1 | // License: GPL. For details, see LICENSE file.
|
---|
2 | package org.openstreetmap.josm.io.auth;
|
---|
3 |
|
---|
4 | import static org.openstreetmap.josm.tools.I18n.tr;
|
---|
5 |
|
---|
6 | import java.awt.Component;
|
---|
7 | import java.net.Authenticator.RequestorType;
|
---|
8 | import java.net.PasswordAuthentication;
|
---|
9 | import java.util.HashSet;
|
---|
10 | import java.util.Objects;
|
---|
11 | import java.util.Set;
|
---|
12 |
|
---|
13 | import jakarta.json.JsonException;
|
---|
14 | import javax.swing.text.html.HTMLEditorKit;
|
---|
15 |
|
---|
16 | import org.openstreetmap.josm.data.oauth.IOAuthToken;
|
---|
17 | import org.openstreetmap.josm.data.oauth.OAuth20Exception;
|
---|
18 | import org.openstreetmap.josm.data.oauth.OAuth20Parameters;
|
---|
19 | import org.openstreetmap.josm.data.oauth.OAuth20Token;
|
---|
20 | import org.openstreetmap.josm.data.oauth.OAuthToken;
|
---|
21 | import org.openstreetmap.josm.data.oauth.OAuthVersion;
|
---|
22 | import org.openstreetmap.josm.gui.widgets.HtmlPanel;
|
---|
23 | import org.openstreetmap.josm.io.DefaultProxySelector;
|
---|
24 | import org.openstreetmap.josm.io.OsmApi;
|
---|
25 | import org.openstreetmap.josm.spi.preferences.Config;
|
---|
26 | import org.openstreetmap.josm.tools.Utils;
|
---|
27 |
|
---|
28 | /**
|
---|
29 | * This is the default credentials agent in JOSM. It keeps username and password for both
|
---|
30 | * the OSM API and an optional HTTP proxy in the JOSM preferences file.
|
---|
31 | * @since 2641
|
---|
32 | */
|
---|
33 | public class JosmPreferencesCredentialAgent extends AbstractCredentialsAgent {
|
---|
34 |
|
---|
35 | /**
|
---|
36 | * @see CredentialsAgent#lookup
|
---|
37 | */
|
---|
38 | @Override
|
---|
39 | public PasswordAuthentication lookup(RequestorType requestorType, String host) throws CredentialsAgentException {
|
---|
40 | if (requestorType == null)
|
---|
41 | return null;
|
---|
42 | String user;
|
---|
43 | String password;
|
---|
44 | switch(requestorType) {
|
---|
45 | case SERVER:
|
---|
46 | if (Objects.equals(OsmApi.getOsmApi().getHost(), host)) {
|
---|
47 | user = Config.getPref().get("osm-server.username", null);
|
---|
48 | password = Config.getPref().get("osm-server.password", null);
|
---|
49 | } else if (host != null) {
|
---|
50 | user = Config.getPref().get("server.username."+host, null);
|
---|
51 | password = Config.getPref().get("server.password."+host, null);
|
---|
52 | } else {
|
---|
53 | user = null;
|
---|
54 | password = null;
|
---|
55 | }
|
---|
56 | if (user == null)
|
---|
57 | return null;
|
---|
58 | return new PasswordAuthentication(user, password == null ? new char[0] : password.toCharArray());
|
---|
59 | case PROXY:
|
---|
60 | user = Config.getPref().get(DefaultProxySelector.PROXY_USER, null);
|
---|
61 | password = Config.getPref().get(DefaultProxySelector.PROXY_PASS, null);
|
---|
62 | if (user == null)
|
---|
63 | return null;
|
---|
64 | return new PasswordAuthentication(user, password == null ? new char[0] : password.toCharArray());
|
---|
65 | }
|
---|
66 | return null;
|
---|
67 | }
|
---|
68 |
|
---|
69 | /**
|
---|
70 | * @see CredentialsAgent#store
|
---|
71 | */
|
---|
72 | @Override
|
---|
73 | public void store(RequestorType requestorType, String host, PasswordAuthentication credentials) throws CredentialsAgentException {
|
---|
74 | if (requestorType == null)
|
---|
75 | return;
|
---|
76 | switch(requestorType) {
|
---|
77 | case SERVER:
|
---|
78 | if (Objects.equals(OsmApi.getOsmApi().getHost(), host)) {
|
---|
79 | Config.getPref().put("osm-server.username", credentials.getUserName());
|
---|
80 | if (credentials.getPassword().length == 0) { // PasswordAuthentication#getPassword cannot be null
|
---|
81 | Config.getPref().put("osm-server.password", null);
|
---|
82 | } else {
|
---|
83 | Config.getPref().put("osm-server.password", String.valueOf(credentials.getPassword()));
|
---|
84 | }
|
---|
85 | } else if (host != null) {
|
---|
86 | Config.getPref().put("server.username."+host, credentials.getUserName());
|
---|
87 | if (credentials.getPassword().length == 0) {
|
---|
88 | Config.getPref().put("server.password."+host, null);
|
---|
89 | } else {
|
---|
90 | Config.getPref().put("server.password."+host, String.valueOf(credentials.getPassword()));
|
---|
91 | }
|
---|
92 | }
|
---|
93 | break;
|
---|
94 | case PROXY:
|
---|
95 | Config.getPref().put(DefaultProxySelector.PROXY_USER, credentials.getUserName());
|
---|
96 | if (credentials.getPassword().length == 0) {
|
---|
97 | Config.getPref().put(DefaultProxySelector.PROXY_PASS, null);
|
---|
98 | } else {
|
---|
99 | Config.getPref().put(DefaultProxySelector.PROXY_PASS, String.valueOf(credentials.getPassword()));
|
---|
100 | }
|
---|
101 | break;
|
---|
102 | }
|
---|
103 | }
|
---|
104 |
|
---|
105 | /**
|
---|
106 | * Lookup the current OAuth Access Token to access the OSM server. Replies null, if no
|
---|
107 | * Access Token is currently managed by this CredentialManager.
|
---|
108 | *
|
---|
109 | * @return the current OAuth Access Token to access the OSM server.
|
---|
110 | * @throws CredentialsAgentException if something goes wrong
|
---|
111 | */
|
---|
112 | @Override
|
---|
113 | public OAuthToken lookupOAuthAccessToken() throws CredentialsAgentException {
|
---|
114 | String accessTokenKey = Config.getPref().get("oauth.access-token.key", null);
|
---|
115 | String accessTokenSecret = Config.getPref().get("oauth.access-token.secret", null);
|
---|
116 | if (accessTokenKey == null && accessTokenSecret == null)
|
---|
117 | return null;
|
---|
118 | return new OAuthToken(accessTokenKey, accessTokenSecret);
|
---|
119 | }
|
---|
120 |
|
---|
121 | @Override
|
---|
122 | public IOAuthToken lookupOAuthAccessToken(String host) throws CredentialsAgentException {
|
---|
123 | Set<String> keySet = new HashSet<>(Config.getPref().getKeySet());
|
---|
124 | keySet.addAll(Config.getPref().getSensitive()); // Just in case we decide to not return sensitive keys in getKeySet
|
---|
125 | for (OAuthVersion oauthType : OAuthVersion.values()) {
|
---|
126 | final String hostKey = "oauth.access-token.object." + oauthType + "." + host;
|
---|
127 | final String parametersKey = "oauth.access-token.parameters." + oauthType + "." + host;
|
---|
128 | if (!keySet.contains(hostKey) || !keySet.contains(parametersKey)) {
|
---|
129 | continue; // Avoid adding empty temporary entries to preferences
|
---|
130 | }
|
---|
131 | String token = Config.getPref().get(hostKey, null);
|
---|
132 | String parameters = Config.getPref().get(parametersKey, null);
|
---|
133 | if (!Utils.isBlank(token) && !Utils.isBlank(parameters) && OAuthVersion.OAuth20 == oauthType) {
|
---|
134 | try {
|
---|
135 | OAuth20Parameters oAuth20Parameters = new OAuth20Parameters(parameters);
|
---|
136 | return new OAuth20Token(oAuth20Parameters, token);
|
---|
137 | } catch (OAuth20Exception | JsonException e) {
|
---|
138 | throw new CredentialsAgentException(e);
|
---|
139 | }
|
---|
140 | }
|
---|
141 | }
|
---|
142 | return null;
|
---|
143 | }
|
---|
144 |
|
---|
145 | /**
|
---|
146 | * Stores the OAuth Access Token <code>accessToken</code>.
|
---|
147 | *
|
---|
148 | * @param accessToken the access Token. null, to remove the Access Token.
|
---|
149 | * @throws CredentialsAgentException if something goes wrong
|
---|
150 | */
|
---|
151 | @Override
|
---|
152 | public void storeOAuthAccessToken(OAuthToken accessToken) throws CredentialsAgentException {
|
---|
153 | if (accessToken == null) {
|
---|
154 | Config.getPref().put("oauth.access-token.key", null);
|
---|
155 | Config.getPref().put("oauth.access-token.secret", null);
|
---|
156 | } else {
|
---|
157 | Config.getPref().put("oauth.access-token.key", accessToken.getKey());
|
---|
158 | Config.getPref().put("oauth.access-token.secret", accessToken.getSecret());
|
---|
159 | }
|
---|
160 | }
|
---|
161 |
|
---|
162 | @Override
|
---|
163 | public void storeOAuthAccessToken(String host, IOAuthToken accessToken) throws CredentialsAgentException {
|
---|
164 | Objects.requireNonNull(host, "host");
|
---|
165 | if (accessToken == null) {
|
---|
166 | Set<String> keySet = new HashSet<>(Config.getPref().getKeySet());
|
---|
167 | keySet.addAll(Config.getPref().getSensitive()); // Just in case we decide to not return sensitive keys in getKeySet
|
---|
168 | // Assume we want to remove all access tokens
|
---|
169 | for (OAuthVersion oauthType : OAuthVersion.values()) {
|
---|
170 | final String hostKey = "oauth.access-token.parameters." + oauthType + "." + host;
|
---|
171 | final String parametersKey = "oauth.access-token.parameters." + oauthType + "." + host;
|
---|
172 | if (keySet.contains(hostKey)) {
|
---|
173 | Config.getPref().removeSensitive(hostKey);
|
---|
174 | }
|
---|
175 | if (keySet.contains(parametersKey)) {
|
---|
176 | Config.getPref().removeSensitive(parametersKey);
|
---|
177 | }
|
---|
178 | }
|
---|
179 | } else {
|
---|
180 | final String hostKey = "oauth.access-token.object." + accessToken.getOAuthType() + "." + host;
|
---|
181 | final String parametersKey = "oauth.access-token.parameters." + accessToken.getOAuthType() + "." + host;
|
---|
182 | Config.getPref().put(hostKey, accessToken.toPreferencesString());
|
---|
183 | Config.getPref().put(parametersKey, accessToken.getParameters().toPreferencesString());
|
---|
184 | Config.getPref().addSensitive(this, hostKey);
|
---|
185 | Config.getPref().addSensitive(this, parametersKey);
|
---|
186 | }
|
---|
187 | }
|
---|
188 |
|
---|
189 | @Override
|
---|
190 | public Component getPreferencesDecorationPanel() {
|
---|
191 | HtmlPanel pnlMessage = new HtmlPanel();
|
---|
192 | HTMLEditorKit kit = (HTMLEditorKit) pnlMessage.getEditorPane().getEditorKit();
|
---|
193 | kit.getStyleSheet().addRule(
|
---|
194 | ".warning-body {background-color:rgb(253,255,221);padding: 10pt; " +
|
---|
195 | "border-color:rgb(128,128,128);border-style: solid;border-width: 1px;}");
|
---|
196 | pnlMessage.setText(tr(
|
---|
197 | "<html><body>"
|
---|
198 | + "<p class=\"warning-body\">"
|
---|
199 | + "<strong>Note:</strong> The password is stored in plain text in the JOSM preferences file on your computer. "
|
---|
200 | + "</p>"
|
---|
201 | + "</body></html>"
|
---|
202 | )
|
---|
203 | );
|
---|
204 | return pnlMessage;
|
---|
205 | }
|
---|
206 |
|
---|
207 | @Override
|
---|
208 | public String getSaveUsernameAndPasswordCheckboxText() {
|
---|
209 | return tr("Save user and password (unencrypted)");
|
---|
210 | }
|
---|
211 | }
|
---|