From 2c71ece59893feb5537d94b2ab4393d175f3a723 Mon Sep 17 00:00:00 2001 From: uboness Date: Fri, 8 Aug 2014 21:23:26 +0200 Subject: [PATCH] [cleanup] Moved to TransportMessage where possible Original commit: elastic/x-pack-elasticsearch@46535f7818371f5824c7457a23532878f974b9d8 --- .../shield/audit/AuditTrail.java | 18 ++++++------- .../shield/audit/AuditTrailService.java | 18 ++++++------- .../audit/logfile/LoggingAuditTrail.java | 26 +++++++++---------- .../shield/authc/AuthenticationService.java | 7 ++--- .../authc/InternalAuthenticationService.java | 12 ++++----- .../org/elasticsearch/shield/authc/Realm.java | 6 ++--- .../shield/authc/esusers/ESUsersRealm.java | 5 ++-- .../shield/authc/ldap/LdapRealm.java | 6 ++--- .../support/CachingUsernamePasswordRealm.java | 6 ++--- .../authc/support/UsernamePasswordToken.java | 11 ++++---- 10 files changed, 59 insertions(+), 56 deletions(-) diff --git a/src/main/java/org/elasticsearch/shield/audit/AuditTrail.java b/src/main/java/org/elasticsearch/shield/audit/AuditTrail.java index d1a3d0b65fa..a90a8f31935 100644 --- a/src/main/java/org/elasticsearch/shield/audit/AuditTrail.java +++ b/src/main/java/org/elasticsearch/shield/audit/AuditTrail.java @@ -7,7 +7,7 @@ package org.elasticsearch.shield.audit; import org.elasticsearch.shield.User; import org.elasticsearch.shield.authc.AuthenticationToken; -import org.elasticsearch.transport.TransportRequest; +import org.elasticsearch.transport.TransportMessage; /** * @@ -16,28 +16,28 @@ public interface AuditTrail { public static final AuditTrail NOOP = new AuditTrail() { @Override - public void anonymousAccess(String action, TransportRequest request) { + public void anonymousAccess(String action, TransportMessage message) { } @Override - public void authenticationFailed(String realm, AuthenticationToken token, String action, TransportRequest request) { + public void authenticationFailed(String realm, AuthenticationToken token, String action, TransportMessage message) { } @Override - public void accessGranted(User user, String action, TransportRequest request) { + public void accessGranted(User user, String action, TransportMessage message) { } @Override - public void accessDenied(User user, String action, TransportRequest request) { + public void accessDenied(User user, String action, TransportMessage message) { } }; - void anonymousAccess(String action, TransportRequest request); + void anonymousAccess(String action, TransportMessage message); - void authenticationFailed(String realm, AuthenticationToken token, String action, TransportRequest request); + void authenticationFailed(String realm, AuthenticationToken token, String action, TransportMessage message); - void accessGranted(User user, String action, TransportRequest request); + void accessGranted(User user, String action, TransportMessage message); - void accessDenied(User user, String action, TransportRequest request); + void accessDenied(User user, String action, TransportMessage message); } diff --git a/src/main/java/org/elasticsearch/shield/audit/AuditTrailService.java b/src/main/java/org/elasticsearch/shield/audit/AuditTrailService.java index cfd7146d4eb..92550312097 100644 --- a/src/main/java/org/elasticsearch/shield/audit/AuditTrailService.java +++ b/src/main/java/org/elasticsearch/shield/audit/AuditTrailService.java @@ -10,7 +10,7 @@ import org.elasticsearch.common.inject.Inject; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.shield.User; import org.elasticsearch.shield.authc.AuthenticationToken; -import org.elasticsearch.transport.TransportRequest; +import org.elasticsearch.transport.TransportMessage; import java.util.Set; @@ -28,30 +28,30 @@ public class AuditTrailService extends AbstractComponent implements AuditTrail { } @Override - public void anonymousAccess(String action, TransportRequest request) { + public void anonymousAccess(String action, TransportMessage message) { for (int i = 0; i < auditTrails.length; i++) { - auditTrails[i].anonymousAccess(action, request); + auditTrails[i].anonymousAccess(action, message); } } @Override - public void authenticationFailed(String realm, AuthenticationToken token, String action, TransportRequest request) { + public void authenticationFailed(String realm, AuthenticationToken token, String action, TransportMessage message) { for (int i = 0; i < auditTrails.length; i++) { - auditTrails[i].authenticationFailed(realm, token, action, request); + auditTrails[i].authenticationFailed(realm, token, action, message); } } @Override - public void accessGranted(User user, String action, TransportRequest request) { + public void accessGranted(User user, String action, TransportMessage message) { for (int i = 0; i < auditTrails.length; i++) { - auditTrails[i].accessGranted(user, action, request); + auditTrails[i].accessGranted(user, action, message); } } @Override - public void accessDenied(User user, String action, TransportRequest request) { + public void accessDenied(User user, String action, TransportMessage message) { for (int i = 0; i < auditTrails.length; i++) { - auditTrails[i].accessDenied(user, action, request); + auditTrails[i].accessDenied(user, action, message); } } diff --git a/src/main/java/org/elasticsearch/shield/audit/logfile/LoggingAuditTrail.java b/src/main/java/org/elasticsearch/shield/audit/logfile/LoggingAuditTrail.java index c3b5aa1cc3f..d9958024f22 100644 --- a/src/main/java/org/elasticsearch/shield/audit/logfile/LoggingAuditTrail.java +++ b/src/main/java/org/elasticsearch/shield/audit/logfile/LoggingAuditTrail.java @@ -11,7 +11,7 @@ import org.elasticsearch.common.settings.Settings; import org.elasticsearch.shield.User; import org.elasticsearch.shield.audit.AuditTrail; import org.elasticsearch.shield.authc.AuthenticationToken; -import org.elasticsearch.transport.TransportRequest; +import org.elasticsearch.transport.TransportMessage; /** * @@ -24,38 +24,38 @@ public class LoggingAuditTrail extends AbstractComponent implements AuditTrail { } @Override - public void anonymousAccess(String action, TransportRequest request) { + public void anonymousAccess(String action, TransportMessage message) { if (logger.isDebugEnabled()) { - logger.info("ANONYMOUS_ACCESS\thost=[{}], action=[{}], request=[{}]", request.remoteAddress(), action, request); + logger.info("ANONYMOUS_ACCESS\thost=[{}], action=[{}], request=[{}]", message.remoteAddress(), action, message); } else { - logger.info("ANONYMOUS_ACCESS\thost=[{}], action=[{}]", request.remoteAddress(), action); + logger.info("ANONYMOUS_ACCESS\thost=[{}], action=[{}]", message.remoteAddress(), action); } } @Override - public void authenticationFailed(String realm, AuthenticationToken token, String action, TransportRequest request) { + public void authenticationFailed(String realm, AuthenticationToken token, String action, TransportMessage message) { if (logger.isDebugEnabled()) { - logger.info("AUTHENTICATION_FAILED\thost=[{}], realm=[{}], action=[{}], principal=[{}], request=[{}]", request.remoteAddress(), realm, action, token.principal(), request); + logger.info("AUTHENTICATION_FAILED\thost=[{}], realm=[{}], action=[{}], principal=[{}], request=[{}]", message.remoteAddress(), realm, action, token.principal(), message); } else { - logger.info("AUTHENTICATION_FAILED\thost=[{}], realm=[{}], action=[{}], principal=[{}]", request.remoteAddress(), realm, action, token.principal()); + logger.info("AUTHENTICATION_FAILED\thost=[{}], realm=[{}], action=[{}], principal=[{}]", message.remoteAddress(), realm, action, token.principal()); } } @Override - public void accessGranted(User user, String action, TransportRequest request) { + public void accessGranted(User user, String action, TransportMessage message) { if (logger.isDebugEnabled()) { - logger.info("ACCESS_GRANTED\thost=[{}], action=[{}], principal=[{}], request=[{}]", request.remoteAddress(), action, user.principal(), request); + logger.info("ACCESS_GRANTED\thost=[{}], action=[{}], principal=[{}], request=[{}]", message.remoteAddress(), action, user.principal(), message); } else { - logger.info("ACCESS_GRANTED\thost=[{}], action=[{}], principal=[{}]", request.remoteAddress(), action, user.principal()); + logger.info("ACCESS_GRANTED\thost=[{}], action=[{}], principal=[{}]", message.remoteAddress(), action, user.principal()); } } @Override - public void accessDenied(User user, String action, TransportRequest request) { + public void accessDenied(User user, String action, TransportMessage message) { if (logger.isDebugEnabled()) { - logger.info("ACCESS_DENIED\thost=[{}], action=[{}], principal=[{}], request=[{}]", request.remoteAddress(), action, user.principal(), request); + logger.info("ACCESS_DENIED\thost=[{}], action=[{}], principal=[{}], request=[{}]", message.remoteAddress(), action, user.principal(), message); } else { - logger.info("ACCESS_DENIED\thost=[{}], action=[{}], principal=[{}]", request.remoteAddress(), action, user.principal()); + logger.info("ACCESS_DENIED\thost=[{}], action=[{}], principal=[{}]", message.remoteAddress(), action, user.principal()); } } diff --git a/src/main/java/org/elasticsearch/shield/authc/AuthenticationService.java b/src/main/java/org/elasticsearch/shield/authc/AuthenticationService.java index aeede5ad31d..40be7738f45 100644 --- a/src/main/java/org/elasticsearch/shield/authc/AuthenticationService.java +++ b/src/main/java/org/elasticsearch/shield/authc/AuthenticationService.java @@ -6,6 +6,7 @@ package org.elasticsearch.shield.authc; import org.elasticsearch.shield.User; +import org.elasticsearch.transport.TransportMessage; import org.elasticsearch.transport.TransportRequest; /** @@ -16,16 +17,16 @@ public interface AuthenticationService { /** * Authenticates the user associated with the given request. * - * An {@link AuthenticationToken authentication token} will be extracted from the request, and + * An {@link AuthenticationToken authentication token} will be extracted from the message, and * will be authenticated. On successful authentication, the {@link org.elasticsearch.shield.User user} that is associated * with the request (i.e. that is associated with the token's {@link AuthenticationToken#principal() principal}) * will be returned. * - * @param request The executed request + * @param message The executed message * @return The authenticated User * @throws AuthenticationException If no user could be authenticated (can either be due to missing * supported authentication token, or simply due to bad credentials. */ - User authenticate(String action, TransportRequest request) throws AuthenticationException; + User authenticate(String action, TransportMessage message) throws AuthenticationException; } diff --git a/src/main/java/org/elasticsearch/shield/authc/InternalAuthenticationService.java b/src/main/java/org/elasticsearch/shield/authc/InternalAuthenticationService.java index 506a243a55e..30a6ea779ec 100644 --- a/src/main/java/org/elasticsearch/shield/authc/InternalAuthenticationService.java +++ b/src/main/java/org/elasticsearch/shield/authc/InternalAuthenticationService.java @@ -11,7 +11,7 @@ import org.elasticsearch.common.inject.internal.Nullable; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.shield.User; import org.elasticsearch.shield.audit.AuditTrail; -import org.elasticsearch.transport.TransportRequest; +import org.elasticsearch.transport.TransportMessage; /** * An authentication service that delegates the authentication process to its configured {@link Realm realms}. @@ -38,26 +38,26 @@ public class InternalAuthenticationService extends AbstractComponent implements * The order by which the realms are ran is based on the order by which they were set in the * constructor. * - * @param request The executed request + * @param message The executed request * @return The authenticated user * @throws AuthenticationException If none of the configured realms successfully authenticated the * request */ @Override - public User authenticate(String action, TransportRequest request) throws AuthenticationException { + public User authenticate(String action, TransportMessage message) throws AuthenticationException { for (Realm realm : realms) { - AuthenticationToken token = realm.token(request); + AuthenticationToken token = realm.token(message); if (token != null) { User user = realm.authenticate(token); if (user != null) { return user; } else if (auditTrail != null) { - auditTrail.authenticationFailed(realm.type(), token, action, request); + auditTrail.authenticationFailed(realm.type(), token, action, message); } } } if (auditTrail != null) { - auditTrail.anonymousAccess(action, request); + auditTrail.anonymousAccess(action, message); } throw new AuthenticationException("Unable to authenticate user for request"); } diff --git a/src/main/java/org/elasticsearch/shield/authc/Realm.java b/src/main/java/org/elasticsearch/shield/authc/Realm.java index 46629e9c4a9..871f4918984 100644 --- a/src/main/java/org/elasticsearch/shield/authc/Realm.java +++ b/src/main/java/org/elasticsearch/shield/authc/Realm.java @@ -6,7 +6,7 @@ package org.elasticsearch.shield.authc; import org.elasticsearch.shield.User; -import org.elasticsearch.transport.TransportRequest; +import org.elasticsearch.transport.TransportMessage; /** * An authentication mechanism to which the default authentication {@link org.elasticsearch.shield.authc.AuthenticationService service} @@ -25,11 +25,11 @@ public interface Realm { * {@link #authenticate(AuthenticationToken)} will be called for an authentication attempt. If no * appropriate token is found, {@code null} is returned. * - * @param request The request + * @param message The request * @return The authentication token this realm can authenticate, {@code null} if no such * token is found */ - T token(TransportRequest request); + T token(TransportMessage message); /** * Authenticates the given token. A successful authentication will return the User associated diff --git a/src/main/java/org/elasticsearch/shield/authc/esusers/ESUsersRealm.java b/src/main/java/org/elasticsearch/shield/authc/esusers/ESUsersRealm.java index 230c6d894da..edd1dbb6f04 100644 --- a/src/main/java/org/elasticsearch/shield/authc/esusers/ESUsersRealm.java +++ b/src/main/java/org/elasticsearch/shield/authc/esusers/ESUsersRealm.java @@ -15,6 +15,7 @@ import org.elasticsearch.shield.authc.Realm; import org.elasticsearch.shield.authc.support.UserPasswdStore; import org.elasticsearch.shield.authc.support.UserRolesStore; import org.elasticsearch.shield.authc.support.UsernamePasswordToken; +import org.elasticsearch.transport.TransportMessage; import org.elasticsearch.transport.TransportRequest; /** @@ -40,8 +41,8 @@ public class ESUsersRealm extends AbstractComponent implements Realm message) { + return UsernamePasswordToken.extractToken(message, null); } @Override diff --git a/src/main/java/org/elasticsearch/shield/authc/ldap/LdapRealm.java b/src/main/java/org/elasticsearch/shield/authc/ldap/LdapRealm.java index 8f8c4cdc621..7b81e792e70 100644 --- a/src/main/java/org/elasticsearch/shield/authc/ldap/LdapRealm.java +++ b/src/main/java/org/elasticsearch/shield/authc/ldap/LdapRealm.java @@ -11,7 +11,7 @@ import org.elasticsearch.common.settings.Settings; import org.elasticsearch.shield.User; import org.elasticsearch.shield.authc.Realm; import org.elasticsearch.shield.authc.support.UsernamePasswordToken; -import org.elasticsearch.transport.TransportRequest; +import org.elasticsearch.transport.TransportMessage; /** * @@ -31,8 +31,8 @@ public class LdapRealm extends AbstractComponent implements Realm message) { + return UsernamePasswordToken.extractToken(message, null); } @Override diff --git a/src/main/java/org/elasticsearch/shield/authc/support/CachingUsernamePasswordRealm.java b/src/main/java/org/elasticsearch/shield/authc/support/CachingUsernamePasswordRealm.java index b981e4ec524..ca5a1e975a1 100644 --- a/src/main/java/org/elasticsearch/shield/authc/support/CachingUsernamePasswordRealm.java +++ b/src/main/java/org/elasticsearch/shield/authc/support/CachingUsernamePasswordRealm.java @@ -13,7 +13,7 @@ import org.elasticsearch.common.unit.TimeValue; import org.elasticsearch.shield.User; import org.elasticsearch.shield.authc.AuthenticationException; import org.elasticsearch.shield.authc.Realm; -import org.elasticsearch.transport.TransportRequest; +import org.elasticsearch.transport.TransportMessage; import java.util.Arrays; import java.util.concurrent.Callable; @@ -40,8 +40,8 @@ public abstract class CachingUsernamePasswordRealm extends AbstractComponent imp } @Override - public UsernamePasswordToken token(TransportRequest request) { - return UsernamePasswordToken.extractToken(request, null); + public UsernamePasswordToken token(TransportMessage message) { + return UsernamePasswordToken.extractToken(message, null); } protected final void expire(String username) { diff --git a/src/main/java/org/elasticsearch/shield/authc/support/UsernamePasswordToken.java b/src/main/java/org/elasticsearch/shield/authc/support/UsernamePasswordToken.java index b60935cb9ee..8c3674d6a91 100644 --- a/src/main/java/org/elasticsearch/shield/authc/support/UsernamePasswordToken.java +++ b/src/main/java/org/elasticsearch/shield/authc/support/UsernamePasswordToken.java @@ -9,6 +9,7 @@ import org.apache.commons.codec.binary.Base64; import org.elasticsearch.common.base.Charsets; import org.elasticsearch.shield.authc.AuthenticationException; import org.elasticsearch.shield.authc.AuthenticationToken; +import org.elasticsearch.transport.TransportMessage; import org.elasticsearch.transport.TransportRequest; import java.util.regex.Matcher; @@ -42,18 +43,18 @@ public class UsernamePasswordToken implements AuthenticationToken { return password; } - public static UsernamePasswordToken extractToken(TransportRequest request, UsernamePasswordToken defaultToken) { - UsernamePasswordToken token = (UsernamePasswordToken) request.context().get(TOKEN_KEY); + public static UsernamePasswordToken extractToken(TransportMessage message, UsernamePasswordToken defaultToken) { + UsernamePasswordToken token = (UsernamePasswordToken) message.context().get(TOKEN_KEY); if (token != null) { return token; } - String authStr = request.getHeader(BASIC_AUTH_HEADER); + String authStr = message.getHeader(BASIC_AUTH_HEADER); if (authStr == null) { if (defaultToken == null) { return null; } - request.context().put(TOKEN_KEY, defaultToken); + message.context().put(TOKEN_KEY, defaultToken); return defaultToken; } @@ -65,7 +66,7 @@ public class UsernamePasswordToken implements AuthenticationToken { String userpasswd = new String(Base64.decodeBase64(matcher.group(1)), Charsets.UTF_8); int i = userpasswd.indexOf(':'); token = new UsernamePasswordToken(userpasswd.substring(0, i), userpasswd.substring(i+1).toCharArray()); - request.context().put(TOKEN_KEY, token); + message.context().put(TOKEN_KEY, token); return token; }