From c7d492742233c73d4594e5ff3b3b448809d93209 Mon Sep 17 00:00:00 2001 From: ulrich Date: Thu, 03 Jun 2021 17:21:34 +0000 Subject: [PATCH] Readme hinzugefuegt, Kommentare ergaenzt --- src/de/uhilger/httpserver/auth/ApiAuthenticator.java | 2 src/de/uhilger/httpserver/auth/handler/ApiLoginHandler.java | 2 src/de/uhilger/httpserver/auth/realm/Realm.java | 34 ++--------- src/de/uhilger/httpserver/auth/session/AuthenticatedSession.java | 2 src/de/uhilger/httpserver/auth/handler/LoginHandler.java | 2 src/de/uhilger/httpserver/auth/realm/SimpleRealm.java | 36 ++++++++---- src/de/uhilger/httpserver/auth/realm/User.java | 33 ---------- src/de/uhilger/httpserver/auth/session/SessionManager.java | 12 +-- README.md | 7 ++ src/de/uhilger/httpserver/auth/FormAuthenticator.java | 2 src/de/uhilger/httpserver/auth/session/SweepThread.java | 2 src/de/uhilger/httpserver/auth/TokenAuthenticator.java | 2 src/de/uhilger/httpserver/auth/session/Session.java | 2 src/de/uhilger/httpserver/auth/session/Sessions.java | 2 src/de/uhilger/httpserver/auth/realm/Encoder.java | 18 +++++- src/de/uhilger/httpserver/auth/handler/LogoutHandler.java | 2 src/de/uhilger/httpserver/auth/session/LoginSession.java | 2 src/de/uhilger/httpserver/auth/handler/FormLoginHandler.java | 2 18 files changed, 70 insertions(+), 94 deletions(-) diff --git a/README.md b/README.md new file mode 100644 index 0000000..24fecd8 --- /dev/null +++ b/README.md @@ -0,0 +1,7 @@ +# http-auth + +Eine Klassenbibliothek mit Erweiterungen zur Authentifizierung für die Package `jdk.httpserver`. + +## Lizenz + +Veröffentlicht unter den Bedingungen der [GNU Affero General Public License](http://www.gnu.org/licenses/agpl-3.0) diff --git a/src/de/uhilger/httpserver/auth/ApiAuthenticator.java b/src/de/uhilger/httpserver/auth/ApiAuthenticator.java index 55f729b..b3258e1 100644 --- a/src/de/uhilger/httpserver/auth/ApiAuthenticator.java +++ b/src/de/uhilger/httpserver/auth/ApiAuthenticator.java @@ -1,5 +1,5 @@ /* - jwtTest - JSON Web Token Testimplementierung + http-auth - Authentication Extensions to jdk.httpserver Copyright (C) 2021 Ulrich Hilger This program is free software: you can redistribute it and/or modify diff --git a/src/de/uhilger/httpserver/auth/FormAuthenticator.java b/src/de/uhilger/httpserver/auth/FormAuthenticator.java index 17c6b39..91589b3 100644 --- a/src/de/uhilger/httpserver/auth/FormAuthenticator.java +++ b/src/de/uhilger/httpserver/auth/FormAuthenticator.java @@ -1,5 +1,5 @@ /* - jwtTest - JSON Web Token Testimplementierung + http-auth - Authentication Extensions to jdk.httpserver Copyright (C) 2021 Ulrich Hilger This program is free software: you can redistribute it and/or modify diff --git a/src/de/uhilger/httpserver/auth/TokenAuthenticator.java b/src/de/uhilger/httpserver/auth/TokenAuthenticator.java index 0d9d12f..699c4bc 100644 --- a/src/de/uhilger/httpserver/auth/TokenAuthenticator.java +++ b/src/de/uhilger/httpserver/auth/TokenAuthenticator.java @@ -1,5 +1,5 @@ /* - jwtTest - JSON Web Token Testimplementierung + http-auth - Authentication Extensions to jdk.httpserver Copyright (C) 2021 Ulrich Hilger This program is free software: you can redistribute it and/or modify diff --git a/src/de/uhilger/httpserver/auth/handler/ApiLoginHandler.java b/src/de/uhilger/httpserver/auth/handler/ApiLoginHandler.java index ebfbb71..3d59e91 100644 --- a/src/de/uhilger/httpserver/auth/handler/ApiLoginHandler.java +++ b/src/de/uhilger/httpserver/auth/handler/ApiLoginHandler.java @@ -1,5 +1,5 @@ /* - jwtTest - JSON Web Token Testimplementierung + http-auth - Authentication Extensions to jdk.httpserver Copyright (C) 2021 Ulrich Hilger This program is free software: you can redistribute it and/or modify diff --git a/src/de/uhilger/httpserver/auth/handler/FormLoginHandler.java b/src/de/uhilger/httpserver/auth/handler/FormLoginHandler.java index 5008ee6..461babd 100644 --- a/src/de/uhilger/httpserver/auth/handler/FormLoginHandler.java +++ b/src/de/uhilger/httpserver/auth/handler/FormLoginHandler.java @@ -1,5 +1,5 @@ /* - jwtTest - JSON Web Token Testimplementierung + http-auth - Authentication Extensions to jdk.httpserver Copyright (C) 2021 Ulrich Hilger This program is free software: you can redistribute it and/or modify diff --git a/src/de/uhilger/httpserver/auth/handler/LoginHandler.java b/src/de/uhilger/httpserver/auth/handler/LoginHandler.java index 2ba726a..e4f4771 100644 --- a/src/de/uhilger/httpserver/auth/handler/LoginHandler.java +++ b/src/de/uhilger/httpserver/auth/handler/LoginHandler.java @@ -1,5 +1,5 @@ /* - jwtTest - JSON Web Token Testimplementierung + http-auth - Authentication Extensions to jdk.httpserver Copyright (C) 2021 Ulrich Hilger This program is free software: you can redistribute it and/or modify diff --git a/src/de/uhilger/httpserver/auth/handler/LogoutHandler.java b/src/de/uhilger/httpserver/auth/handler/LogoutHandler.java index 34f6c6f..54e77a0 100644 --- a/src/de/uhilger/httpserver/auth/handler/LogoutHandler.java +++ b/src/de/uhilger/httpserver/auth/handler/LogoutHandler.java @@ -1,5 +1,5 @@ /* - jwtTest - JSON Web Token Testimplementierung + http-auth - Authentication Extensions to jdk.httpserver Copyright (C) 2021 Ulrich Hilger This program is free software: you can redistribute it and/or modify diff --git a/src/de/uhilger/httpserver/auth/realm/Encoder.java b/src/de/uhilger/httpserver/auth/realm/Encoder.java index 4f4efaa..0ef7891 100644 --- a/src/de/uhilger/httpserver/auth/realm/Encoder.java +++ b/src/de/uhilger/httpserver/auth/realm/Encoder.java @@ -1,7 +1,19 @@ /* - * To change this license header, choose License Headers in Project Properties. - * To change this template file, choose Tools | Templates - * and open the template in the editor. + http-auth - Authentication Extensions to jdk.httpserver + Copyright (C) 2021 Ulrich Hilger + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU Affero General Public License as + published by the Free Software Foundation, either version 3 of the + License, or (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU Affero General Public License for more details. + + You should have received a copy of the GNU Affero General Public License + along with this program. If not, see <https://www.gnu.org/licenses/>. */ package de.uhilger.httpserver.auth.realm; diff --git a/src/de/uhilger/httpserver/auth/realm/Realm.java b/src/de/uhilger/httpserver/auth/realm/Realm.java index 3a9e37e..ffc1183 100644 --- a/src/de/uhilger/httpserver/auth/realm/Realm.java +++ b/src/de/uhilger/httpserver/auth/realm/Realm.java @@ -1,5 +1,5 @@ /* - jwtTest - JSON Web Token Testimplementierung + http-auth - Authentication Extensions to jdk.httpserver Copyright (C) 2021 Ulrich Hilger This program is free software: you can redistribute it and/or modify @@ -19,34 +19,14 @@ /** * A Realm is a "database" of usernames and passwords that identify valid - * users of an application (or a set of applications), plus an enumeration - * of the list of roles associated with each valid user. + * users of an application (or a set of applications), plus a list of roles + * associated with each valid user. * * You can think of roles as similar to groups in Unix-like operating systems, * because access to specific web application resources is granted to all * users possessing a particular role (rather than enumerating the list of * associated usernames). A particular user can have any number of roles * associated with their username. - * - * - * - * - * Die Klasse Realm liefert Angaben zu Benutzern, die zu deren - * Authentifizierung benoetigt werden. - * - * Ein Benutzer Authentisiert sich gegenueber einem System z.B. mit - * seiner Benutzerkennung und einem Kennwort. - * - * Das System vergleicht die Authentisierungsangaben den Benutzers mit - * Angaben, die fuer diesen Benutzer im System hinterlegt wurden. Stimmen die - * Angaben ueberein, gibt das System eine Bestaetigung aus, die den Benutzer - * authentifiziert. - * - * Diese Authentifizierungsbestaetigung dient zur Ausfuehrung - * von Transaktionen, die nur von bestimmten Benutzern durchgefuehrt - * werden duerfen. Anhand der Authentifizierungsbestaetigung kann das System - * bei jeder Anfrage pruefen, ob der Benutzer, von dem die Anfrage kommt, der - * Benutzer ist, der er vorgibt zu sein. * * @author Ulrich Hilger * @version 1, 22.05.2021 @@ -56,16 +36,16 @@ /** * Uberpruefen, ob die Benutzerkennung und das Kennwort gueltig sind. * - * @param user der Benutzer - * @param kennwort das Kennwort des Benutzers + * @param userId der Benutzer + * @param password das Kennwort des Benutzers * @return true, wenn die Angaben stimmen, false wenn nicht */ - public boolean isValid(String userId, String kennwort); + public boolean isValid(String userId, String password); /** * Pruefen, ob ein Benutzer eine Rolle hat * - * @param user der Benutzer + * @param userId der Benutzer * @param roleId die Kennung der Rolle * @return true, wenn der Benutzer die Rolle hat, false wenn nicht */ diff --git a/src/de/uhilger/httpserver/auth/realm/SimpleRealm.java b/src/de/uhilger/httpserver/auth/realm/SimpleRealm.java index 5fc21bc..b371958 100644 --- a/src/de/uhilger/httpserver/auth/realm/SimpleRealm.java +++ b/src/de/uhilger/httpserver/auth/realm/SimpleRealm.java @@ -1,7 +1,19 @@ /* - * To change this license header, choose License Headers in Project Properties. - * To change this template file, choose Tools | Templates - * and open the template in the editor. + http-auth - Authentication Extensions to jdk.httpserver + Copyright (C) 2021 Ulrich Hilger + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU Affero General Public License as + published by the Free Software Foundation, either version 3 of the + License, or (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU Affero General Public License for more details. + + You should have received a copy of the GNU Affero General Public License + along with this program. If not, see <https://www.gnu.org/licenses/>. */ package de.uhilger.httpserver.auth.realm; @@ -9,23 +21,24 @@ import java.io.File; import java.io.FileReader; import java.io.IOException; -import java.security.InvalidKeyException; import java.security.NoSuchAlgorithmException; -import java.security.spec.InvalidKeySpecException; import java.util.ArrayList; import java.util.HashMap; import java.util.List; import java.util.Map; import java.util.logging.Level; import java.util.logging.Logger; -import javax.crypto.BadPaddingException; -import javax.crypto.IllegalBlockSizeException; -import javax.crypto.NoSuchPaddingException; /** - * + * Eine einfache Implementierung der Schnittstelle Realm, die + * Benutzerinformationen aus einer Datei liest. Die Datei ist dabei + * wie folgt aufgebaut. + * * test=test,testRolle * ulrich=ulrich,testRolle,andereRolle + * + * Der erste Eintrag nach dem Gleichheitszeichen ist das Passwort, die restlichen + * Eintrage sind Rollen. * * @author Ulrich Hilger * @version 1, 03.06.2021 @@ -34,14 +47,13 @@ private static final Logger logger = Logger.getLogger(SimpleRealm.class.getName()); - public static final String LIST_INDICATOR = "="; public static final String ROLE_SEPARATOR = ","; public static final String COMMENT_INDICATOR = "#"; private String name; - private Map<String, User> users; - private Map<String, List> userRoles; + private final Map<String, User> users; + private final Map<String, List> userRoles; public SimpleRealm() { users = new HashMap<>(); diff --git a/src/de/uhilger/httpserver/auth/realm/User.java b/src/de/uhilger/httpserver/auth/realm/User.java index c5a4cd4..4a973e4 100644 --- a/src/de/uhilger/httpserver/auth/realm/User.java +++ b/src/de/uhilger/httpserver/auth/realm/User.java @@ -1,5 +1,5 @@ /* - jwtTest - JSON Web Token Testimplementierung + http-auth - Authentication Extensions to jdk.httpserver Copyright (C) 2021 Ulrich Hilger This program is free software: you can redistribute it and/or modify @@ -25,27 +25,7 @@ public class User { private String name; private String password; - //private String hash; - //private List<String> roles; - public User() { - //this.roles = new ArrayList(); - } - - /* - public void addRole(String role) { - roles.add(role); - } - - public void revokeRole(String role) { - roles.remove(role); - } - - public boolean hasRole(String role) { - return roles.contains(role); - } - */ - public String getName() { return name; } @@ -63,17 +43,6 @@ this.password = password; } - - /* - public void setHash(String hash) { - this.hash = hash; - } - - public String getHash() { - return hash; - } - */ - @Override public int hashCode() { return this.getName().hashCode(); diff --git a/src/de/uhilger/httpserver/auth/session/AuthenticatedSession.java b/src/de/uhilger/httpserver/auth/session/AuthenticatedSession.java index dcf309e..314b24b 100644 --- a/src/de/uhilger/httpserver/auth/session/AuthenticatedSession.java +++ b/src/de/uhilger/httpserver/auth/session/AuthenticatedSession.java @@ -1,5 +1,5 @@ /* - jwtTest - JSON Web Token Testimplementierung + http-auth - Authentication Extensions to jdk.httpserver Copyright (C) 2021 Ulrich Hilger This program is free software: you can redistribute it and/or modify diff --git a/src/de/uhilger/httpserver/auth/session/LoginSession.java b/src/de/uhilger/httpserver/auth/session/LoginSession.java index dccf5e9..e4e79f1 100644 --- a/src/de/uhilger/httpserver/auth/session/LoginSession.java +++ b/src/de/uhilger/httpserver/auth/session/LoginSession.java @@ -1,5 +1,5 @@ /* - jwtTest - JSON Web Token Testimplementierung + http-auth - Authentication Extensions to jdk.httpserver Copyright (C) 2021 Ulrich Hilger This program is free software: you can redistribute it and/or modify diff --git a/src/de/uhilger/httpserver/auth/session/Session.java b/src/de/uhilger/httpserver/auth/session/Session.java index f4cbbe8..f1fa090 100644 --- a/src/de/uhilger/httpserver/auth/session/Session.java +++ b/src/de/uhilger/httpserver/auth/session/Session.java @@ -1,5 +1,5 @@ /* - jwtTest - JSON Web Token Testimplementierung + http-auth - Authentication Extensions to jdk.httpserver Copyright (C) 2021 Ulrich Hilger This program is free software: you can redistribute it and/or modify diff --git a/src/de/uhilger/httpserver/auth/session/SessionManager.java b/src/de/uhilger/httpserver/auth/session/SessionManager.java index c7c0a66..acadb4a 100644 --- a/src/de/uhilger/httpserver/auth/session/SessionManager.java +++ b/src/de/uhilger/httpserver/auth/session/SessionManager.java @@ -1,5 +1,5 @@ /* - jwtTest - JSON Web Token Testimplementierung + http-auth - Authentication Extensions to jdk.httpserver Copyright (C) 2021 Ulrich Hilger This program is free software: you can redistribute it and/or modify @@ -16,9 +16,9 @@ along with this program. If not, see <https://www.gnu.org/licenses/>. */ package de.uhilger.httpserver.auth.session; - + import java.util.Iterator; - + /** * * @author Ulrich Hilger @@ -36,8 +36,4 @@ public Iterator sessions(); - //public void tempSessionEntfernen(String sessionId); - - //public Iterator tempSessions(); - -} +} \ No newline at end of file diff --git a/src/de/uhilger/httpserver/auth/session/Sessions.java b/src/de/uhilger/httpserver/auth/session/Sessions.java index 25f5973..63eb4e1 100644 --- a/src/de/uhilger/httpserver/auth/session/Sessions.java +++ b/src/de/uhilger/httpserver/auth/session/Sessions.java @@ -1,5 +1,5 @@ /* - jwtTest - JSON Web Token Testimplementierung + http-auth - Authentication Extensions to jdk.httpserver Copyright (C) 2021 Ulrich Hilger This program is free software: you can redistribute it and/or modify diff --git a/src/de/uhilger/httpserver/auth/session/SweepThread.java b/src/de/uhilger/httpserver/auth/session/SweepThread.java index b3aabd5..b3f3fe4 100644 --- a/src/de/uhilger/httpserver/auth/session/SweepThread.java +++ b/src/de/uhilger/httpserver/auth/session/SweepThread.java @@ -1,5 +1,5 @@ /* - jwtTest - JSON Web Token Testimplementierung + http-auth - Authentication Extensions to jdk.httpserver Copyright (C) 2021 Ulrich Hilger This program is free software: you can redistribute it and/or modify -- Gitblit v1.9.3