TwoWaySslCallback.java example

Explorer
intellij-community-master
/*
 * Copyright 2000-2013 JetBrains s.r.o.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.jetbrains.idea.svn.commandLine;

import org.jetbrains.annotations.NotNull;
import org.jetbrains.idea.svn.auth.AuthenticationService;
import org.tmatesoft.svn.core.SVNURL;
import org.tmatesoft.svn.core.auth.ISVNAuthenticationManager;
import org.tmatesoft.svn.core.auth.SVNSSLAuthentication;

/**
 * @author Konstantin Kolosovsky.
 */
public class TwoWaySslCallback extends UsernamePasswordCallback {

  private static final String ACCESS_TO_PREFIX = "Access to ";
  private static final String FORBIDDEN_STATUS = "forbidden";

  TwoWaySslCallback(@NotNull AuthenticationService authenticationService, SVNURL url) {
    super(authenticationService, url);
  }

  @Override
  public boolean canHandle(String error) {
    // https two-way protocol invalid client certificate
    return error.contains(ACCESS_TO_PREFIX) && error.contains(FORBIDDEN_STATUS);
  }

  @Override
  public String getType() {
    return ISVNAuthenticationManager.SSL;
  }

  @Override
  public void updateParameters(@NotNull Command command) {
    if (myAuthentication instanceof SVNSSLAuthentication) {
      SVNSSLAuthentication auth = (SVNSSLAuthentication)myAuthentication;

      // TODO: Seems that config option should be specified for concrete server and not for global group.
      // as in that case it could be overriden by settings in config file
      command.put("--config-option");
      command.put("servers:global:ssl-client-cert-file=" + auth.getCertificatePath());
      command.put("--config-option");
      command.put("servers:global:ssl-client-cert-password=" + auth.getPassword());
      if (!auth.isStorageAllowed()) {
        command.put("--no-auth-cache");
      }
    }
  }
}