View Javadoc
1   /*
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements.  See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership.  The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License.  You may obtain a copy of the License at
9    *
10   *   http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied.  See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  package org.apache.maven.plugins.site.deploy;
20  
21  import javax.servlet.ServletException;
22  import javax.servlet.ServletRequest;
23  import javax.servlet.ServletResponse;
24  import javax.servlet.http.HttpServletRequest;
25  import javax.servlet.http.HttpServletResponse;
26  
27  import java.io.File;
28  import java.io.IOException;
29  import java.util.*;
30  
31  import org.apache.commons.io.FileUtils;
32  import org.apache.commons.io.IOUtils;
33  import org.eclipse.jetty.proxy.AsyncProxyServlet;
34  import org.slf4j.Logger;
35  import org.slf4j.LoggerFactory;
36  
37  /**
38   * @author Olivier Lamy
39   */
40  public class AuthAsyncProxyServlet extends AsyncProxyServlet {
41      private Map<String, String> authentications;
42  
43      private long sleepTime = 0;
44  
45      private Logger log = LoggerFactory.getLogger(getClass());
46  
47      List<HttpRequest> httpRequests = new ArrayList<>();
48  
49      private File siteTargetPath;
50  
51      /**
52       * Constructor for non authentication servlet.
53       */
54      public AuthAsyncProxyServlet(File siteTargetPath) {
55          super();
56          this.siteTargetPath = siteTargetPath;
57      }
58  
59      /**
60       * Constructor for authentication servlet.
61       *
62       * @param authentications a map of user/password
63       */
64      public AuthAsyncProxyServlet(Map<String, String> authentications, File siteTargetPath) {
65          this(siteTargetPath);
66  
67          this.authentications = authentications;
68      }
69  
70      /**
71       * Constructor for authentication servlet.
72       *
73       * @param authentications a map of user/password
74       * @param sleepTime a positive time to sleep the service thread (for timeout)
75       */
76      public AuthAsyncProxyServlet(Map<String, String> authentications, long sleepTime, File siteTargetPath) {
77          this(siteTargetPath);
78  
79          this.authentications = authentications;
80          this.sleepTime = sleepTime;
81      }
82  
83      /** {@inheritDoc} */
84      public void service(ServletRequest req, ServletResponse res) throws ServletException, IOException {
85          final HttpServletRequest request = (HttpServletRequest) req;
86          final HttpServletResponse response = (HttpServletResponse) res;
87  
88          log.info("handle ");
89  
90          if (this.authentications != null && !this.authentications.isEmpty()) {
91              String proxyAuthorization = request.getHeader("Proxy-Authorization");
92              if (proxyAuthorization != null && proxyAuthorization.startsWith("Basic ")) {
93                  String proxyAuth = proxyAuthorization.substring(6);
94                  String authorization = new String(Base64.getDecoder().decode(proxyAuth));
95                  String[] authTokens = authorization.split(":");
96                  String user = authTokens[0];
97                  String password = authTokens[1];
98  
99                  if (this.authentications.get(user) == null) {
100                     throw new IllegalArgumentException(user + " not found in the map!");
101                 }
102 
103                 if (sleepTime > 0) {
104                     try {
105                         Thread.sleep(sleepTime);
106                     } catch (InterruptedException e) {
107                         // nop
108                     }
109                 }
110                 String authPass = this.authentications.get(user);
111                 if (password.equals(authPass)) {
112                     String targetPath = request.getServletPath();
113 
114                     HttpRequest rq = new HttpRequest();
115                     rq.method = request.getMethod();
116                     rq.path = targetPath;
117 
118                     @SuppressWarnings("rawtypes")
119                     Enumeration headerNames = request.getHeaderNames();
120                     while (headerNames.hasMoreElements()) {
121                         String name = (String) headerNames.nextElement();
122                         rq.headers.put(name, request.getHeader(name));
123                     }
124 
125                     httpRequests.add(rq);
126 
127                     if (request.getMethod().equalsIgnoreCase("PUT") && targetPath != null) {
128                         File targetFile = new File(siteTargetPath, targetPath);
129                         log.info("writing file " + targetFile.getPath());
130                         FileUtils.writeByteArrayToFile(targetFile, IOUtils.toByteArray(request.getInputStream()));
131                     }
132 
133                     response.setStatus(HttpServletResponse.SC_OK);
134                     return;
135                 }
136             }
137 
138             // Proxy-Authenticate Basic realm="CCProxy Authorization"
139             response.addHeader("Proxy-Authenticate", "Basic realm=\"Jetty Proxy Authorization\"");
140             response.setStatus(HttpServletResponse.SC_PROXY_AUTHENTICATION_REQUIRED);
141             return;
142         }
143 
144         super.service(req, res);
145     }
146 }