public boolean isComplete() { return saslClient.isComplete(); }
public boolean isComplete() { return saslClient.isComplete(); }
public KeeperState getKeeperState() { if (saslClient != null) { if (saslState == SaslState.FAILED) { return KeeperState.AuthFailed; } if (saslClient.isComplete()) { if (saslState == SaslState.INTERMEDIATE) { saslState = SaslState.COMPLETE; return KeeperState.SaslAuthenticated; } } } // No event ready to emit yet. return null; }
@Override protected boolean isComplete() { return client.isComplete(); }
@Override public boolean isSuccessful() { return client.isComplete(); }
public boolean isComplete() { return delegate.isComplete(); }
public boolean isComplete() { return saslClient.isComplete(); }
public KeeperState getKeeperState() { if (saslClient != null) { if (saslState == SaslState.FAILED) { return KeeperState.AuthFailed; } if (saslClient.isComplete()) { if (saslState == SaslState.INTERMEDIATE) { saslState = SaslState.COMPLETE; return KeeperState.SaslAuthenticated; } } } // No event ready to emit yet. return null; }
/** * Get a SASL wrapped InputStream. Can be called only after saslConnect() has been called. * @return a SASL wrapped InputStream * @throws IOException */ public InputStream getInputStream() throws IOException { if (!saslClient.isComplete()) { throw new IOException("Sasl authentication exchange hasn't completed yet"); } // If Crypto AES is enabled, return cryptoInputStream which unwrap the data with Crypto AES. if (cryptoAesEnable && cryptoInputStream != null) { return cryptoInputStream; } return saslInputStream; }
/** * Get a SASL wrapped OutputStream. Can be called only after saslConnect() has been called. * @return a SASL wrapped OutputStream * @throws IOException */ public OutputStream getOutputStream() throws IOException { if (!saslClient.isComplete()) { throw new IOException("Sasl authentication exchange hasn't completed yet"); } // If Crypto AES is enabled, return cryptoOutputStream which wrap the data with Crypto AES. if (cryptoAesEnable && cryptoOutputStream != null) { return cryptoOutputStream; } return saslOutputStream; }
@Override public boolean needsWrapping() { if (client.isComplete()) { String qop = (String) client.getNegotiatedProperty(Sasl.QOP); return (qop != null && (qop.equalsIgnoreCase("auth-int") || qop.equalsIgnoreCase("auth-conf"))); } else { return false; } }
public boolean isComplete() { if (client != null) return client.isComplete(); else return server.isComplete(); }
private void checkSaslComplete() throws IOException { if (!saslClient.isComplete()) { throw new IOException("Failed to complete SASL handshake"); } Set<String> requestedQop = ImmutableSet.copyOf(Arrays.asList(saslProps.get(Sasl.QOP).split(","))); String negotiatedQop = getNegotiatedQop(); LOG.debug( "Verifying QOP, requested QOP = " + requestedQop + ", negotiated QOP = " + negotiatedQop); if (!requestedQop.contains(negotiatedQop)) { throw new IOException(String.format("SASL handshake completed, but " + "channel does not have acceptable quality of protection, " + "requested = %s, negotiated = %s", requestedQop, negotiatedQop)); } }
@Override public final void checkIfSuccessfulOrThrow() throws SmackException { if (!sc.isComplete()) { throw new SmackException(getName() + " was not completed"); } }
@Override public <CC extends ClientConnection> SaslMessage process(SaslChallengeContext<CC> context) throws Exception { final SaslClient saslClient = context.connection.getSaslClient(); if (saslClient.isComplete()) { handleSuccess(context); return null; } else { // server completed before client; so try once, fail otherwise evaluateChallenge(context.ugi, saslClient, context.challenge.getData().toByteArray()); // discard response if (saslClient.isComplete()) { handleSuccess(context); return null; } else { throw new SaslException("Server allegedly succeeded authentication, but client did not. Suspicious?"); } } } }
if (!(saslClient.isComplete())) { try { saslToken = createSaslToken(serverToken); if (saslClient.isComplete()) {
@Override public void dispose() throws IOException { if (!client.isComplete()) { onError(new SaslException("Client closed before SASL negotiation finished.")); } client.dispose(); }
@Override public <CC extends ClientConnection> SaslMessage process(SaslChallengeContext<CC> context) throws Exception { final SaslMessage.Builder response = SaslMessage.newBuilder(); final SaslClient saslClient = context.connection.getSaslClient(); final byte[] responseBytes = evaluateChallenge(context.ugi, saslClient, context.challenge.getData().toByteArray()); final boolean isComplete = saslClient.isComplete(); logger.trace("Evaluated challenge. Completed? {}.", isComplete); response.setData(responseBytes != null ? ByteString.copyFrom(responseBytes) : ByteString.EMPTY); // if isComplete, the client will get one more response from server response.setStatus(isComplete ? SaslStatus.SASL_SUCCESS : SaslStatus.SASL_IN_PROGRESS); return response.build(); } }
/** * Sends a SASL client token to server if required. This may be an initial token to start * SASL token exchange or response to a challenge from the server. * @return true if a token was sent to the server */ private boolean sendSaslClientToken(byte[] serverToken, boolean isInitial) throws IOException { if (!saslClient.isComplete()) { byte[] saslToken = createSaslToken(serverToken, isInitial); if (saslToken != null) { ByteBuffer tokenBuf = ByteBuffer.wrap(saslToken); if (saslAuthenticateVersion != DISABLE_KAFKA_SASL_AUTHENTICATE_HEADER) { SaslAuthenticateRequest request = new SaslAuthenticateRequest.Builder(tokenBuf).build(saslAuthenticateVersion); tokenBuf = request.serialize(nextRequestHeader(ApiKeys.SASL_AUTHENTICATE, saslAuthenticateVersion)); } send(new NetworkSend(node, tokenBuf)); return true; } } return false; }
@Override public SaslMessage handleSaslMessage(SaslMessage message) throws SaslException { switch (message.getMessageType()) { case CHALLENGE: byte[] saslResponse = mSaslClient.evaluateChallenge(message.getMessage().toByteArray()); SaslMessage.Builder response = SaslMessage.newBuilder().setMessageType(SaslMessageType.CHALLENGE); if (saslResponse != null) { response.setMessage(ByteString.copyFrom(saslResponse)); } return response.build(); case SUCCESS: if (message.hasMessage()) { mSaslClient.evaluateChallenge(message.getMessage().toByteArray()); } Preconditions.checkArgument(mSaslClient.isComplete()); return null; default: throw new SaslException( "Client can't process Sasl message type:" + message.getMessageType().name()); } }