Package com.atlassian.bamboo.buildqueue.manager

Interface RemoteAgentAuthenticationManager

  • All Known Implementing Classes:
    RemoteAgentAuthenticationManagerImpl
    @Internal
public interface RemoteAgentAuthenticationManager

    Manages remote agent authentication.

    This manager keeps track of two types of authentication requests: the ones pending approval (not approved) and the ones already approved. ONLY approved authentications are stored persistently.

    Authentications are uniquely identified by their UUID, meaning there can never be two approved authentications with the same UUID, or two authentications pending approval with the same UUID. This also means that if an authentication gets approved with UUID associated with some other previously approved authentication, the latter will be replaced with the newly approved authentication.

    IP of approved (persisted) authentications can be updated. Wildcard characters (*,?) can be used to match authentications.

    Since:
    3.4

    • Method Detail

      • setRemoteAgentAuthenticationEnabled

        void setRemoteAgentAuthenticationEnabled​(boolean isAuthenticationEnabled)
                                  throws Exception
        Sets the remote agent authentication to globally enabled/disabled.
        Parameters:
        isAuthenticationEnabled - true if remote agent authentication should be enabled, false otherwise.
        Throws:
        Exception - on any error

      • isRemoteAgentAuthenticationEnabled

        boolean isRemoteAgentAuthenticationEnabled()
        Checks whether the remote agent authentication is currently enabled.
        Returns:
        true, if remote agent authentication is enabled, false otherwise

      • getAllAuthentications

        @NotNull
@NotNull Iterable<RemoteAgentAuthentication> getAllAuthentications()

        Get all agent authentications known to this Bamboo server.

        The list is sorted first by the authentication status (unapproved first), then by IP address.

        Returns:
        all agent authentications

      • getAuthentications

        @NotNull
@NotNull Iterable<RemoteAgentAuthentication> getAuthentications​(com.google.common.base.Predicate<RemoteAgentAuthentication> filter)
        Get authentication filtered by given filter.
        Parameters:
        filter - predicate to filter authentications
        Returns:
        list of authentications matching the filter

      • getAuthentication

        @Nullable
@Nullable RemoteAgentAuthentication getAuthentication​(UUID uuid,
                                                      String ip)

        Get remote agent authentication matching the IP and UUID. If not found, null will be returned.

        The returned authentication (if found) will have UUID matching the uuid parameter and IP address either equal to ip parameter or a wildcard mask that matches the ip parameter. Persisted (approved) authentications will be queried in preference to the authentications pending approval.

        Parameters:
        uuid - UUID
        ip - IP address
        Returns:
        remote agent authentication matching the request, or null

      • getAuthentication

        @Nullable
@Nullable RemoteAgentAuthentication getAuthentication​(UUID uuid)

        Get first remote agent authentication matching the IP and UUID. If not found, null will be returned.

        The returned authentication (if found) will have UUID matching the uuid parameter. Persisted (approved) authentications will be queried in preference to the authentications pending approval.

        Parameters:
        uuid - UUID
        Returns:
        remote agent authentication with matching UUID, or null

      • getOrCreatePendingAuthentication

        @NotNull
@NotNull org.apache.commons.lang3.tuple.Pair<RemoteAgentAuthentication,​Boolean> getOrCreatePendingAuthentication​(@NotNull
                                                                                                                       @NotNull UUID uuid,
                                                                                                                       @NotNull
                                                                                                                       @NotNull String ip,
                                                                                                                       @Nullable
                                                                                                                       @Nullable Long agentId,
                                                                                                                       boolean agentIdValidationEnabled)

        Create a new pending authentication for given IP address and UUID. Or return an existing (approved or not approved) authentication.

        If an approved authentication matching given IP and UUID already exists, it will be returned.

        If a pending authentication with given UUID exists, it will be replaced by the new authentication with given uuid and ip.

        Parameters:
        uuid - UUID
        ip - IP address
        Returns:
        new authentication pending approval, or an existing approved authentication. The boolean flag that will be true if an existing authentication (pending or approved) with the same UUID and matching IP was found, and false otherwise (meaning new authentication created)
        Throws:
        NullPointerException - if any of the required arguments is null
        See Also:
        RemoteAgentAuthentications.matching(java.util.UUID, String)

      • approveAuthentications

        void approveAuthentications​(@NotNull
                            @NotNull Iterable<RemoteAgentAuthentication> authentications)

        Approve all authentications from the list.

        For each authentication in the list this method will:

        • remove any pending authentication with matching UUID
        • if an approved authentication with matching UUID already exists, it's IP address will be persistently updated to the new authentication's IP address value
        • if no approved authentication exists, a new approved authentication with given UUID and IP will be persisted
        Parameters:
        authentications - authentications to approve

      • revokeAgentAuthentications

        void revokeAgentAuthentications​(@NotNull
                                @NotNull Iterable<RemoteAgentAuthentication> authentications)

        Revoke approval for given agent authentications.

        Not approved authentications will be silently skipped.

        Parameters:
        authentications - authentications to disapprove

      • updateIp

        void updateIp​(@NotNull
              @NotNull UUID uuid,
              @NotNull
              @NotNull String newIp)

        Update IP of an approved authentication with given uuid.

        If no corresponding authentication is found, no action will be taken.

        Parameters:
        uuid - UUID of an approved authentication to update
        newIp - new IP address of the authentication

      • isAuthenticatedAgentIp

        @Deprecated
boolean isAuthenticatedAgentIp​(@NotNull
                               @NotNull String ip)
        Deprecated.
        since 9.4.0
        Returns true if the given IP address matches one of the already authenticated remote agent IP patterns. Note that this method will also work for proxy IP addresses. Usage of isAuthenticatedAgentIp(InetAddress) is preferred over this method.

      • isAuthenticatedAgentIp

        @Deprecated
boolean isAuthenticatedAgentIp​(@NotNull
                               @NotNull InetAddress inetAddress)
        Deprecated.
        since 9.4.0
        Returns true if the given IP address matches one of the already authenticated remote agent IP patterns. Note that this method will also work for proxy IP addresses.