Example 1 with SshSessionFactory
use of org.eclipse.jgit.transport.SshSessionFactory in project che by eclipse.
the class JGitConnection method executeRemoteCommand.
/**
* Execute remote jgit command.
*
* @param remoteUrl
* remote url
* @param command
* command to execute
* @return executed command
* @throws GitException
* @throws GitAPIException
* @throws UnauthorizedException
*/
@VisibleForTesting
Object executeRemoteCommand(String remoteUrl, TransportCommand command, @Nullable String username, @Nullable String password) throws GitException, GitAPIException, UnauthorizedException {
File keyDirectory = null;
UserCredential credentials = null;
try {
if (GitUrlUtils.isSSH(remoteUrl)) {
keyDirectory = Files.createTempDir();
final File sshKey = writePrivateKeyFile(remoteUrl, keyDirectory);
SshSessionFactory sshSessionFactory = new JschConfigSessionFactory() {
@Override
protected void configure(OpenSshConfig.Host host, Session session) {
session.setConfig("StrictHostKeyChecking", "no");
}
@Override
protected JSch getJSch(final OpenSshConfig.Host hc, FS fs) throws JSchException {
JSch jsch = super.getJSch(hc, fs);
jsch.removeAllIdentity();
jsch.addIdentity(sshKey.getAbsolutePath());
return jsch;
}
};
command.setTransportConfigCallback(transport -> {
if (transport instanceof SshTransport) {
((SshTransport) transport).setSshSessionFactory(sshSessionFactory);
}
});
} else {
if (remoteUrl != null && GIT_URL_WITH_CREDENTIALS_PATTERN.matcher(remoteUrl).matches()) {
username = remoteUrl.substring(remoteUrl.indexOf("://") + 3, remoteUrl.lastIndexOf(":"));
password = remoteUrl.substring(remoteUrl.lastIndexOf(":") + 1, remoteUrl.indexOf("@"));
command.setCredentialsProvider(new UsernamePasswordCredentialsProvider(username, password));
} else {
if (username != null && password != null) {
command.setCredentialsProvider(new UsernamePasswordCredentialsProvider(username, password));
} else {
credentials = credentialsLoader.getUserCredential(remoteUrl);
if (credentials != null) {
command.setCredentialsProvider(new UsernamePasswordCredentialsProvider(credentials.getUserName(), credentials.getPassword()));
}
}
}
}
ProxyAuthenticator.initAuthenticator(remoteUrl);
return command.call();
} catch (GitException | TransportException exception) {
if ("Unable get private ssh key".equals(exception.getMessage())) {
throw new UnauthorizedException(exception.getMessage(), ErrorCodes.UNABLE_GET_PRIVATE_SSH_KEY);
} else if (exception.getMessage().contains(ERROR_AUTHENTICATION_REQUIRED)) {
final ProviderInfo info = credentialsLoader.getProviderInfo(remoteUrl);
if (info != null) {
throw new UnauthorizedException(exception.getMessage(), ErrorCodes.UNAUTHORIZED_GIT_OPERATION, ImmutableMap.of(PROVIDER_NAME, info.getProviderName(), AUTHENTICATE_URL, info.getAuthenticateUrl(), "authenticated", Boolean.toString(credentials != null)));
}
throw new UnauthorizedException(exception.getMessage(), ErrorCodes.UNAUTHORIZED_GIT_OPERATION);
} else {
throw exception;
}
} finally {
if (keyDirectory != null && keyDirectory.exists()) {
try {
FileUtils.delete(keyDirectory, FileUtils.RECURSIVE);
} catch (IOException exception) {
throw new GitException("Can't remove SSH key directory", exception);
}
}
ProxyAuthenticator.resetAuthenticator();
}
}
Also used :
UserCredential(org.eclipse.che.api.git.UserCredential)
UsernamePasswordCredentialsProvider(org.eclipse.jgit.transport.UsernamePasswordCredentialsProvider)
GitException(org.eclipse.che.api.git.exception.GitException)
IOException(java.io.IOException)
SshSessionFactory(org.eclipse.jgit.transport.SshSessionFactory)
JSch(com.jcraft.jsch.JSch)
FS(org.eclipse.jgit.util.FS)
TransportException(org.eclipse.jgit.api.errors.TransportException)
ProviderInfo(org.eclipse.che.api.git.shared.ProviderInfo)
UnauthorizedException(org.eclipse.che.api.core.UnauthorizedException)
JschConfigSessionFactory(org.eclipse.jgit.transport.JschConfigSessionFactory)
DiffCommitFile(org.eclipse.che.api.git.shared.DiffCommitFile)
File(java.io.File)
SshTransport(org.eclipse.jgit.transport.SshTransport)
Session(com.jcraft.jsch.Session)
VisibleForTesting(com.google.common.annotations.VisibleForTesting)
Example 2 with SshSessionFactory
use of org.eclipse.jgit.transport.SshSessionFactory in project commons by craftercms.
the class AbstractSshAuthConfigurator method configureAuthentication.
@Override
public void configureAuthentication(TransportCommand command) {
SshSessionFactory sessionFactory = createSessionFactory();
command.setTransportConfigCallback(transport -> ((SshTransport) transport).setSshSessionFactory(sessionFactory));
}
Also used :
SshSessionFactory(org.eclipse.jgit.transport.SshSessionFactory)
Example 3 with SshSessionFactory
use of org.eclipse.jgit.transport.SshSessionFactory in project fabric8 by fabric8io.
the class GitUtils method configureCommand.
/**
* Configures the transport of the command to deal with things like SSH
*/
public static <C extends GitCommand> void configureCommand(TransportCommand<C, ?> command, CredentialsProvider credentialsProvider, final File sshPrivateKey, final File sshPublicKey) {
LOG.info("Using " + credentialsProvider);
if (sshPrivateKey != null) {
final CredentialsProvider provider = credentialsProvider;
command.setTransportConfigCallback(new TransportConfigCallback() {
@Override
public void configure(Transport transport) {
if (transport instanceof SshTransport) {
SshTransport sshTransport = (SshTransport) transport;
SshSessionFactory sshSessionFactory = new JschConfigSessionFactory() {
@Override
protected void configure(OpenSshConfig.Host host, Session session) {
session.setConfig("StrictHostKeyChecking", "no");
UserInfo userInfo = new CredentialsProviderUserInfo(session, provider);
session.setUserInfo(userInfo);
}
@Override
protected JSch createDefaultJSch(FS fs) throws JSchException {
JSch jsch = super.createDefaultJSch(fs);
jsch.removeAllIdentity();
String absolutePath = sshPrivateKey.getAbsolutePath();
if (LOG.isDebugEnabled()) {
LOG.debug("Adding identity privateKey: " + sshPrivateKey + " publicKey: " + sshPublicKey);
}
if (sshPublicKey != null) {
jsch.addIdentity(absolutePath, sshPublicKey.getAbsolutePath(), null);
} else {
jsch.addIdentity(absolutePath);
}
return jsch;
}
};
sshTransport.setSshSessionFactory(sshSessionFactory);
}
}
});
}
}
Also used :
JSchException(com.jcraft.jsch.JSchException)
UserInfo(com.jcraft.jsch.UserInfo)
CredentialsProviderUserInfo(org.eclipse.jgit.transport.CredentialsProviderUserInfo)
CredentialsProvider(org.eclipse.jgit.transport.CredentialsProvider)
SshSessionFactory(org.eclipse.jgit.transport.SshSessionFactory)
JSch(com.jcraft.jsch.JSch)
FS(org.eclipse.jgit.util.FS)
OpenSshConfig(org.eclipse.jgit.transport.OpenSshConfig)
TransportConfigCallback(org.eclipse.jgit.api.TransportConfigCallback)
CredentialsProviderUserInfo(org.eclipse.jgit.transport.CredentialsProviderUserInfo)
JschConfigSessionFactory(org.eclipse.jgit.transport.JschConfigSessionFactory)
SshTransport(org.eclipse.jgit.transport.SshTransport)
Transport(org.eclipse.jgit.transport.Transport)
SshTransport(org.eclipse.jgit.transport.SshTransport)
Session(com.jcraft.jsch.Session)
SSLSession(javax.net.ssl.SSLSession)
Example 4 with SshSessionFactory
use of org.eclipse.jgit.transport.SshSessionFactory in project blueocean-plugin by jenkinsci.
the class GitUtils method getSSHKeyTransport.
private static TransportConfigCallback getSSHKeyTransport(final BasicSSHUserPrivateKey privateKey) {
final SshSessionFactory sshSessionFactory = new JschConfigSessionFactory() {
@Override
protected void configure(OpenSshConfig.Host hc, com.jcraft.jsch.Session session) {
// jenkins user doesn't likely have the host key
session.setConfig("StrictHostKeyChecking", "no");
}
@Override
protected JSch getJSch(OpenSshConfig.Host hc, FS fs) throws JSchException {
JSch jsch = new JSch();
configureJSch(jsch);
// TODO: might need this: jsch.setHostKeyRepository(new KnownHosts(this));
KeyPair pair = KeyPair.load(jsch, privateKey.getPrivateKey().getBytes(StandardCharsets.UTF_8), null);
byte[] passphrase = new byte[0];
jsch.addIdentity(privateKey.getUsername(), pair.forSSHAgent(), null, passphrase);
return jsch;
}
};
return transport -> {
if (transport instanceof SshTransport) {
SshTransport sshTransport = (SshTransport) transport;
sshTransport.setSshSessionFactory(sshSessionFactory);
}
};
}
Also used :
BlueOceanDomainRequirement(io.jenkins.blueocean.rest.impl.pipeline.credential.BlueOceanDomainRequirement)
StringUtils(org.apache.commons.lang.StringUtils)
KeyPair(com.jcraft.jsch.KeyPair)
ObjectInserter(org.eclipse.jgit.lib.ObjectInserter)
DirCacheEditor(org.eclipse.jgit.dircache.DirCacheEditor)
Date(java.util.Date)
JGitText(org.eclipse.jgit.internal.JGitText)
LoggerFactory(org.slf4j.LoggerFactory)
SshTransport(org.eclipse.jgit.transport.SshTransport)
RevWalk(org.eclipse.jgit.revwalk.RevWalk)
BasicSSHUserPrivateKey(com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey)
CredentialsMatchers(com.cloudbees.plugins.credentials.CredentialsMatchers)
ByteArrayInputStream(java.io.ByteArrayInputStream)
GitClient(org.jenkinsci.plugins.gitclient.GitClient)
CredentialsUtils(io.jenkins.blueocean.credential.CredentialsUtils)
GitAPIException(org.eclipse.jgit.api.errors.GitAPIException)
FileMode(org.eclipse.jgit.lib.FileMode)
RefSpec(org.eclipse.jgit.transport.RefSpec)
TimeZone(java.util.TimeZone)
RefUpdate(org.eclipse.jgit.lib.RefUpdate)
OpenSshConfig(org.eclipse.jgit.transport.OpenSshConfig)
Constants(org.eclipse.jgit.lib.Constants)
TransportCommand(org.eclipse.jgit.api.TransportCommand)
ItemGroup(hudson.model.ItemGroup)
RevTree(org.eclipse.jgit.revwalk.RevTree)
StandardCharsets(java.nio.charset.StandardCharsets)
PersonIdent(org.eclipse.jgit.lib.PersonIdent)
GitException(hudson.plugins.git.GitException)
List(java.util.List)
Ref(org.eclipse.jgit.lib.Ref)
PushResult(org.eclipse.jgit.transport.PushResult)
DirCache(org.eclipse.jgit.dircache.DirCache)
FS(org.eclipse.jgit.util.FS)
JSchException(com.jcraft.jsch.JSchException)
Pattern(java.util.regex.Pattern)
SuppressFBWarnings(edu.umd.cs.findbugs.annotations.SuppressFBWarnings)
TransportConfigCallback(org.eclipse.jgit.api.TransportConfigCallback)
RevCommit(org.eclipse.jgit.revwalk.RevCommit)
JSch(com.jcraft.jsch.JSch)
StandardCredentials(com.cloudbees.plugins.credentials.common.StandardCredentials)
CanonicalTreeParser(org.eclipse.jgit.treewalk.CanonicalTreeParser)
DirCacheEntry(org.eclipse.jgit.dircache.DirCacheEntry)
DirCacheBuilder(org.eclipse.jgit.dircache.DirCacheBuilder)
Git(org.jenkinsci.plugins.gitclient.Git)
FetchCommand(org.eclipse.jgit.api.FetchCommand)
MessageFormat(java.text.MessageFormat)
ArrayList(java.util.ArrayList)
MergeCommand(org.eclipse.jgit.api.MergeCommand)
ACL(hudson.security.ACL)
CommitBuilder(org.eclipse.jgit.lib.CommitBuilder)
SshSessionFactory(org.eclipse.jgit.transport.SshSessionFactory)
EnvVars(hudson.EnvVars)
Nonnull(javax.annotation.Nonnull)
PushCommand(org.eclipse.jgit.api.PushCommand)
Nullable(javax.annotation.Nullable)
ConcurrentRefUpdateException(org.eclipse.jgit.api.errors.ConcurrentRefUpdateException)
TaskListener(hudson.model.TaskListener)
TreeWalk(org.eclipse.jgit.treewalk.TreeWalk)
Logger(org.slf4j.Logger)
SmartCredentialsProvider(org.jenkinsci.plugins.gitclient.trilead.SmartCredentialsProvider)
IOException(java.io.IOException)
URIRequirementBuilder(com.cloudbees.plugins.credentials.domains.URIRequirementBuilder)
ServiceException(io.jenkins.blueocean.commons.ServiceException)
CheckoutCommand(org.eclipse.jgit.api.CheckoutCommand)
ObjectId(org.eclipse.jgit.lib.ObjectId)
TransportException(org.eclipse.jgit.api.errors.TransportException)
JGitInternalException(org.eclipse.jgit.api.errors.JGitInternalException)
RemoteRefUpdate(org.eclipse.jgit.transport.RemoteRefUpdate)
CredentialsProvider(com.cloudbees.plugins.credentials.CredentialsProvider)
MergeResult(org.eclipse.jgit.api.MergeResult)
ErrorMessage(io.jenkins.blueocean.commons.ErrorMessage)
ObjectReader(org.eclipse.jgit.lib.ObjectReader)
Repository(org.eclipse.jgit.lib.Repository)
JschConfigSessionFactory(org.eclipse.jgit.transport.JschConfigSessionFactory)
InputStream(java.io.InputStream)
KeyPair(com.jcraft.jsch.KeyPair)
JschConfigSessionFactory(org.eclipse.jgit.transport.JschConfigSessionFactory)
SshSessionFactory(org.eclipse.jgit.transport.SshSessionFactory)
JSch(com.jcraft.jsch.JSch)
FS(org.eclipse.jgit.util.FS)
SshTransport(org.eclipse.jgit.transport.SshTransport)
Aggregations
SshSessionFactory (org.eclipse.jgit.transport.SshSessionFactory)4
JSch (com.jcraft.jsch.JSch)3
JschConfigSessionFactory (org.eclipse.jgit.transport.JschConfigSessionFactory)3
SshTransport (org.eclipse.jgit.transport.SshTransport)3
FS (org.eclipse.jgit.util.FS)3
JSchException (com.jcraft.jsch.JSchException)2
Session (com.jcraft.jsch.Session)2
IOException (java.io.IOException)2
TransportConfigCallback (org.eclipse.jgit.api.TransportConfigCallback)2
TransportException (org.eclipse.jgit.api.errors.TransportException)2
OpenSshConfig (org.eclipse.jgit.transport.OpenSshConfig)2
BasicSSHUserPrivateKey (com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey)1
CredentialsMatchers (com.cloudbees.plugins.credentials.CredentialsMatchers)1
CredentialsProvider (com.cloudbees.plugins.credentials.CredentialsProvider)1
StandardCredentials (com.cloudbees.plugins.credentials.common.StandardCredentials)1
URIRequirementBuilder (com.cloudbees.plugins.credentials.domains.URIRequirementBuilder)1
VisibleForTesting (com.google.common.annotations.VisibleForTesting)1
KeyPair (com.jcraft.jsch.KeyPair)1
UserInfo (com.jcraft.jsch.UserInfo)1
SuppressFBWarnings (edu.umd.cs.findbugs.annotations.SuppressFBWarnings)1
