Java tutorial
/* * Copyright (C) 2010 Moduad Co., Ltd. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License along * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ package org.soxmpp.server.xmpp.handler; import gnu.inet.encoding.Stringprep; import gnu.inet.encoding.StringprepException; import org.dom4j.DocumentHelper; import org.dom4j.Element; import org.dom4j.QName; import org.soxmpp.server.xmpp.UnauthenticatedException; import org.soxmpp.server.xmpp.UnauthorizedException; import org.soxmpp.server.xmpp.auth.AuthManager; import org.soxmpp.server.xmpp.auth.AuthToken; import org.soxmpp.server.xmpp.session.ClientSession; import org.soxmpp.server.xmpp.session.Session; import org.xmpp.packet.IQ; import org.xmpp.packet.JID; import org.xmpp.packet.PacketError; /** * This class is to handle the TYPE_IQ jabber:iq:auth protocol. * * @author Sehwan Noh (devnoh@gmail.com) */ public class IQAuthHandler extends IQHandler { private static final String NAMESPACE = "jabber:iq:auth"; private Element probeResponse; /** * Constructor. */ public IQAuthHandler() { probeResponse = DocumentHelper.createElement(QName.get("query", NAMESPACE)); probeResponse.addElement("username"); if (AuthManager.isPlainSupported()) { probeResponse.addElement("password"); } if (AuthManager.isDigestSupported()) { probeResponse.addElement("digest"); } probeResponse.addElement("resource"); } /** * Returns the namespace of the handler. * * @return the namespace */ public String getNamespace() { return NAMESPACE; } /** * Handles the received IQ packet. * * @param packet the packet * @return the response to send back * @throws UnauthorizedException if the user is not authorized */ public IQ handleIQ(IQ packet) throws UnauthorizedException { IQ reply = null; ClientSession session = sessionManager.getSession(packet.getFrom()); if (session == null) { log.error("Session not found for key " + packet.getFrom()); reply = IQ.createResultIQ(packet); reply.setChildElement(packet.getChildElement().createCopy()); reply.setError(PacketError.Condition.internal_server_error); return reply; } try { Element iq = packet.getElement(); Element query = iq.element("query"); Element queryResponse = probeResponse.createCopy(); if (IQ.Type.get == packet.getType()) { // get query String username = query.elementText("username"); if (username != null) { queryResponse.element("username").setText(username); } reply = IQ.createResultIQ(packet); reply.setChildElement(queryResponse); if (session.getStatus() != Session.STATUS_AUTHENTICATED) { reply.setTo((JID) null); } } else { // set query String resource = query.elementText("resource"); String username = query.elementText("username"); String password = query.elementText("password"); String digest = null; if (query.element("digest") != null) { digest = query.elementText("digest").toLowerCase(); } // Verify the resource if (resource != null) { try { resource = JID.resourceprep(resource); } catch (StringprepException e) { throw new UnauthorizedException("Invalid resource: " + resource, e); } } else { throw new IllegalArgumentException("Invalid resource (empty or null)."); } // Verify the username if (username == null || username.trim().length() == 0) { throw new UnauthorizedException("Invalid username (empty or null)."); } try { Stringprep.nodeprep(username); } catch (StringprepException e) { throw new UnauthorizedException("Invalid username: " + username, e); } username = username.toLowerCase(); // Verify that username and password are correct AuthToken token = null; if (password != null && AuthManager.isPlainSupported()) { token = AuthManager.authenticate(username, password); } else if (digest != null && AuthManager.isDigestSupported()) { token = AuthManager.authenticate(username, session.getStreamID().toString(), digest); } if (token == null) { throw new UnauthenticatedException(); } // Set the session authenticated successfully session.setAuthToken(token, resource); packet.setFrom(session.getAddress()); reply = IQ.createResultIQ(packet); } } catch (Exception ex) { log.error(ex); reply = IQ.createResultIQ(packet); reply.setChildElement(packet.getChildElement().createCopy()); if (ex instanceof IllegalArgumentException) { reply.setError(PacketError.Condition.not_acceptable); } else if (ex instanceof UnauthorizedException) { reply.setError(PacketError.Condition.not_authorized); } else if (ex instanceof UnauthenticatedException) { reply.setError(PacketError.Condition.not_authorized); } else { reply.setError(PacketError.Condition.internal_server_error); } } // Send the response directly to the session if (reply != null) { session.process(reply); } return null; } }