sascha@2959: package de.intevation.flys.client.server.auth.plain;
sascha@2959: 
sascha@2959: import de.intevation.flys.client.server.auth.AuthenticationException;
sascha@2959: import de.intevation.flys.client.server.auth.DefaultUser;
sascha@2959: import de.intevation.flys.client.server.auth.User;
sascha@2959: 
sascha@2959: import java.io.BufferedReader;
sascha@2959: import java.io.File;
sascha@2959: import java.io.FileReader;
sascha@2959: import java.io.IOException;
sascha@2980: 
sascha@2980: import java.util.ArrayList;
bjoern@2978: import java.util.List;
sascha@2959: 
sascha@2985: import org.apache.log4j.Logger;
sascha@2985: 
bjoern@3485: import de.intevation.flys.client.server.features.Features;
bjoern@3485: 
christian@3696: /**
christian@3696:  * Authenticator that uses a local file as user backend.
christian@3696:  */
sascha@2959: public class Authenticator
sascha@2959: implements   de.intevation.flys.client.server.auth.Authenticator
sascha@2959: {
sascha@2985:     private static final Logger log =
sascha@2985:         Logger.getLogger(Authenticator.class);
sascha@2985: 
sascha@2959:     public static class Authentication
sascha@2959:     implements          de.intevation.flys.client.server.auth.Authentication
sascha@2959:     {
sascha@2980:         protected String       user;
sascha@2980:         protected String       password;
bjoern@2978:         protected List<String> roles;
bjoern@3485:         protected Features     features;
sascha@2959: 
sascha@2980:         public Authentication(
sascha@2980:             String       user,
sascha@2980:             String       password,
bjoern@3485:             List<String> roles,
bjoern@3485:             Features features
sascha@2980:         ) {
sascha@2959:             this.user     = user;
sascha@2959:             this.password = password;
bjoern@2978:             this.roles    = roles;
bjoern@3485:             this.features = features;
sascha@2959:         }
sascha@2959: 
sascha@2959:         @Override
sascha@2959:         public boolean isSuccess() {
sascha@2959:             return user != null;
sascha@2959:         }
sascha@2959: 
sascha@2959:         @Override
sascha@2959:         public User getUser() {
sascha@2959:             return isSuccess()
bjoern@3485:                 ? new DefaultUser(user, password, false, roles, this.features.getFeatures(roles))
sascha@2959:                 : null;
sascha@2959:         }
sascha@2959:     } // class Authentication
sascha@2959: 
sascha@2959:     public Authenticator() {
sascha@2959:     }
sascha@2959: 
sascha@2959:     private static File credentialsFile() {
sascha@2959:         String env = System.getenv("FLYS_USER_FILE");
sascha@2959:         if (env == null) {
sascha@2959:             env = System.getProperty(
sascha@2959:                 "flys.user.file",
sascha@2959:                 System.getProperty("user.home", ".")
sascha@2959:                 + System.getProperty("file.separator")
sascha@2959:                 + "flys_user_file");
sascha@2959:         }
bjoern@3545:         log.debug("Using credentials file " + env);
sascha@2959:         return new File(env);
sascha@2959: 
sascha@2959:     }
sascha@2959: 
sascha@2959:     @Override
sascha@2959:     public de.intevation.flys.client.server.auth.Authentication auth(
sascha@2959:         String username,
sascha@2959:         String password,
bjoern@3485:         String encoding,
bjoern@3485:         Features features
sascha@2959:     )
sascha@2959:     throws AuthenticationException, IOException
sascha@2959:     {
sascha@2959:         File file = credentialsFile();
sascha@2959:         if (!file.canRead() || !file.isFile()) {
sascha@2985:             log.error("cannot find user file '" + file + "'");
bjoern@3485:             return new Authentication(null, null, new ArrayList<String>(0), features);
sascha@2959:         }
sascha@2959: 
sascha@2959:         BufferedReader reader =
sascha@2959:             new BufferedReader(
sascha@2959:             new FileReader(file));
sascha@2959:         try {
sascha@2959:             String line;
sascha@2959:             while ((line = reader.readLine()) != null) {
sascha@3697:                 if ((line = line.trim()).length() == 0
sascha@3697:                 || line.startsWith("#")) {
sascha@2959:                     continue;
sascha@2959:                 }
sascha@3697: 
christian@3696:                 String[] parts = line.split("\\s+");
sascha@2959:                 if (parts.length < 2) {
sascha@2959:                     continue;
sascha@2959:                 }
sascha@3697: 
sascha@2959:                 if (parts[0].equals(username)) {
sascha@2985:                     log.debug("user '" + username + "' found.");
sascha@2959:                     if (parts[1].equals(password)) {
sascha@2980:                         List<String> roles =
sascha@2980:                             new ArrayList<String>(parts.length - 2);
sascha@2980: 
bjoern@2978:                         for (int i = 2; i < parts.length; i++) {
bjoern@2978:                             roles.add(parts[i]);
bjoern@2978:                         }
sascha@2980: 
sascha@2985:                         log.debug("success");
bjoern@3485:                         return new Authentication(username, password, roles, features);
sascha@2959:                     }
sascha@2959:                     // Stop: user found, wrong password
sascha@2959:                     break;
sascha@2959:                 }
sascha@2959:             }
sascha@2959:         }
sascha@2959:         finally {
sascha@2959:             reader.close();
sascha@2959:         }
sascha@2985:         log.debug("failed");
christian@3696:         return null;
sascha@2959:     }
sascha@2959: }
sascha@2959: // vim:set ts=4 sw=4 si et sta sts=4 fenc=utf8 :