[kune-commits] r1765 - in openfireauth: . src/main/java/cc/kune/core/server/auth/openfire src/main/resources src/test/java/cc/kune/core/server/auth/openfire target

Vicente J. Ruiz Jurado vjrj_ at ourproject.org
Sat Mar 17 21:59:43 CET 2012


Author: vjrj_
Date: 2012-03-17 21:59:43 +0100 (Sat, 17 Mar 2012)
New Revision: 1765

Added:
   openfireauth/src/main/resources/wave-server.properties
Modified:
   openfireauth/.classpath
   openfireauth/pom.xml
   openfireauth/src/main/java/cc/kune/core/server/auth/openfire/KuneAuthProvider.java
   openfireauth/src/test/java/cc/kune/core/server/auth/openfire/KuneAuthProviderTest.java
   openfireauth/target/
Log:
Added accounts and more improvements

Modified: openfireauth/.classpath
===================================================================
--- openfireauth/.classpath	2012-03-15 00:10:53 UTC (rev 1764)
+++ openfireauth/.classpath	2012-03-17 20:59:43 UTC (rev 1765)
@@ -1,10 +1,21 @@
-<?xml version="1.0" encoding="UTF-8"?>
 <classpath>
-	<classpathentry kind="src" output="target/classes" path="src/main/java"/>
-	<classpathentry excluding="**" kind="src" output="target/classes" path="src/main/resources"/>
-	<classpathentry kind="src" output="target/test-classes" path="src/test/java"/>
-	<classpathentry excluding="**" kind="src" output="target/test-classes" path="src/test/resources"/>
-	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.6"/>
-	<classpathentry kind="con" path="org.eclipse.m2e.MAVEN2_CLASSPATH_CONTAINER"/>
-	<classpathentry kind="output" path="target/classes"/>
-</classpath>
+  <classpathentry kind="src" path="src/main/java"/>
+  <classpathentry kind="src" path="src/main/resources" excluding="**/*.java"/>
+  <classpathentry kind="src" path="src/test/java" output="target/test-classes"/>
+  <classpathentry kind="src" path="src/test/resources" output="target/test-classes" excluding="**/*.java"/>
+  <classpathentry kind="output" path="target/classes"/>
+  <classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER"/>
+  <classpathentry kind="var" path="M2_REPO/com/google/guava/guava/r09/guava-r09.jar" sourcepath="M2_REPO/com/google/guava/guava/r09/guava-r09-sources.jar"/>
+  <classpathentry kind="var" path="M2_REPO/com/google/protobuf/protobuf-java/2.3.0/protobuf-java-2.3.0.jar"/>
+  <classpathentry kind="var" path="M2_REPO/junit/junit/4.9/junit-4.9.jar" sourcepath="M2_REPO/junit/junit/4.9/junit-4.9-sources.jar"/>
+  <classpathentry kind="var" path="M2_REPO/org/hamcrest/hamcrest-core/1.1/hamcrest-core-1.1.jar" sourcepath="M2_REPO/org/hamcrest/hamcrest-core/1.1/hamcrest-core-1.1-sources.jar"/>
+  <classpathentry kind="var" path="M2_REPO/org/igniterealtime/openfire/3.7.0/openfire-3.7.0.jar"/>
+  <classpathentry kind="var" path="M2_REPO/org/waveprotocol/box/0.3.13/box-0.3.13.jar"/>
+  <classpathentry kind="var" path="M2_REPO/org/waveprotocol/box-src/0.3.13/box-src-0.3.13.jar" sourcepath="M2_REPO/org/waveprotocol/box-src/0.3.13/box-src-0.3.13-sources.jar"/>
+  <classpathentry kind="var" path="M2_REPO/org/waveprotocol/model/0.3.13/model-0.3.13.jar"/>
+  <classpathentry kind="var" path="M2_REPO/org/waveprotocol/model-src/0.3.13/model-src-0.3.13.jar" sourcepath="M2_REPO/org/waveprotocol/model-src/0.3.13/model-src-0.3.13-sources.jar"/>
+  <classpathentry kind="var" path="M2_REPO/org/waveprotocol/proto/0.3.13/proto-0.3.13.jar"/>
+  <classpathentry kind="var" path="M2_REPO/org/waveprotocol/proto-src/0.3.13/proto-src-0.3.13.jar"/>
+  <classpathentry kind="var" path="M2_REPO/org/waveprotocol/util/0.3.13/util-0.3.13.jar"/>
+  <classpathentry kind="var" path="M2_REPO/org/waveprotocol/util-src/0.3.13/util-src-0.3.13.jar" sourcepath="M2_REPO/org/waveprotocol/util-src/0.3.13/util-src-0.3.13-sources.jar"/>
+</classpath>
\ No newline at end of file

Modified: openfireauth/pom.xml
===================================================================
--- openfireauth/pom.xml	2012-03-15 00:10:53 UTC (rev 1764)
+++ openfireauth/pom.xml	2012-03-17 20:59:43 UTC (rev 1765)
@@ -4,13 +4,13 @@
   <groupId>cc.kune</groupId>
   <artifactId>kune-openfireauth</artifactId>
   <version>0.0.1-SNAPSHOT</version>
-  <name>Kuen Openfire Auth Lib</name>
+  <name>Kune Openfire Auth Lib</name>
   <description>The jar generated, can be installed in /lib/ directory and allow to auth openfire users throw kune session tokens (see HybridAuthProvider)</description>
   <properties>
     <maven.compiler.source>1.6</maven.compiler.source>
     <maven.compiler.target>1.6</maven.compiler.target>
     <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
-    <wiab.version>0.3.12</wiab.version>
+    <wiab.version>0.3.13</wiab.version>
   </properties>
   <repositories>
     <repository>
@@ -20,6 +20,16 @@
   </repositories>
   <dependencies>
     <dependency>
+      <groupId>com.google.guava</groupId>
+      <artifactId>guava</artifactId>
+      <version>r09</version>
+    </dependency>
+    <dependency>
+      <groupId>com.google.protobuf</groupId>
+      <artifactId>protobuf-java</artifactId>
+      <version>2.3.0</version>
+    </dependency>
+    <dependency>
       <groupId>org.waveprotocol</groupId>
       <artifactId>model</artifactId>
       <version>${wiab.version}</version>
@@ -30,15 +40,69 @@
       <version>${wiab.version}</version>
     </dependency>
     <dependency>
+      <groupId>org.waveprotocol</groupId>
+      <artifactId>box</artifactId>
+      <version>${wiab.version}</version>
+    </dependency>
+    <dependency>
+      <groupId>org.waveprotocol</groupId>
+      <artifactId>box-src</artifactId>
+      <version>${wiab.version}</version>
+    </dependency>
+    <dependency>
       <groupId>org.igniterealtime</groupId>
       <artifactId>openfire</artifactId>
       <version>3.7.0</version>
     </dependency>
     <dependency>
+      <groupId>org.waveprotocol</groupId>
+      <artifactId>proto</artifactId>
+      <version>${wiab.version}</version>
+    </dependency>
+    <dependency>
+      <groupId>org.waveprotocol</groupId>
+      <artifactId>proto-src</artifactId>
+      <version>${wiab.version}</version>
+    </dependency>
+    <dependency>
       <groupId>junit</groupId>
       <artifactId>junit</artifactId>
       <version>4.9</version>
       <scope>test</scope>
     </dependency>
+    <dependency>
+      <groupId>org.waveprotocol</groupId>
+      <artifactId>util</artifactId>
+      <version>${wiab.version}</version>
+    </dependency>
+    <dependency>
+      <groupId>org.waveprotocol</groupId>
+      <artifactId>util-src</artifactId>
+      <version>${wiab.version}</version>
+    </dependency>
   </dependencies>
+  <build>
+    <plugins>
+      <plugin>
+        <groupId>org.apache.maven.plugins</groupId>
+        <artifactId>maven-assembly-plugin</artifactId>
+        <configuration>
+          <archive>
+            <manifest>
+              <mainClass>cc.kune.core.server.auth.openfire.KuneAuthProvider</mainClass>
+            </manifest>
+          </archive>
+          <fileSets>
+            <fileSet>
+              <excludes>
+                <exclude>
+                  ./wave-server.properties
+                </exclude>
+              </excludes>
+            </fileSet>
+          </fileSets>
+        </configuration>
+      </plugin>
+    </plugins>
+  </build>
 </project>
\ No newline at end of file

Modified: openfireauth/src/main/java/cc/kune/core/server/auth/openfire/KuneAuthProvider.java
===================================================================
--- openfireauth/src/main/java/cc/kune/core/server/auth/openfire/KuneAuthProvider.java	2012-03-15 00:10:53 UTC (rev 1764)
+++ openfireauth/src/main/java/cc/kune/core/server/auth/openfire/KuneAuthProvider.java	2012-03-17 20:59:43 UTC (rev 1765)
@@ -3,9 +3,10 @@
 import java.io.DataInputStream;
 import java.io.File;
 import java.io.FileInputStream;
-import java.io.FileNotFoundException;
 import java.io.IOException;
+import java.io.InputStream;
 import java.io.ObjectInputStream;
+import java.util.Properties;
 
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
@@ -14,6 +15,10 @@
 import org.jivesoftware.openfire.auth.InternalUnauthenticatedException;
 import org.jivesoftware.openfire.auth.UnauthorizedException;
 import org.jivesoftware.openfire.user.UserNotFoundException;
+import org.waveprotocol.box.server.CoreSettings;
+import org.waveprotocol.box.server.account.AccountData;
+import org.waveprotocol.box.server.persistence.PersistenceException;
+import org.waveprotocol.box.server.persistence.file.FileAccountStore;
 import org.waveprotocol.wave.model.wave.ParticipantId;
 
 public class KuneAuthProvider implements AuthProvider {
@@ -44,58 +49,103 @@
     }
   }
 
+  private static final String INCORRECT_USERNAME = "Incorrect username";
   public static final Log LOG = LogFactory.getLog(KuneAuthProvider.class);
-
   private static final String USER_NOT_LOGGED = "User not logged";
+  private final FileAccountStore accountStore;
+  private final Properties prop;
 
+  public KuneAuthProvider() {
+    prop = new Properties();
+    try {
+      final InputStream is = this.getClass().getClassLoader().getResourceAsStream(
+          "wave-server.properties");
+
+      // final String location =
+      // getClass().getProtectionDomain().getCodeSource().getLocation().toString();
+      // LOG.info("Location: " + location);
+      // final String path = location.substring(5);
+      // final FileInputStream fis = new FileInputStream(new File(path +
+      // "wave-server.properties"));
+      prop.load(is);
+    } catch (final IOException e) {
+      LOG.error("Error openning property files", e);
+    }
+    final String acStoreLocation = getProp(CoreSettings.ACCOUNT_STORE_DIRECTORY);
+    LOG.warn("Account store location: " + acStoreLocation);
+    accountStore = new FileAccountStore(acStoreLocation);
+  }
+
   @Override
   @SuppressWarnings("unused")
-  public void authenticate(final String username, final String token) throws UnauthorizedException,
-      ConnectionException, InternalUnauthenticatedException {
+  public void authenticate(final String username, final String passwdOrToken)
+      throws UnauthorizedException, ConnectionException, InternalUnauthenticatedException {
     try {
-      final File session = new File("/var/lib/kune/_sessions/" + token);
-      boolean logged = false;
-      if (session.exists()) {
-        final FileInputStream is = new FileInputStream(session);
-        final DataInputStream in = new DataInputStream(is);
+      final String accountName = username + ParticipantId.DOMAIN_PREFIX
+          + getProp(CoreSettings.WAVE_SERVER_DOMAIN);
+      // LOG.warn("Trying to check account " + accountName);
+      final AccountData account = accountStore.getAccount(ParticipantId.ofUnsafe(accountName));
+      if (account.asHuman().getPasswordDigest().verify(passwdOrToken.toCharArray())) {
+        // Great ... authenticated
+      } else {
+        boolean logged = false;
+        final String sessionName = getProp(CoreSettings.SESSIONS_STORE_DIRECTORY) + File.separator
+            + passwdOrToken;
+        // LOG.warn("Session name: " + sessionName);
+        try {
+          final File session = new File(sessionName);
+          if (session.exists()) {
+            final FileInputStream is = new FileInputStream(session);
+            final DataInputStream in = new DataInputStream(is);
 
-        final String clusterId = in.readUTF();
-        in.readUTF(); // nodeId
-        final long created = in.readLong();
-        final long accessed = in.readLong();
-        final int requests = in.readInt();
+            final String clusterId = in.readUTF();
+            in.readUTF(); // nodeId
+            final long created = in.readLong();
+            final long accessed = in.readLong();
+            final int requests = in.readInt();
 
-        final int size = in.readInt();
-        if (size > 0) {
-          final ClassLoadingObjectInputStream ois = new ClassLoadingObjectInputStream(in);
-          for (int i = 0; i < size; i++) {
-            final String key = ois.readUTF();
-            try {
-              final Object value = ois.readObject();
-              if (value instanceof ParticipantId) {
-                if (((ParticipantId) value).getAddress().startsWith(username + "@")) {
-                  logged = true;
-                  break;
+            final int size = in.readInt();
+            if (size > 0) {
+              final ClassLoadingObjectInputStream ois = new ClassLoadingObjectInputStream(in);
+              for (int i = 0; i < size; i++) {
+                try {
+                  final String key = ois.readUTF();
+                  final Object value = ois.readObject();
+                  if (value instanceof ParticipantId) {
+                    if (((ParticipantId) value).getAddress().startsWith(username + "@")) {
+                      // LOG.warn("Participation id found in session");
+                      logged = true;
+                      break;
+                    }
+                  }
+                } catch (final ClassNotFoundException e) {
+                } catch (final IOException e) {
+                  LOG.warn("Persisted in kune session unexpected object: " + e.getMessage());
                 }
               }
-            } catch (final ClassNotFoundException e) {
-              LOG.warn("Persisted in kune session unexpected object: " + e.getMessage());
+              ois.close();
             }
+            in.close();
+            is.close();
+            if (!logged) {
+              // LOG.warn("Participation id not found in session");
+              throw new UnauthorizedException(INCORRECT_USERNAME);
+            } else {
+              // LOG.warn("Participation id found in session");
+              // Great ... authenticated
+            }
+          } else {
+            // LOG.warn("Session file doesn't exists");
+            throw new UnauthorizedException(USER_NOT_LOGGED);
           }
-          ois.close();
+        } catch (final IOException e) {
+          LOG.warn("File session io error", e);
+          throw new UnauthorizedException(USER_NOT_LOGGED, e);
         }
-        in.close();
-        is.close();
-        if (!logged) {
-          throw new UnauthorizedException("Incorrect username");
-        }
-      } else {
-        throw new UnauthorizedException(USER_NOT_LOGGED);
       }
-    } catch (final FileNotFoundException e) {
-      throw new UnauthorizedException(USER_NOT_LOGGED, e);
-    } catch (final IOException e) {
-      throw new UnauthorizedException(USER_NOT_LOGGED, e);
+    } catch (final PersistenceException e) {
+      LOG.warn("File session persistence error");
+      throw new UnauthorizedException(INCORRECT_USERNAME, e);
     }
   }
 
@@ -111,6 +161,10 @@
     throw new UnsupportedOperationException();
   }
 
+  private String getProp(final String key) {
+    return (String) prop.get(key);
+  }
+
   @Override
   public boolean isDigestSupported() {
     return false;

Added: openfireauth/src/main/resources/wave-server.properties
===================================================================
--- openfireauth/src/main/resources/wave-server.properties	                        (rev 0)
+++ openfireauth/src/main/resources/wave-server.properties	2012-03-17 20:59:43 UTC (rev 1765)
@@ -0,0 +1,112 @@
+# Core Configuration for the Wave in a Box server
+#
+
+# Domain name of the wave server
+# Default value: local.net (without .domain zone some things will be broken)
+wave_server_domain = localhost
+
+# A comma separated list of address on which to listen for connections.
+# Each address is a comma separated host:port pair.
+# Default value: localhost:9898
+http_frontend_public_address = localhost:8888
+
+# Default value: values passed to http_frontend_public_address.
+http_frontend_addresses = ${http_frontend_public_address}
+
+# A comma separated list of webApp source directories
+# Default value: ./war
+resource_bases = target/kune-0.1.0-SNAPSHOT/,src/main/webapp/
+
+### Server-specific variables
+###
+
+# Settings for the different persistence stores. Currently supported: memory, file, mongodb
+signer_info_store_type = file
+
+# The location where signer info certificate data is stored on disk. This should be changed.
+# Note: This is only used when using the file signer info store. It is ignored
+# for other data store types.
+# Default value: _certificates
+signer_info_store_directory = /var/lib/kune/_certificates
+
+# Currently supported attachment types: mongodb, disk
+# Default value: disk
+attachment_store_type = disk
+
+# The location where attachments are stored on disk. This should be changed.
+# Note: This is only used when using the disk attachment store. It is ignored
+# for other data store types.
+attachment_store_directory = /var/lib/kune/_attachments
+
+# Currently supported account store types: fake, memory, file, mongodb
+account_store_type = file
+
+# The location where accounts are stored on disk. This should be changed.
+# Note: This is only used when using the file account store. It is ignored
+# for other data store types.
+account_store_directory = /var/lib/kune/_accounts
+
+# Currently supported delta store types: memory, file
+delta_store_type = file
+
+# The location where deltas are stored on disk. This should be changed.
+# Note: This is only used when using the file delta store. It is ignored
+# for other data store types.
+# Default value: _deltas
+delta_store_directory = /var/lib/kune/_deltas
+
+# The location where user sessions are persisted on disk. This allow to restore user sessions
+# between restarts.
+# Default value: _sessions
+sessions_store_directory = /var/lib/kune/_sessions
+
+# Set false to use raw WebSockets instead of Socket.IO (still a bit experimental) in the webclient
+# Default value: true
+use_socketio = true
+
+# Note: the default value for admin is an invalid user id that cannot be registered.
+# To become an admin: Register a user and set its address as the value below.
+# Admin has a privilege to change passwords of other users using an agent robot.
+# Default value: @${wave_server_domain}
+admin_user = @localhost
+
+# The wave id of the welcome template wave. (Without domain, for example: w+Fxjs_-ZPmmA).
+# If filled in then a copy of this wave (actually only the root blip) will be
+# automatically added to the inbox of every new user.
+# Default value: "" (empty)
+welcome_wave_id =
+
+# Thread counts
+#The number of threads to listen on wavelet updates. Default value: 1
+listener_executor_thread_count = 1
+#The number of threads for loading wavelets. Default value: 1
+wavelet_load_executor_thread_count = 1
+#The number of threads to persist deltas. Default value: 1
+delta_persist_executor_thread_count = 1
+
+# To enable federation, edit the server.federation.config file and include it here.
+#include = server.federation.config
+
+# These two parameters MUST appear in this file AFTER the above include of the
+# federation config file. This is necesary so that the federation config file
+# can override these two values.
+
+# Set true to disable the verification of signed deltas
+waveserver_disable_verification = true
+
+# Set true to disable the verification of signers (certificates)
+waveserver_disable_signer_verification = true
+
+# Set true to prevent anyone registering on your server.
+# When true, only the admin user can use the RegistrationRobot to add new accounts
+# Default value: false
+disable_registration = false
+
+# Enable SSL for all address/port combinations listed (makes the next 2 settings non-optional)
+enable_ssl = false
+
+# Path to keystore containg the ssl certificates to server
+ssl_keystore_path = src/main/resources/wiab.ks
+
+#Password to the keystore
+ssl_keystore_password = fafafa

Modified: openfireauth/src/test/java/cc/kune/core/server/auth/openfire/KuneAuthProviderTest.java
===================================================================
--- openfireauth/src/test/java/cc/kune/core/server/auth/openfire/KuneAuthProviderTest.java	2012-03-15 00:10:53 UTC (rev 1764)
+++ openfireauth/src/test/java/cc/kune/core/server/auth/openfire/KuneAuthProviderTest.java	2012-03-17 20:59:43 UTC (rev 1765)
@@ -11,7 +11,32 @@
   public void maintest() throws UnauthorizedException, ConnectionException,
       InternalUnauthenticatedException {
     final KuneAuthProvider auth = new KuneAuthProvider();
+    auth.authenticate("admin", "easyeasy");
     auth.authenticate("vjrj", "6rzonw7n39p01td1p0rfujvu3");
     auth.authenticate("admin", "x04c5575ycquu96k4kajldaq");
+    // Only usersession!!!
+    // auth.authenticate("vjrj", "1006oh5apswj81tl4vcsk1gqpj");
   }
+
+  @Test(expected = UnauthorizedException.class)
+  public void wrongFileSession() throws UnauthorizedException, ConnectionException,
+      InternalUnauthenticatedException {
+    final KuneAuthProvider auth = new KuneAuthProvider();
+    auth.authenticate("admin", "6rzonw7n39p01td1p0rfujvu3a");
+  }
+
+  @Test(expected = UnauthorizedException.class)
+  public void wrongPass() throws UnauthorizedException, ConnectionException,
+      InternalUnauthenticatedException {
+    final KuneAuthProvider auth = new KuneAuthProvider();
+    auth.authenticate("admin", "easyeasy2");
+  }
+
+  @Test(expected = UnauthorizedException.class)
+  public void wrongSession() throws UnauthorizedException, ConnectionException,
+      InternalUnauthenticatedException {
+    final KuneAuthProvider auth = new KuneAuthProvider();
+    auth.authenticate("admin", "6rzonw7n39p01td1p0rfujvu3");
+  }
+
 }


Property changes on: openfireauth/target
___________________________________________________________________
Name: svn:ignore
   - classes
kune-openfireauth-0.0.1-SNAPSHOT.jar
maven-archiver
mvn-eclipse-cache.properties
surefire-reports
test-classes

   + archive-tmp
*jar
classes
kune-openfireauth-0.0.1-SNAPSHOT.jar
maven-archiver
mvn-eclipse-cache.properties
surefire-reports
test-classes





More information about the kune-commits mailing list