1//
2//  ========================================================================
3//  Copyright (c) 1995-2014 Mort Bay Consulting Pty. Ltd.
4//  ------------------------------------------------------------------------
5//  All rights reserved. This program and the accompanying materials
6//  are made available under the terms of the Eclipse Public License v1.0
7//  and Apache License v2.0 which accompanies this distribution.
8//
9//      The Eclipse Public License is available at
10//      http://www.eclipse.org/legal/epl-v10.html
11//
12//      The Apache License v2.0 is available at
13//      http://www.opensource.org/licenses/apache2.0.php
14//
15//  You may elect to redistribute this code under either of these licenses.
16//  ========================================================================
17//
18
19
20package org.eclipse.jetty.security.authentication;
21
22import java.io.IOException;
23import java.io.PrintWriter;
24import java.util.Collection;
25import java.util.Collections;
26import java.util.Locale;
27
28import javax.servlet.ServletOutputStream;
29import javax.servlet.ServletRequest;
30import javax.servlet.ServletResponse;
31import javax.servlet.http.Cookie;
32import javax.servlet.http.HttpServletRequest;
33import javax.servlet.http.HttpServletResponse;
34
35import org.eclipse.jetty.security.Authenticator;
36import org.eclipse.jetty.security.IdentityService;
37import org.eclipse.jetty.security.LoginService;
38import org.eclipse.jetty.security.ServerAuthException;
39import org.eclipse.jetty.security.UserAuthentication;
40import org.eclipse.jetty.server.Authentication;
41import org.eclipse.jetty.server.UserIdentity;
42import org.eclipse.jetty.util.IO;
43import org.eclipse.jetty.util.log.Log;
44import org.eclipse.jetty.util.log.Logger;
45
46public class DeferredAuthentication implements Authentication.Deferred
47{
48    private static final Logger LOG = Log.getLogger(DeferredAuthentication.class);
49    protected final LoginAuthenticator _authenticator;
50    private Object _previousAssociation;
51
52    /* ------------------------------------------------------------ */
53    public DeferredAuthentication(LoginAuthenticator authenticator)
54    {
55        if (authenticator == null)
56            throw new NullPointerException("No Authenticator");
57        this._authenticator = authenticator;
58    }
59
60    /* ------------------------------------------------------------ */
61    /**
62     * @see org.eclipse.jetty.server.Authentication.Deferred#authenticate(ServletRequest)
63     */
64    public Authentication authenticate(ServletRequest request)
65    {
66        try
67        {
68            Authentication authentication = _authenticator.validateRequest(request,__deferredResponse,true);
69
70            if (authentication!=null && (authentication instanceof Authentication.User) && !(authentication instanceof Authentication.ResponseSent))
71            {
72                LoginService login_service= _authenticator.getLoginService();
73                IdentityService identity_service=login_service.getIdentityService();
74
75                if (identity_service!=null)
76                    _previousAssociation=identity_service.associate(((Authentication.User)authentication).getUserIdentity());
77
78                return authentication;
79            }
80        }
81        catch (ServerAuthException e)
82        {
83            LOG.debug(e);
84        }
85
86        return this;
87    }
88
89    /* ------------------------------------------------------------ */
90    /**
91     * @see org.eclipse.jetty.server.Authentication.Deferred#authenticate(javax.servlet.ServletRequest, javax.servlet.ServletResponse)
92     */
93    public Authentication authenticate(ServletRequest request, ServletResponse response)
94    {
95        try
96        {
97            LoginService login_service= _authenticator.getLoginService();
98            IdentityService identity_service=login_service.getIdentityService();
99
100            Authentication authentication = _authenticator.validateRequest(request,response,true);
101            if (authentication instanceof Authentication.User && identity_service!=null)
102                _previousAssociation=identity_service.associate(((Authentication.User)authentication).getUserIdentity());
103            return authentication;
104        }
105        catch (ServerAuthException e)
106        {
107            LOG.debug(e);
108        }
109        return this;
110    }
111
112    /* ------------------------------------------------------------ */
113    /**
114     * @see org.eclipse.jetty.server.Authentication.Deferred#login(java.lang.String, java.lang.String)
115     */
116    public Authentication login(String username, Object password, ServletRequest request)
117    {
118        UserIdentity identity = _authenticator.login(username, password, request);
119        if (identity != null)
120        {
121            IdentityService identity_service = _authenticator.getLoginService().getIdentityService();
122            UserAuthentication authentication = new UserAuthentication("API",identity);
123            if (identity_service != null)
124                _previousAssociation=identity_service.associate(identity);
125            return authentication;
126        }
127        return null;
128    }
129
130    /* ------------------------------------------------------------ */
131    public Object getPreviousAssociation()
132    {
133        return _previousAssociation;
134    }
135
136    /* ------------------------------------------------------------ */
137    /**
138     * @param response
139     * @return true if this response is from a deferred call to {@link #authenticate(ServletRequest)}
140     */
141    public static boolean isDeferred(HttpServletResponse response)
142    {
143        return response==__deferredResponse;
144    }
145
146    /* ------------------------------------------------------------ */
147    /* ------------------------------------------------------------ */
148    /* ------------------------------------------------------------ */
149    final static HttpServletResponse __deferredResponse = new HttpServletResponse()
150    {
151        public void addCookie(Cookie cookie)
152        {
153        }
154
155        public void addDateHeader(String name, long date)
156        {
157        }
158
159        public void addHeader(String name, String value)
160        {
161        }
162
163        public void addIntHeader(String name, int value)
164        {
165        }
166
167        public boolean containsHeader(String name)
168        {
169            return false;
170        }
171
172        public String encodeRedirectURL(String url)
173        {
174            return null;
175        }
176
177        public String encodeRedirectUrl(String url)
178        {
179            return null;
180        }
181
182        public String encodeURL(String url)
183        {
184            return null;
185        }
186
187        public String encodeUrl(String url)
188        {
189            return null;
190        }
191
192        public void sendError(int sc) throws IOException
193        {
194        }
195
196        public void sendError(int sc, String msg) throws IOException
197        {
198        }
199
200        public void sendRedirect(String location) throws IOException
201        {
202        }
203
204        public void setDateHeader(String name, long date)
205        {
206        }
207
208        public void setHeader(String name, String value)
209        {
210        }
211
212        public void setIntHeader(String name, int value)
213        {
214        }
215
216        public void setStatus(int sc)
217        {
218        }
219
220        public void setStatus(int sc, String sm)
221        {
222        }
223
224        public void flushBuffer() throws IOException
225        {
226        }
227
228        public int getBufferSize()
229        {
230            return 1024;
231        }
232
233        public String getCharacterEncoding()
234        {
235            return null;
236        }
237
238        public String getContentType()
239        {
240            return null;
241        }
242
243        public Locale getLocale()
244        {
245            return null;
246        }
247
248        public ServletOutputStream getOutputStream() throws IOException
249        {
250            return __nullOut;
251        }
252
253        public PrintWriter getWriter() throws IOException
254        {
255            return IO.getNullPrintWriter();
256        }
257
258        public boolean isCommitted()
259        {
260            return true;
261        }
262
263        public void reset()
264        {
265        }
266
267        public void resetBuffer()
268        {
269        }
270
271        public void setBufferSize(int size)
272        {
273        }
274
275        public void setCharacterEncoding(String charset)
276        {
277        }
278
279        public void setContentLength(int len)
280        {
281        }
282
283        public void setContentType(String type)
284        {
285        }
286
287        public void setLocale(Locale loc)
288        {
289        }
290
291	public Collection<String> getHeaderNames()
292	{
293	    return Collections.emptyList();
294	}
295
296	@Override
297	public String getHeader(String arg0)
298	{
299	    return null;
300	}
301
302	@Override
303	public Collection<String> getHeaders(String arg0)
304	{
305            return Collections.emptyList();
306	}
307
308	@Override
309	public int getStatus()
310	{
311	    return 0;
312	}
313
314    };
315
316    /* ------------------------------------------------------------ */
317    /* ------------------------------------------------------------ */
318    /* ------------------------------------------------------------ */
319    private static ServletOutputStream __nullOut = new ServletOutputStream()
320    {
321        public void write(int b) throws IOException
322        {
323        }
324
325        public void print(String s) throws IOException
326        {
327        }
328
329        public void println(String s) throws IOException
330        {
331        }
332    };
333
334
335}
336