private String getUserName() { String userName = credential.getCredential().getUserName(); if (userName == null) { throw new IllegalArgumentException("Username can not be null"); } return userName.replace("=", "=3D").replace(",", "=2C"); }
@Override public void handle(final Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (final Callback callback : callbacks) { if (callback instanceof PasswordCallback) { ((PasswordCallback) callback).setPassword(credential.getPassword()); } else if (callback instanceof NameCallback) { ((NameCallback) callback).setName(credential.getUserName()); } } } });
/** * Gets the username * * @return the username */ @Nullable public String getUsername() { return credential != null ? credential.getUserName() : null; }
@Override public String generate(final MongoCredential credential) { // Username and password must not be modified going into the hash. String username = credential.getUserName(); char[] password = credential.getPassword(); if (username == null || password == null) { throw new IllegalArgumentException("Username and password must not be null"); } return createAuthenticationHash(username, password); } };
@NonNull private static String getUserNameNonNull(final MongoCredential credential) { String userName = credential.getUserName(); if (userName == null) { throw new MongoInternalException("User name can not be null"); } return userName; }
@NonNull String getUserNameNonNull() { String userName = credential.getCredential().getUserName(); if (userName == null) { throw new MongoInternalException("User name can not be null"); } return userName; }
private void validateUserName(final ConnectionDescription connectionDescription) { if (getMongoCredential().getUserName() == null && serverIsLessThanVersionThreeDotFour(connectionDescription)) { throw new MongoSecurityException(getMongoCredential(), "User name is required for the MONGODB-X509 authentication mechanism " + "on server versions less than 3.4"); } } }
@Override protected SaslClient createSaslClient(final ServerAddress serverAddress) { MongoCredential credential = getMongoCredential(); try { Map<String, Object> saslClientProperties = credential.getMechanismProperty(JAVA_SASL_CLIENT_PROPERTIES_KEY, null); if (saslClientProperties == null) { saslClientProperties = new HashMap<String, Object>(); saslClientProperties.put(Sasl.MAX_BUFFER, "0"); saslClientProperties.put(Sasl.CREDENTIALS, getGSSCredential(credential.getUserName())); } SaslClient saslClient = Sasl.createSaslClient(new String[]{GSSAPI.getMechanismName()}, credential.getUserName(), credential.getMechanismProperty(SERVICE_NAME_KEY, SERVICE_NAME_DEFAULT_VALUE), getHostName(serverAddress), saslClientProperties, null); if (saslClient == null) { throw new MongoSecurityException(credential, String.format("No platform support for %s mechanism", GSSAPI)); } return saslClient; } catch (SaslException e) { throw new MongoSecurityException(credential, "Exception initializing SASL client", e); } catch (GSSException e) { throw new MongoSecurityException(credential, "Exception initializing GSSAPI credentials", e); } catch (UnknownHostException e) { throw new MongoSecurityException(credential, "Unable to canonicalize host name + " + serverAddress); } }
private BsonDocument createIsMasterCommand() { BsonDocument isMasterCommandDocument = new BsonDocument("ismaster", new BsonInt32(1)); isMasterCommandDocument.append("saslSupportedMechs", new BsonString(format("%s.%s", getMongoCredential().getSource(), getMongoCredential().getUserName()))); return isMasterCommandDocument; }
@Override void authenticate(final InternalConnection connection, final ConnectionDescription connectionDescription) { try { validateUserName(connectionDescription); BsonDocument authCommand = getAuthCommand(getMongoCredential().getUserName()); executeCommand(getMongoCredential().getSource(), authCommand, connection); } catch (MongoCommandException e) { throw new MongoSecurityException(getMongoCredential(), "Exception authenticating", e); } }
private BsonDocument createIsMasterCommand() { BsonDocument isMasterCommandDocument = new BsonDocument("ismaster", new BsonInt32(1)); if (clientMetadataDocument != null) { isMasterCommandDocument.append("client", clientMetadataDocument); } if (!requestedCompressors.isEmpty()) { BsonArray compressors = new BsonArray(); for (MongoCompressor cur : this.requestedCompressors) { compressors.add(new BsonString(cur.getName())); } isMasterCommandDocument.append("compression", compressors); } if (checkSaslSupportedMechs) { MongoCredential credential = authenticators.get(0).getMongoCredential(); isMasterCommandDocument.append("saslSupportedMechs", new BsonString(credential.getSource() + "." + credential.getUserName())); } return isMasterCommandDocument; }
@Override void authenticateAsync(final InternalConnection connection, final ConnectionDescription connectionDescription, final SingleResultCallback<Void> callback) { try { validateUserName(connectionDescription); executeCommandAsync(getMongoCredential().getSource(), getAuthCommand(getMongoCredential().getUserName()), connection, new SingleResultCallback<BsonDocument>() { @Override public void onResult(final BsonDocument nonceResult, final Throwable t) { if (t != null) { callback.onResult(null, translateThrowable(t)); } else { callback.onResult(null, null); } } }); } catch (Throwable t) { callback.onResult(null, t); } }
@Override protected SaslClient createSaslClient(final ServerAddress serverAddress) { final MongoCredential credential = getMongoCredential(); isTrue("mechanism is PLAIN", credential.getAuthenticationMechanism() == PLAIN); try { return Sasl.createSaslClient(new String[]{PLAIN.getMechanismName()}, credential.getUserName(), DEFAULT_PROTOCOL, serverAddress.getHost(), null, new CallbackHandler() { @Override public void handle(final Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (final Callback callback : callbacks) { if (callback instanceof PasswordCallback) { ((PasswordCallback) callback).setPassword(credential.getPassword()); } else if (callback instanceof NameCallback) { ((NameCallback) callback).setName(credential.getUserName()); } } } }); } catch (SaslException e) { throw new MongoSecurityException(credential, "Exception initializing SASL client", e); } } }
/** * Gets the username * * @return the username */ @Nullable public String getUsername() { return credential != null ? credential.getUserName() : null; }
@Override public Map<String, ?> properties(RequestContext ctx) throws Exception { Map properties = new HashMap<>(); properties.put(MECHANISM, mongoCredential.getMechanism()); properties.put(USERNAME, mongoCredential.getUserName()); //only the MONGODB CR has a password and database option, the GSS one only accepts a username if (mongoCredential.getMechanism().equals(MongoCredential.MONGODB_CR_MECHANISM)) { properties.put(PASSWORD, new String(mongoCredential.getPassword())); properties.put(DB, mongoCredential.getSource()); } return properties; }
protected MongoClient createMongoClient(ServerAddress sa, Optional<MongoCredential> credentials) { if (!credentials.isPresent()) { getMonitor().debug("Connecting to Mongo without authentication"); return new MongoClient(sa); } else { getMonitor() .debug( "Connecting to Mongo with authentication as user '{}'", credentials.get().getUserName()); return new MongoClient(sa, Arrays.asList(credentials.get())); } }
protected MongoClient createMongoClient(ServerAddress sa, Optional<MongoCredential> credentials) { if (!credentials.isPresent()) { getMonitor().debug("Connecting to Mongo without authentication"); return new MongoClient(sa); } else { getMonitor() .debug( "Connecting to Mongo with authentication as user '{}'", credentials.get().getUserName()); return new MongoClient(sa, Arrays.asList(credentials.get())); } }
@NonNull private static String getUserNameNonNull(final MongoCredential credential) { String userName = credential.getUserName(); if (userName == null) { throw new MongoInternalException("User name can not be null"); } return userName; }
@NonNull String getUserNameNonNull() { String userName = credential.getCredential().getUserName(); if (userName == null) { throw new MongoInternalException("User name can not be null"); } return userName; }
private void validateUserName(final ConnectionDescription connectionDescription) { if (getMongoCredential().getUserName() == null && serverIsLessThanVersionThreeDotFour(connectionDescription)) { throw new MongoSecurityException(getMongoCredential(), "User name is required for the MONGODB-X509 authentication mechanism " + "on server versions less than 3.4"); } } }