Yair Zaslavsky has uploaded a new change for review. Change subject: aaa: InternalAuthenticator should use the new API ......................................................................
aaa: InternalAuthenticator should use the new API Currently the internal authenticator still extends Authenticator, but already uses the new API Change-Id: I60f7b7f50617bff9f4872dc79f14fb016c9d72d3 Topic: AAA Signed-off-by: Yair Zaslavsky <[email protected]> --- M backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/internal/InternalAuthenticator.java 1 file changed, 70 insertions(+), 11 deletions(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/43/26443/1 diff --git a/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/internal/InternalAuthenticator.java b/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/internal/InternalAuthenticator.java index d209a6a..a22c752 100644 --- a/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/internal/InternalAuthenticator.java +++ b/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/internal/InternalAuthenticator.java @@ -2,31 +2,90 @@ import java.util.Properties; +import org.ovirt.engine.api.extensions.Base; +import org.ovirt.engine.api.extensions.ExtMap; +import org.ovirt.engine.api.extensions.Extension; +import org.ovirt.engine.api.extensions.aaa.Authn; import org.ovirt.engine.api.extensionsold.AAAExtensionException; import org.ovirt.engine.core.aaa.Authenticator; +import org.ovirt.engine.core.extensions.mgr.ExtensionProxy; /** * This authenticator authenticates the internal user as specified in the {@code AdminUser} and {@code AdminPassword} - * configuration parameters stored in the database. + * configuration parameters stored in the database. Currently it is in an interim status of development as */ -public class InternalAuthenticator extends Authenticator { +public class InternalAuthenticator extends Authenticator implements Extension { + private ExtMap initMap; + + // This method should be removed once we no longer work with Authenticator class hierarchy @Override public void authenticate(String user, String password) { - String adminUser = ((Properties)context.get(ExtensionProperties.CONFIGURATION)).getProperty("config.authn.user.name"); - String adminPassword = ((Properties)context.get(ExtensionProperties.CONFIGURATION)).getProperty("config.authn.user.password"); - if (!(user.equals(adminUser) && password.equals(adminPassword))) { + ExtMap inputMap = new ExtMap().mput( + Base.InvokeKeys.COMMAND, Authn.InvokeCommands.AUTHENTICATE_CREDENTIALS + ).mput( + Authn.InvokeKeys.USER, user + ).mput( + Authn.InvokeKeys.CREDENTIALS, password + ); + ExtensionProxy proxy = new ExtensionProxy(this, initMap.<ExtMap> get(Base.InvokeKeys.CONTEXT)); + ExtMap outputMap = proxy.invoke(inputMap); + if (outputMap.<Integer> get(Authn.InvokeKeys.RESULT) == Authn.AuthResult.CREDENTIALS_INVALID) { throw new AAAExtensionException(AAAExtensionException.AAAExtensionError.INCORRECT_CREDENTIALS, ""); } } + // This method should be removed once we no longer woth with Authenticator class hierarchy @Override public void init() { - context.put(ExtensionProperties.AUTHOR, "The oVirt Project"); - context.put(ExtensionProperties.EXTENSION_NAME, "Internal Authentication (Built-in)"); - context.put(ExtensionProperties.LICENSE, "ASL 2.0"); - context.put(ExtensionProperties.HOME, "http://www.ovirt.org";); - context.put(ExtensionProperties.VERSION, "N/A"); - context.put(ExtensionProperties.AAA_AUTHENTICATION_CAPABILITIES, AAA_AUTH_CAP_FLAGS_PASSWORD); } + + @Override + public void invoke(ExtMap input, ExtMap output) { + if (input.get(Base.InvokeKeys.COMMAND).equals(Base.InvokeCommands.INITIALIZE)) { + doInit(input, output); + } + if (input.get(Base.InvokeKeys.COMMAND).equals(Authn.InvokeCommands.AUTHENTICATE_CREDENTIALS)) { + doAuthenticate(input, output); + } + } + + @Override + public String getName() { + return (String) initMap.<ExtMap> get(Base.InvokeKeys.CONTEXT).<String> get(Base.ContextKeys.INSTANCE_NAME); + } + + @Override + public String getProfileName() { + return (String) initMap.<ExtMap> get(Base.InvokeKeys.CONTEXT) + .<Properties> get(Base.ContextKeys.CONFIGURATION) + .getProperty("ovirt.engine.aaa.authn.profile.name"); + } + + private void doAuthenticate(ExtMap input, ExtMap output) { + String adminUser = input.<ExtMap> get( + Base.InvokeKeys.CONTEXT + ).<Properties>get(Base.ContextKeys.CONFIGURATION).getProperty("config.authn.user.name"); + + String adminPassword= input.<ExtMap> get( + Base.InvokeKeys.CONTEXT + ).<Properties>get(Base.ContextKeys.CONFIGURATION).getProperty("config.authn.user.password"); + if (!(input.get(Authn.InvokeKeys.USER).equals(adminUser) && input.get(Authn.InvokeKeys.CREDENTIALS).equals(adminPassword))) { + output.put(Authn.InvokeKeys.RESULT, Authn.AuthResult.CREDENTIALS_INVALID); + } else { + output.put(Authn.InvokeKeys.RESULT, Authn.AuthResult.SUCCESS); + } + } + + private void doInit(ExtMap input, ExtMap output) { + input.<ExtMap> get(Base.InvokeKeys.CONTEXT).mput(Base.ContextKeys.AUTHOR, "The oVirt Project"). + mput(Base.ContextKeys.EXTENSION_NAME, "Internal Authentication (Built-in"). + mput(Base.ContextKeys.LICENSE, "ASL 2.0"). + mput(Base.ContextKeys.HOME_URL, "http://www.ovirt.org";). + mput(Base.ContextKeys.VERSION, "N/A"). + mput(Authn.ContextKeys.CAPABILITIES, Authn.Capabilities.AUTHENTICATE_PASSWORD); + initMap = input; + output.mput(Base.InvokeKeys.RESULT, Base.InvokeResult.SUCCESS); + } + } -- To view, visit http://gerrit.ovirt.org/26443 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I60f7b7f50617bff9f4872dc79f14fb016c9d72d3 Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Yair Zaslavsky <[email protected]> _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
