You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by ol...@apache.org on 2019/12/05 20:29:54 UTC
[sling-org-apache-sling-commons-crypto] branch master updated:
SLING-8884 Provide a file-based password provider
This is an automated email from the ASF dual-hosted git repository.
olli pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-commons-crypto.git
The following commit(s) were added to refs/heads/master by this push:
new c2cd458 SLING-8884 Provide a file-based password provider
c2cd458 is described below
commit c2cd4580df0768d8b74532519e0a90631064acd1
Author: Oliver Lietz <ol...@apache.org>
AuthorDate: Thu Dec 5 21:29:16 2019 +0100
SLING-8884 Provide a file-based password provider
---
pom.xml | 153 +++++++++++++++++++++
.../crypto/internal/FilePasswordProvider.java | 108 +++++++++++++++
.../FilePasswordProviderConfiguration.java | 42 ++++++
.../commons/crypto/it/tests/CryptoTestSupport.java | 49 +++++++
.../crypto/it/tests/FilePasswordProviderIT.java | 66 +++++++++
src/test/resources/password.utf8 | 1 +
6 files changed, 419 insertions(+)
diff --git a/pom.xml b/pom.xml
index 458fabc..9e20357 100644
--- a/pom.xml
+++ b/pom.xml
@@ -38,6 +38,7 @@
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
<sling.java.version>8</sling.java.version>
+ <org.ops4j.pax.exam.version>4.13.1</org.ops4j.pax.exam.version>
</properties>
<scm>
@@ -55,22 +56,174 @@
<failOnMissing>false</failOnMissing>
</configuration>
</plugin>
+ <plugin>
+ <groupId>org.apache.servicemix.tooling</groupId>
+ <artifactId>depends-maven-plugin</artifactId>
+ </plugin>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-failsafe-plugin</artifactId>
+ <executions>
+ <execution>
+ <goals>
+ <goal>integration-test</goal>
+ <goal>verify</goal>
+ </goals>
+ </execution>
+ </executions>
+ <configuration>
+ <redirectTestOutputToFile>true</redirectTestOutputToFile>
+ <systemProperties>
+ <property>
+ <name>bundle.filename</name>
+ <value>${basedir}/target/${project.build.finalName}.jar</value>
+ </property>
+ </systemProperties>
+ </configuration>
+ </plugin>
+ <plugin>
+ <groupId>org.apache.rat</groupId>
+ <artifactId>apache-rat-plugin</artifactId>
+ <configuration>
+ <excludes>
+ <exclude>src/test/resources/password.*</exclude>
+ </excludes>
+ </configuration>
+ </plugin>
</plugins>
</build>
<dependencies>
+ <!-- javax -->
+ <dependency>
+ <groupId>javax.inject</groupId>
+ <artifactId>javax.inject</artifactId>
+ <scope>test</scope>
+ </dependency>
<!-- OSGi -->
<dependency>
<groupId>org.osgi</groupId>
<artifactId>org.osgi.annotation.versioning</artifactId>
<scope>provided</scope>
</dependency>
+ <dependency>
+ <groupId>org.osgi</groupId>
+ <artifactId>osgi.cmpn</artifactId>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.osgi</groupId>
+ <artifactId>osgi.core</artifactId>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.osgi</groupId>
+ <artifactId>org.osgi.service.component.annotations</artifactId>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.osgi</groupId>
+ <artifactId>org.osgi.service.cm</artifactId>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.osgi</groupId>
+ <artifactId>org.osgi.service.metatype.annotations</artifactId>
+ <scope>provided</scope>
+ </dependency>
+ <!-- Apache Felix -->
+ <dependency>
+ <groupId>org.apache.felix</groupId>
+ <artifactId>org.apache.felix.framework</artifactId>
+ <version>6.0.3</version>
+ <scope>test</scope>
+ </dependency>
+ <!-- Apache Sling -->
+ <dependency>
+ <groupId>org.apache.sling</groupId>
+ <artifactId>org.apache.sling.testing.paxexam</artifactId>
+ <version>3.1.0</version>
+ <scope>test</scope>
+ </dependency>
+ <!-- Google -->
+ <dependency>
+ <groupId>com.google.guava</groupId>
+ <artifactId>guava</artifactId>
+ <version>28.1-jre</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>com.google.guava</groupId>
+ <artifactId>failureaccess</artifactId>
+ <version>1.0.1</version>
+ <scope>test</scope>
+ </dependency>
<!-- JSR 305-->
<dependency>
<groupId>org.jetbrains</groupId>
<artifactId>annotations</artifactId>
<scope>provided</scope>
</dependency>
+ <!-- logging -->
+ <dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-api</artifactId>
+ <scope>provided</scope>
+ </dependency>
+ <!-- testing -->
+ <dependency>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>com.google.truth</groupId>
+ <artifactId>truth</artifactId>
+ <version>1.0</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency> <!-- truth dep -->
+ <groupId>com.googlecode.java-diff-utils</groupId>
+ <artifactId>diffutils</artifactId>
+ <version>1.3.0</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.ops4j.pax.exam</groupId>
+ <artifactId>pax-exam</artifactId>
+ <version>${org.ops4j.pax.exam.version}</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.ops4j.pax.exam</groupId>
+ <artifactId>pax-exam-cm</artifactId>
+ <version>${org.ops4j.pax.exam.version}</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.ops4j.pax.exam</groupId>
+ <artifactId>pax-exam-container-forked</artifactId>
+ <version>${org.ops4j.pax.exam.version}</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.ops4j.pax.exam</groupId>
+ <artifactId>pax-exam-junit4</artifactId>
+ <version>${org.ops4j.pax.exam.version}</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.ops4j.pax.exam</groupId>
+ <artifactId>pax-exam-link-mvn</artifactId>
+ <version>${org.ops4j.pax.exam.version}</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.ops4j.pax.url</groupId>
+ <artifactId>pax-url-wrap</artifactId>
+ <version>2.6.2</version>
+ <scope>test</scope>
+ </dependency>
</dependencies>
</project>
diff --git a/src/main/java/org/apache/sling/commons/crypto/internal/FilePasswordProvider.java b/src/main/java/org/apache/sling/commons/crypto/internal/FilePasswordProvider.java
new file mode 100644
index 0000000..7ecd03e
--- /dev/null
+++ b/src/main/java/org/apache/sling/commons/crypto/internal/FilePasswordProvider.java
@@ -0,0 +1,108 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.sling.commons.crypto.internal;
+
+import java.io.BufferedReader;
+import java.io.File;
+import java.io.IOException;
+import java.nio.charset.StandardCharsets;
+import java.nio.file.Files;
+import java.util.Arrays;
+
+import org.apache.sling.commons.crypto.PasswordProvider;
+import org.jetbrains.annotations.NotNull;
+import org.osgi.framework.Constants;
+import org.osgi.service.component.annotations.Activate;
+import org.osgi.service.component.annotations.Component;
+import org.osgi.service.component.annotations.Deactivate;
+import org.osgi.service.component.annotations.Modified;
+import org.osgi.service.metatype.annotations.Designate;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+@Component(
+ property = {
+ Constants.SERVICE_DESCRIPTION + "=Apache Sling Commons Crypto – File Password Provider",
+ Constants.SERVICE_VENDOR + "=The Apache Software Foundation"
+ }
+)
+@Designate(
+ ocd = FilePasswordProviderConfiguration.class,
+ factory = true
+)
+public class FilePasswordProvider implements PasswordProvider {
+
+ private FilePasswordProviderConfiguration configuration;
+
+ private final Logger logger = LoggerFactory.getLogger(FilePasswordProvider.class);
+
+ public FilePasswordProvider() {
+ }
+
+ @Activate
+ private void activate(final FilePasswordProviderConfiguration configuration) throws IOException {
+ logger.debug("activating");
+ this.configuration = configuration;
+ checkConfiguration();
+ }
+
+ @Modified
+ private void modified(final FilePasswordProviderConfiguration configuration) throws IOException {
+ logger.debug("modifying");
+ this.configuration = configuration;
+ checkConfiguration();
+ }
+
+ @Deactivate
+ private void deactivate() {
+ logger.debug("deactivating");
+ this.configuration = null;
+ }
+
+ private char[] readPassword(final String path) throws IOException {
+ final File file = new File(path);
+ final char[] buffer = new char[(int) file.length()];
+ try (final BufferedReader reader = Files.newBufferedReader(file.toPath(), StandardCharsets.UTF_8)) {
+ final int size = reader.read(buffer);
+ final char[] password = new char[size];
+ System.arraycopy(buffer, 0, password, 0, size);
+ Arrays.fill(buffer, '0');
+ return password;
+ }
+ }
+
+ private void checkConfiguration() throws IOException {
+ final String path = configuration.path();
+ final File file = new File(path);
+ if (!file.canRead()) {
+ final String message = String.format("Unable to read password file '%s'", path);
+ throw new IOException(message);
+ }
+ }
+
+ @Override
+ public @NotNull char[] getPassword() {
+ try {
+ return readPassword(configuration.path());
+ } catch (IOException e) {
+ throw new RuntimeException(e);
+ }
+ }
+
+}
diff --git a/src/main/java/org/apache/sling/commons/crypto/internal/FilePasswordProviderConfiguration.java b/src/main/java/org/apache/sling/commons/crypto/internal/FilePasswordProviderConfiguration.java
new file mode 100644
index 0000000..cdb2d45
--- /dev/null
+++ b/src/main/java/org/apache/sling/commons/crypto/internal/FilePasswordProviderConfiguration.java
@@ -0,0 +1,42 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.sling.commons.crypto.internal;
+
+import org.osgi.service.metatype.annotations.AttributeDefinition;
+import org.osgi.service.metatype.annotations.ObjectClassDefinition;
+
+@ObjectClassDefinition(
+ name = "Apache Sling Commons Crypto “File Password Provider”",
+ description = "Provides passwords from files"
+)
+@interface FilePasswordProviderConfiguration {
+
+ @AttributeDefinition(
+ name = "Names",
+ description = "names of this service"
+ )
+ String[] names() default {"default"};
+
+ @AttributeDefinition(
+ name = "Path",
+ description = "path to password file"
+ )
+ String path();
+
+}
diff --git a/src/test/java/org/apache/sling/commons/crypto/it/tests/CryptoTestSupport.java b/src/test/java/org/apache/sling/commons/crypto/it/tests/CryptoTestSupport.java
new file mode 100644
index 0000000..42e0a88
--- /dev/null
+++ b/src/test/java/org/apache/sling/commons/crypto/it/tests/CryptoTestSupport.java
@@ -0,0 +1,49 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.sling.commons.crypto.it.tests;
+
+import org.apache.sling.testing.paxexam.TestSupport;
+import org.ops4j.pax.exam.options.ModifiableCompositeOption;
+
+import static org.apache.sling.testing.paxexam.SlingOptions.paxUrlWrap;
+import static org.apache.sling.testing.paxexam.SlingOptions.scr;
+import static org.ops4j.pax.exam.CoreOptions.composite;
+import static org.ops4j.pax.exam.CoreOptions.junitBundles;
+import static org.ops4j.pax.exam.CoreOptions.mavenBundle;
+import static org.ops4j.pax.exam.CoreOptions.wrappedBundle;
+
+public abstract class CryptoTestSupport extends TestSupport {
+
+ public ModifiableCompositeOption baseConfiguration() {
+ return composite(
+ super.baseConfiguration(),
+ // Sling Commons Crypto
+ testBundle("bundle.filename"),
+ scr(),
+ // testing
+ junitBundles(),
+ paxUrlWrap(),
+ wrappedBundle(mavenBundle().groupId("com.google.truth").artifactId("truth").versionAsInProject()),
+ mavenBundle().groupId("com.google.guava").artifactId("guava").versionAsInProject(),
+ mavenBundle().groupId("com.google.guava").artifactId("failureaccess").versionAsInProject(),
+ mavenBundle().groupId("com.googlecode.java-diff-utils").artifactId("diffutils").versionAsInProject()
+ );
+ }
+
+}
diff --git a/src/test/java/org/apache/sling/commons/crypto/it/tests/FilePasswordProviderIT.java b/src/test/java/org/apache/sling/commons/crypto/it/tests/FilePasswordProviderIT.java
new file mode 100644
index 0000000..cc0a51c
--- /dev/null
+++ b/src/test/java/org/apache/sling/commons/crypto/it/tests/FilePasswordProviderIT.java
@@ -0,0 +1,66 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.sling.commons.crypto.it.tests;
+
+import javax.inject.Inject;
+
+import org.apache.sling.commons.crypto.PasswordProvider;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.ops4j.pax.exam.Configuration;
+import org.ops4j.pax.exam.Option;
+import org.ops4j.pax.exam.junit.PaxExam;
+import org.ops4j.pax.exam.spi.reactors.ExamReactorStrategy;
+import org.ops4j.pax.exam.spi.reactors.PerClass;
+import org.ops4j.pax.exam.util.PathUtils;
+
+import static com.google.common.truth.Truth.assertThat;
+import static org.ops4j.pax.exam.CoreOptions.options;
+import static org.ops4j.pax.exam.cm.ConfigurationAdminOptions.factoryConfiguration;
+
+@RunWith(PaxExam.class)
+@ExamReactorStrategy(PerClass.class)
+public class FilePasswordProviderIT extends CryptoTestSupport {
+
+ @Inject
+ private PasswordProvider passwordProvider;
+
+ @Configuration
+ public Option[] configuration() {
+ final String path = String.format("%s/src/test/resources/password.utf8", PathUtils.getBaseDir());
+ return options(
+ baseConfiguration(),
+ factoryConfiguration("org.apache.sling.commons.crypto.internal.FilePasswordProvider")
+ .put("path", path)
+ .asOption()
+ );
+ }
+
+ @Test
+ public void testPasswordProvider() {
+ assertThat(passwordProvider).isNotNull();
+ }
+
+ @Test
+ public void testPassword() {
+ final String password = " Napøleøn Sølø (DK) \uD83C\uDFC1\uD83C\uDDE9\uD83C\uDDF0";
+ assertThat(passwordProvider.getPassword()).isEqualTo(password.toCharArray());
+ }
+
+}
diff --git a/src/test/resources/password.utf8 b/src/test/resources/password.utf8
new file mode 100644
index 0000000..291cbd2
--- /dev/null
+++ b/src/test/resources/password.utf8
@@ -0,0 +1 @@
+ Napøleøn Sølø (DK) 🏁🇩🇰
\ No newline at end of file