Example 1 with ThreadLocalHostnameDelegatingTrustManager
use of ch.cyberduck.core.ssl.ThreadLocalHostnameDelegatingTrustManager in project cyberduck by iterate-ch.
the class S3Session method login.
@Override
public void login(final Proxy proxy, final LoginCallback prompt, final CancelCallback cancel) throws BackgroundException {
if (Scheme.isURL(host.getProtocol().getContext())) {
try {
final Credentials temporary = new AWSSessionCredentialsRetriever(trust, key, this, host.getProtocol().getContext()).get();
client.setProviderCredentials(new AWSSessionCredentials(temporary.getUsername(), temporary.getPassword(), temporary.getToken()));
} catch (ConnectionTimeoutException | ConnectionRefusedException | ResolveFailedException | NotfoundException | InteroperabilityException e) {
log.warn(String.format("Failure to retrieve session credentials from . %s", e.getMessage()));
throw new LoginFailureException(e.getDetail(false), e);
}
} else {
final Credentials credentials;
// Only for AWS
if (isAwsHostname(host.getHostname())) {
// Try auto-configure
credentials = new STSCredentialsConfigurator(new ThreadLocalHostnameDelegatingTrustManager(trust, host.getHostname()), key, prompt).configure(host);
} else {
credentials = host.getCredentials();
}
if (StringUtils.isNotBlank(credentials.getToken())) {
client.setProviderCredentials(credentials.isAnonymousLogin() ? null : new AWSSessionCredentials(credentials.getUsername(), credentials.getPassword(), credentials.getToken()));
} else {
client.setProviderCredentials(credentials.isAnonymousLogin() ? null : new AWSCredentials(credentials.getUsername(), credentials.getPassword()));
}
}
if (host.getCredentials().isPassed()) {
log.warn(String.format("Skip verifying credentials with previous successful authentication event for %s", this));
return;
}
try {
final Location.Name location = new S3PathStyleFallbackAdapter<>(this, new BackgroundExceptionCallable<Location.Name>() {
@Override
public Location.Name call() throws BackgroundException {
return new S3LocationFeature(S3Session.this, client.getRegionEndpointCache()).getLocation(new DelegatingHomeFeature(new DefaultPathHomeFeature(host)).find());
}
}).call();
if (log.isDebugEnabled()) {
log.debug(String.format("Retrieved region %s", location));
}
if (!Location.unknown.equals(location)) {
client.getConfiguration().setProperty("storage-service.default-region", location.getIdentifier());
}
} catch (AccessDeniedException | InteroperabilityException e) {
log.warn(String.format("Failure %s querying region", e));
final Path home = new DefaultHomeFinderService(this).find();
if (log.isDebugEnabled()) {
log.debug(String.format("Retrieved %s", home));
}
}
}
Also used :
Path(ch.cyberduck.core.Path)
NotfoundException(ch.cyberduck.core.exception.NotfoundException)
AccessDeniedException(ch.cyberduck.core.exception.AccessDeniedException)
InteroperabilityException(ch.cyberduck.core.exception.InteroperabilityException)
DelegatingHomeFeature(ch.cyberduck.core.shared.DelegatingHomeFeature)
DefaultPathHomeFeature(ch.cyberduck.core.shared.DefaultPathHomeFeature)
DefaultHomeFinderService(ch.cyberduck.core.shared.DefaultHomeFinderService)
ConnectionRefusedException(ch.cyberduck.core.exception.ConnectionRefusedException)
ResolveFailedException(ch.cyberduck.core.exception.ResolveFailedException)
AWSCredentials(org.jets3t.service.security.AWSCredentials)
BackgroundExceptionCallable(ch.cyberduck.core.threading.BackgroundExceptionCallable)
ConnectionTimeoutException(ch.cyberduck.core.exception.ConnectionTimeoutException)
LoginFailureException(ch.cyberduck.core.exception.LoginFailureException)
AWSSessionCredentials(org.jets3t.service.security.AWSSessionCredentials)
ThreadLocalHostnameDelegatingTrustManager(ch.cyberduck.core.ssl.ThreadLocalHostnameDelegatingTrustManager)
AWSSessionCredentialsRetriever(ch.cyberduck.core.auth.AWSSessionCredentialsRetriever)
AWSCredentials(org.jets3t.service.security.AWSCredentials)
Credentials(ch.cyberduck.core.Credentials)
AWSSessionCredentials(org.jets3t.service.security.AWSSessionCredentials)
STSCredentialsConfigurator(ch.cyberduck.core.sts.STSCredentialsConfigurator)
Example 2 with ThreadLocalHostnameDelegatingTrustManager
use of ch.cyberduck.core.ssl.ThreadLocalHostnameDelegatingTrustManager in project cyberduck by iterate-ch.
the class FreenetAuthenticatedUrlProvider method toUrl.
@Override
public DescriptiveUrl toUrl(final Host bookmark) {
try {
// Run password flow
final TokenResponse response;
try {
final Host target = new Host(new DAVSSLProtocol(), "oauth.freenet.de");
final X509TrustManager trust = new KeychainX509TrustManager(new DisabledCertificateTrustCallback(), new DefaultTrustManagerHostnameCallback(target), CertificateStoreFactory.get());
final X509KeyManager key = new KeychainX509KeyManager(new DisabledCertificateIdentityCallback(), target, CertificateStoreFactory.get());
final CloseableHttpClient client = new HttpConnectionPoolBuilder(target, new ThreadLocalHostnameDelegatingTrustManager(trust, target.getHostname()), key, ProxyFactory.get()).build(ProxyFactory.get().find(new ProxyHostUrlProvider().get(target)), new DisabledTranscriptListener(), new DisabledLoginCallback()).setUserAgent(new FreenetUserAgentProvider().get()).build();
final String username = bookmark.getCredentials().getUsername();
final String password;
if (StringUtils.isBlank(bookmark.getCredentials().getPassword())) {
password = PasswordStoreFactory.get().findLoginPassword(bookmark);
} else {
password = bookmark.getCredentials().getPassword();
}
response = new PasswordTokenRequest(new ApacheHttpTransport(client), new GsonFactory(), new GenericUrl("https://oauth.freenet.de/oauth/token"), username, password).setClientAuthentication(new BasicAuthentication("desktop_client", "6LIGIHuOSkznLomu5xw0EPPBJOXb2jLp")).setRequestInitializer(new UserAgentHttpRequestInitializer(new FreenetUserAgentProvider())).set("world", new HostPreferences(bookmark).getProperty("world")).set("webLogin", Boolean.TRUE).execute();
final FreenetTemporaryLoginResponse login = this.getLoginSession(client, response.getAccessToken());
return new DescriptiveUrl(URI.create(login.urls.login), DescriptiveUrl.Type.authenticated);
} catch (IOException e) {
throw new HttpExceptionMappingService().map(e);
}
} catch (BackgroundException e) {
log.warn(String.format("Failure %s retrieving authenticated URL for %s", e, bookmark));
return DescriptiveUrl.EMPTY;
}
}
Also used :
UserAgentHttpRequestInitializer(ch.cyberduck.core.http.UserAgentHttpRequestInitializer)
KeychainX509KeyManager(ch.cyberduck.core.ssl.KeychainX509KeyManager)
DisabledCertificateIdentityCallback(ch.cyberduck.core.DisabledCertificateIdentityCallback)
ProxyHostUrlProvider(ch.cyberduck.core.proxy.ProxyHostUrlProvider)
GenericUrl(com.google.api.client.http.GenericUrl)
DAVSSLProtocol(ch.cyberduck.core.dav.DAVSSLProtocol)
KeychainX509TrustManager(ch.cyberduck.core.ssl.KeychainX509TrustManager)
HttpExceptionMappingService(ch.cyberduck.core.http.HttpExceptionMappingService)
HttpConnectionPoolBuilder(ch.cyberduck.core.http.HttpConnectionPoolBuilder)
KeychainX509KeyManager(ch.cyberduck.core.ssl.KeychainX509KeyManager)
X509KeyManager(ch.cyberduck.core.ssl.X509KeyManager)
DisabledCertificateTrustCallback(ch.cyberduck.core.DisabledCertificateTrustCallback)
CloseableHttpClient(org.apache.http.impl.client.CloseableHttpClient)
GsonFactory(com.google.api.client.json.gson.GsonFactory)
Host(ch.cyberduck.core.Host)
IOException(java.io.IOException)
DisabledTranscriptListener(ch.cyberduck.core.DisabledTranscriptListener)
HostPreferences(ch.cyberduck.core.preferences.HostPreferences)
DescriptiveUrl(ch.cyberduck.core.DescriptiveUrl)
TokenResponse(com.google.api.client.auth.oauth2.TokenResponse)
X509TrustManager(ch.cyberduck.core.ssl.X509TrustManager)
KeychainX509TrustManager(ch.cyberduck.core.ssl.KeychainX509TrustManager)
DisabledLoginCallback(ch.cyberduck.core.DisabledLoginCallback)
ThreadLocalHostnameDelegatingTrustManager(ch.cyberduck.core.ssl.ThreadLocalHostnameDelegatingTrustManager)
DefaultTrustManagerHostnameCallback(ch.cyberduck.core.ssl.DefaultTrustManagerHostnameCallback)
BasicAuthentication(com.google.api.client.http.BasicAuthentication)
PasswordTokenRequest(com.google.api.client.auth.oauth2.PasswordTokenRequest)
ApacheHttpTransport(com.google.api.client.http.apache.v2.ApacheHttpTransport)
BackgroundException(ch.cyberduck.core.exception.BackgroundException)
Example 3 with ThreadLocalHostnameDelegatingTrustManager
use of ch.cyberduck.core.ssl.ThreadLocalHostnameDelegatingTrustManager in project cyberduck by iterate-ch.
the class BrickPairingFeature method delete.
@Override
public void delete(final Host bookmark) throws BackgroundException {
try {
final String token = store.findLoginPassword(bookmark);
if (StringUtils.isNotBlank(token)) {
log.warn(String.format("Delete pairing for %s", bookmark));
final X509TrustManager trust = new KeychainX509TrustManager(new DisabledCertificateTrustCallback(), new DefaultTrustManagerHostnameCallback(bookmark), CertificateStoreFactory.get());
final X509KeyManager key = new KeychainX509KeyManager(new DisabledCertificateIdentityCallback(), bookmark, CertificateStoreFactory.get());
final HttpConnectionPoolBuilder builder = new HttpConnectionPoolBuilder(bookmark, new ThreadLocalHostnameDelegatingTrustManager(trust, bookmark.getHostname()), key, ProxyFactory.get());
final HttpClientBuilder configuration = builder.build(ProxyFactory.get().find(new ProxyHostUrlProvider().get(bookmark)), new DisabledTranscriptListener(), new DisabledLoginCallback());
configuration.setDefaultAuthSchemeRegistry(RegistryBuilder.<AuthSchemeProvider>create().build());
final CloseableHttpClient client = configuration.build();
final HttpRequestBase resource = new HttpDelete(String.format("%s/api/rest/v1/api_key", new HostUrlProvider().withUsername(false).withPath(false).get(bookmark)));
resource.setHeader("X-FilesAPI-Key", token);
resource.setHeader(HttpHeaders.ACCEPT, "application/json");
resource.setHeader(HttpHeaders.CONTENT_TYPE, "application/json");
if (log.isInfoEnabled()) {
log.info(String.format("Delete paring key %s", token));
}
client.execute(resource, new ResponseHandler<Void>() {
@Override
public Void handleResponse(final HttpResponse response) {
return null;
}
});
client.close();
}
} catch (HttpResponseException e) {
throw new DefaultHttpResponseExceptionMappingService().map(e);
} catch (IOException e) {
throw new DefaultIOExceptionMappingService().map(e);
} finally {
store.delete(bookmark);
}
}
Also used :
HttpRequestBase(org.apache.http.client.methods.HttpRequestBase)
HttpDelete(org.apache.http.client.methods.HttpDelete)
KeychainX509KeyManager(ch.cyberduck.core.ssl.KeychainX509KeyManager)
DisabledCertificateIdentityCallback(ch.cyberduck.core.DisabledCertificateIdentityCallback)
HttpResponseException(org.apache.http.client.HttpResponseException)
HttpClientBuilder(org.apache.http.impl.client.HttpClientBuilder)
ProxyHostUrlProvider(ch.cyberduck.core.proxy.ProxyHostUrlProvider)
KeychainX509TrustManager(ch.cyberduck.core.ssl.KeychainX509TrustManager)
HttpConnectionPoolBuilder(ch.cyberduck.core.http.HttpConnectionPoolBuilder)
KeychainX509KeyManager(ch.cyberduck.core.ssl.KeychainX509KeyManager)
X509KeyManager(ch.cyberduck.core.ssl.X509KeyManager)
DisabledCertificateTrustCallback(ch.cyberduck.core.DisabledCertificateTrustCallback)
CloseableHttpClient(org.apache.http.impl.client.CloseableHttpClient)
DefaultHttpResponseExceptionMappingService(ch.cyberduck.core.http.DefaultHttpResponseExceptionMappingService)
ProxyHostUrlProvider(ch.cyberduck.core.proxy.ProxyHostUrlProvider)
HostUrlProvider(ch.cyberduck.core.HostUrlProvider)
HttpResponse(org.apache.http.HttpResponse)
IOException(java.io.IOException)
DisabledTranscriptListener(ch.cyberduck.core.DisabledTranscriptListener)
X509TrustManager(ch.cyberduck.core.ssl.X509TrustManager)
KeychainX509TrustManager(ch.cyberduck.core.ssl.KeychainX509TrustManager)
DisabledLoginCallback(ch.cyberduck.core.DisabledLoginCallback)
ThreadLocalHostnameDelegatingTrustManager(ch.cyberduck.core.ssl.ThreadLocalHostnameDelegatingTrustManager)
DefaultTrustManagerHostnameCallback(ch.cyberduck.core.ssl.DefaultTrustManagerHostnameCallback)
AuthSchemeProvider(org.apache.http.auth.AuthSchemeProvider)
DefaultIOExceptionMappingService(ch.cyberduck.core.DefaultIOExceptionMappingService)
Aggregations
ThreadLocalHostnameDelegatingTrustManager (ch.cyberduck.core.ssl.ThreadLocalHostnameDelegatingTrustManager)3
DisabledCertificateIdentityCallback (ch.cyberduck.core.DisabledCertificateIdentityCallback)2
DisabledCertificateTrustCallback (ch.cyberduck.core.DisabledCertificateTrustCallback)2
DisabledLoginCallback (ch.cyberduck.core.DisabledLoginCallback)2
DisabledTranscriptListener (ch.cyberduck.core.DisabledTranscriptListener)2
HttpConnectionPoolBuilder (ch.cyberduck.core.http.HttpConnectionPoolBuilder)2
ProxyHostUrlProvider (ch.cyberduck.core.proxy.ProxyHostUrlProvider)2
DefaultTrustManagerHostnameCallback (ch.cyberduck.core.ssl.DefaultTrustManagerHostnameCallback)2
KeychainX509KeyManager (ch.cyberduck.core.ssl.KeychainX509KeyManager)2
KeychainX509TrustManager (ch.cyberduck.core.ssl.KeychainX509TrustManager)2
X509KeyManager (ch.cyberduck.core.ssl.X509KeyManager)2
X509TrustManager (ch.cyberduck.core.ssl.X509TrustManager)2
Credentials (ch.cyberduck.core.Credentials)1
DefaultIOExceptionMappingService (ch.cyberduck.core.DefaultIOExceptionMappingService)1
DescriptiveUrl (ch.cyberduck.core.DescriptiveUrl)1
Host (ch.cyberduck.core.Host)1
HostUrlProvider (ch.cyberduck.core.HostUrlProvider)1
Path (ch.cyberduck.core.Path)1
AWSSessionCredentialsRetriever (ch.cyberduck.core.auth.AWSSessionCredentialsRetriever)1
DAVSSLProtocol (ch.cyberduck.core.dav.DAVSSLProtocol)1
