Class UserAuthKeyboardInteractive
- java.lang.Object
-
- org.apache.sshd.common.util.logging.AbstractLoggingBean
-
- org.apache.sshd.client.auth.AbstractUserAuth
-
- org.apache.sshd.client.auth.keyboard.UserAuthKeyboardInteractive
-
- All Implemented Interfaces:
UserAuth
,ClientSessionHolder
,UserAuthInstance<ClientSession>
,NamedResource
public class UserAuthKeyboardInteractive extends AbstractUserAuth
Manages a "keyboard-interactive" exchange according to RFC4256
-
-
Field Summary
Fields Modifier and Type Field Description private java.util.concurrent.atomic.AtomicInteger
emptyCount
private int
maxTrials
static java.lang.String
NAME
private java.util.Iterator<java.lang.String>
passwords
private java.util.concurrent.atomic.AtomicBoolean
requestPending
private java.util.concurrent.atomic.AtomicInteger
trialsCount
-
Fields inherited from class org.apache.sshd.common.util.logging.AbstractLoggingBean
log
-
Fields inherited from interface org.apache.sshd.common.NamedResource
BY_NAME_COMPARATOR, NAME_EXTRACTOR
-
-
Constructor Summary
Constructors Constructor Description UserAuthKeyboardInteractive()
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description static java.lang.String
getAuthCommandName(int cmd)
protected java.lang.String
getCurrentPasswordCandidate()
protected java.lang.String
getExchangeLanguageTag(ClientSession session)
protected java.lang.String
getExchangeSubMethods(ClientSession session)
protected java.lang.String[]
getUserResponses(java.lang.String name, java.lang.String instruction, java.lang.String lang, java.lang.String[] prompt, boolean[] echo)
void
init(ClientSession session, java.lang.String service)
protected boolean
processAuthDataRequest(ClientSession session, java.lang.String service, Buffer buffer)
protected boolean
sendAuthDataRequest(ClientSession session, java.lang.String service)
protected boolean
useCurrentPassword(ClientSession session, java.lang.String password, java.lang.String name, java.lang.String instruction, java.lang.String lang, java.lang.String[] prompt, boolean[] echo)
Checks if we have a candidate password and exactly one prompt is requested with no echo, and the prompt matches a configurable pattern.protected boolean
verifyTrialsCount(ClientSession session, java.lang.String service, int cmd, int nbTrials, int maxAllowed)
-
Methods inherited from class org.apache.sshd.client.auth.AbstractUserAuth
destroy, getClientSession, getName, getService, getSession, process, toString
-
Methods inherited from class org.apache.sshd.common.util.logging.AbstractLoggingBean
debug, debug, debug, debug, debug, error, error, error, error, error, getSimplifiedLogger, info, info, warn, warn, warn, warn, warn, warn, warn, warn
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
-
Methods inherited from interface org.apache.sshd.client.auth.UserAuth
signalAuthMethodFailure, signalAuthMethodSuccess
-
-
-
-
Field Detail
-
NAME
public static final java.lang.String NAME
- See Also:
- Constant Field Values
-
requestPending
private final java.util.concurrent.atomic.AtomicBoolean requestPending
-
trialsCount
private final java.util.concurrent.atomic.AtomicInteger trialsCount
-
emptyCount
private final java.util.concurrent.atomic.AtomicInteger emptyCount
-
passwords
private java.util.Iterator<java.lang.String> passwords
-
maxTrials
private int maxTrials
-
-
Method Detail
-
init
public void init(ClientSession session, java.lang.String service) throws java.lang.Exception
- Specified by:
init
in interfaceUserAuth
- Overrides:
init
in classAbstractUserAuth
- Parameters:
session
- TheClientSession
service
- The requesting service name- Throws:
java.lang.Exception
- If failed to initialize the mechanism
-
sendAuthDataRequest
protected boolean sendAuthDataRequest(ClientSession session, java.lang.String service) throws java.lang.Exception
- Specified by:
sendAuthDataRequest
in classAbstractUserAuth
- Throws:
java.lang.Exception
-
processAuthDataRequest
protected boolean processAuthDataRequest(ClientSession session, java.lang.String service, Buffer buffer) throws java.lang.Exception
- Specified by:
processAuthDataRequest
in classAbstractUserAuth
- Throws:
java.lang.Exception
-
getExchangeLanguageTag
protected java.lang.String getExchangeLanguageTag(ClientSession session)
-
getExchangeSubMethods
protected java.lang.String getExchangeSubMethods(ClientSession session)
-
getCurrentPasswordCandidate
protected java.lang.String getCurrentPasswordCandidate()
-
verifyTrialsCount
protected boolean verifyTrialsCount(ClientSession session, java.lang.String service, int cmd, int nbTrials, int maxAllowed)
-
getUserResponses
protected java.lang.String[] getUserResponses(java.lang.String name, java.lang.String instruction, java.lang.String lang, java.lang.String[] prompt, boolean[] echo)
- Parameters:
name
- The interaction name - may be emptyinstruction
- The instruction - may be emptylang
- The language tag - may be emptyprompt
- The prompts - may be emptyecho
- Whether to echo the response for the prompt or not - same length as the prompts- Returns:
- The response for each prompt - if
null
then the assumption is that some internal error occurred and no response is sent. Note: according to RFC4256 the number of responses should be exactly the same as the number of prompts. However, since it is the server's responsibility to enforce this we do not validate the response (other than logging it as a warning...)
-
useCurrentPassword
protected boolean useCurrentPassword(ClientSession session, java.lang.String password, java.lang.String name, java.lang.String instruction, java.lang.String lang, java.lang.String[] prompt, boolean[] echo)
Checks if we have a candidate password and exactly one prompt is requested with no echo, and the prompt matches a configurable pattern.- Parameters:
session
- TheClientSession
through which the request is receivedpassword
- The current password candidate to usename
- The service nameinstruction
- The request instructionlang
- The reported language tagprompt
- The requested promptsecho
- The matching prompts echo flags- Returns:
- Whether to use the password candidate as reply to the prompts
- See Also:
INTERACTIVE_PASSWORD_PROMPT
,CHECK_INTERACTIVE_PASSWORD_DELIM
-
getAuthCommandName
public static java.lang.String getAuthCommandName(int cmd)
-
-