View Javadoc
1   /*
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements.  See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership.  The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License.  You may obtain a copy of the License at
9    *
10   *   http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied.  See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  package org.apache.maven.plugins.site.deploy;
20  
21  import javax.servlet.ServletException;
22  import javax.servlet.ServletRequest;
23  import javax.servlet.ServletResponse;
24  import javax.servlet.http.HttpServletRequest;
25  import javax.servlet.http.HttpServletResponse;
26  
27  import java.io.File;
28  import java.io.IOException;
29  import java.nio.file.Files;
30  import java.util.ArrayList;
31  import java.util.Base64;
32  import java.util.Enumeration;
33  import java.util.List;
34  import java.util.Map;
35  
36  import org.eclipse.jetty.proxy.AsyncProxyServlet;
37  
38  /**
39   * @author Olivier Lamy
40   */
41  public class AuthAsyncProxyServlet extends AsyncProxyServlet {
42      private Map<String, String> authentications;
43  
44      private long sleepTime = 0;
45  
46      List<HttpRequest> httpRequests = new ArrayList<>();
47  
48      private File siteTargetPath;
49  
50      /**
51       * Constructor for non authentication servlet.
52       */
53      public AuthAsyncProxyServlet(File siteTargetPath) {
54          super();
55          this.siteTargetPath = siteTargetPath;
56      }
57  
58      /**
59       * Constructor for authentication servlet.
60       *
61       * @param authentications a map of user/password
62       */
63      public AuthAsyncProxyServlet(Map<String, String> authentications, File siteTargetPath) {
64          this(siteTargetPath);
65  
66          this.authentications = authentications;
67      }
68  
69      /**
70       * Constructor for authentication servlet.
71       *
72       * @param authentications a map of user/password
73       * @param sleepTime a positive time to sleep the service thread (for timeout)
74       */
75      public AuthAsyncProxyServlet(Map<String, String> authentications, long sleepTime, File siteTargetPath) {
76          this(siteTargetPath);
77  
78          this.authentications = authentications;
79          this.sleepTime = sleepTime;
80      }
81  
82      /** {@inheritDoc} */
83      @Override
84      public void service(ServletRequest req, ServletResponse res) throws ServletException, IOException {
85          final HttpServletRequest request = (HttpServletRequest) req;
86          final HttpServletResponse response = (HttpServletResponse) res;
87  
88          if (this.authentications != null && !this.authentications.isEmpty()) {
89              String proxyAuthorization = request.getHeader("Proxy-Authorization");
90              if (proxyAuthorization != null && proxyAuthorization.startsWith("Basic ")) {
91                  String proxyAuth = proxyAuthorization.substring(6);
92                  String authorization = new String(Base64.getDecoder().decode(proxyAuth));
93                  String[] authTokens = authorization.split(":");
94                  String user = authTokens[0];
95                  String password = authTokens[1];
96  
97                  if (this.authentications.get(user) == null) {
98                      throw new IllegalArgumentException(user + " not found in the map!");
99                  }
100 
101                 if (sleepTime > 0) {
102                     try {
103                         Thread.sleep(sleepTime);
104                     } catch (InterruptedException e) {
105                         // nop
106                     }
107                 }
108                 String authPass = this.authentications.get(user);
109                 if (password.equals(authPass)) {
110                     String targetPath = request.getServletPath();
111 
112                     HttpRequest rq = new HttpRequest();
113                     rq.method = request.getMethod();
114                     rq.path = targetPath;
115 
116                     @SuppressWarnings("rawtypes")
117                     Enumeration headerNames = request.getHeaderNames();
118                     while (headerNames.hasMoreElements()) {
119                         String name = (String) headerNames.nextElement();
120                         rq.headers.put(name, request.getHeader(name));
121                     }
122 
123                     httpRequests.add(rq);
124 
125                     if (request.getMethod().equalsIgnoreCase("PUT") && targetPath != null) {
126                         File targetFile = new File(siteTargetPath, targetPath);
127                         targetFile.getParentFile().mkdirs();
128                         Files.copy(request.getInputStream(), targetFile.toPath());
129                     }
130 
131                     response.setStatus(HttpServletResponse.SC_OK);
132                     return;
133                 }
134             }
135 
136             // Proxy-Authenticate Basic realm="CCProxy Authorization"
137             response.addHeader("Proxy-Authenticate", "Basic realm=\"Jetty Proxy Authorization\"");
138             response.setStatus(HttpServletResponse.SC_PROXY_AUTHENTICATION_REQUIRED);
139             return;
140         }
141 
142         super.service(req, res);
143     }
144 }