You are viewing a plain text version of this content. The canonical link for it is here.
Posted to server-dev@james.apache.org by rc...@apache.org on 2019/11/25 02:19:34 UTC
[james-project] 06/10: JAMES-2949 Username strong typing in IMAP
Authentication
This is an automated email from the ASF dual-hosted git repository.
rcordier pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/james-project.git
commit 812ea668e03f09c3d0344a7b84aaa9c909f28f33
Author: Raphael Ouazana <ra...@linagora.com>
AuthorDate: Thu Nov 21 11:28:46 2019 +0100
JAMES-2949 Username strong typing in IMAP Authentication
---
.../james/imap/decode/parser/LoginCommandParser.java | 5 +++--
.../james/imap/message/request/LoginRequest.java | 7 ++++---
.../james/imap/processor/AbstractAuthProcessor.java | 20 ++++++++++----------
.../james/imap/processor/AuthenticateProcessor.java | 5 +++--
4 files changed, 20 insertions(+), 17 deletions(-)
diff --git a/protocols/imap/src/main/java/org/apache/james/imap/decode/parser/LoginCommandParser.java b/protocols/imap/src/main/java/org/apache/james/imap/decode/parser/LoginCommandParser.java
index 4c4246f..4f0a53f 100644
--- a/protocols/imap/src/main/java/org/apache/james/imap/decode/parser/LoginCommandParser.java
+++ b/protocols/imap/src/main/java/org/apache/james/imap/decode/parser/LoginCommandParser.java
@@ -18,6 +18,7 @@
****************************************************************/
package org.apache.james.imap.decode.parser;
+import org.apache.james.core.Username;
import org.apache.james.imap.api.ImapCommand;
import org.apache.james.imap.api.ImapConstants;
import org.apache.james.imap.api.ImapMessage;
@@ -39,8 +40,8 @@ public class LoginCommandParser extends AbstractImapCommandParser {
@Override
protected ImapMessage decode(ImapCommand command, ImapRequestLineReader request, Tag tag, ImapSession session) throws DecodingException {
- final String userid = request.astring();
- final String password = request.astring();
+ Username userid = Username.of(request.astring());
+ String password = request.astring();
request.eol();
return new LoginRequest(command, userid, password, tag);
diff --git a/protocols/imap/src/main/java/org/apache/james/imap/message/request/LoginRequest.java b/protocols/imap/src/main/java/org/apache/james/imap/message/request/LoginRequest.java
index df18fef..17fee58 100644
--- a/protocols/imap/src/main/java/org/apache/james/imap/message/request/LoginRequest.java
+++ b/protocols/imap/src/main/java/org/apache/james/imap/message/request/LoginRequest.java
@@ -18,6 +18,7 @@
****************************************************************/
package org.apache.james.imap.message.request;
+import org.apache.james.core.Username;
import org.apache.james.imap.api.ImapCommand;
import org.apache.james.imap.api.Tag;
import org.apache.james.imap.api.message.request.ImapRequest;
@@ -26,11 +27,11 @@ import org.apache.james.imap.api.message.request.ImapRequest;
* {@link ImapRequest} which requests the login of a user
*/
public class LoginRequest extends AbstractImapRequest {
- private final String userid;
+ private final Username userid;
private final String password;
- public LoginRequest(ImapCommand command, String userid, String password, Tag tag) {
+ public LoginRequest(ImapCommand command, Username userid, String password, Tag tag) {
super(tag, command);
this.userid = userid;
this.password = password;
@@ -50,7 +51,7 @@ public class LoginRequest extends AbstractImapRequest {
*
* @return user
*/
- public final String getUserid() {
+ public final Username getUserid() {
return userid;
}
}
diff --git a/protocols/imap/src/main/java/org/apache/james/imap/processor/AbstractAuthProcessor.java b/protocols/imap/src/main/java/org/apache/james/imap/processor/AbstractAuthProcessor.java
index 77416a8..d7ef19e 100644
--- a/protocols/imap/src/main/java/org/apache/james/imap/processor/AbstractAuthProcessor.java
+++ b/protocols/imap/src/main/java/org/apache/james/imap/processor/AbstractAuthProcessor.java
@@ -68,7 +68,7 @@ public abstract class AbstractAuthProcessor<R extends ImapRequest> extends Abstr
if (!authFailure) {
final MailboxManager mailboxManager = getMailboxManager();
try {
- final MailboxSession mailboxSession = mailboxManager.login(Username.of(authenticationAttempt.getAuthenticationId()),
+ final MailboxSession mailboxSession = mailboxManager.login(authenticationAttempt.getAuthenticationId(),
authenticationAttempt.getPassword());
session.authenticated();
session.setAttribute(ImapSessionUtils.MAILBOX_SESSION_ATTRIBUTE_SESSION_KEY, mailboxSession);
@@ -97,9 +97,9 @@ public abstract class AbstractAuthProcessor<R extends ImapRequest> extends Abstr
if (!authFailure) {
final MailboxManager mailboxManager = getMailboxManager();
try {
- final MailboxSession mailboxSession = mailboxManager.loginAsOtherUser(Username.of(authenticationAttempt.getAuthenticationId()),
+ final MailboxSession mailboxSession = mailboxManager.loginAsOtherUser(authenticationAttempt.getAuthenticationId(),
authenticationAttempt.getPassword(),
- Username.of(authenticationAttempt.getDelegateUserName().get()));
+ authenticationAttempt.getDelegateUserName().get());
session.authenticated();
session.setAttribute(ImapSessionUtils.MAILBOX_SESSION_ATTRIBUTE_SESSION_KEY, mailboxSession);
provisionInbox(session, mailboxManager, mailboxSession);
@@ -156,20 +156,20 @@ public abstract class AbstractAuthProcessor<R extends ImapRequest> extends Abstr
}
}
- protected static AuthenticationAttempt delegation(String authorizeId, String authenticationId, String password) {
+ protected static AuthenticationAttempt delegation(Username authorizeId, Username authenticationId, String password) {
return new AuthenticationAttempt(Optional.of(authorizeId), authenticationId, password);
}
- protected static AuthenticationAttempt noDelegation(String authenticationId, String password) {
+ protected static AuthenticationAttempt noDelegation(Username authenticationId, String password) {
return new AuthenticationAttempt(Optional.empty(), authenticationId, password);
}
protected static class AuthenticationAttempt {
- private final Optional<String> delegateUserName;
- private final String authenticationId;
+ private final Optional<Username> delegateUserName;
+ private final Username authenticationId;
private final String password;
- public AuthenticationAttempt(Optional<String> delegateUserName, String authenticationId, String password) {
+ public AuthenticationAttempt(Optional<Username> delegateUserName, Username authenticationId, String password) {
this.delegateUserName = delegateUserName;
this.authenticationId = authenticationId;
this.password = password;
@@ -179,11 +179,11 @@ public abstract class AbstractAuthProcessor<R extends ImapRequest> extends Abstr
return delegateUserName.isPresent() && !delegateUserName.get().equals(authenticationId);
}
- public Optional<String> getDelegateUserName() {
+ public Optional<Username> getDelegateUserName() {
return delegateUserName;
}
- public String getAuthenticationId() {
+ public Username getAuthenticationId() {
return authenticationId;
}
diff --git a/protocols/imap/src/main/java/org/apache/james/imap/processor/AuthenticateProcessor.java b/protocols/imap/src/main/java/org/apache/james/imap/processor/AuthenticateProcessor.java
index b44dd1a..6a92f7c 100644
--- a/protocols/imap/src/main/java/org/apache/james/imap/processor/AuthenticateProcessor.java
+++ b/protocols/imap/src/main/java/org/apache/james/imap/processor/AuthenticateProcessor.java
@@ -26,6 +26,7 @@ import java.util.Base64;
import java.util.List;
import java.util.StringTokenizer;
+import org.apache.james.core.Username;
import org.apache.james.imap.api.display.HumanReadableText;
import org.apache.james.imap.api.message.request.ImapRequest;
import org.apache.james.imap.api.message.response.StatusResponseFactory;
@@ -104,7 +105,7 @@ public class AuthenticateProcessor extends AbstractAuthProcessor<AuthenticateReq
String token1 = authTokenizer.nextToken(); // Authorization Identity
token2 = authTokenizer.nextToken(); // Authentication Identity
try {
- return delegation(token1, token2, authTokenizer.nextToken());
+ return delegation(Username.of(token1), Username.of(token2), authTokenizer.nextToken());
} catch (java.util.NoSuchElementException ignored) {
// If we got here, this is what happened. RFC 2595
// says that "the client may leave the authorization
@@ -121,7 +122,7 @@ public class AuthenticateProcessor extends AbstractAuthProcessor<AuthenticateReq
// elements, leading to the exception we just
// caught. So we need to move the user to the
// password, and the authorize_id to the user.
- return noDelegation(token1, token2);
+ return noDelegation(Username.of(token1), token2);
} finally {
authTokenizer = null;
}
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org