View Javadoc

1   package com.atlassian.sal.trustedapps;
2   
3   import com.atlassian.plugin.StateAware;
4   import com.atlassian.sal.core.trusted.CertificateFactory;
5   import com.atlassian.security.auth.trustedapps.EncryptedCertificate;
6   import com.atlassian.security.auth.trustedapps.TrustedApplicationsManager;
7   
8   import org.osgi.framework.BundleContext;
9   import org.osgi.util.tracker.ServiceTracker;
10  import org.slf4j.Logger;
11  import org.slf4j.LoggerFactory;
12  
13  /**
14   * This factory has a weak classloading dependency on {@link com.atlassian.security.auth.trustedapps.TrustedApplicationsManager}
15   * through an OSGi ServiceTracker, hence the trusted apps plugin does not need to be installed for this class to work
16   * (it will simply throw an exception saying that trusted apps isn't supported).
17   */
18  public class TrustedAppsPluginCertificateFactory implements CertificateFactory, StateAware
19  {
20      private static final Logger log = LoggerFactory.getLogger(TrustedAppsPluginCertificateFactory.class);
21      private static final String TRUSTED_APPLICATIONS_MANAGER = "com.atlassian.security.auth.trustedapps.TrustedApplicationsManager";
22      private ServiceTracker serviceTracker;
23      private final BundleContext bundleContext;
24  
25      public TrustedAppsPluginCertificateFactory(BundleContext bundleContext)
26      {
27          this.bundleContext = bundleContext;
28          serviceTracker = new ServiceTracker(bundleContext, TRUSTED_APPLICATIONS_MANAGER, null);
29          serviceTracker.open();
30      }
31  
32      public EncryptedCertificate createCertificate(String username)
33      {
34          throw new UnsupportedOperationException("Not implemented. Since v2.10.9 Trusted Apps requires a url for its signature");
35      }
36  
37      public EncryptedCertificate createCertificate(String username, String url)
38      {
39          if (serviceTracker != null)
40          {
41              try
42              {
43                  TrustedApplicationsManager trustedApplicationsManager = (TrustedApplicationsManager) serviceTracker.getService();
44                  if (trustedApplicationsManager != null)
45                  {
46                      return trustedApplicationsManager.getCurrentApplication().encode(username, url);
47                  }
48              }
49              catch (NoClassDefFoundError ncdfe)
50              {
51                  // This probably won't happen, if trustedapps isn't installed then this method will return null,
52                  // so no cast will be attempted, so the class won't need to be loaded, and so this error won't be
53                  // thrown. Whether the class is loaded though may be platform dependent, I can't see anything in the
54                  // Java Language Specification that indicates what should happen, so for safety, we ignore this
55                  // exception here as it indicates that trusted apps is not installed.  It could also mean that the
56                  // class hasn't been wired appropriately, which the OSGi framework will warn us about anyway.
57              }
58              catch (ClassCastException cce)
59              {
60                  log.warn(
61                      "A TrustedApplicationsManager was found, but a ClassCastException was thrown when attempting to cast it. This is possible if TrustedApplicationsManager has been uninstalled and installed",
62                      cce);
63              }
64          }
65          throw new UnsupportedOperationException("Trusted apps support is not installed.");
66      }
67  
68      public void enabled()
69      {
70          if (serviceTracker == null)
71          {
72              serviceTracker = new ServiceTracker(bundleContext, TRUSTED_APPLICATIONS_MANAGER, null);
73              serviceTracker.open();
74          }
75      }
76  
77      public void disabled()
78      {
79          serviceTracker.close();
80          serviceTracker = null;
81      }
82  }