• Home
• com.datastax.oss
• java-driver-core
• 4.17.0
• source code
• ProgrammaticPlainTextAuthProvider.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.datastax.oss.driver.api.core.auth.ProgrammaticPlainTextAuthProvider Maven / Gradle / Ivy

/*
 * Copyright DataStax, Inc.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package com.datastax.oss.driver.api.core.auth;

import com.datastax.oss.driver.api.core.metadata.EndPoint;
import com.datastax.oss.driver.api.core.session.SessionBuilder;
import com.datastax.oss.driver.internal.core.util.Strings;
import edu.umd.cs.findbugs.annotations.NonNull;
import java.util.Objects;
import net.jcip.annotations.ThreadSafe;

/**
 * A simple plaintext {@link AuthProvider} that receives the credentials programmatically instead of
 * pulling them from the configuration.
 *
 * 
To use this class, create an instance with the appropriate credentials to use and pass it to
 * your session builder:
 *
 * 
 * AuthProvider authProvider = new ProgrammaticPlainTextAuthProvider("...", "...");
 * CqlSession session =
 *     CqlSession.builder()
 *         .addContactEndPoints(...)
 *         .withAuthProvider(authProvider)
 *         .build();
 * 
 *
 * 
It also offers the possibility of changing the credentials at runtime. The new credentials
 * will be used for all connections initiated after the change.
 *
 * 
Implementation Note: this implementation is not particularly suited for highly-sensitive
 * applications: it stores the credentials to use as private fields, and even if the fields are char
 * arrays rather than strings to make it difficult to dump their contents, they are never cleared
 * until the provider itself is garbage-collected, which typically only happens when the session is
 * closed.
 *
 * @see SessionBuilder#withAuthProvider(AuthProvider)
 * @see SessionBuilder#withAuthCredentials(String, String)
 * @see SessionBuilder#withAuthCredentials(String, String, String)
 */
@ThreadSafe
public class ProgrammaticPlainTextAuthProvider extends PlainTextAuthProviderBase {

  private volatile char[] username;
  private volatile char[] password;
  private volatile char[] authorizationId;

  /** Builds an instance for simple username/password authentication. */
  public ProgrammaticPlainTextAuthProvider(@NonNull String username, @NonNull String password) {
    this(username, password, "");
  }

  /**
   * Builds an instance for username/password authentication, and proxy authentication with the
   * given authorizationId.
   *
   * 
This feature is only available with DataStax Enterprise. If the target server is Apache
   * Cassandra, use {@link #ProgrammaticPlainTextAuthProvider(String, String)} instead, or set the
   * authorizationId to an empty string.
   */
  public ProgrammaticPlainTextAuthProvider(
      @NonNull String username, @NonNull String password, @NonNull String authorizationId) {
    // This will typically be built before the session so we don't know the log prefix yet. Pass an
    // empty string, it's only used in one log message.
    super("");
    this.username = Strings.requireNotEmpty(username, "username").toCharArray();
    this.password = Strings.requireNotEmpty(password, "password").toCharArray();
    this.authorizationId =
        Objects.requireNonNull(authorizationId, "authorizationId cannot be null").toCharArray();
  }

  /**
   * Changes the username.
   *
   * 
The new credentials will be used for all connections initiated after this method was called.
   *
   * @param username the new name.
   */
  public void setUsername(@NonNull String username) {
    this.username = Strings.requireNotEmpty(username, "username").toCharArray();
  }

  /**
   * Changes the password.
   *
   * 
The new credentials will be used for all connections initiated after this method was called.
   *
   * @param password the new password.
   */
  public void setPassword(@NonNull String password) {
    this.password = Strings.requireNotEmpty(password, "password").toCharArray();
  }

  /**
   * Changes the authorization id.
   *
   * 
The new credentials will be used for all connections initiated after this method was called.
   *
   * 
This feature is only available with DataStax Enterprise. If the target server is Apache
   * Cassandra, this method should not be used.
   *
   * @param authorizationId the new authorization id.
   */
  public void setAuthorizationId(@NonNull String authorizationId) {
    this.authorizationId =
        Objects.requireNonNull(authorizationId, "authorizationId cannot be null").toCharArray();
  }

  /**
   * {@inheritDoc}
   *
   * 
This implementation disregards the endpoint being connected to as well as the authenticator
   * class sent by the server, and always returns the same credentials.
   */
  @NonNull
  @Override
  protected Credentials getCredentials(
      @NonNull EndPoint endPoint, @NonNull String serverAuthenticator) {
    return new Credentials(username.clone(), password.clone(), authorizationId.clone());
  }
}