You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tinkerpop.apache.org by jo...@apache.org on 2018/08/23 12:51:40 UTC
[09/16] tinkerpop git commit: Added support for mechanism plugins for
Sasl handler
Added support for mechanism plugins for Sasl handler
Project: http://git-wip-us.apache.org/repos/asf/tinkerpop/repo
Commit: http://git-wip-us.apache.org/repos/asf/tinkerpop/commit/7a5cb9c8
Tree: http://git-wip-us.apache.org/repos/asf/tinkerpop/tree/7a5cb9c8
Diff: http://git-wip-us.apache.org/repos/asf/tinkerpop/diff/7a5cb9c8
Branch: refs/heads/tp33
Commit: 7a5cb9c8053dbd303f70f5bbca95dcde528cf886
Parents: bdecf85
Author: Matthew Allen <ma...@runbox.com>
Authored: Sun Jul 29 15:59:08 2018 +0100
Committer: Matthew Allen <ma...@runbox.com>
Committed: Thu Aug 23 06:39:26 2018 +0100
----------------------------------------------------------------------
.../auth/mechanisms/sasl-mechanism-base.js | 36 +++++++++++++++++++
.../auth/mechanisms/sasl-mechanism-plain.js | 37 ++++++++++++++++++++
.../lib/driver/driver-remote-connection.js | 2 +-
.../lib/driver/sasl-authenticator.js | 28 +++++++--------
.../gremlin-javascript/test/helper.js | 11 ++++--
5 files changed, 97 insertions(+), 17 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/7a5cb9c8/gremlin-javascript/src/main/javascript/gremlin-javascript/lib/driver/auth/mechanisms/sasl-mechanism-base.js
----------------------------------------------------------------------
diff --git a/gremlin-javascript/src/main/javascript/gremlin-javascript/lib/driver/auth/mechanisms/sasl-mechanism-base.js b/gremlin-javascript/src/main/javascript/gremlin-javascript/lib/driver/auth/mechanisms/sasl-mechanism-base.js
new file mode 100644
index 0000000..4b75778
--- /dev/null
+++ b/gremlin-javascript/src/main/javascript/gremlin-javascript/lib/driver/auth/mechanisms/sasl-mechanism-base.js
@@ -0,0 +1,36 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+'use strict';
+
+/** @abstract */
+class SaslMechanismBase {
+ get name() {
+ return null;
+ }
+
+ setopts(options) {
+ this._options = options;
+ }
+
+ evaluateChallenge(challenge) {
+ throw new Error("evaluateChallenge should be implemented");
+ }
+}
+
+module.exports = SaslMechanismBase;
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/7a5cb9c8/gremlin-javascript/src/main/javascript/gremlin-javascript/lib/driver/auth/mechanisms/sasl-mechanism-plain.js
----------------------------------------------------------------------
diff --git a/gremlin-javascript/src/main/javascript/gremlin-javascript/lib/driver/auth/mechanisms/sasl-mechanism-plain.js b/gremlin-javascript/src/main/javascript/gremlin-javascript/lib/driver/auth/mechanisms/sasl-mechanism-plain.js
new file mode 100644
index 0000000..be418be
--- /dev/null
+++ b/gremlin-javascript/src/main/javascript/gremlin-javascript/lib/driver/auth/mechanisms/sasl-mechanism-plain.js
@@ -0,0 +1,37 @@
+'use strict';
+
+const SaslMechanismBase = require('./sasl-mechanism-base');
+
+class SaslMechanismPlain extends SaslMechanismBase {
+ get name() {
+ return 'PLAIN';
+ }
+
+ evaluateChallenge(challenge) {
+ if (this._hasInitialResponse(challenge)) {
+ return Promise.resolve({ 'saslMechanism': this.name, 'sasl': this._saslArgument() });
+ }
+
+ return Promise.resolve({ 'sasl': this._saslArgument() });
+ }
+
+ _saslArgument() {
+ if (this._options.username === undefined || this._options.username.length === 0
+ || this._options.password === undefined || this._options.password.length === 0 ) {
+ throw new Error('No Credentials Supplied');
+ }
+
+ const authstr = ((this._options.authId !== undefined && this._options.authId.length) ? this._options.authId : '')
+ + `\0${this._options.username}\0${this._options.password}`;
+ return new Buffer(authstr).toString('base64');
+ }
+
+ _hasInitialResponse(challenge) {
+ if (challenge === undefined || challenge === null) {
+ return false;
+ }
+ return true;
+ }
+}
+
+module.exports = SaslMechanismPlain;
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/7a5cb9c8/gremlin-javascript/src/main/javascript/gremlin-javascript/lib/driver/driver-remote-connection.js
----------------------------------------------------------------------
diff --git a/gremlin-javascript/src/main/javascript/gremlin-javascript/lib/driver/driver-remote-connection.js b/gremlin-javascript/src/main/javascript/gremlin-javascript/lib/driver/driver-remote-connection.js
index c60492e..04deee7 100644
--- a/gremlin-javascript/src/main/javascript/gremlin-javascript/lib/driver/driver-remote-connection.js
+++ b/gremlin-javascript/src/main/javascript/gremlin-javascript/lib/driver/driver-remote-connection.js
@@ -163,7 +163,7 @@ class DriverRemoteConnection extends RemoteConnection {
}
if (response.status.code === responseStatusCode.authenticationChallenge && this._authenticator) {
- this._authenticator.evaluateChallenge(response).then(res => {
+ this._authenticator.evaluateChallenge(response.result.data).then(res => {
return this.submit(null, 'authentication', res, response.requestId);
}).catch(handler.callback);
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/7a5cb9c8/gremlin-javascript/src/main/javascript/gremlin-javascript/lib/driver/sasl-authenticator.js
----------------------------------------------------------------------
diff --git a/gremlin-javascript/src/main/javascript/gremlin-javascript/lib/driver/sasl-authenticator.js b/gremlin-javascript/src/main/javascript/gremlin-javascript/lib/driver/sasl-authenticator.js
index fb4c5af..4b63ab5 100644
--- a/gremlin-javascript/src/main/javascript/gremlin-javascript/lib/driver/sasl-authenticator.js
+++ b/gremlin-javascript/src/main/javascript/gremlin-javascript/lib/driver/sasl-authenticator.js
@@ -5,25 +5,25 @@ const Authenticator = require('./authenticator');
class SaslAuthenticator extends Authenticator {
/**
* Creates a new instance of SaslAuthenticator.
- * @param {Object} [credentials] The authentication credential options.
- * @param {String} [credentials.username] The user for the authentication response.
- * @param {String} [credentials.password] The plaintext password for authentication response.
+ * @param {Object} [options] The authentication options.
+ * @param {Object} [options.mechanism] The mechanism to be used for authentication.
+ * @param {String} [options.hostname] The hostname of the client.
+ * @param {*} [options] Other mechanism specific options.
* @constructor
*/
- constructor(credentials) {
- super(credentials);
+ constructor(options) {
+ super(options);
+
+ if (options.mechanism === null || options.mechanism === undefined) {
+ throw new Error('No Sasl Mechanism Specified');
+ }
+
+ this._options = options;
+ this._options.mechanism.setopts(this._options);
}
evaluateChallenge(challenge) {
- return Promise.resolve({ 'sasl': this.saslArgument() });
- }
-
- saslArgument() {
- if (typeof this._credentials.username === "undefined" || this._credentials.username.length === 0
- || typeof this._credentials.password === "undefined" || this._credentials.password.length === 0 ) {
- throw new Error('No Credentials Supplied');
- }
- return new Buffer(`\0${this._credentials.username}\0${this._credentials.password}`).toString('base64');
+ return Promise.resolve(this._options.mechanism.evaluateChallenge(challenge));
}
}
http://git-wip-us.apache.org/repos/asf/tinkerpop/blob/7a5cb9c8/gremlin-javascript/src/main/javascript/gremlin-javascript/test/helper.js
----------------------------------------------------------------------
diff --git a/gremlin-javascript/src/main/javascript/gremlin-javascript/test/helper.js b/gremlin-javascript/src/main/javascript/gremlin-javascript/test/helper.js
index 5a90296..25e9557 100644
--- a/gremlin-javascript/src/main/javascript/gremlin-javascript/test/helper.js
+++ b/gremlin-javascript/src/main/javascript/gremlin-javascript/test/helper.js
@@ -21,14 +21,21 @@
* @author Jorge Bay Gondra
*/
'use strict';
+const os = require('os');
const DriverRemoteConnection = require('../lib/driver/driver-remote-connection');
+const SaslAuthenticator = require('../lib/driver/sasl-authenticator');
+const SaslMechanismPlain = require('../lib/driver/auth/mechanisms/sasl-mechanism-plain');
exports.getConnection = function getConnection(traversalSource) {
return new DriverRemoteConnection('ws://localhost:45940/gremlin', { traversalSource: traversalSource });
};
exports.getSecureConnectionWithAuthenticator = function getConnection(traversalSource) {
- const authenticator = new SaslAuthenticator({ username: 'stephen', password: 'password' });
- return new DriverRemoteConnection('ws://localhost:45941/gremlin', { traversalSource: traversalSource, authenticator: authenticator, rejectUnauthorized: false });
+ const authenticator = new SaslAuthenticator({ mechanism: new SaslMechanismPlain(), username: 'stephen', password: 'password', authId: os.hostname() });
+ return new DriverRemoteConnection('wss://localhost:45941/gremlin', {
+ traversalSource: traversalSource,
+ authenticator: authenticator,
+ rejectUnauthorized: false
+ });
};
\ No newline at end of file