1/*
2 * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.
8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 */
23package login;
24
25import java.io.IOException;
26import java.util.Map;
27import javax.security.auth.Subject;
28import javax.security.auth.callback.Callback;
29import javax.security.auth.callback.CallbackHandler;
30import javax.security.auth.callback.NameCallback;
31import javax.security.auth.callback.PasswordCallback;
32import javax.security.auth.callback.UnsupportedCallbackException;
33import javax.security.auth.login.LoginException;
34import javax.security.auth.spi.LoginModule;
35import com.sun.security.auth.UnixPrincipal;
36
37/**
38 * Custom JAAS login module which will be loaded through Java LoginContext when
39 * it is bundled by Strict/Auto/Unnamed modules.
40 */
41public class TestLoginModule implements LoginModule {
42
43    private static final String USER_NAME = "testUser";
44    private static final String PASSWORD = "testPassword";
45    private Subject subject;
46    private CallbackHandler callbackHandler;
47    private UnixPrincipal userPrincipal;
48    private String username;
49    private String password;
50    private boolean succeeded = false;
51    private boolean commitSucceeded = false;
52
53    @Override
54    public void initialize(Subject subject, CallbackHandler callbackHandler,
55            Map<String, ?> sharedState, Map<String, ?> options) {
56
57        this.subject = subject;
58        this.callbackHandler = callbackHandler;
59        System.out.println(String.format(
60                "'%s' login module initialized", this.getClass()));
61    }
62
63    /*
64     * Authenticate the user by prompting for a username and password.
65     */
66    @Override
67    public boolean login() throws LoginException {
68        if (callbackHandler == null) {
69            throw new LoginException("No CallbackHandler available");
70        }
71
72        Callback[] callbacks = new Callback[2];
73        callbacks[0] = new NameCallback("Username: ");
74        callbacks[1] = new PasswordCallback("Password: ", false);
75
76        try {
77            callbackHandler.handle(callbacks);
78            username = ((NameCallback) callbacks[0]).getName();
79            password = new String(((PasswordCallback) callbacks[1])
80                    .getPassword());
81            System.out.println(String.format("'%s' login module found username"
82                    + " as '%s' and password as '%s'", this.getClass(),
83                    username, password));
84            if (username.equals(USER_NAME)
85                    && password.equals(PASSWORD)) {
86                System.out.println(String.format("'%s' login module "
87                        + "authentication done successfully", this.getClass()));
88                succeeded = true;
89                return true;
90            }
91            throw new IllegalArgumentException("Incorrect username/password!");
92        } catch (IOException | UnsupportedCallbackException e) {
93            throw new LoginException("Login failed: " + e.getMessage());
94        }
95    }
96
97    @Override
98    public boolean commit() throws LoginException {
99        if (succeeded == false) {
100            return false;
101        }
102        userPrincipal = new UnixPrincipal(username);
103        if (!subject.getPrincipals().contains(userPrincipal)) {
104            subject.getPrincipals().add(userPrincipal);
105        }
106        System.out.println(String.format("'%s' login module authentication "
107                + "committed", this.getClass()));
108        password = null;
109        commitSucceeded = true;
110        return true;
111    }
112
113    @Override
114    public boolean abort() throws LoginException {
115        if (succeeded == false) {
116            return false;
117        }
118        System.out.println(String.format(
119                "'%s' login module aborted", this.getClass()));
120        clearState();
121        return true;
122    }
123
124    @Override
125    public boolean logout() throws LoginException {
126        clearState();
127        System.out.println(String.format(
128                "'%s' login module logout completed", this.getClass()));
129        return true;
130    }
131
132    private void clearState() {
133        if (commitSucceeded) {
134            subject.getPrincipals().remove(userPrincipal);
135        }
136        username = null;
137        password = null;
138        userPrincipal = null;
139    }
140}
141