1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
|
package org.openslx.dozmod.gui.window;
import java.awt.Frame;
import java.awt.event.ActionEvent;
import java.awt.event.ActionListener;
import java.awt.event.ItemEvent;
import java.awt.event.ItemListener;
import java.awt.event.KeyEvent;
import java.awt.event.WindowAdapter;
import java.awt.event.WindowEvent;
import java.io.File;
import java.util.Iterator;
import java.util.List;
import javax.swing.AbstractAction;
import javax.swing.DefaultComboBoxModel;
import javax.swing.JComponent;
import javax.swing.JFrame;
import javax.swing.KeyStroke;
import javax.swing.SwingUtilities;
import org.apache.log4j.Logger;
import org.apache.thrift.TBaseHelper;
import org.apache.thrift.TException;
import org.openslx.bwlp.thrift.iface.Organization;
import org.openslx.bwlp.thrift.iface.Satellite;
import org.openslx.dozmod.App;
import org.openslx.dozmod.Config;
import org.openslx.dozmod.authentication.Authenticator;
import org.openslx.dozmod.authentication.Authenticator.AuthenticationData;
import org.openslx.dozmod.authentication.Authenticator.AuthenticatorCallback;
import org.openslx.dozmod.authentication.EcpAuthenticator;
import org.openslx.dozmod.authentication.FingerprintManager;
import org.openslx.dozmod.authentication.ShibbolethEcp.ReturnCode;
import org.openslx.dozmod.authentication.TestAccountAuthenticator;
import org.openslx.dozmod.gui.Gui;
import org.openslx.dozmod.gui.MainWindow;
import org.openslx.dozmod.gui.activity.UpdatePanel;
import org.openslx.dozmod.gui.helper.MessageType;
import org.openslx.dozmod.gui.helper.TextChangeListener;
import org.openslx.dozmod.gui.window.layout.LoginWindowLayout;
import org.openslx.dozmod.thrift.Session;
import org.openslx.dozmod.thrift.ThriftActions;
import org.openslx.dozmod.thrift.ThriftError;
import org.openslx.dozmod.thrift.cache.OrganizationCache;
import org.openslx.dozmod.util.DesktopEnvironment;
import org.openslx.dozmod.util.DesktopEnvironment.Link;
import org.openslx.util.QuickTimer;
import org.openslx.util.QuickTimer.Task;
import edu.kit.scc.dei.ecplean.ECPAuthenticationException;
/**
* @author Jonathan Bauer
*
*/
@SuppressWarnings("serial")
public class LoginWindow extends LoginWindowLayout {
private final static Logger LOGGER = Logger.getLogger(LoginWindow.class);
public static enum LoginType {
ECP(0),
TEST_ACCOUNT(1),
DIRECT_CONNECT(2);
public final int id;
private LoginType(final int id) {
this.id = id;
}
}
// authentication method to use for login attempts
protected LoginType loginType = null;
// text constants
private final String NO_USERNAME = "Kein Benutzername angegeben!";
private final String NO_PASSWORD = "Kein Passwort angegeben!";
private boolean forceCustomSatellite = false;
public LoginWindow(Frame modalParent) {
// call the constructor of the superclass
super(modalParent);
setDefaultCloseOperation(JFrame.DO_NOTHING_ON_CLOSE);
addWindowListener(new WindowAdapter() {
@Override
public void windowClosing(WindowEvent e) {
Gui.exit(0);
}
});
// first do all listeners stuff
for (final LoginType type : LoginType.values()) {
rdoLoginType[type.id].setActionCommand(type.toString());
rdoLoginType[type.id].addItemListener(new ItemListener() {
@Override
public void itemStateChanged(ItemEvent e) {
if (e.getStateChange() == ItemEvent.SELECTED) {
cboOrganization.setEnabled(cboOrganization.getModel().getSize() != 0 && type == LoginType.ECP);
loginType = type;
btnOpenRegistration.setEnabled(type == LoginType.ECP);
}
}
});
}
// check if we had saved an authentication method
String savedAuthMethod = Config.getAuthenticationMethod();
LoginType savedLoginType;
try {
savedLoginType = LoginType.valueOf(savedAuthMethod);
} catch (Exception e) {
// if no valid LOGIN_TYPE was saved, just enable the BWIDM button
savedLoginType = LoginType.ECP;
}
if (savedLoginType == LoginType.ECP) {
// disable login button til the idp list is here
enableLogin(false);
}
// While filling, disable
cboOrganization.setEnabled(false);
// Not yet implemented, disable
rdoLoginType[LoginType.DIRECT_CONNECT.id].setEnabled(false);
// enable the corresponding button
rdoLoginType[savedLoginType.id].setSelected(true);
loginType = savedLoginType;
QuickTimer.scheduleOnce(new Task() {
List<Organization> orgs = null;
@Override
public void fire() {
try {
// Wait for proxy server init
App.waitForInit();
orgs = OrganizationCache.getAll();
} catch (Exception e) {
LOGGER.error("Error during execution: ", e);
}
// filter out every organisation without ecp
Iterator<Organization> iterator = orgs.iterator();
while (iterator.hasNext()) {
Organization current = iterator.next();
if (current == null || !current.isSetEcpUrl() || current.getEcpUrl().isEmpty())
iterator.remove();
}
// now send the organisations back to the LoginWindow
// through populateIdpCombo()
Gui.asyncExec(new Runnable() {
@Override
public void run() {
populateIdpCombo(orgs);
enableLogin(true);
}
});
}
});
btnLogin.addActionListener(new ActionListener() {
@Override
public void actionPerformed(ActionEvent e) {
int mods = e.getModifiers();
// evaluate if SHIFT was hold during the click
forceCustomSatellite = ((mods & ActionEvent.SHIFT_MASK) == ActionEvent.SHIFT_MASK);
doLogin();
}
});
btnOpenRegistration.addActionListener(new ActionListener() {
@Override
public void actionPerformed(ActionEvent e) {
DesktopEnvironment.openWebpage(Link.REGISTER_BWIDM);
}
});
// make enter key activate login
pnlLoginForm.getInputMap(JComponent.WHEN_ANCESTOR_OF_FOCUSED_COMPONENT).put(
KeyStroke.getKeyStroke(KeyEvent.VK_ENTER, 0), "login");
pnlLoginForm.getActionMap().put("login", new AbstractAction() {
@Override
public void actionPerformed(ActionEvent ae) {
btnLogin.doClick();
}
});
btnSettings.addActionListener(new ActionListener() {
@Override
public void actionPerformed(ActionEvent e) {
ConfigWindow.open(LoginWindow.this);
}
});
btnLogDir.addActionListener(new ActionListener() {
@Override
public void actionPerformed(ActionEvent e) {
DesktopEnvironment.openLocal(new File(Config.getPath()));
}
});
btnUpdateCheck.addActionListener(new ActionListener() {
@Override
public void actionPerformed(ActionEvent e) {
CheckUpdateWindow.open(SwingUtilities.getWindowAncestor(btnUpdateCheck));
}
});
txtUsername.getDocument().addDocumentListener(new TextChangeListener() {
@Override
public void changed() {
if (cboOrganization.getSelectedIndex() != -1 || loginType != LoginType.ECP)
return;
String name = txtUsername.getText();
int at = name.indexOf('@');
if (at == -1)
return;
final int oldCursorPos = txtUsername.getCaretPosition();
String suffix = name.substring(at + 1);
Organization organization = OrganizationCache.find(suffix);
if (organization == null)
return;
final String nameOnly = name.substring(0, at);
cboOrganization.setSelectedItem(organization);
Gui.asyncExec(new Runnable() {
@Override
public void run() {
txtUsername.setText(nameOnly);
txtUsername.setCaretPosition(Math.min(oldCursorPos, nameOnly.length()));
}
});
}
});
}
/**
* Called by the thread fetching the organization list from the cache
*
* @param orgs list of organization to show in the combo box
*/
public void populateIdpCombo(List<Organization> orgs) {
// sanity checks on orgs
if (orgs == null) {
LOGGER.error("No organizations received from the cache.");
return;
}
cboOrganization.setModel(new DefaultComboBoxModel<Organization>(orgs.toArray(new Organization[orgs.size()])));
// now check if we had a saved identity provider
String savedOrganizationId = Config.getIdentityProvider();
cboOrganization.setSelectedItem(OrganizationCache.find(savedOrganizationId));
cboOrganization.setEnabled(cboOrganization.getModel().getSize() != 0 && loginType == LoginType.ECP);
}
/**
* Saves various user choices to the config file.
* This gets triggered when the login button is activated.
*/
private void doSaveConfig() {
// first we need to check if the "Remember me" button is active
if (chkSaveUsername.isSelected()) {
// save username
String username = txtUsername.getText();
if (!username.isEmpty()) {
Config.setUsername(username);
}
} else {
Config.setUsername("");
}
// always save the authentication method and potentially the identity provider
Config.setAuthenticationMethod(loginType.toString());
// save the selected identity provider
Organization selectedOrg = cboOrganization.getItemAt(cboOrganization.getSelectedIndex());
if (selectedOrg != null) {
Config.setIdentityProvider(selectedOrg.organizationId);
}
}
/**
* Actually do the login using the username/password in the field using the
* authentication mechanism corresponding to the selected authButton
*
* @throws ECPAuthenticationException
*/
private void doLogin() {
// sanity check on loginType.
if (loginType == null) {
Gui.showMessageBox(this, "Bitte wählen Sie eine Authentifizierungsart.", MessageType.ERROR,
LOGGER, null);
return;
}
if (loginType == LoginType.ECP && cboOrganization.getSelectedIndex() == -1) {
Gui.showMessageBox(this, "Bitte wählen Sie ihre Organisation als 'Identity Provider'.",
MessageType.ERROR, LOGGER, null);
cboOrganization.requestFocusInWindow();
return;
}
// here we only check for the fields
String username = txtUsername.getText();
final String password = String.copyValueOf(txtPassword.getPassword());
// login clicked, lets first read the fields
if (username.isEmpty()) {
Gui.showMessageBox(this, NO_USERNAME, MessageType.ERROR, LOGGER, null);
return;
}
if (password.isEmpty()) {
Gui.showMessageBox(this, NO_PASSWORD, MessageType.ERROR, LOGGER, null);
return;
}
// determine which organization was selected by the user.
Organization selectedOrg = cboOrganization.getItemAt(cboOrganization.getSelectedIndex());
// we are doing the login soon, first save the config
doSaveConfig();
// Setup login callback
final LoginWindow me = this;
final AuthenticatorCallback authenticatorCallback = new AuthenticatorCallback() {
@Override
public void postLogin(ReturnCode returnCode, final AuthenticationData data, Throwable t) {
switch (returnCode) {
case NO_ERROR:
Gui.asyncExec(new Runnable() {
@Override
public void run() {
postSuccessfulLogin(data);
}
});
return;
case IDENTITY_PROVIDER_ERROR:
Gui.showMessageBox(me, "IdP Error", MessageType.ERROR, LOGGER, null);
break;
case SERVICE_PROVIDER_ERROR:
// here if we have t != null then we have not received a token
// if we have t, then the token is invalid.
Gui.showMessageBox(me, "Invalid token from the service provider!", MessageType.ERROR,
LOGGER, t);
break;
case UNREGISTERED_ERROR:
LOGGER.error("User not registered!");
BwIdmLinkWindow.open((JFrame) SwingUtilities.getWindowAncestor(me));
break;
case INVALID_URL_ERROR:
Gui.showMessageBox(me, "ECP Authenticator says: Invalid URL.", MessageType.ERROR, LOGGER,
t);
break;
case GENERIC_ERROR:
default:
if (t == null || !t.getClass().equals(RuntimeException.class)) {
Gui.showMessageBox(me, "Internal error!", MessageType.ERROR, null, t);
} else {
Gui.showMessageBox(me, "Der Masterserver hat den Loginversuch mit der"
+ " folgenden Nachricht abgewiesen:\n\n"
+ t.getMessage(), MessageType.ERROR, null, null);
}
break;
}
enableLogin(true);
}
};
// now switch over the login types.
final Authenticator authenticator;
switch (loginType) {
case ECP:
authenticator = new EcpAuthenticator(selectedOrg.getEcpUrl());
break;
case TEST_ACCOUNT:
authenticator = new TestAccountAuthenticator();
break;
case DIRECT_CONNECT:
Gui.showMessageBox(this, "Not yet implemented", MessageType.ERROR, LOGGER, null);
return;
default:
Gui.showMessageBox(this, "No login type selected!", MessageType.ERROR, LOGGER, null);
return;
}
enableLogin(false);
final String finalUsername = username;
QuickTimer.scheduleOnce(new Task() {
@Override
public void fire() {
// Execute login
App.waitForInit();
try {
authenticator.login(finalUsername, password, authenticatorCallback);
return;
} catch (TException e) {
ThriftError.showMessage(LoginWindow.this, LOGGER, e, "Anmeldung fehlgeschlagen");
} catch (Exception e) {
Gui.showMessageBox(LoginWindow.this, "Anmeldung fehlgeschlagen", MessageType.ERROR,
LOGGER, e);
}
enableLogin(true);
}
});
}
/**
* Functions called by doLogin is the login process succeeded.
*
* @param data
*/
private void postSuccessfulLogin(AuthenticationData data) {
LOGGER.info(loginType.toString() + " succeeded, token " + data.satelliteToken);
// Update known suggested fingerprints
importFingerprints(data.satellites);
// now try to init the session with the data received
if (ThriftActions.initSession(data, forceCustomSatellite, SwingUtilities.getWindowAncestor(this))) {
if (chkSaveUsername.isSelected()) {
Config.saveCurrentSession(Session.getSatelliteAddress(), Session.getSatelliteToken(),
Session.getMasterToken());
}
dispose();
return;
}
enableLogin(true);
}
private void enableLogin(boolean enable) {
btnLogin.setEnabled(enable);
txtUsername.setEnabled(enable);
txtPassword.setEnabled(enable);
pnlLoginType.setEnabled(enable);
pnlLoginForm.setEnabled(enable);
chkSaveUsername.setEnabled(enable);
if (enable) {
// Do this here, otherwise the focus might not be set
String savedUsername = Config.getUsername();
if (savedUsername != null && !savedUsername.isEmpty()) {
txtUsername.setText(savedUsername);
chkSaveUsername.setSelected(true);
txtPassword.requestFocusInWindow();
} else {
txtUsername.requestFocusInWindow();
}
}
}
/**
* If master server supplies certificate finger prints for a satellite,
* store them so we can verify later.
*
* @param satellites
*/
private void importFingerprints(List<Satellite> satellites) {
if (satellites == null || satellites.isEmpty())
return;
for (Satellite sat : satellites) {
if (sat.addressList == null || sat.certSha256 == null || sat.addressList.isEmpty())
continue;
byte[] fingerprint = TBaseHelper.byteBufferToByteArray(sat.certSha256);
for (String address : sat.addressList) {
FingerprintManager.saveSuggestedFingerprint(address, fingerprint);
}
}
}
@SuppressWarnings("deprecation")
@Override
public void show() {
if (!isVisible()) {
pack();
MainWindow.centerShell(this);
}
super.show();
}
/**
* Opens the login window
*/
public static void open(Frame modalParent) {
LoginWindow win = new LoginWindow(modalParent);
win.setVisible(true);
}
}
|
