From cbf820ffdc7c888b2130d6c14e179522ee6246b2 Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Fri, 26 Sep 2014 11:23:17 -0400
Subject: [PATCH] Merged #190 "Extract authenticate method from CachingPublicKeyAuthenticator"

---
 src/main/java/com/gitblit/transport/ssh/SshDaemon.java           |    7 ++++---
 src/main/java/com/gitblit/transport/ssh/SshKeyAuthenticator.java |   41 +++--------------------------------------
 2 files changed, 7 insertions(+), 41 deletions(-)

diff --git a/src/main/java/com/gitblit/transport/ssh/SshDaemon.java b/src/main/java/com/gitblit/transport/ssh/SshDaemon.java
index 261daa6..d0b7490 100644
--- a/src/main/java/com/gitblit/transport/ssh/SshDaemon.java
+++ b/src/main/java/com/gitblit/transport/ssh/SshDaemon.java
@@ -31,6 +31,7 @@
 import org.apache.sshd.common.io.nio2.Nio2ServiceFactoryFactory;
 import org.apache.sshd.common.keyprovider.FileKeyPairProvider;
 import org.apache.sshd.common.util.SecurityUtils;
+import org.apache.sshd.server.auth.CachingPublicKeyAuthenticator;
 import org.bouncycastle.openssl.PEMWriter;
 import org.eclipse.jgit.internal.JGitText;
 import org.slf4j.Logger;
@@ -95,8 +96,8 @@
 		hostKeyPairProvider.setFiles(new String [] { rsaKeyStore.getPath(), dsaKeyStore.getPath(), dsaKeyStore.getPath() });
 
 		// Client public key authenticator
-		CachingPublicKeyAuthenticator keyAuthenticator =
-				new CachingPublicKeyAuthenticator(gitblit.getPublicKeyManager(), gitblit);
+		SshKeyAuthenticator keyAuthenticator =
+				new SshKeyAuthenticator(gitblit.getPublicKeyManager(), gitblit);
 
 		// Configure the preferred SSHD backend
 		String sshBackendStr = settings.getString(Keys.git.sshBackend,
@@ -122,7 +123,7 @@
 		sshd.setPort(addr.getPort());
 		sshd.setHost(addr.getHostName());
 		sshd.setKeyPairProvider(hostKeyPairProvider);
-		sshd.setPublickeyAuthenticator(keyAuthenticator);
+		sshd.setPublickeyAuthenticator(new CachingPublicKeyAuthenticator(keyAuthenticator));
 		sshd.setPasswordAuthenticator(new UsernamePasswordAuthenticator(gitblit));
 		sshd.setSessionFactory(new SshServerSessionFactory());
 		sshd.setFileSystemFactory(new DisabledFilesystemFactory());
diff --git a/src/main/java/com/gitblit/transport/ssh/CachingPublicKeyAuthenticator.java b/src/main/java/com/gitblit/transport/ssh/SshKeyAuthenticator.java
similarity index 63%
rename from src/main/java/com/gitblit/transport/ssh/CachingPublicKeyAuthenticator.java
rename to src/main/java/com/gitblit/transport/ssh/SshKeyAuthenticator.java
index e804a0d..c28a2ed 100644
--- a/src/main/java/com/gitblit/transport/ssh/CachingPublicKeyAuthenticator.java
+++ b/src/main/java/com/gitblit/transport/ssh/SshKeyAuthenticator.java
@@ -16,14 +16,9 @@
 package com.gitblit.transport.ssh;
 
 import java.security.PublicKey;
-import java.util.HashMap;
 import java.util.List;
 import java.util.Locale;
-import java.util.Map;
-import java.util.concurrent.ConcurrentHashMap;
 
-import org.apache.sshd.common.Session;
-import org.apache.sshd.common.SessionListener;
 import org.apache.sshd.server.PublickeyAuthenticator;
 import org.apache.sshd.server.session.ServerSession;
 import org.slf4j.Logger;
@@ -37,7 +32,7 @@
  * Authenticates an SSH session against a public key.
  *
  */
-public class CachingPublicKeyAuthenticator implements PublickeyAuthenticator, SessionListener {
+public class SshKeyAuthenticator implements PublickeyAuthenticator {
 
 	protected final Logger log = LoggerFactory.getLogger(getClass());
 
@@ -45,30 +40,13 @@
 
 	protected final IAuthenticationManager authManager;
 
-	private final Map<ServerSession, Map<PublicKey, Boolean>> cache = new ConcurrentHashMap<ServerSession, Map<PublicKey, Boolean>>();
-
-	public CachingPublicKeyAuthenticator(IPublicKeyManager keyManager, IAuthenticationManager authManager) {
+	public SshKeyAuthenticator(IPublicKeyManager keyManager, IAuthenticationManager authManager) {
 		this.keyManager = keyManager;
 		this.authManager = authManager;
 	}
 
 	@Override
-	public boolean authenticate(String username, PublicKey key, ServerSession session) {
-		Map<PublicKey, Boolean> map = cache.get(session);
-		if (map == null) {
-			map = new HashMap<PublicKey, Boolean>();
-			cache.put(session, map);
-			session.addListener(this);
-		}
-		if (map.containsKey(key)) {
-			return map.get(key);
-		}
-		boolean result = doAuthenticate(username, key, session);
-		map.put(key, result);
-		return result;
-	}
-
-	private boolean doAuthenticate(String username, PublicKey suppliedKey, ServerSession session) {
+	public boolean authenticate(String username, PublicKey suppliedKey, ServerSession session) {
 		SshDaemonClient client = session.getAttribute(SshDaemonClient.KEY);
 		Preconditions.checkState(client.getUser() == null);
 		username = username.toLowerCase(Locale.US);
@@ -95,18 +73,5 @@
 
 		log.warn("could not authenticate {} for SSH using the supplied public key", username);
 		return false;
-	}
-
-	@Override
-	public void sessionCreated(Session session) {
-	}
-
-	@Override
-	public void sessionEvent(Session sesssion, Event event) {
-	}
-
-	@Override
-	public void sessionClosed(Session session) {
-		cache.remove(session);
 	}
 }

--
Gitblit v1.9.1