Java Code Examples for org.apache.qpid.proton.engine.Sasl#pending()
The following examples show how to use
org.apache.qpid.proton.engine.Sasl#pending() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: SaslTest.java From qpid-proton-j with Apache License 2.0 | 6 votes |
|
@Override
public void onSaslInit(Sasl s, Transport t)
{
assertArrayEquals("Server should now know the client's chosen mechanism.",
new String[]{TESTMECH1}, s.getRemoteMechanisms());
byte[] serverReceivedInitialBytes = new byte[s.pending()];
s.recv(serverReceivedInitialBytes, 0, serverReceivedInitialBytes.length);
assertArrayEquals("Server should now know the client's initial response.",
INITIAL_RESPONSE_BYTES, serverReceivedInitialBytes);
s.send(CHALLENGE_BYTES, 0, CHALLENGE_BYTES.length);
assertFalse("Should not have already received init", initReceived.getAndSet(true));
}
Example 2
| Source File: ProtonHandler.java From activemq-artemis with Apache License 2.0 | 6 votes |
|
private void processPending(Sasl sasl) {
byte[] dataSASL = new byte[sasl.pending()];
int received = sasl.recv(dataSASL, 0, dataSASL.length);
if (log.isTraceEnabled()) {
log.trace("Working on sasl, length:" + received);
}
byte[] response = chosenMechanism.processSASL(received != -1 ? dataSASL : null);
if (response != null) {
sasl.send(response, 0, response.length);
}
saslResult = chosenMechanism.result();
if (saslResult != null) {
if (saslResult.isSuccess()) {
saslComplete(sasl, Sasl.SaslOutcome.PN_SASL_OK);
} else {
saslComplete(sasl, Sasl.SaslOutcome.PN_SASL_AUTH);
}
}
}
Example 3
| Source File: SaslTest.java From qpid-proton-j with Apache License 2.0 | 5 votes |
|
@Override
public void onSaslResponse(Sasl s, Transport t)
{
byte[] serverReceivedResponseBytes = new byte[s.pending()];
s.recv(serverReceivedResponseBytes, 0, serverReceivedResponseBytes.length);
assertArrayEquals("Server should now know the client's response", RESPONSE_BYTES, serverReceivedResponseBytes);
s.send(ADDITIONAL_DATA_BYTES, 0, ADDITIONAL_DATA_BYTES.length);
s.done(SaslOutcome.PN_SASL_OK);
assertFalse("Should not have already received response", responseReceived.getAndSet(true));
}
Example 4
| Source File: SaslTest.java From qpid-proton-j with Apache License 2.0 | 5 votes |
|
@Override
public void onSaslChallenge(Sasl s, Transport t)
{
byte[] clientReceivedChallengeBytes = new byte[s.pending()];
s.recv(clientReceivedChallengeBytes, 0, clientReceivedChallengeBytes.length);
assertEquals("Unexpected SASL outcome at client", SaslOutcome.PN_SASL_NONE, s.getOutcome());
assertArrayEquals("Client should now know the server's challenge",
CHALLENGE_BYTES, clientReceivedChallengeBytes);
s.send(RESPONSE_BYTES, 0, RESPONSE_BYTES.length);
assertFalse("Should not have already received challenge", challengeReceived.getAndSet(true));
}
Example 5
| Source File: SaslTest.java From qpid-proton-j with Apache License 2.0 | 5 votes |
|
@Override
public void onSaslOutcome(Sasl s, Transport t)
{
assertEquals("Unexpected SASL outcome at client", SaslOutcome.PN_SASL_OK, s.getOutcome());
byte[] clientReceivedAdditionalBytes = new byte[s.pending()];
s.recv(clientReceivedAdditionalBytes, 0, clientReceivedAdditionalBytes.length);
assertArrayEquals("Client should now know the server's outcome additional data", clientReceivedAdditionalBytes,
clientReceivedAdditionalBytes);
assertFalse("Should not have already received outcome", outcomeReceived.getAndSet(true));
}
Example 6
| Source File: ProtonHandler.java From activemq-artemis with Apache License 2.0 | 5 votes |
|
@Override
public void onSaslChallenge(Sasl sasl, Transport transport) {
int challengeSize = sasl.pending();
byte[] challenge = new byte[challengeSize];
sasl.recv(challenge, 0, challengeSize);
byte[] response = clientSASLMechanism.getResponse(challenge);
sasl.send(response, 0, response.length);
}
Example 7
| Source File: ProtonServerImplTest.java From vertx-proton with Apache License 2.0 | 5 votes |
|
private boolean evaluatePlainResponse(Sasl sasl) {
byte[] response = new byte[sasl.pending()];
sasl.recv(response, 0, response.length);
// Per https://tools.ietf.org/html/rfc4616 the PLAIN message format is: [authzid] UTF8NUL authcid UTF8NUL passwd
// Break initial response into its constituent parts.
int authzidTerminatorPos = findNullPosition(response, 0);
if (authzidTerminatorPos < 0) {
// Invalid PLAIN encoding, authzid null terminator not found
return false;
}
int authcidTerminatorPos = findNullPosition(response, authzidTerminatorPos + 1);
if (authcidTerminatorPos < 0) {
// Invalid PLAIN encoding, authcid null terminator not found
return false;
}
if (authcidTerminatorPos == response.length - 1) {
// Invalid PLAIN encoding, no password present
return false;
}
// Grab the authcid and password (ignoring authzid if present)
String authcid = new String(response, authzidTerminatorPos + 1, authcidTerminatorPos - authzidTerminatorPos - 1,
StandardCharsets.UTF_8);
String passwd = new String(response, authcidTerminatorPos + 1, response.length - authcidTerminatorPos - 1,
StandardCharsets.UTF_8);
// Now verify the given credentials
if (GOOD_USER.equals(authcid) && PASSWD.equals(passwd)) {
// Success
return true;
}
return false;
}
Example 8
| Source File: AmqpSaslAuthenticator.java From qpid-jms with Apache License 2.0 | 5 votes |
|
public void handleSaslChallenge(Sasl sasl, Transport transport) {
try {
if (sasl.pending() >= 0) {
byte[] challenge = new byte[sasl.pending()];
sasl.recv(challenge, 0, challenge.length);
byte[] response = mechanism.getChallengeResponse(challenge);
if (response != null) {
sasl.send(response, 0, response.length);
}
}
} catch (Throwable error) {
recordFailure("Exception while processing SASL step: " + error.getMessage(), error);
}
}
Example 9
| Source File: AmqpSaslAuthenticator.java From qpid-jms with Apache License 2.0 | 5 votes |
|
private void handleSaslCompletion(Sasl sasl) {
try {
if (sasl.pending() != 0) {
byte[] additionalData = new byte[sasl.pending()];
sasl.recv(additionalData, 0, additionalData.length);
mechanism.getChallengeResponse(additionalData);
}
mechanism.verifyCompletion();
complete = true;
} catch (Throwable error) {
recordFailure("Exception while processing SASL exchange completion: " + error.getMessage(), error);
}
}
Example 10
| Source File: SaslTest.java From qpid-proton-j with Apache License 2.0 | 4 votes |
|
/** 5.3.2 SASL Negotiation. */
@Test
public void testSaslNegotiation() throws Exception
{
getClient().transport = Proton.transport();
getServer().transport = Proton.transport();
Sasl clientSasl = getClient().transport.sasl();
clientSasl.client();
assertEquals("Unexpected SASL outcome at client", SaslOutcome.PN_SASL_NONE, clientSasl.getOutcome());
Sasl serverSasl = getServer().transport.sasl();
serverSasl.server();
serverSasl.setMechanisms(TESTMECH1, TESTMECH2);
assertEquals("Server should not yet know the remote's chosen mechanism.",
0,
serverSasl.getRemoteMechanisms().length);
pumpClientToServer();
pumpServerToClient();
assertArrayEquals("Client should now know the server's mechanisms.",
new String[]{TESTMECH1, TESTMECH2},
clientSasl.getRemoteMechanisms());
assertEquals("Unexpected SASL outcome at client", SaslOutcome.PN_SASL_NONE, clientSasl.getOutcome());
clientSasl.setMechanisms(TESTMECH1);
pumpClientToServer();
assertArrayEquals("Server should now know the client's chosen mechanism.",
new String[]{TESTMECH1},
serverSasl.getRemoteMechanisms());
serverSasl.send(CHALLENGE_BYTES, 0, CHALLENGE_BYTES.length);
pumpServerToClient();
byte[] clientReceivedChallengeBytes = new byte[clientSasl.pending()];
clientSasl.recv(clientReceivedChallengeBytes, 0, clientReceivedChallengeBytes.length);
assertEquals("Unexpected SASL outcome at client", SaslOutcome.PN_SASL_NONE, clientSasl.getOutcome());
assertArrayEquals("Client should now know the server's challenge",
CHALLENGE_BYTES,
clientReceivedChallengeBytes);
clientSasl.send(RESPONSE_BYTES, 0, RESPONSE_BYTES.length);
pumpClientToServer();
byte[] serverReceivedResponseBytes = new byte[serverSasl.pending()];
serverSasl.recv(serverReceivedResponseBytes, 0, serverReceivedResponseBytes.length);
assertArrayEquals("Server should now know the client's response",
RESPONSE_BYTES,
serverReceivedResponseBytes);
serverSasl.done(SaslOutcome.PN_SASL_OK);
pumpServerToClient();
assertEquals("Unexpected SASL outcome at client", SaslOutcome.PN_SASL_OK, clientSasl.getOutcome());
}
Example 11
| Source File: SaslTest.java From qpid-proton-j with Apache License 2.0 | 4 votes |
|
/**
* 5.3.3.5 The additional-data field carries additional data on successful authentication outcome as specified
* by the SASL specification [RFC4422].
*/
@Test
public void testOutcomeAdditionalData() throws Exception
{
getClient().transport = Proton.transport();
getServer().transport = Proton.transport();
Sasl clientSasl = getClient().transport.sasl();
clientSasl.client();
assertEquals("Unexpected SASL outcome at client", SaslOutcome.PN_SASL_NONE, clientSasl.getOutcome());
Sasl serverSasl = getServer().transport.sasl();
serverSasl.server();
serverSasl.setMechanisms(TESTMECH1);
pumpClientToServer();
pumpServerToClient();
assertEquals("Unexpected SASL outcome at client", SaslOutcome.PN_SASL_NONE, clientSasl.getOutcome());
clientSasl.setMechanisms(TESTMECH1);
pumpClientToServer();
serverSasl.send(CHALLENGE_BYTES, 0, CHALLENGE_BYTES.length);
pumpServerToClient();
byte[] clientReceivedChallengeBytes = new byte[clientSasl.pending()];
clientSasl.recv(clientReceivedChallengeBytes, 0, clientReceivedChallengeBytes.length);
assertEquals("Unexpected SASL outcome at client", SaslOutcome.PN_SASL_NONE, clientSasl.getOutcome());
clientSasl.send(RESPONSE_BYTES, 0, RESPONSE_BYTES.length);
pumpClientToServer();
byte[] serverReceivedResponseBytes = new byte[serverSasl.pending()];
serverSasl.recv(serverReceivedResponseBytes, 0, serverReceivedResponseBytes.length);
serverSasl.send(ADDITIONAL_DATA_BYTES, 0, ADDITIONAL_DATA_BYTES.length);
serverSasl.done(SaslOutcome.PN_SASL_OK);
pumpServerToClient();
byte[] clientReceivedAdditionalDataBytes = new byte[clientSasl.pending()];
clientSasl.recv(clientReceivedAdditionalDataBytes, 0, clientReceivedAdditionalDataBytes.length);
assertEquals("Unexpected SASL outcome at client", SaslOutcome.PN_SASL_OK, clientSasl.getOutcome());
assertArrayEquals("Client should now know the serrver's additional-data",
ADDITIONAL_DATA_BYTES,
clientReceivedAdditionalDataBytes);
}
Example 12
| Source File: SaslTest.java From qpid-proton-j with Apache License 2.0 | 4 votes |
|
@Test
public void testSaslNegotiationWithConfiguredLargerFrameSize() throws Exception
{
final byte[] largeInitialResponseBytesOrig = fillBytes("initialResponse", 1431);
final byte[] largeChallengeBytesOrig = fillBytes("challenge", 1375);
final byte[] largeResponseBytesOrig = fillBytes("response", 1282);
final byte[] largeAdditionalBytesOrig = fillBytes("additionalData", 1529);
getClient().transport = Proton.transport();
getServer().transport = Proton.transport();
// Configure transports to allow for larger initial frame sizes
getClient().transport.setInitialRemoteMaxFrameSize(2048);
getServer().transport.setInitialRemoteMaxFrameSize(2048);
Sasl clientSasl = getClient().transport.sasl();
clientSasl.client();
Sasl serverSasl = getServer().transport.sasl();
serverSasl.server();
// Negotiate the mech
serverSasl.setMechanisms(TESTMECH1, TESTMECH2);
pumpClientToServer();
pumpServerToClient();
assertArrayEquals("Client should now know the server's mechanisms.", new String[] { TESTMECH1, TESTMECH2 },
clientSasl.getRemoteMechanisms());
assertEquals("Unexpected SASL outcome at client", SaslOutcome.PN_SASL_NONE, clientSasl.getOutcome());
// Select a mech, send large initial response along with it in sasl-init, verify server receives it
clientSasl.setMechanisms(TESTMECH1);
byte[] initialResponseBytes = Arrays.copyOf(largeInitialResponseBytesOrig, largeInitialResponseBytesOrig.length);
clientSasl.send(initialResponseBytes, 0, initialResponseBytes.length);
pumpClientToServer();
assertArrayEquals("Server should now know the client's chosen mechanism.", new String[] { TESTMECH1 },
serverSasl.getRemoteMechanisms());
byte[] serverReceivedInitialResponseBytes = new byte[serverSasl.pending()];
serverSasl.recv(serverReceivedInitialResponseBytes, 0, serverReceivedInitialResponseBytes.length);
assertArrayEquals("Server should now know the clients initial response", largeInitialResponseBytesOrig,
serverReceivedInitialResponseBytes);
// Send a large challenge in a sasl-challenge, verify client receives it
byte[] challengeBytes = Arrays.copyOf(largeChallengeBytesOrig, largeChallengeBytesOrig.length);
serverSasl.send(challengeBytes, 0, challengeBytes.length);
pumpServerToClient();
byte[] clientReceivedChallengeBytes = new byte[clientSasl.pending()];
clientSasl.recv(clientReceivedChallengeBytes, 0, clientReceivedChallengeBytes.length);
assertEquals("Unexpected SASL outcome at client", SaslOutcome.PN_SASL_NONE, clientSasl.getOutcome());
assertArrayEquals("Client should now know the server's challenge", largeChallengeBytesOrig,
clientReceivedChallengeBytes);
// Send a large response in a sasl-response, verify server receives it
byte[] responseBytes = Arrays.copyOf(largeResponseBytesOrig, largeResponseBytesOrig.length);
clientSasl.send(responseBytes, 0, responseBytes.length);
pumpClientToServer();
byte[] serverReceivedResponseBytes = new byte[serverSasl.pending()];
serverSasl.recv(serverReceivedResponseBytes, 0, serverReceivedResponseBytes.length);
assertArrayEquals("Server should now know the client's response", largeResponseBytesOrig, serverReceivedResponseBytes);
// Send an outcome with large additional data in a sasl-outcome, verify client receives it
byte[] additionalBytes = Arrays.copyOf(largeAdditionalBytesOrig, largeAdditionalBytesOrig.length);
serverSasl.send(additionalBytes, 0, additionalBytes.length);
serverSasl.done(SaslOutcome.PN_SASL_OK);
pumpServerToClient();
assertEquals("Unexpected SASL outcome at client", SaslOutcome.PN_SASL_OK, clientSasl.getOutcome());
byte[] clientReceivedAdditionalBytes = new byte[clientSasl.pending()];
clientSasl.recv(clientReceivedAdditionalBytes, 0, clientReceivedAdditionalBytes.length);
assertArrayEquals("Client should now know the server's outcome additional data", largeAdditionalBytesOrig,
clientReceivedAdditionalBytes);
}
Example 13
| Source File: ProtonHandler.java From activemq-artemis with Apache License 2.0 | 4 votes |
|
@Override
public void onSaslOutcome(Sasl sasl, Transport transport) {
log.debug("onSaslOutcome: " + sasl);
switch (sasl.getState()) {
case PN_SASL_FAIL:
log.info("Outbound connection failed, authentication failure");
dispatchAuthFailed();
break;
case PN_SASL_PASS:
log.debug("Outbound connection succeeded");
if (sasl.pending() != 0) {
byte[] additionalData = new byte[sasl.pending()];
sasl.recv(additionalData, 0, additionalData.length);
clientSASLMechanism.getResponse(additionalData);
}
saslResult = new SASLResult() {
@Override
public String getUser() {
return null;
}
@Override
public Subject getSubject() {
return null;
}
@Override
public boolean isSuccess() {
return true;
}
};
dispatchAuthSuccess();
break;
default:
break;
}
}
