public FormValidation doValidate(
@QueryParameter String username,
@QueryParameter String apiKey,
@QueryParameter boolean disableStatusColumn,
@QueryParameter boolean reuseSauceAuth) {
try {
SauceOnDemandAuthentication credential =
reuseSauceAuth
? new SauceOnDemandAuthentication()
: new SauceOnDemandAuthentication(
username, Secret.toString(Secret.fromString(apiKey)));
// we aren't interested in the results of the REST API call - just the fact that we executed
// without an error is enough to verify the connection
if (reuseSauceAuth
&& StringUtils.isBlank(credential.getUsername())
&& StringUtils.isBlank(credential.getAccessKey())) {
return FormValidation.error("Unable to find ~/.sauce-ondemand file");
} else {
String response =
new SauceREST(credential.getUsername(), credential.getAccessKey())
.retrieveResults("tunnels");
if (response != null && !response.equals("")) {
return FormValidation.ok("Success");
} else {
return FormValidation.error("Failed to connect to Sauce OnDemand");
}
}
} catch (Exception e) {
return FormValidation.error(e, "Failed to connect to Sauce OnDemand");
}
}
public ActiveDirectoryUnixAuthenticationProvider(ActiveDirectorySecurityRealm realm) {
if (realm.domain == null)
throw new IllegalArgumentException(
"Active Directory domain name is required but it is not set");
this.domainNames = realm.domain.split(",");
this.site = realm.site;
this.bindName = realm.bindName;
this.server = realm.server;
this.bindPassword = Secret.toString(realm.bindPassword);
this.descriptor = realm.getDescriptor();
}
private TestflightUploader.UploadRequest createPartialUploadRequest(
TestflightTeam team, EnvVars vars, AbstractBuild<?, ?> build) {
TestflightUploader.UploadRequest ur = new TestflightUploader.UploadRequest();
TokenPair tokenPair = getTokenPair(team.getTokenPairName());
ur.filePaths = vars.expand(StringUtils.trim(team.getFilePath()));
ur.dsymPath = vars.expand(StringUtils.trim(team.getDsymPath()));
ur.apiToken = vars.expand(Secret.toString(tokenPair.getApiToken()));
ur.buildNotes = createBuildNotes(vars.expand(buildNotes), build.getChangeSet());
ur.lists = vars.expand(lists);
ur.notifyTeam = notifyTeam;
ProxyConfiguration proxy = getProxy();
ur.proxyHost = proxy.name;
ur.proxyPass = proxy.getPassword();
ur.proxyPort = proxy.port;
ur.proxyUser = proxy.getUserName();
ur.replace = replace;
ur.teamToken = vars.expand(Secret.toString(tokenPair.getTeamToken()));
ur.debug = debug;
return ur;
}
public static AWSCredentialsProvider createCredentialsProvider(
final boolean useInstanceProfileForCredentials,
final String accessId,
final Secret secretKey) {
if (useInstanceProfileForCredentials) {
return new InstanceProfileCredentialsProvider();
}
BasicAWSCredentials credentials = new BasicAWSCredentials(accessId, Secret.toString(secretKey));
return new StaticCredentialsProvider(credentials);
}
private static Session createSession(
String smtpHost,
String smtpPort,
boolean useSsl,
String smtpAuthUserName,
Secret smtpAuthPassword) {
smtpPort = fixEmptyAndTrim(smtpPort);
smtpAuthUserName = fixEmptyAndTrim(smtpAuthUserName);
Properties props = new Properties(System.getProperties());
if (fixEmptyAndTrim(smtpHost) != null) props.put("mail.smtp.host", smtpHost);
if (smtpPort != null) {
props.put("mail.smtp.port", smtpPort);
}
if (useSsl) {
/* This allows the user to override settings by setting system properties but
* also allows us to use the default SMTPs port of 465 if no port is already set.
* It would be cleaner to use smtps, but that's done by calling session.getTransport()...
* and thats done in mail sender, and it would be a bit of a hack to get it all to
* coordinate, and we can make it work through setting mail.smtp properties.
*/
if (props.getProperty("mail.smtp.socketFactory.port") == null) {
String port = smtpPort == null ? "465" : smtpPort;
props.put("mail.smtp.port", port);
props.put("mail.smtp.socketFactory.port", port);
}
if (props.getProperty("mail.smtp.socketFactory.class") == null) {
props.put("mail.smtp.socketFactory.class", "javax.net.ssl.SSLSocketFactory");
}
props.put("mail.smtp.socketFactory.fallback", "false");
}
if (smtpAuthUserName != null) props.put("mail.smtp.auth", "true");
// avoid hang by setting some timeout.
props.put("mail.smtp.timeout", "60000");
props.put("mail.smtp.connectiontimeout", "60000");
return Session.getInstance(
props, getAuthenticator(smtpAuthUserName, Secret.toString(smtpAuthPassword)));
}
/**
* Returns the HTTP POST request ready to be sent to the Stash build API for the given build and
* change set.
*
* @param stashBuildNotificationEntity a entity containing the parameters for Stash
* @param commitSha1 the SHA1 of the commit that was built
* @return the HTTP POST request to the Stash build API
*/
private HttpPost createRequest(
final HttpEntity stashBuildNotificationEntity, final String commitSha1) {
String url = stashServerBaseUrl;
String username = stashUserName;
String pwd = Secret.toString(stashUserPassword);
DescriptorImpl descriptor = getDescriptor();
if ("".equals(url) || url == null) url = descriptor.getStashRootUrl();
if ("".equals(username) || username == null) username = descriptor.getStashUser();
if ("".equals(pwd) || pwd == null) pwd = descriptor.getStashPassword().getPlainText();
HttpPost req = new HttpPost(url + "/rest/build-status/1.0/commits/" + commitSha1);
req.addHeader(
BasicScheme.authenticate(new UsernamePasswordCredentials(username, pwd), "UTF-8", false));
req.addHeader("Content-type", "application/json");
req.setEntity(stashBuildNotificationEntity);
return req;
}
public String getValue() {
return value != null ? Secret.toString(value) : null;
}
@Override
public void buildEnvVars(AbstractBuild<?, ?> build, Map<String, String> env) {
env.put(name.toUpperCase(), value != null ? Secret.toString(value) : null);
}
@Override
public String getGerritHttpPassword() {
return Secret.toString(gerritHttpPassword);
}
@Override
public String getGerritAuthKeyFilePassword() {
return Secret.toString(gerritAuthKeyFilePassword);
}
private JIDefaultAuthInfoImpl createAuth() {
String[] tokens = userName.split("\\\\");
if (tokens.length == 2)
return new JIDefaultAuthInfoImpl(tokens[0], tokens[1], Secret.toString(password));
return new JIDefaultAuthInfoImpl("", userName, Secret.toString(password));
}
@Override
public SSHLauncher launch(String host, TaskListener listener)
throws IOException, InterruptedException {
return new SSHLauncher(
host, port, username, Secret.toString(password), privatekey, jvmOptions, javaPath);
}
public FormValidation doValidate(
@QueryParameter(fixEmpty = true) String domain,
@QueryParameter(fixEmpty = true) String site,
@QueryParameter(fixEmpty = true) String bindName,
@QueryParameter(fixEmpty = true) String bindPassword,
@QueryParameter(fixEmpty = true) String server)
throws IOException, ServletException, NamingException {
ClassLoader ccl = Thread.currentThread().getContextClassLoader();
Thread.currentThread().setContextClassLoader(getClass().getClassLoader());
try {
Functions.checkPermission(Hudson.ADMINISTER);
String n = Util.fixEmptyAndTrim(domain);
if (n == null) { // no value given yet
return FormValidation.error("No domain name set");
}
Secret password = Secret.fromString(bindPassword);
if (bindName != null && password == null)
return FormValidation.error("DN is specified but not password");
String[] names = n.split(",");
for (String name : names) {
if (!name.endsWith(".")) name += '.';
DirContext ictx;
// first test the sanity of the domain name itself
try {
LOGGER.fine("Attempting to resolve " + name + " to NS record");
ictx = createDNSLookupContext();
Attributes attributes = ictx.getAttributes(name, new String[] {"NS"});
Attribute ns = attributes.get("NS");
if (ns == null) {
LOGGER.fine("Attempting to resolve " + name + " to A record");
attributes = ictx.getAttributes(name, new String[] {"A"});
Attribute a = attributes.get("A");
if (a == null) throw new NamingException(name + " doesn't look like a domain name");
}
LOGGER.log(Level.FINE, "{0} resolved to {1}", new Object[] {name, ns});
} catch (NamingException e) {
LOGGER.log(Level.WARNING, "Failed to resolve " + name + " to A record", e);
return FormValidation.error(e, name + " doesn't look like a valid domain name");
}
// then look for the LDAP server
List<SocketInfo> servers;
try {
servers = obtainLDAPServer(ictx, name, site, server);
} catch (NamingException e) {
String msg =
site == null
? "No LDAP server was found in " + name
: "No LDAP server was found in the " + site + " site of " + name;
LOGGER.log(Level.WARNING, msg, e);
return FormValidation.error(e, msg);
}
if (bindName != null) {
// make sure the bind actually works
try {
DirContext context = bind(bindName, Secret.toString(password), servers);
try {
// actually do a search to make sure the credential is valid
new LDAPSearchBuilder(context, toDC(domain)).searchOne("(objectClass=user)");
} finally {
context.close();
}
} catch (BadCredentialsException e) {
return FormValidation.error(e, "Bad bind username or password");
} catch (javax.naming.AuthenticationException e) {
return FormValidation.error(e, "Bad bind username or password");
} catch (Exception e) {
return FormValidation.error(e, e.getMessage());
}
} else {
// just some connection test
// try to connect to LDAP port to make sure this machine has LDAP service
IOException error = null;
for (SocketInfo si : servers) {
try {
si.connect().close();
break; // looks good
} catch (IOException e) {
LOGGER.log(Level.FINE, "Failed to connect to " + si, e);
error = e;
// try the next server in the list
}
}
if (error != null) {
LOGGER.log(Level.WARNING, "Failed to connect to " + servers, error);
return FormValidation.error(error, "Failed to connect to " + servers);
}
}
}
// looks good
return FormValidation.ok("Success");
} finally {
Thread.currentThread().setContextClassLoader(ccl);
}
}
public String getSmtpAuthPassword() {
if (smtpAuthPassword == null) return null;
return Secret.toString(smtpAuthPassword);
}