.kerberos.kerb.type.base.PrincipalName;
import org.apache.kerby.kerberos.kerb.type.pa.PaDataEntry;
import org.apache.kerby.kerberos.kerb.type.pa.PaDataType;
@@ -75,7 +75,7 @@ public class TokenPreauth extends AbstractPreauthPlugin {
PaTokenRequest paTokenRequest = EncryptionUtil.unseal(encData, clientKey,
KeyUsage.PA_TOKEN, PaTokenRequest.class);
- KrbToken token = paTokenRequest.getToken();
+ KrbTokenBase token = paTokenRequest.getToken();
List<String> issuers = kdcRequest.getKdcContext().getConfig().getIssuers();
TokenInfo tokenInfo = paTokenRequest.getTokenInfo();
String issuer = tokenInfo.getTokenVendor();