• Home
• com.pontusvision
• janusgraph-server
• 100-3.0
• source code
• SaslAndHMACAuthenticationHandler.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

org.janusgraph.graphdb.tinkerpop.gremlin.server.handler.SaslAndHMACAuthenticationHandler Maven / Gradle / Ivy

// Copyright 2017 JanusGraph Authors
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//      http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

package org.janusgraph.graphdb.tinkerpop.gremlin.server.handler;

import static io.netty.handler.codec.http.HttpHeaders.Names.CONNECTION;
import static io.netty.handler.codec.http.HttpHeaders.Names.UPGRADE;
import static org.apache.tinkerpop.gremlin.server.AbstractChannelizer.PIPELINE_AUTHENTICATOR;

import org.apache.tinkerpop.gremlin.server.Settings;
import org.apache.tinkerpop.gremlin.server.auth.Authenticator;
import org.apache.tinkerpop.gremlin.server.handler.SaslAuthenticationHandler;
import org.janusgraph.graphdb.tinkerpop.gremlin.server.auth.HMACAuthenticator;
import org.janusgraph.graphdb.tinkerpop.gremlin.server.auth.SaslAndHMACAuthenticator;

import io.netty.channel.ChannelHandler;
import io.netty.channel.ChannelHandlerContext;
import io.netty.handler.codec.http.HttpMessage;

/**
 * A class for doing Basic Auth and Token auth using an HMAC as well as
 * Sasl authentication
 * @author Keith Lohnes [email protected]
 */
@ChannelHandler.Sharable
public class SaslAndHMACAuthenticationHandler extends SaslAuthenticationHandler {

    private final String HMAC_AUTH = "hmac_authenticator";
    private HMACAuthenticator hmacAuthenticator;

    public SaslAndHMACAuthenticationHandler(final Authenticator authenticator, final Settings.AuthenticationSettings authenticationSettings) {
        super(((SaslAndHMACAuthenticator) authenticator).getSimpleAuthenticator(), authenticationSettings);
        hmacAuthenticator = ((SaslAndHMACAuthenticator) authenticator).getHMACAuthenticator();
    }

    @Override
    public void channelRead(final ChannelHandlerContext ctx, final Object obj) throws Exception {
        if (obj instanceof HttpMessage && !isWebSocket((HttpMessage)obj)) {
            if (null == ctx.pipeline().get(HMAC_AUTH)) {
                final HttpHMACAuthenticationHandler authHandler = new HttpHMACAuthenticationHandler(hmacAuthenticator);
                ctx.pipeline().addAfter(PIPELINE_AUTHENTICATOR, HMAC_AUTH, authHandler);
            }
            ctx.fireChannelRead(obj);
        } else {
            super.channelRead(ctx, obj);
        }
    }

    private boolean isWebSocket(final HttpMessage msg) {
        final String connectionHeader = msg.headers().get(CONNECTION);
        final String upgradeHeader = msg.headers().get(UPGRADE);
        return (null != connectionHeader && connectionHeader.equalsIgnoreCase("Upgrade")) ||
               (null != upgradeHeader && upgradeHeader.equalsIgnoreCase("WebSocket"));
    }

}