Class UserAuthPublicKey
- java.lang.Object
-
- org.apache.sshd.common.util.logging.AbstractLoggingBean
-
- org.apache.sshd.client.auth.AbstractUserAuth
-
- org.apache.sshd.client.auth.pubkey.UserAuthPublicKey
-
- All Implemented Interfaces:
UserAuth,ClientSessionHolder,UserAuthInstance<ClientSession>,NamedResource,SignatureFactoriesHolder,SignatureFactoriesManager
public class UserAuthPublicKey extends AbstractUserAuth implements SignatureFactoriesManager
Implements the "publickey" authentication mechanism- Author:
- Apache MINA SSHD Project
-
-
Field Summary
Fields Modifier and Type Field Description protected StringchosenAlgorithmprotected PublicKeyIdentitycurrentprotected Deque<String>currentAlgorithmsprotected List<NamedFactory<Signature>>factoriesstatic AttributeRepository.AttributeKey<String>IDENTITY_AGENTIs set on aClientSessionwhen it is created; contains the value of theIdentityAgentSSH config setting.protected Iterator<PublicKeyIdentity>keysstatic StringNAMEstatic AttributeRepository.AttributeKey<Boolean>USE_DEFAULT_IDENTITIESIs set on aClientSessionwhen it is created; ifBoolean.FALSE, no default identities shall be used.-
Fields inherited from class org.apache.sshd.common.util.logging.AbstractLoggingBean
log
-
Fields inherited from interface org.apache.sshd.common.NamedResource
BY_NAME_COMPARATOR, NAME_EXTRACTOR
-
-
Constructor Summary
Constructors Constructor Description UserAuthPublicKey()UserAuthPublicKey(List<NamedFactory<Signature>> factories)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected byte[]appendSignature(ClientSession session, String service, String name, String username, String algo, PublicKey key, PublicKey serverKey, Buffer buffer)protected Iterator<PublicKeyIdentity>createPublicKeyIterator(ClientSession session, SignatureFactoriesManager manager)voiddestroy()Called to release any allocated resourcesprotected StringgetDefaultSignatureAlgorithm(ClientSession session, String service, PublicKeyIdentity identity, KeyPair keyPair, String keyType)Determines a signature algorithm name to use for the authentication request if none could be determined from the installed signature factories.List<NamedFactory<Signature>>getSignatureFactories()voidinit(ClientSession session, String service)protected booleanprocessAuthDataRequest(ClientSession session, String service, Buffer buffer)protected voidreleaseKeys()protected PublicKeyIdentityresolveAttemptedPublicKeyIdentity(ClientSession session, String service)protected PublicKeyIdentityresolveAttemptedPublicKeyIdentity(ClientSession session, String service, PublicKeyAuthenticationReporter reporter)protected booleansendAuthDataRequest(ClientSession session, String service)voidsetSignatureFactories(List<NamedFactory<Signature>> factories)voidsignalAuthMethodFailure(ClientSession session, String service, boolean partial, List<String> serverMethods, Buffer buffer)Signals reception ofSSH_MSG_USERAUTH_FAILUREmessagevoidsignalAuthMethodSuccess(ClientSession session, String service, Buffer buffer)Signal reception ofSSH_MSG_USERAUTH_SUCCESSmessage-
Methods inherited from class org.apache.sshd.client.auth.AbstractUserAuth
getClientSession, getName, getService, getSession, isCancellable, process, setCancellable, toString
-
Methods inherited from class org.apache.sshd.common.util.logging.AbstractLoggingBean
debug, debug, debug, debug, debug, error, error, error, error, error, getSimplifiedLogger, info, info, warn, warn, warn, warn, warn, warn, warn, warn
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
-
Methods inherited from interface org.apache.sshd.common.signature.SignatureFactoriesHolder
getSignatureFactoriesNameList, getSignatureFactoriesNames
-
Methods inherited from interface org.apache.sshd.common.signature.SignatureFactoriesManager
setSignatureFactoriesNameList, setSignatureFactoriesNames, setSignatureFactoriesNames
-
-
-
-
Field Detail
-
NAME
public static final String NAME
- See Also:
- Constant Field Values
-
USE_DEFAULT_IDENTITIES
public static final AttributeRepository.AttributeKey<Boolean> USE_DEFAULT_IDENTITIES
Is set on aClientSessionwhen it is created; ifBoolean.FALSE, no default identities shall be used.
-
IDENTITY_AGENT
public static final AttributeRepository.AttributeKey<String> IDENTITY_AGENT
Is set on aClientSessionwhen it is created; contains the value of theIdentityAgentSSH config setting. May be the empty string if not specified in theHostConfigEntry.
-
keys
protected Iterator<PublicKeyIdentity> keys
-
current
protected PublicKeyIdentity current
-
factories
protected List<NamedFactory<Signature>> factories
-
chosenAlgorithm
protected String chosenAlgorithm
-
-
Constructor Detail
-
UserAuthPublicKey
public UserAuthPublicKey()
-
UserAuthPublicKey
public UserAuthPublicKey(List<NamedFactory<Signature>> factories)
-
-
Method Detail
-
getSignatureFactories
public List<NamedFactory<Signature>> getSignatureFactories()
- Specified by:
getSignatureFactoriesin interfaceSignatureFactoriesHolder
-
setSignatureFactories
public void setSignatureFactories(List<NamedFactory<Signature>> factories)
- Specified by:
setSignatureFactoriesin interfaceSignatureFactoriesManager
-
init
public void init(ClientSession session, String service) throws Exception
- Specified by:
initin interfaceUserAuth- Overrides:
initin classAbstractUserAuth- Parameters:
session- TheClientSessionservice- The requesting service name- Throws:
Exception- If failed to initialize the mechanism
-
createPublicKeyIterator
protected Iterator<PublicKeyIdentity> createPublicKeyIterator(ClientSession session, SignatureFactoriesManager manager) throws Exception
- Throws:
Exception
-
sendAuthDataRequest
protected boolean sendAuthDataRequest(ClientSession session, String service) throws Exception
- Specified by:
sendAuthDataRequestin classAbstractUserAuth- Throws:
Exception
-
resolveAttemptedPublicKeyIdentity
protected PublicKeyIdentity resolveAttemptedPublicKeyIdentity(ClientSession session, String service) throws Exception
- Throws:
Exception
-
resolveAttemptedPublicKeyIdentity
protected PublicKeyIdentity resolveAttemptedPublicKeyIdentity(ClientSession session, String service, PublicKeyAuthenticationReporter reporter) throws Exception
- Throws:
Exception
-
getDefaultSignatureAlgorithm
protected String getDefaultSignatureAlgorithm(ClientSession session, String service, PublicKeyIdentity identity, KeyPair keyPair, String keyType) throws Exception
Determines a signature algorithm name to use for the authentication request if none could be determined from the installed signature factories. If a non-nullnon-empty string is returned, it is used as is in the authentication.This is mainly intended for use with identities from an SSH agent, where the SSH agent may be able to sign the request even if there is no appropriate signature factory present in Java. Whether it makes sense to allow this depends on the application logic and how it handles e.g. SSH config
PubkeyAcceptedKeyTypes(orPubkeyAcceptedAlgorithms}.This default implementation always returns
null, skipping the key.- Parameters:
session-ClientSessiontrying to authenticateservice- SSH service nameidentity-PublicKeyIdentityconsidered to be used for authenticationkeyPair-KeyPairfromidentitykeyType- the key type ofkeyPair- Returns:
nullor an empty string to skip this key and consider another key, if any, to use for authentication, or a non-empty signature algorithm name to use for the authentication attempt using the givenidentity- Throws:
Exception- if an error occurs- See Also:
KeyAgentIdentity
-
processAuthDataRequest
protected boolean processAuthDataRequest(ClientSession session, String service, Buffer buffer) throws Exception
- Specified by:
processAuthDataRequestin classAbstractUserAuth- Throws:
Exception
-
appendSignature
protected byte[] appendSignature(ClientSession session, String service, String name, String username, String algo, PublicKey key, PublicKey serverKey, Buffer buffer) throws Exception
- Throws:
Exception
-
signalAuthMethodSuccess
public void signalAuthMethodSuccess(ClientSession session, String service, Buffer buffer) throws Exception
Description copied from interface:UserAuthSignal reception ofSSH_MSG_USERAUTH_SUCCESSmessage- Specified by:
signalAuthMethodSuccessin interfaceUserAuth- Parameters:
session- TheClientSessionservice- The requesting service namebuffer- TheBuffercontaining the success message (after having consumed the relevant data from it)- Throws:
Exception- If failed to handle the callback - Note: may cause session close
-
signalAuthMethodFailure
public void signalAuthMethodFailure(ClientSession session, String service, boolean partial, List<String> serverMethods, Buffer buffer) throws Exception
Description copied from interface:UserAuthSignals reception ofSSH_MSG_USERAUTH_FAILUREmessage- Specified by:
signalAuthMethodFailurein interfaceUserAuth- Parameters:
session- TheClientSessionservice- The requesting service namepartial-trueif some partial authentication success so farserverMethods- TheListof authentication methods that can continuebuffer- TheBuffercontaining the failure message (after having consumed the relevant data from it)- Throws:
Exception- If failed to handle the callback - Note: may cause session close
-
destroy
public void destroy()
Description copied from interface:UserAuthCalled to release any allocated resources- Specified by:
destroyin interfaceUserAuth- Overrides:
destroyin classAbstractUserAuth
-
releaseKeys
protected void releaseKeys() throws IOException- Throws:
IOException
-
-