/**
* Detects the current-user-principal for a given WebDavResource. At first, /.well-known/ is
* tried. Only if no current-user-principal can be detected for the .well-known location, the
* given location of the resource is tried.
*
* @param serverInfo Location that will be queried
* @param serviceName Well-known service name ("carddav", "caldav")
* @return WebDavResource of current-user-principal for the given service, or null if it can't be
* found
* <p>TODO: If a TXT record is given, always use it instead of trying .well-known first
*/
WebDavResource getCurrentUserPrincipal(ServerInfo serverInfo, String serviceName)
throws URISyntaxException, IOException, NotAuthorizedException {
URI initialURL = getInitialContextURL(serverInfo, serviceName);
if (initialURL != null) {
Log.i(
TAG,
"Looking up principal URL for service "
+ serviceName
+ "; initial context: "
+ initialURL);
// determine base URL (host name and initial context path)
WebDavResource base =
new WebDavResource(
httpClient,
initialURL,
serverInfo.getUserName(),
serverInfo.getPassword(),
serverInfo.isAuthPreemptive());
// look for well-known service (RFC 5785)
try {
WebDavResource wellKnown = new WebDavResource(base, "/.well-known/" + serviceName);
wellKnown.propfind(Mode.CURRENT_USER_PRINCIPAL);
if (wellKnown.getProperties().getCurrentUserPrincipal() != null) {
URI principal = wellKnown.getProperties().getCurrentUserPrincipal();
Log.i(TAG, "Principal URL found from Well-Known URI: " + principal);
return new WebDavResource(wellKnown, principal);
}
} catch (NotAuthorizedException e) {
Log.w(TAG, "Not authorized for well-known " + serviceName + " service detection", e);
throw e;
} catch (URISyntaxException e) {
Log.e(
TAG,
"Well-known" + serviceName + " service detection failed because of invalid URIs",
e);
} catch (HttpException e) {
Log.d(TAG, "Well-known " + serviceName + " service detection failed with HTTP error", e);
} catch (DavException e) {
Log.w(
TAG,
"Well-known " + serviceName + " service detection failed with unexpected DAV response",
e);
} catch (IOException e) {
Log.e(TAG, "Well-known " + serviceName + " service detection failed with I/O error", e);
}
// fall back to user-given initial context path
Log.d(TAG, "Well-known service detection failed, trying initial context path " + initialURL);
try {
base.propfind(Mode.CURRENT_USER_PRINCIPAL);
if (base.getProperties().getCurrentUserPrincipal() != null) {
URI principal = base.getProperties().getCurrentUserPrincipal();
Log.i(TAG, "Principal URL found from initial context path: " + principal);
return new WebDavResource(base, principal);
}
} catch (NotAuthorizedException e) {
Log.e(TAG, "Not authorized for querying principal", e);
throw e;
} catch (HttpException e) {
Log.e(TAG, "HTTP error when querying principal", e);
} catch (DavException e) {
Log.e(TAG, "DAV error when querying principal", e);
}
Log.i(
TAG,
"Couldn't find current-user-principal for service "
+ serviceName
+ ", assuming initial context path is principal path");
return base;
}
return null;
}
/**
* This will not reuse any session, it will create the session and close it at the end
*
* @param commandInfo Encapsulated information about command. E.g :- executable name parameters
* etc ...
* @param serverInfo The SSHing server information.
* @param authenticationInfo Security data needs to be communicated with remote server.
* @param commandOutput The output of the command.
* @param configReader configuration required for ssh/gshissh connection
* @throws SSHApiException throw exception when error occurs
*/
public static void executeCommand(
CommandInfo commandInfo,
ServerInfo serverInfo,
AuthenticationInfo authenticationInfo,
CommandOutput commandOutput,
ConfigReader configReader)
throws SSHApiException {
if (authenticationInfo instanceof GSIAuthenticationInfo) {
System.setProperty(
X509_CERT_DIR,
(String)
((GSIAuthenticationInfo) authenticationInfo).getProperties().get("X509_CERT_DIR"));
}
JSch jsch = new ExtendedJSch();
log.debug(
"Connecting to server - "
+ serverInfo.getHost()
+ ":"
+ serverInfo.getPort()
+ " with user name - "
+ serverInfo.getUserName());
Session session;
try {
session =
jsch.getSession(serverInfo.getUserName(), serverInfo.getHost(), serverInfo.getPort());
} catch (JSchException e) {
throw new SSHApiException(
"An exception occurred while creating SSH session."
+ "Connecting server - "
+ serverInfo.getHost()
+ ":"
+ serverInfo.getPort()
+ " connecting user name - "
+ serverInfo.getUserName(),
e);
}
java.util.Properties config = configReader.getProperties();
session.setConfig(config);
// =============================================================
// Handling vanilla SSH pieces
// =============================================================
if (authenticationInfo instanceof SSHPasswordAuthentication) {
String password =
((SSHPasswordAuthentication) authenticationInfo)
.getPassword(serverInfo.getUserName(), serverInfo.getHost());
session.setUserInfo(new SSHAPIUIKeyboardInteractive(password));
// TODO figure out why we need to set password to session
session.setPassword(password);
} else if (authenticationInfo instanceof SSHPublicKeyFileAuthentication) {
SSHPublicKeyFileAuthentication sshPublicKeyFileAuthentication =
(SSHPublicKeyFileAuthentication) authenticationInfo;
String privateKeyFile =
sshPublicKeyFileAuthentication.getPrivateKeyFile(
serverInfo.getUserName(), serverInfo.getHost());
logDebug("The private key file for vanilla SSH " + privateKeyFile);
String publicKeyFile =
sshPublicKeyFileAuthentication.getPrivateKeyFile(
serverInfo.getUserName(), serverInfo.getHost());
logDebug("The public key file for vanilla SSH " + publicKeyFile);
Identity identityFile;
try {
identityFile = GSISSHIdentityFile.newInstance(privateKeyFile, null, jsch);
} catch (JSchException e) {
throw new SSHApiException(
"An exception occurred while initializing keys using files. "
+ "(private key and public key)."
+ "Connecting server - "
+ serverInfo.getHost()
+ ":"
+ serverInfo.getPort()
+ " connecting user name - "
+ serverInfo.getUserName()
+ " private key file - "
+ privateKeyFile
+ ", public key file - "
+ publicKeyFile,
e);
}
// Add identity to identity repository
GSISSHIdentityRepository identityRepository = new GSISSHIdentityRepository(jsch);
identityRepository.add(identityFile);
// Set repository to session
session.setIdentityRepository(identityRepository);
// Set the user info
SSHKeyPasswordHandler sshKeyPasswordHandler =
new SSHKeyPasswordHandler((SSHKeyAuthentication) authenticationInfo);
session.setUserInfo(sshKeyPasswordHandler);
} else if (authenticationInfo instanceof SSHPublicKeyAuthentication) {
SSHPublicKeyAuthentication sshPublicKeyAuthentication =
(SSHPublicKeyAuthentication) authenticationInfo;
Identity identityFile;
try {
String name = serverInfo.getUserName() + "_" + serverInfo.getHost();
identityFile =
GSISSHIdentityFile.newInstance(
name,
sshPublicKeyAuthentication.getPrivateKey(
serverInfo.getUserName(), serverInfo.getHost()),
sshPublicKeyAuthentication.getPublicKey(
serverInfo.getUserName(), serverInfo.getHost()),
jsch);
} catch (JSchException e) {
throw new SSHApiException(
"An exception occurred while initializing keys using byte arrays. "
+ "(private key and public key)."
+ "Connecting server - "
+ serverInfo.getHost()
+ ":"
+ serverInfo.getPort()
+ " connecting user name - "
+ serverInfo.getUserName(),
e);
}
// Add identity to identity repository
GSISSHIdentityRepository identityRepository = new GSISSHIdentityRepository(jsch);
identityRepository.add(identityFile);
// Set repository to session
session.setIdentityRepository(identityRepository);
// Set the user info
SSHKeyPasswordHandler sshKeyPasswordHandler =
new SSHKeyPasswordHandler((SSHKeyAuthentication) authenticationInfo);
session.setUserInfo(sshKeyPasswordHandler);
}
// Not a good way, but we dont have any choice
if (session instanceof ExtendedSession) {
if (authenticationInfo instanceof GSIAuthenticationInfo) {
((ExtendedSession) session)
.setAuthenticationInfo((GSIAuthenticationInfo) authenticationInfo);
}
}
try {
session.connect();
} catch (JSchException e) {
throw new SSHApiException(
"An exception occurred while connecting to server."
+ "Connecting server - "
+ serverInfo.getHost()
+ ":"
+ serverInfo.getPort()
+ " connecting user name - "
+ serverInfo.getUserName(),
e);
}
String command = commandInfo.getCommand();
Channel channel;
try {
channel = session.openChannel("exec");
((ChannelExec) channel).setCommand(command);
} catch (JSchException e) {
session.disconnect();
throw new SSHApiException(
"Unable to execute command - "
+ command
+ " on server - "
+ serverInfo.getHost()
+ ":"
+ serverInfo.getPort()
+ " connecting user name - "
+ serverInfo.getUserName(),
e);
}
channel.setInputStream(null);
((ChannelExec) channel).setErrStream(commandOutput.getStandardError());
try {
channel.connect();
} catch (JSchException e) {
channel.disconnect();
session.disconnect();
throw new SSHApiException(
"Unable to retrieve command output. Command - "
+ command
+ " on server - "
+ serverInfo.getHost()
+ ":"
+ serverInfo.getPort()
+ " connecting user name - "
+ serverInfo.getUserName(),
e);
}
commandOutput.onOutput(channel);
channel.disconnect();
session.disconnect();
}
