• Home
• com.oracle.oci.sdk
• oci-java-sdk-addons-sasl
• 3.44.4
• source code
• OciLoginModule.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.oracle.bmc.auth.sasl.OciLoginModule Maven / Gradle / Ivy

/**
 * Copyright (c) 2016, 2024, Oracle and/or its affiliates.  All rights reserved.
 * This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license.
 */
package com.oracle.bmc.auth.sasl;

import com.oracle.bmc.auth.BasicAuthenticationDetailsProvider;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.spi.LoginModule;

public abstract class OciLoginModule implements LoginModule {

    private static final String INTENT_CONFIG = "intent";

    static {
        OciSaslClientProvider.initialize();
    }

    @Override
    public void initialize(
            Subject subject,
            CallbackHandler callbackHandler,
            Map sharedState,
            Map options) {

        final String intent = (String) options.get(INTENT_CONFIG);
        if (intent == null) {
            throw new IllegalArgumentException("Intent is required.");
        }

        // The intent is considered a public credential (use NameCallback to retrieve)
        subject.getPublicCredentials().add(intent);

        final BasicAuthenticationDetailsProvider authProvider = loadAuthenticationProvider(options);

        // Because Kafka doesn't allow using a custom callback handler and requires the password to
        // be a string
        // we will map the auth provider to a UUID and use the cache key as a private credential.
        // The SASL client will retrieve the auth provider using the key.
        final String cacheKey = OciSaslClient.AuthProviderCache.cache(authProvider);
        subject.getPrivateCredentials().add(cacheKey);
        // We will also add it as the full instance for newer SASL clients that can control their
        // callback handler.
        // The callback handler will need to handle callback of type OciAuthProviderCallback.
        subject.getPrivateCredentials().add(authProvider);
    }

    protected abstract BasicAuthenticationDetailsProvider loadAuthenticationProvider(
            Map options);

    @Override
    public boolean login() {
        return true;
    }

    @Override
    public boolean commit() {
        return true;
    }

    @Override
    public boolean abort() {
        return false;
    }

    @Override
    public boolean logout() {
        return true;
    }
}