netconf/aaa-authn-odl-plugin/src/main/java/org/opendaylight/netconf/authprovider/CredentialServiceAuthProvider.java

   1 /*
   2  * Copyright (c) 2013 Cisco Systems, Inc. and others.  All rights reserved.
   3  *
   4  * This program and the accompanying materials are made available under the
   5  * terms of the Eclipse Public License v1.0 which accompanies this distribution,
   6  * and is available at http://www.eclipse.org/legal/epl-v10.html
   7  */
   8 package org.opendaylight.netconf.authprovider;
   9
  10 import static java.util.Objects.requireNonNull;
  11
  12 import javax.inject.Inject;
  13 import javax.inject.Singleton;
  14 import org.opendaylight.aaa.api.AuthenticationException;
  15 import org.opendaylight.aaa.api.Claim;
  16 import org.opendaylight.aaa.api.PasswordCredentialAuth;
  17 import org.opendaylight.aaa.api.PasswordCredentials;
  18 import org.opendaylight.netconf.auth.AuthProvider;
  19 import org.osgi.service.component.annotations.Activate;
  20 import org.osgi.service.component.annotations.Component;
  21 import org.osgi.service.component.annotations.Reference;
  22 import org.slf4j.Logger;
  23 import org.slf4j.LoggerFactory;
  24
  25 /**
  26  * AuthProvider implementation delegating to a {@link PasswordCredentialAuth} instance.
  27  */
  28 @Singleton
  29 @Component(immediate = true, property = "type=netconf-auth-provider")
  30 public final class CredentialServiceAuthProvider implements AuthProvider {
  31     private static final Logger LOG = LoggerFactory.getLogger(CredentialServiceAuthProvider.class);
  32
  33     private final PasswordCredentialAuth credService;
  34
  35     @Inject
  36     @Activate
  37     public CredentialServiceAuthProvider(final @Reference PasswordCredentialAuth credService) {
  38         this.credService = requireNonNull(credService);
  39     }
  40
  41     /**
  42      * Authenticate user. This implementation tracks CredentialAuth&lt;PasswordCredentials&gt;
  43      * and delegates the decision to it.
  44      */
  45     @Override
  46     public boolean authenticated(final String username, final String password) {
  47         final Claim claim;
  48         try {
  49             claim = credService.authenticate(new PasswordCredentialsWrapper(username, password));
  50         } catch (AuthenticationException e) {
  51             LOG.debug("Authentication failed for user '{}'", username, e);
  52             return false;
  53         }
  54
  55         LOG.debug("Authentication result for user '{}' : {}", username, claim.domain());
  56         return true;
  57     }
  58
  59     private static final class PasswordCredentialsWrapper implements PasswordCredentials {
  60         private final String username;
  61         private final String password;
  62
  63         PasswordCredentialsWrapper(final String username, final String password) {
  64             this.username = username;
  65             this.password = password;
  66         }
  67
  68         @Override
  69         public String username() {
  70             return username;
  71         }
  72
  73         @Override
  74         public String password() {
  75             return password;
  76         }
  77
  78         @Override
  79         public String domain() {
  80             // If this is left null, default "sdn" domain is assumed
  81             return null;
  82         }
  83     }
  84 }