1 | // License: GPL. For details, see LICENSE file.
|
---|
2 | package org.openstreetmap.josm.io.auth;
|
---|
3 |
|
---|
4 | import static org.openstreetmap.josm.tools.I18n.tr;
|
---|
5 |
|
---|
6 | import java.awt.Component;
|
---|
7 | import java.net.Authenticator.RequestorType;
|
---|
8 | import java.net.PasswordAuthentication;
|
---|
9 | import java.util.HashSet;
|
---|
10 | import java.util.Objects;
|
---|
11 | import java.util.Set;
|
---|
12 |
|
---|
13 | import javax.swing.text.html.HTMLEditorKit;
|
---|
14 |
|
---|
15 | import org.openstreetmap.josm.data.oauth.IOAuthToken;
|
---|
16 | import org.openstreetmap.josm.data.oauth.OAuth20Exception;
|
---|
17 | import org.openstreetmap.josm.data.oauth.OAuth20Parameters;
|
---|
18 | import org.openstreetmap.josm.data.oauth.OAuth20Token;
|
---|
19 | import org.openstreetmap.josm.data.oauth.OAuthVersion;
|
---|
20 | import org.openstreetmap.josm.gui.widgets.HtmlPanel;
|
---|
21 | import org.openstreetmap.josm.io.DefaultProxySelector;
|
---|
22 | import org.openstreetmap.josm.io.OsmApi;
|
---|
23 | import org.openstreetmap.josm.spi.preferences.Config;
|
---|
24 | import org.openstreetmap.josm.tools.Utils;
|
---|
25 |
|
---|
26 | import jakarta.json.JsonException;
|
---|
27 |
|
---|
28 | /**
|
---|
29 | * This is the default credentials agent in JOSM. It keeps username and password for both
|
---|
30 | * the OSM API and an optional HTTP proxy in the JOSM preferences file.
|
---|
31 | * @since 2641
|
---|
32 | */
|
---|
33 | public class JosmPreferencesCredentialAgent extends AbstractCredentialsAgent {
|
---|
34 |
|
---|
35 | /**
|
---|
36 | * @see CredentialsAgent#lookup
|
---|
37 | */
|
---|
38 | @Override
|
---|
39 | public PasswordAuthentication lookup(RequestorType requestorType, String host) throws CredentialsAgentException {
|
---|
40 | if (requestorType == null)
|
---|
41 | return null;
|
---|
42 | String user;
|
---|
43 | String password;
|
---|
44 | switch (requestorType) {
|
---|
45 | case SERVER:
|
---|
46 | if (Objects.equals(OsmApi.getOsmApi().getHost(), host)) {
|
---|
47 | user = Config.getPref().get("osm-server.username", null);
|
---|
48 | password = Config.getPref().get("osm-server.password", null);
|
---|
49 | } else if (host != null) {
|
---|
50 | user = Config.getPref().get("server.username."+host, null);
|
---|
51 | password = Config.getPref().get("server.password."+host, null);
|
---|
52 | } else {
|
---|
53 | user = null;
|
---|
54 | password = null;
|
---|
55 | }
|
---|
56 | if (user == null)
|
---|
57 | return null;
|
---|
58 | return new PasswordAuthentication(user, password == null ? new char[0] : password.toCharArray());
|
---|
59 | case PROXY:
|
---|
60 | user = Config.getPref().get(DefaultProxySelector.PROXY_USER, null);
|
---|
61 | password = Config.getPref().get(DefaultProxySelector.PROXY_PASS, null);
|
---|
62 | if (user == null)
|
---|
63 | return null;
|
---|
64 | return new PasswordAuthentication(user, password == null ? new char[0] : password.toCharArray());
|
---|
65 | }
|
---|
66 | return null;
|
---|
67 | }
|
---|
68 |
|
---|
69 | /**
|
---|
70 | * @see CredentialsAgent#store
|
---|
71 | */
|
---|
72 | @Override
|
---|
73 | public void store(RequestorType requestorType, String host, PasswordAuthentication credentials) throws CredentialsAgentException {
|
---|
74 | if (requestorType == null)
|
---|
75 | return;
|
---|
76 | switch (requestorType) {
|
---|
77 | case SERVER:
|
---|
78 | if (Objects.equals(OsmApi.getOsmApi().getHost(), host)) {
|
---|
79 | Config.getPref().put("osm-server.username", credentials.getUserName());
|
---|
80 | if (credentials.getPassword().length == 0) { // PasswordAuthentication#getPassword cannot be null
|
---|
81 | Config.getPref().put("osm-server.password", null);
|
---|
82 | } else {
|
---|
83 | Config.getPref().put("osm-server.password", String.valueOf(credentials.getPassword()));
|
---|
84 | }
|
---|
85 | } else if (host != null) {
|
---|
86 | Config.getPref().put("server.username."+host, credentials.getUserName());
|
---|
87 | if (credentials.getPassword().length == 0) {
|
---|
88 | Config.getPref().put("server.password."+host, null);
|
---|
89 | } else {
|
---|
90 | Config.getPref().put("server.password."+host, String.valueOf(credentials.getPassword()));
|
---|
91 | }
|
---|
92 | }
|
---|
93 | break;
|
---|
94 | case PROXY:
|
---|
95 | Config.getPref().put(DefaultProxySelector.PROXY_USER, credentials.getUserName());
|
---|
96 | if (credentials.getPassword().length == 0) {
|
---|
97 | Config.getPref().put(DefaultProxySelector.PROXY_PASS, null);
|
---|
98 | } else {
|
---|
99 | Config.getPref().put(DefaultProxySelector.PROXY_PASS, String.valueOf(credentials.getPassword()));
|
---|
100 | }
|
---|
101 | break;
|
---|
102 | }
|
---|
103 | }
|
---|
104 |
|
---|
105 | @Override
|
---|
106 | public IOAuthToken lookupOAuthAccessToken(String host) throws CredentialsAgentException {
|
---|
107 | Set<String> keySet = new HashSet<>(Config.getPref().getKeySet());
|
---|
108 | keySet.addAll(Config.getPref().getSensitive()); // Just in case we decide to not return sensitive keys in getKeySet
|
---|
109 | for (OAuthVersion oauthType : OAuthVersion.values()) {
|
---|
110 | final String hostKey = "oauth.access-token.object." + oauthType + "." + host;
|
---|
111 | final String parametersKey = "oauth.access-token.parameters." + oauthType + "." + host;
|
---|
112 | if (!keySet.contains(hostKey) || !keySet.contains(parametersKey)) {
|
---|
113 | continue; // Avoid adding empty temporary entries to preferences
|
---|
114 | }
|
---|
115 | String token = Config.getPref().get(hostKey, null);
|
---|
116 | String parameters = Config.getPref().get(parametersKey, null);
|
---|
117 | if (!Utils.isBlank(token) && !Utils.isBlank(parameters) && OAuthVersion.OAuth20 == oauthType) {
|
---|
118 | try {
|
---|
119 | OAuth20Parameters oAuth20Parameters = new OAuth20Parameters(parameters);
|
---|
120 | return new OAuth20Token(oAuth20Parameters, token);
|
---|
121 | } catch (OAuth20Exception | JsonException e) {
|
---|
122 | throw new CredentialsAgentException(e);
|
---|
123 | }
|
---|
124 | }
|
---|
125 | }
|
---|
126 | return null;
|
---|
127 | }
|
---|
128 |
|
---|
129 | @Override
|
---|
130 | public void storeOAuthAccessToken(String host, IOAuthToken accessToken) throws CredentialsAgentException {
|
---|
131 | Objects.requireNonNull(host, "host");
|
---|
132 | if (accessToken == null) {
|
---|
133 | Set<String> keySet = new HashSet<>(Config.getPref().getKeySet());
|
---|
134 | keySet.addAll(Config.getPref().getSensitive()); // Just in case we decide to not return sensitive keys in getKeySet
|
---|
135 | // Assume we want to remove all access tokens
|
---|
136 | for (OAuthVersion oauthType : OAuthVersion.values()) {
|
---|
137 | final String hostKey = "oauth.access-token.parameters." + oauthType + "." + host;
|
---|
138 | final String parametersKey = "oauth.access-token.parameters." + oauthType + "." + host;
|
---|
139 | if (keySet.contains(hostKey)) {
|
---|
140 | Config.getPref().removeSensitive(hostKey);
|
---|
141 | }
|
---|
142 | if (keySet.contains(parametersKey)) {
|
---|
143 | Config.getPref().removeSensitive(parametersKey);
|
---|
144 | }
|
---|
145 | }
|
---|
146 | } else {
|
---|
147 | final String hostKey = "oauth.access-token.object." + accessToken.getOAuthType() + "." + host;
|
---|
148 | final String parametersKey = "oauth.access-token.parameters." + accessToken.getOAuthType() + "." + host;
|
---|
149 | Config.getPref().put(hostKey, accessToken.toPreferencesString());
|
---|
150 | Config.getPref().put(parametersKey, accessToken.getParameters().toPreferencesString());
|
---|
151 | Config.getPref().addSensitive(this, hostKey);
|
---|
152 | Config.getPref().addSensitive(this, parametersKey);
|
---|
153 | }
|
---|
154 | }
|
---|
155 |
|
---|
156 | @Override
|
---|
157 | public Component getPreferencesDecorationPanel() {
|
---|
158 | HtmlPanel pnlMessage = new HtmlPanel();
|
---|
159 | HTMLEditorKit kit = (HTMLEditorKit) pnlMessage.getEditorPane().getEditorKit();
|
---|
160 | kit.getStyleSheet().addRule(
|
---|
161 | ".warning-body {background-color:rgb(253,255,221);padding: 10pt; " +
|
---|
162 | "border-color:rgb(128,128,128);border-style: solid;border-width: 1px;}");
|
---|
163 | pnlMessage.setText(tr(
|
---|
164 | "<html><body>"
|
---|
165 | + "<p class=\"warning-body\">"
|
---|
166 | + "<strong>Note:</strong> The password is stored in plain text in the JOSM preferences file on your computer. "
|
---|
167 | + "</p>"
|
---|
168 | + "</body></html>"
|
---|
169 | )
|
---|
170 | );
|
---|
171 | return pnlMessage;
|
---|
172 | }
|
---|
173 |
|
---|
174 | @Override
|
---|
175 | public String getSaveUsernameAndPasswordCheckboxText() {
|
---|
176 | return tr("Save user and password (unencrypted)");
|
---|
177 | }
|
---|
178 | }
|
---|