Krb5LoginModule.java

/*
 * Licensed to the Apache Software Foundation (ASF) under one or more
 * contributor license agreements.  See the NOTICE file distributed with
 * this work for additional information regarding copyright ownership.
 * The ASF licenses this file to You under the Apache License, Version 2.0
 * (the "License"); you may not use this file except in compliance with
 * the License.  You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.apache.karaf.jaas.modules.krb5;

import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import java.util.HashMap;
import java.util.Map;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

/**
 * Karaf Kerberos login module.
 */
public class Krb5LoginModule implements LoginModule {

    private com.sun.security.auth.module.Krb5LoginModule loginModule = new com.sun.security.auth.module.Krb5LoginModule();

    @Override
    public void initialize(Subject _subject, CallbackHandler _callbackHandler, Map<String, ?> _sharedState, Map<String, ?> _options) {
        Map<String, Object> options = new HashMap<>(_options);
        // interpolate system properties like ${karaf.etc} in options
        for (Map.Entry<String, ?> entry : _options.entrySet()) {
            if (entry.getValue() instanceof String) {
                options.put(entry.getKey(), Krb5LoginModule.interpolate((String)entry.getValue()));
            } else {
                options.put(entry.getKey(), entry.getValue());
            }
        }
        this.loginModule.initialize(_subject, _callbackHandler, _sharedState, options);
    }

    @Override
    public boolean login() throws LoginException {
        return loginModule.login();
    }

    @Override
    public boolean commit() throws LoginException {
        return loginModule.commit();
    }

    @Override
    public boolean abort() throws LoginException {
        return loginModule.abort();
    }

    @Override
    public boolean logout() throws LoginException {
        return loginModule.logout();
    }

    private static String interpolate(String _value) {
        String value = _value;
        Matcher matcher = Pattern.compile("\\$\\{([^}]+)\\}").matcher(value);
        while (matcher.find()) {
            String rep = System.getProperty(matcher.group(1));
            if (rep != null) {
                value = value.replace(matcher.group(0), rep);
                matcher.reset(value);
            }
        }
        return value;
    }
}