Example 31 with UserModel
use of com.gitblit.models.UserModel in project gitblit by gitblit.
the class ProjectManager method getProjectModel.
/**
* Returns a project model for the Gitblit/system user.
*
* @param name a project name
* @return a project model or null if the project does not exist
*/
@Override
public ProjectModel getProjectModel(String name) {
Map<String, ProjectModel> configs = getProjectConfigs();
ProjectModel project = configs.get(name.toLowerCase());
if (project == null) {
project = new ProjectModel(name);
if (ModelUtils.isPersonalRepository(name)) {
UserModel user = userManager.getUserModel(ModelUtils.getUserNameFromRepoPath(name));
if (user != null) {
project.title = user.getDisplayName();
project.description = "personal repositories";
}
}
} else {
// clone the object
project = DeepCopier.copy(project);
}
if (StringUtils.isEmpty(name)) {
// get root repositories
for (String repository : repositoryManager.getRepositoryList()) {
if (repository.indexOf('/') == -1) {
project.addRepository(repository);
}
}
} else {
// get repositories in subfolder
String folder = name.toLowerCase() + "/";
for (String repository : repositoryManager.getRepositoryList()) {
if (repository.toLowerCase().startsWith(folder)) {
project.addRepository(repository);
}
}
}
if (project.repositories.size() == 0) {
// no repositories == no project
return null;
}
reloadProjectMarkdown(project);
return project;
}
Also used :
UserModel(com.gitblit.models.UserModel)
ProjectModel(com.gitblit.models.ProjectModel)
Example 32 with UserModel
use of com.gitblit.models.UserModel in project gitblit by gitblit.
the class AuthenticationManager method authenticate.
/**
* Authenticate a user based on a public key.
*
* This implementation assumes that the authentication has already take place
* (e.g. SSHDaemon) and that this is a validation/verification of the user.
*
* @param username
* @param key
* @return a user object or null
*/
@Override
public UserModel authenticate(String username, SshKey key) {
if (username != null) {
if (!StringUtils.isEmpty(username)) {
UserModel user = userManager.getUserModel(username);
if (user != null) {
// existing user
logger.debug(MessageFormat.format("{0} authenticated by {1} public key", user.username, key.getAlgorithm()));
return validateAuthentication(user, AuthenticationType.PUBLIC_KEY);
}
logger.warn(MessageFormat.format("Failed to find UserModel for {0} during public key authentication", username));
}
} else {
logger.warn("Empty user passed to AuthenticationManager.authenticate!");
}
return null;
}
Also used :
UserModel(com.gitblit.models.UserModel)
Example 33 with UserModel
use of com.gitblit.models.UserModel in project gitblit by gitblit.
the class AuthenticationManager method authenticate.
/**
* Authenticate a user based on HTTP request parameters.
*
* Authentication by custom HTTP header, servlet container principal, X509Certificate, cookie,
* and finally BASIC header.
*
* @param httpRequest
* @param requiresCertificate
* @return a user object or null
*/
@Override
public UserModel authenticate(HttpServletRequest httpRequest, boolean requiresCertificate) {
// Check if this request has already been authenticated, and trust that instead of re-processing
String reqAuthUser = (String) httpRequest.getAttribute(Constants.ATTRIB_AUTHUSER);
if (!StringUtils.isEmpty(reqAuthUser)) {
logger.debug("Called servlet authenticate when request is already authenticated.");
return userManager.getUserModel(reqAuthUser);
}
// try to authenticate by servlet container principal
if (!requiresCertificate) {
Principal principal = httpRequest.getUserPrincipal();
if (principal != null) {
String username = principal.getName();
if (!StringUtils.isEmpty(username)) {
boolean internalAccount = userManager.isInternalAccount(username);
UserModel user = userManager.getUserModel(username);
if (user != null) {
// existing user
flagRequest(httpRequest, AuthenticationType.CONTAINER, user.username);
logger.debug(MessageFormat.format("{0} authenticated by servlet container principal from {1}", user.username, httpRequest.getRemoteAddr()));
return validateAuthentication(user, AuthenticationType.CONTAINER);
} else if (settings.getBoolean(Keys.realm.container.autoCreateAccounts, false) && !internalAccount) {
// auto-create user from an authenticated container principal
user = new UserModel(username.toLowerCase());
user.displayName = username;
user.password = Constants.EXTERNAL_ACCOUNT;
user.accountType = AccountType.CONTAINER;
// Try to extract user's informations for the session
// it uses "realm.container.autoAccounts.*" as the attribute name to look for
HttpSession session = httpRequest.getSession();
String emailAddress = resolveAttribute(session, Keys.realm.container.autoAccounts.emailAddress);
if (emailAddress != null) {
user.emailAddress = emailAddress;
}
String displayName = resolveAttribute(session, Keys.realm.container.autoAccounts.displayName);
if (displayName != null) {
user.displayName = displayName;
}
String userLocale = resolveAttribute(session, Keys.realm.container.autoAccounts.locale);
if (userLocale != null) {
user.getPreferences().setLocale(userLocale);
}
String adminRole = settings.getString(Keys.realm.container.autoAccounts.adminRole, null);
if (adminRole != null && !adminRole.isEmpty()) {
if (httpRequest.isUserInRole(adminRole)) {
user.canAdmin = true;
}
}
userManager.updateUserModel(user);
flagRequest(httpRequest, AuthenticationType.CONTAINER, user.username);
logger.debug(MessageFormat.format("{0} authenticated and created by servlet container principal from {1}", user.username, httpRequest.getRemoteAddr()));
return validateAuthentication(user, AuthenticationType.CONTAINER);
} else if (!internalAccount) {
logger.warn(MessageFormat.format("Failed to find UserModel for {0}, attempted servlet container authentication from {1}", principal.getName(), httpRequest.getRemoteAddr()));
}
}
}
}
// try to authenticate by certificate
boolean checkValidity = settings.getBoolean(Keys.git.enforceCertificateValidity, true);
String[] oids = settings.getStrings(Keys.git.certificateUsernameOIDs).toArray(new String[0]);
UserModel model = HttpUtils.getUserModelFromCertificate(httpRequest, checkValidity, oids);
if (model != null) {
// grab real user model and preserve certificate serial number
UserModel user = userManager.getUserModel(model.username);
X509Metadata metadata = HttpUtils.getCertificateMetadata(httpRequest);
if (user != null) {
flagRequest(httpRequest, AuthenticationType.CERTIFICATE, user.username);
logger.debug(MessageFormat.format("{0} authenticated by client certificate {1} from {2}", user.username, metadata.serialNumber, httpRequest.getRemoteAddr()));
return validateAuthentication(user, AuthenticationType.CERTIFICATE);
} else {
logger.warn(MessageFormat.format("Failed to find UserModel for {0}, attempted client certificate ({1}) authentication from {2}", model.username, metadata.serialNumber, httpRequest.getRemoteAddr()));
}
}
if (requiresCertificate) {
// caller requires client certificate authentication (e.g. git servlet)
return null;
}
UserModel user = null;
// try to authenticate by cookie
String cookie = getCookie(httpRequest);
if (!StringUtils.isEmpty(cookie)) {
user = userManager.getUserModel(cookie.toCharArray());
if (user != null) {
flagRequest(httpRequest, AuthenticationType.COOKIE, user.username);
logger.debug(MessageFormat.format("{0} authenticated by cookie from {1}", user.username, httpRequest.getRemoteAddr()));
return validateAuthentication(user, AuthenticationType.COOKIE);
}
}
// try to authenticate by BASIC
final String authorization = httpRequest.getHeader("Authorization");
if (authorization != null && authorization.startsWith("Basic")) {
// Authorization: Basic base64credentials
String base64Credentials = authorization.substring("Basic".length()).trim();
String credentials = new String(Base64.decode(base64Credentials), Charset.forName("UTF-8"));
// credentials = username:password
final String[] values = credentials.split(":", 2);
if (values.length == 2) {
String username = values[0];
char[] password = values[1].toCharArray();
user = authenticate(username, password, httpRequest.getRemoteAddr());
if (user != null) {
flagRequest(httpRequest, AuthenticationType.CREDENTIALS, user.username);
logger.debug(MessageFormat.format("{0} authenticated by BASIC request header from {1}", user.username, httpRequest.getRemoteAddr()));
return validateAuthentication(user, AuthenticationType.CREDENTIALS);
}
}
}
// Check each configured AuthenticationProvider
for (AuthenticationProvider ap : authenticationProviders) {
UserModel authedUser = ap.authenticate(httpRequest);
if (null != authedUser) {
flagRequest(httpRequest, ap.getAuthenticationType(), authedUser.username);
logger.debug(MessageFormat.format("{0} authenticated by {1} from {2} for {3}", authedUser.username, ap.getServiceName(), httpRequest.getRemoteAddr(), httpRequest.getPathInfo()));
return validateAuthentication(authedUser, ap.getAuthenticationType());
}
}
return null;
}
Also used :
UserModel(com.gitblit.models.UserModel)
HttpSession(javax.servlet.http.HttpSession)
X509Metadata(com.gitblit.utils.X509Utils.X509Metadata)
UsernamePasswordAuthenticationProvider(com.gitblit.auth.AuthenticationProvider.UsernamePasswordAuthenticationProvider)
AuthenticationProvider(com.gitblit.auth.AuthenticationProvider)
Principal(java.security.Principal)
Example 34 with UserModel
use of com.gitblit.models.UserModel in project gitblit by gitblit.
the class AuthenticationManager method authenticate.
/**
* Authenticate a user based on a username and password.
*
* @see IUserService.authenticate(String, char[])
* @param username
* @param password
* @return a user object or null
*/
@Override
public UserModel authenticate(String username, char[] password, String remoteIP) {
if (StringUtils.isEmpty(username)) {
// can not authenticate empty username
return null;
}
if (username.equalsIgnoreCase(Constants.FEDERATION_USER)) {
// it must be routed to FederationManager
return null;
}
String usernameDecoded = StringUtils.decodeUsername(username);
String pw = new String(password);
if (StringUtils.isEmpty(pw)) {
// can not authenticate empty password
return null;
}
UserModel user = userManager.getUserModel(usernameDecoded);
// try local authentication
if (user != null && user.isLocalAccount()) {
UserModel returnedUser = authenticateLocal(user, password);
if (returnedUser != null) {
// user authenticated
return returnedUser;
}
} else {
// try registered external authentication providers
for (AuthenticationProvider provider : authenticationProviders) {
if (provider instanceof UsernamePasswordAuthenticationProvider) {
UserModel returnedUser = provider.authenticate(usernameDecoded, password);
if (returnedUser != null) {
// user authenticated
returnedUser.accountType = provider.getAccountType();
return validateAuthentication(returnedUser, AuthenticationType.CREDENTIALS);
}
}
}
}
// could not authenticate locally or with a provider
logger.warn(MessageFormat.format("Failed login attempt for {0}, invalid credentials from {1}", username, remoteIP != null ? remoteIP : "unknown"));
return null;
}
Also used :
UserModel(com.gitblit.models.UserModel)
UsernamePasswordAuthenticationProvider(com.gitblit.auth.AuthenticationProvider.UsernamePasswordAuthenticationProvider)
AuthenticationProvider(com.gitblit.auth.AuthenticationProvider)
UsernamePasswordAuthenticationProvider(com.gitblit.auth.AuthenticationProvider.UsernamePasswordAuthenticationProvider)
Example 35 with UserModel
use of com.gitblit.models.UserModel in project gitblit by gitblit.
the class UserManager method createUserService.
protected IUserService createUserService(File realmFile) {
IUserService service = null;
if (realmFile.getName().toLowerCase().endsWith(".conf")) {
// config-based realm file
service = new ConfigUserService(realmFile);
}
assert service != null;
if (!realmFile.exists()) {
// Create the Administrator account for a new realm file
try {
realmFile.createNewFile();
} catch (IOException x) {
logger.error(MessageFormat.format("COULD NOT CREATE REALM FILE {0}!", realmFile), x);
}
UserModel admin = new UserModel("admin");
admin.password = "admin";
admin.canAdmin = true;
admin.excludeFromFederation = true;
service.updateUserModel(admin);
}
return service;
}
Also used :
UserModel(com.gitblit.models.UserModel)
IUserService(com.gitblit.IUserService)
ConfigUserService(com.gitblit.ConfigUserService)
IOException(java.io.IOException)
Aggregations
UserModel (com.gitblit.models.UserModel)230
Test (org.junit.Test)127
RepositoryModel (com.gitblit.models.RepositoryModel)116
Date (java.util.Date)88
TeamModel (com.gitblit.models.TeamModel)58
ArrayList (java.util.ArrayList)24
IOException (java.io.IOException)16
File (java.io.File)15
HashMap (java.util.HashMap)11
Label (org.apache.wicket.markup.html.basic.Label)10
RevCommit (org.eclipse.jgit.revwalk.RevCommit)10
Repository (org.eclipse.jgit.lib.Repository)9
HashSet (java.util.HashSet)8
HttpServletRequest (javax.servlet.http.HttpServletRequest)8
ProjectModel (com.gitblit.models.ProjectModel)7
Map (java.util.Map)7
GitBlitException (com.gitblit.GitBlitException)6
ByteArrayInputStream (java.io.ByteArrayInputStream)6
List (java.util.List)6
Fragment (org.apache.wicket.markup.html.panel.Fragment)5
