View Javadoc

1   package com.atlassian.sal.trustedapps;
2   
3   import com.atlassian.plugin.StateAware;
4   import com.atlassian.sal.core.trusted.CertificateFactory;
5   import com.atlassian.security.auth.trustedapps.EncryptedCertificate;
6   import com.atlassian.security.auth.trustedapps.TrustedApplicationsManager;
7   import org.osgi.framework.BundleContext;
8   import org.osgi.util.tracker.ServiceTracker;
9   import org.slf4j.Logger;
10  import org.slf4j.LoggerFactory;
11  
12  /**
13   * This factory has a weak classloading dependency on {@link com.atlassian.security.auth.trustedapps.TrustedApplicationsManager}
14   * through an OSGi ServiceTracker, hence the trusted apps plugin does not need to be installed for this class to work
15   * (it will simply throw an exception saying that trusted apps isn't supported).
16   */
17  public class TrustedAppsPluginCertificateFactory implements CertificateFactory, StateAware {
18      private static final Logger log = LoggerFactory.getLogger(TrustedAppsPluginCertificateFactory.class);
19      private static final String TRUSTED_APPLICATIONS_MANAGER = "com.atlassian.security.auth.trustedapps.TrustedApplicationsManager";
20      private ServiceTracker serviceTracker;
21      private final BundleContext bundleContext;
22  
23      public TrustedAppsPluginCertificateFactory(BundleContext bundleContext) {
24          this.bundleContext = bundleContext;
25          serviceTracker = new ServiceTracker(bundleContext, TRUSTED_APPLICATIONS_MANAGER, null);
26          serviceTracker.open();
27      }
28  
29      public EncryptedCertificate createCertificate(String username) {
30          throw new UnsupportedOperationException("Not implemented. Since v2.10.9 Trusted Apps requires a url for its signature");
31      }
32  
33      public EncryptedCertificate createCertificate(String username, String url) {
34          if (serviceTracker != null) {
35              try {
36                  TrustedApplicationsManager trustedApplicationsManager = (TrustedApplicationsManager) serviceTracker.getService();
37                  if (trustedApplicationsManager != null) {
38                      return trustedApplicationsManager.getCurrentApplication().encode(username, url);
39                  }
40              } catch (NoClassDefFoundError ncdfe) {
41                  // This probably won't happen, if trustedapps isn't installed then this method will return null,
42                  // so no cast will be attempted, so the class won't need to be loaded, and so this error won't be
43                  // thrown. Whether the class is loaded though may be platform dependent, I can't see anything in the
44                  // Java Language Specification that indicates what should happen, so for safety, we ignore this
45                  // exception here as it indicates that trusted apps is not installed.  It could also mean that the
46                  // class hasn't been wired appropriately, which the OSGi framework will warn us about anyway.
47              } catch (ClassCastException cce) {
48                  log.warn(
49                          "A TrustedApplicationsManager was found, but a ClassCastException was thrown when attempting to cast it. This is possible if TrustedApplicationsManager has been uninstalled and installed",
50                          cce);
51              }
52          }
53          throw new UnsupportedOperationException("Trusted apps support is not installed.");
54      }
55  
56      public void enabled() {
57          if (serviceTracker == null) {
58              serviceTracker = new ServiceTracker(bundleContext, TRUSTED_APPLICATIONS_MANAGER, null);
59              serviceTracker.open();
60          }
61      }
62  
63      public void disabled() {
64          serviceTracker.close();
65          serviceTracker = null;
66      }
67  }