BUG 624 - Make netconf TCP port optional.

[controller.git] / opendaylight / netconf / netconf-ssh / src / main / java / org / opendaylight / controller / netconf / ssh / authentication / AuthProvider.java

diff --git a/opendaylight/netconf/netconf-ssh/src/main/java/org/opendaylight/controller/netconf/ssh/authentication/AuthProvider.java b/opendaylight/netconf/netconf-ssh/src/main/java/org/opendaylight/controller/netconf/ssh/authentication/AuthProvider.java
index d904ad7f269a344600aa04bd2279b9590a0f91d7..5d39dd1eb8adad115e030c0136cbae702d2bde65 100644 (file)
--- a/opendaylight/netconf/netconf-ssh/src/main/java/org/opendaylight/controller/netconf/ssh/authentication/AuthProvider.java
+++ b/opendaylight/netconf/netconf-ssh/src/main/java/org/opendaylight/controller/netconf/ssh/authentication/AuthProvider.java
@@ -7,75 +7,75 @@
  */
 package org.opendaylight.controller.netconf.ssh.authentication;
 
-import java.io.IOException;
-import java.io.InputStream;
-import java.util.ArrayList;
-import java.util.List;
-import org.apache.commons.io.IOUtils;
+import static com.google.common.base.Preconditions.checkNotNull;
+
+import com.google.common.annotations.VisibleForTesting;
 import org.opendaylight.controller.sal.authorization.AuthResultEnum;
-import org.opendaylight.controller.sal.authorization.UserLevel;
 import org.opendaylight.controller.usermanager.IUserManager;
-import org.opendaylight.controller.usermanager.UserConfig;
+import org.osgi.framework.BundleContext;
+import org.osgi.framework.ServiceReference;
+import org.osgi.util.tracker.ServiceTracker;
+import org.osgi.util.tracker.ServiceTrackerCustomizer;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-public class AuthProvider implements AuthProviderInterface {
-
-    private static IUserManager um;
-    private static final String DEFAULT_USER = "netconf";
-    private static final String DEFAULT_PASSWORD = "netconf";
-    private String PEM;
+public class AuthProvider {
+    private static final Logger logger = LoggerFactory.getLogger(AuthProvider.class);
 
-    private static final Logger logger =  LoggerFactory.getLogger(AuthProvider.class);
+    private final String pem;
+    private IUserManager nullableUserManager;
 
-    public AuthProvider(IUserManager ium,InputStream privateKeyFileInputStream) throws Exception {
+    public AuthProvider(String pemCertificate, final BundleContext bundleContext) {
+        checkNotNull(pemCertificate, "Parameter 'pemCertificate' is null");
+        pem = pemCertificate;
 
-        this.um = ium;
-        if (this.um  == null){
-            throw new Exception("No usermanager service available.");
-        }
+        ServiceTrackerCustomizer<IUserManager, IUserManager> customizer = new ServiceTrackerCustomizer<IUserManager, IUserManager>() {
+            @Override
+            public IUserManager addingService(final ServiceReference<IUserManager> reference) {
+                logger.trace("Service {} added", reference);
+                nullableUserManager = bundleContext.getService(reference);
+                return nullableUserManager;
+            }
 
-        List<String> roles = new ArrayList<String>(1);
-        roles.add(UserLevel.SYSTEMADMIN.toString());
-        this.um.addLocalUser(new UserConfig(DEFAULT_USER, DEFAULT_PASSWORD, roles));
+            @Override
+            public void modifiedService(final ServiceReference<IUserManager> reference, final IUserManager service) {
+                logger.trace("Replacing modified service {} in netconf SSH.", reference);
+                nullableUserManager = service;
+            }
 
-        try {
-            PEM = IOUtils.toString(privateKeyFileInputStream);
-        } catch (IOException e) {
-            logger.error("Error reading RSA key from file.");
-            throw new IllegalStateException("Error reading RSA key from file.");
-        }
-    }
-    @Override
-    public boolean authenticated(String username, String password)  throws Exception {
-        if (this.um  == null){
-            throw new Exception("No usermanager service available.");
-        }
-        AuthResultEnum authResult = this.um.authenticate(username,password);
-        if (authResult.equals(AuthResultEnum.AUTH_ACCEPT) || authResult.equals(AuthResultEnum.AUTH_ACCEPT_LOC)){
-            return true;
-        }
-        return false;
+            @Override
+            public void removedService(final ServiceReference<IUserManager> reference, final IUserManager service) {
+                logger.trace("Removing service {} from netconf SSH. " +
+                        "SSH won't authenticate users until IUserManager service will be started.", reference);
+                synchronized (AuthProvider.this) {
+                    nullableUserManager = null;
+                }
+            }
+        };
+        ServiceTracker<IUserManager, IUserManager> listenerTracker = new ServiceTracker<>(bundleContext, IUserManager.class, customizer);
+        listenerTracker.open();
     }
 
-    @Override
-    public char[] getPEMAsCharArray() throws Exception {
-        if (null == PEM){
-            logger.error("Missing RSA key string.");
-            throw new Exception("Missing RSA key.");
+    /**
+     * Authenticate user. This implementation tracks IUserManager and delegates the decision to it. If the service is not
+     * available, IllegalStateException is thrown.
+     */
+    public synchronized boolean authenticated(String username, String password) {
+        if (nullableUserManager == null) {
+            logger.warn("Cannot authenticate user '{}', user manager service is missing", username);
+            throw new IllegalStateException("User manager service is not available");
         }
-        return PEM.toCharArray();
+        AuthResultEnum authResult = nullableUserManager.authenticate(username, password);
+        logger.debug("Authentication result for user '{}' : {}", username, authResult);
+        return authResult.equals(AuthResultEnum.AUTH_ACCEPT) || authResult.equals(AuthResultEnum.AUTH_ACCEPT_LOC);
     }
 
-    @Override
-    public void removeUserManagerService() {
-        this.um = null;
+    public char[] getPEMAsCharArray() {
+        return pem.toCharArray();
     }
 
-    @Override
-    public void addUserManagerService(IUserManager userManagerService) {
-        this.um = userManagerService;
+    @VisibleForTesting
+    void setNullableUserManager(IUserManager nullableUserManager) {
+        this.nullableUserManager = nullableUserManager;
     }
-
-
 }