Search in sources :

Example 1 with SshSessionFactory

use of org.eclipse.jgit.transport.SshSessionFactory in project che by eclipse.

the class JGitConnection method executeRemoteCommand.

/**
     * Execute remote jgit command.
     *
     * @param remoteUrl
     *         remote url
     * @param command
     *         command to execute
     * @return executed command
     * @throws GitException
     * @throws GitAPIException
     * @throws UnauthorizedException
     */
@VisibleForTesting
Object executeRemoteCommand(String remoteUrl, TransportCommand command, @Nullable String username, @Nullable String password) throws GitException, GitAPIException, UnauthorizedException {
    File keyDirectory = null;
    UserCredential credentials = null;
    try {
        if (GitUrlUtils.isSSH(remoteUrl)) {
            keyDirectory = Files.createTempDir();
            final File sshKey = writePrivateKeyFile(remoteUrl, keyDirectory);
            SshSessionFactory sshSessionFactory = new JschConfigSessionFactory() {

                @Override
                protected void configure(OpenSshConfig.Host host, Session session) {
                    session.setConfig("StrictHostKeyChecking", "no");
                }

                @Override
                protected JSch getJSch(final OpenSshConfig.Host hc, FS fs) throws JSchException {
                    JSch jsch = super.getJSch(hc, fs);
                    jsch.removeAllIdentity();
                    jsch.addIdentity(sshKey.getAbsolutePath());
                    return jsch;
                }
            };
            command.setTransportConfigCallback(transport -> {
                if (transport instanceof SshTransport) {
                    ((SshTransport) transport).setSshSessionFactory(sshSessionFactory);
                }
            });
        } else {
            if (remoteUrl != null && GIT_URL_WITH_CREDENTIALS_PATTERN.matcher(remoteUrl).matches()) {
                username = remoteUrl.substring(remoteUrl.indexOf("://") + 3, remoteUrl.lastIndexOf(":"));
                password = remoteUrl.substring(remoteUrl.lastIndexOf(":") + 1, remoteUrl.indexOf("@"));
                command.setCredentialsProvider(new UsernamePasswordCredentialsProvider(username, password));
            } else {
                if (username != null && password != null) {
                    command.setCredentialsProvider(new UsernamePasswordCredentialsProvider(username, password));
                } else {
                    credentials = credentialsLoader.getUserCredential(remoteUrl);
                    if (credentials != null) {
                        command.setCredentialsProvider(new UsernamePasswordCredentialsProvider(credentials.getUserName(), credentials.getPassword()));
                    }
                }
            }
        }
        ProxyAuthenticator.initAuthenticator(remoteUrl);
        return command.call();
    } catch (GitException | TransportException exception) {
        if ("Unable get private ssh key".equals(exception.getMessage())) {
            throw new UnauthorizedException(exception.getMessage(), ErrorCodes.UNABLE_GET_PRIVATE_SSH_KEY);
        } else if (exception.getMessage().contains(ERROR_AUTHENTICATION_REQUIRED)) {
            final ProviderInfo info = credentialsLoader.getProviderInfo(remoteUrl);
            if (info != null) {
                throw new UnauthorizedException(exception.getMessage(), ErrorCodes.UNAUTHORIZED_GIT_OPERATION, ImmutableMap.of(PROVIDER_NAME, info.getProviderName(), AUTHENTICATE_URL, info.getAuthenticateUrl(), "authenticated", Boolean.toString(credentials != null)));
            }
            throw new UnauthorizedException(exception.getMessage(), ErrorCodes.UNAUTHORIZED_GIT_OPERATION);
        } else {
            throw exception;
        }
    } finally {
        if (keyDirectory != null && keyDirectory.exists()) {
            try {
                FileUtils.delete(keyDirectory, FileUtils.RECURSIVE);
            } catch (IOException exception) {
                throw new GitException("Can't remove SSH key directory", exception);
            }
        }
        ProxyAuthenticator.resetAuthenticator();
    }
}
Also used : UserCredential(org.eclipse.che.api.git.UserCredential) UsernamePasswordCredentialsProvider(org.eclipse.jgit.transport.UsernamePasswordCredentialsProvider) GitException(org.eclipse.che.api.git.exception.GitException) IOException(java.io.IOException) SshSessionFactory(org.eclipse.jgit.transport.SshSessionFactory) JSch(com.jcraft.jsch.JSch) FS(org.eclipse.jgit.util.FS) TransportException(org.eclipse.jgit.api.errors.TransportException) ProviderInfo(org.eclipse.che.api.git.shared.ProviderInfo) UnauthorizedException(org.eclipse.che.api.core.UnauthorizedException) JschConfigSessionFactory(org.eclipse.jgit.transport.JschConfigSessionFactory) DiffCommitFile(org.eclipse.che.api.git.shared.DiffCommitFile) File(java.io.File) SshTransport(org.eclipse.jgit.transport.SshTransport) Session(com.jcraft.jsch.Session) VisibleForTesting(com.google.common.annotations.VisibleForTesting)

Example 2 with SshSessionFactory

use of org.eclipse.jgit.transport.SshSessionFactory in project commons by craftercms.

the class AbstractSshAuthConfigurator method configureAuthentication.

@Override
public void configureAuthentication(TransportCommand command) {
    SshSessionFactory sessionFactory = createSessionFactory();
    command.setTransportConfigCallback(transport -> ((SshTransport) transport).setSshSessionFactory(sessionFactory));
}
Also used : SshSessionFactory(org.eclipse.jgit.transport.SshSessionFactory)

Example 3 with SshSessionFactory

use of org.eclipse.jgit.transport.SshSessionFactory in project fabric8 by fabric8io.

the class GitUtils method configureCommand.

/**
 * Configures the transport of the command to deal with things like SSH
 */
public static <C extends GitCommand> void configureCommand(TransportCommand<C, ?> command, CredentialsProvider credentialsProvider, final File sshPrivateKey, final File sshPublicKey) {
    LOG.info("Using " + credentialsProvider);
    if (sshPrivateKey != null) {
        final CredentialsProvider provider = credentialsProvider;
        command.setTransportConfigCallback(new TransportConfigCallback() {

            @Override
            public void configure(Transport transport) {
                if (transport instanceof SshTransport) {
                    SshTransport sshTransport = (SshTransport) transport;
                    SshSessionFactory sshSessionFactory = new JschConfigSessionFactory() {

                        @Override
                        protected void configure(OpenSshConfig.Host host, Session session) {
                            session.setConfig("StrictHostKeyChecking", "no");
                            UserInfo userInfo = new CredentialsProviderUserInfo(session, provider);
                            session.setUserInfo(userInfo);
                        }

                        @Override
                        protected JSch createDefaultJSch(FS fs) throws JSchException {
                            JSch jsch = super.createDefaultJSch(fs);
                            jsch.removeAllIdentity();
                            String absolutePath = sshPrivateKey.getAbsolutePath();
                            if (LOG.isDebugEnabled()) {
                                LOG.debug("Adding identity privateKey: " + sshPrivateKey + " publicKey: " + sshPublicKey);
                            }
                            if (sshPublicKey != null) {
                                jsch.addIdentity(absolutePath, sshPublicKey.getAbsolutePath(), null);
                            } else {
                                jsch.addIdentity(absolutePath);
                            }
                            return jsch;
                        }
                    };
                    sshTransport.setSshSessionFactory(sshSessionFactory);
                }
            }
        });
    }
}
Also used : JSchException(com.jcraft.jsch.JSchException) UserInfo(com.jcraft.jsch.UserInfo) CredentialsProviderUserInfo(org.eclipse.jgit.transport.CredentialsProviderUserInfo) CredentialsProvider(org.eclipse.jgit.transport.CredentialsProvider) SshSessionFactory(org.eclipse.jgit.transport.SshSessionFactory) JSch(com.jcraft.jsch.JSch) FS(org.eclipse.jgit.util.FS) OpenSshConfig(org.eclipse.jgit.transport.OpenSshConfig) TransportConfigCallback(org.eclipse.jgit.api.TransportConfigCallback) CredentialsProviderUserInfo(org.eclipse.jgit.transport.CredentialsProviderUserInfo) JschConfigSessionFactory(org.eclipse.jgit.transport.JschConfigSessionFactory) SshTransport(org.eclipse.jgit.transport.SshTransport) Transport(org.eclipse.jgit.transport.Transport) SshTransport(org.eclipse.jgit.transport.SshTransport) Session(com.jcraft.jsch.Session) SSLSession(javax.net.ssl.SSLSession)

Example 4 with SshSessionFactory

use of org.eclipse.jgit.transport.SshSessionFactory in project blueocean-plugin by jenkinsci.

the class GitUtils method getSSHKeyTransport.

private static TransportConfigCallback getSSHKeyTransport(final BasicSSHUserPrivateKey privateKey) {
    final SshSessionFactory sshSessionFactory = new JschConfigSessionFactory() {

        @Override
        protected void configure(OpenSshConfig.Host hc, com.jcraft.jsch.Session session) {
            // jenkins user doesn't likely have the host key
            session.setConfig("StrictHostKeyChecking", "no");
        }

        @Override
        protected JSch getJSch(OpenSshConfig.Host hc, FS fs) throws JSchException {
            JSch jsch = new JSch();
            configureJSch(jsch);
            // TODO: might need this: jsch.setHostKeyRepository(new KnownHosts(this));
            KeyPair pair = KeyPair.load(jsch, privateKey.getPrivateKey().getBytes(StandardCharsets.UTF_8), null);
            byte[] passphrase = new byte[0];
            jsch.addIdentity(privateKey.getUsername(), pair.forSSHAgent(), null, passphrase);
            return jsch;
        }
    };
    return transport -> {
        if (transport instanceof SshTransport) {
            SshTransport sshTransport = (SshTransport) transport;
            sshTransport.setSshSessionFactory(sshSessionFactory);
        }
    };
}
Also used : BlueOceanDomainRequirement(io.jenkins.blueocean.rest.impl.pipeline.credential.BlueOceanDomainRequirement) StringUtils(org.apache.commons.lang.StringUtils) KeyPair(com.jcraft.jsch.KeyPair) ObjectInserter(org.eclipse.jgit.lib.ObjectInserter) DirCacheEditor(org.eclipse.jgit.dircache.DirCacheEditor) Date(java.util.Date) JGitText(org.eclipse.jgit.internal.JGitText) LoggerFactory(org.slf4j.LoggerFactory) SshTransport(org.eclipse.jgit.transport.SshTransport) RevWalk(org.eclipse.jgit.revwalk.RevWalk) BasicSSHUserPrivateKey(com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey) CredentialsMatchers(com.cloudbees.plugins.credentials.CredentialsMatchers) ByteArrayInputStream(java.io.ByteArrayInputStream) GitClient(org.jenkinsci.plugins.gitclient.GitClient) CredentialsUtils(io.jenkins.blueocean.credential.CredentialsUtils) GitAPIException(org.eclipse.jgit.api.errors.GitAPIException) FileMode(org.eclipse.jgit.lib.FileMode) RefSpec(org.eclipse.jgit.transport.RefSpec) TimeZone(java.util.TimeZone) RefUpdate(org.eclipse.jgit.lib.RefUpdate) OpenSshConfig(org.eclipse.jgit.transport.OpenSshConfig) Constants(org.eclipse.jgit.lib.Constants) TransportCommand(org.eclipse.jgit.api.TransportCommand) ItemGroup(hudson.model.ItemGroup) RevTree(org.eclipse.jgit.revwalk.RevTree) StandardCharsets(java.nio.charset.StandardCharsets) PersonIdent(org.eclipse.jgit.lib.PersonIdent) GitException(hudson.plugins.git.GitException) List(java.util.List) Ref(org.eclipse.jgit.lib.Ref) PushResult(org.eclipse.jgit.transport.PushResult) DirCache(org.eclipse.jgit.dircache.DirCache) FS(org.eclipse.jgit.util.FS) JSchException(com.jcraft.jsch.JSchException) Pattern(java.util.regex.Pattern) SuppressFBWarnings(edu.umd.cs.findbugs.annotations.SuppressFBWarnings) TransportConfigCallback(org.eclipse.jgit.api.TransportConfigCallback) RevCommit(org.eclipse.jgit.revwalk.RevCommit) JSch(com.jcraft.jsch.JSch) StandardCredentials(com.cloudbees.plugins.credentials.common.StandardCredentials) CanonicalTreeParser(org.eclipse.jgit.treewalk.CanonicalTreeParser) DirCacheEntry(org.eclipse.jgit.dircache.DirCacheEntry) DirCacheBuilder(org.eclipse.jgit.dircache.DirCacheBuilder) Git(org.jenkinsci.plugins.gitclient.Git) FetchCommand(org.eclipse.jgit.api.FetchCommand) MessageFormat(java.text.MessageFormat) ArrayList(java.util.ArrayList) MergeCommand(org.eclipse.jgit.api.MergeCommand) ACL(hudson.security.ACL) CommitBuilder(org.eclipse.jgit.lib.CommitBuilder) SshSessionFactory(org.eclipse.jgit.transport.SshSessionFactory) EnvVars(hudson.EnvVars) Nonnull(javax.annotation.Nonnull) PushCommand(org.eclipse.jgit.api.PushCommand) Nullable(javax.annotation.Nullable) ConcurrentRefUpdateException(org.eclipse.jgit.api.errors.ConcurrentRefUpdateException) TaskListener(hudson.model.TaskListener) TreeWalk(org.eclipse.jgit.treewalk.TreeWalk) Logger(org.slf4j.Logger) SmartCredentialsProvider(org.jenkinsci.plugins.gitclient.trilead.SmartCredentialsProvider) IOException(java.io.IOException) URIRequirementBuilder(com.cloudbees.plugins.credentials.domains.URIRequirementBuilder) ServiceException(io.jenkins.blueocean.commons.ServiceException) CheckoutCommand(org.eclipse.jgit.api.CheckoutCommand) ObjectId(org.eclipse.jgit.lib.ObjectId) TransportException(org.eclipse.jgit.api.errors.TransportException) JGitInternalException(org.eclipse.jgit.api.errors.JGitInternalException) RemoteRefUpdate(org.eclipse.jgit.transport.RemoteRefUpdate) CredentialsProvider(com.cloudbees.plugins.credentials.CredentialsProvider) MergeResult(org.eclipse.jgit.api.MergeResult) ErrorMessage(io.jenkins.blueocean.commons.ErrorMessage) ObjectReader(org.eclipse.jgit.lib.ObjectReader) Repository(org.eclipse.jgit.lib.Repository) JschConfigSessionFactory(org.eclipse.jgit.transport.JschConfigSessionFactory) InputStream(java.io.InputStream) KeyPair(com.jcraft.jsch.KeyPair) JschConfigSessionFactory(org.eclipse.jgit.transport.JschConfigSessionFactory) SshSessionFactory(org.eclipse.jgit.transport.SshSessionFactory) JSch(com.jcraft.jsch.JSch) FS(org.eclipse.jgit.util.FS) SshTransport(org.eclipse.jgit.transport.SshTransport)

Aggregations

SshSessionFactory (org.eclipse.jgit.transport.SshSessionFactory)4 JSch (com.jcraft.jsch.JSch)3 JschConfigSessionFactory (org.eclipse.jgit.transport.JschConfigSessionFactory)3 SshTransport (org.eclipse.jgit.transport.SshTransport)3 FS (org.eclipse.jgit.util.FS)3 JSchException (com.jcraft.jsch.JSchException)2 Session (com.jcraft.jsch.Session)2 IOException (java.io.IOException)2 TransportConfigCallback (org.eclipse.jgit.api.TransportConfigCallback)2 TransportException (org.eclipse.jgit.api.errors.TransportException)2 OpenSshConfig (org.eclipse.jgit.transport.OpenSshConfig)2 BasicSSHUserPrivateKey (com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey)1 CredentialsMatchers (com.cloudbees.plugins.credentials.CredentialsMatchers)1 CredentialsProvider (com.cloudbees.plugins.credentials.CredentialsProvider)1 StandardCredentials (com.cloudbees.plugins.credentials.common.StandardCredentials)1 URIRequirementBuilder (com.cloudbees.plugins.credentials.domains.URIRequirementBuilder)1 VisibleForTesting (com.google.common.annotations.VisibleForTesting)1 KeyPair (com.jcraft.jsch.KeyPair)1 UserInfo (com.jcraft.jsch.UserInfo)1 SuppressFBWarnings (edu.umd.cs.findbugs.annotations.SuppressFBWarnings)1