Google Git
Sign in
apache / cloudstack / 537c0a1e8d2cbe12f3e510d6b51babd6486f4c3e / . / server / src / main / java / com / cloud / api / auth / APIAuthenticationManagerImpl.java
blob: 6ec9ff9c1cec490104692c3979c1f1a6547b591b [file] [log] [blame]
// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements. See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership. The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.
package com.cloud.api.auth;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import org.apache.log4j.Logger;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.auth.APIAuthenticationManager;
import org.apache.cloudstack.api.auth.APIAuthenticator;
import org.apache.cloudstack.api.auth.PluggableAPIAuthenticator;
import com.cloud.utils.component.ComponentContext;
import com.cloud.utils.component.ManagerBase;
@SuppressWarnings("unchecked")
public class APIAuthenticationManagerImpl extends ManagerBase implements APIAuthenticationManager {
public static final Logger s_logger = Logger.getLogger(APIAuthenticationManagerImpl.class.getName());
private List<PluggableAPIAuthenticator> _apiAuthenticators;
private static Map<String, Class<?>> s_authenticators = null;
public APIAuthenticationManagerImpl() {
}
public List<PluggableAPIAuthenticator> getApiAuthenticators() {
return _apiAuthenticators;
}
public void setApiAuthenticators(List<PluggableAPIAuthenticator> authenticators) {
_apiAuthenticators = authenticators;
}
@Override
public boolean start() {
initAuthenticator();
for (Class<?> authenticator: getCommands()) {
APICommand command = authenticator.getAnnotation(APICommand.class);
if (command != null && !command.name().isEmpty()
&& APIAuthenticator.class.isAssignableFrom(authenticator)) {
addAuthenticator(authenticator, command);
}
}
return true;
}
private static synchronized void addAuthenticator(Class<?> authenticator, APICommand command) {
s_authenticators.put(command.name().toLowerCase(), authenticator);
}
private static synchronized void initAuthenticator() {
s_authenticators = new ConcurrentHashMap<String, Class<?>>();
}
@Override
public List<Class<?>> getCommands() {
List<Class<?>> cmdList = new ArrayList<Class<?>>();
cmdList.add(DefaultLoginAPIAuthenticatorCmd.class);
cmdList.add(DefaultLogoutAPIAuthenticatorCmd.class);
cmdList.add(ListUserTwoFactorAuthenticatorProvidersCmd.class);
cmdList.add(ValidateUserTwoFactorAuthenticationCodeCmd.class);
cmdList.add(SetupUserTwoFactorAuthenticationCmd.class);
for (PluggableAPIAuthenticator apiAuthenticator: _apiAuthenticators) {
List<Class<?>> commands = apiAuthenticator.getAuthCommands();
if (commands != null) {
cmdList.addAll(commands);
} else {
s_logger.warn("API Authenticator returned null api commands:" + apiAuthenticator.getName());
}
}
return cmdList;
}
@Override
public APIAuthenticator getAPIAuthenticator(String name) {
name = name.toLowerCase();
APIAuthenticator apiAuthenticator = null;
if (s_authenticators != null && s_authenticators.containsKey(name)) {
try {
apiAuthenticator = (APIAuthenticator) s_authenticators.get(name).newInstance();
apiAuthenticator = ComponentContext.inject(apiAuthenticator);
apiAuthenticator.setAuthenticators(_apiAuthenticators);
} catch (InstantiationException | IllegalAccessException e) {
if (s_logger.isDebugEnabled()) {
s_logger.debug("APIAuthenticationManagerImpl::getAPIAuthenticator failed: " + e.getMessage());
}
}
}
return apiAuthenticator;
}
}