View Javadoc
1   /*
2    * This file is part of Waarp Project (named also Waarp or GG).
3    *
4    *  Copyright (c) 2019, Waarp SAS, and individual contributors by the @author
5    *  tags. See the COPYRIGHT.txt in the distribution for a full listing of
6    * individual contributors.
7    *
8    *  All Waarp Project is free software: you can redistribute it and/or
9    * modify it under the terms of the GNU General Public License as published by
10   * the Free Software Foundation, either version 3 of the License, or (at your
11   * option) any later version.
12   *
13   * Waarp is distributed in the hope that it will be useful, but WITHOUT ANY
14   * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
15   * A PARTICULAR PURPOSE. See the GNU General Public License for more details.
16   *
17   *  You should have received a copy of the GNU General Public License along with
18   * Waarp . If not, see <http://www.gnu.org/licenses/>.
19   */
20  package org.waarp.ftp.simpleimpl.file;
21  
22  import org.waarp.common.command.NextCommandReply;
23  import org.waarp.common.command.ReplyCode;
24  import org.waarp.common.command.exception.Reply421Exception;
25  import org.waarp.common.command.exception.Reply502Exception;
26  import org.waarp.common.command.exception.Reply530Exception;
27  import org.waarp.common.file.DirInterface;
28  import org.waarp.common.logging.WaarpLogger;
29  import org.waarp.common.logging.WaarpLoggerFactory;
30  import org.waarp.ftp.core.command.FtpCommandCode;
31  import org.waarp.ftp.core.session.FtpSession;
32  import org.waarp.ftp.filesystembased.FilesystemBasedFtpAuth;
33  import org.waarp.ftp.simpleimpl.config.FileBasedConfiguration;
34  
35  import java.io.File;
36  
37  /**
38   * FtpAuth implementation based on a list of (user/password/account) stored in a
39   * xml file load at startup from
40   * configuration. Not to be used in production!
41   */
42  public class FileBasedAuth extends FilesystemBasedFtpAuth {
43    /**
44     * Internal Logger
45     */
46    private static final WaarpLogger logger =
47        WaarpLoggerFactory.getLogger(FileBasedAuth.class);
48  
49    /**
50     * Current authentication
51     */
52    private SimpleAuth currentAuth;
53  
54    /**
55     * @param session
56     */
57    public FileBasedAuth(final FtpSession session) {
58      super(session);
59    }
60  
61    @Override
62    protected final void businessClean() {
63      currentAuth = null;
64    }
65  
66    /**
67     * @param user the user to set
68     *
69     * @return (NOOP, 230) if the user is OK, else return the following command
70     *     that must follow (usually PASS) and
71     *     the associated reply
72     *
73     * @throws Reply421Exception if there is a problem during the
74     *     authentication
75     * @throws Reply530Exception if there is a problem during the
76     *     authentication
77     */
78    @Override
79    protected final NextCommandReply setBusinessUser(final String user)
80        throws Reply530Exception {
81      final SimpleAuth auth =
82          ((FileBasedConfiguration) ((FtpSession) getSession()).getConfiguration()).getSimpleAuth(
83              user);
84      if (auth == null) {
85        setIsIdentified(false);
86        currentAuth = null;
87        throw new Reply530Exception("User name not allowed");
88      }
89      currentAuth = auth;
90      // logger.debug("User: {}", user)
91      return new NextCommandReply(FtpCommandCode.PASS,
92                                  ReplyCode.REPLY_331_USER_NAME_OKAY_NEED_PASSWORD,
93                                  null);
94    }
95  
96    /**
97     * Set the password according to any implementation and could set the
98     * rootFromAuth. If NOOP is returned,
99     * isIdentifed must be TRUE. A special case is implemented for test user.
100    *
101    * @param password
102    *
103    * @return (NOOP, 230) if the Password is OK, else return the following
104    *     command that must follow (usually ACCT)
105    *     and the associated reply
106    *
107    * @throws Reply421Exception if there is a problem during the
108    *     authentication
109    * @throws Reply530Exception if there is a problem during the
110    *     authentication
111    */
112   @Override
113   protected final NextCommandReply setBusinessPassword(final String password)
114       throws Reply421Exception, Reply530Exception {
115     if (currentAuth == null) {
116       setIsIdentified(false);
117       throw new Reply530Exception("PASS needs a USER first");
118     }
119     if (currentAuth.isPasswordValid(password)) {
120       if ("test".equals(user)) {
121         // logger.debug("User test")
122         try {
123           return setAccount("test");
124         } catch (final Reply502Exception ignored) {
125           // nothing
126         }
127       }
128       return new NextCommandReply(FtpCommandCode.ACCT,
129                                   ReplyCode.REPLY_332_NEED_ACCOUNT_FOR_LOGIN,
130                                   null);
131     }
132     throw new Reply530Exception("Password is not valid");
133   }
134 
135   /**
136    * Set the account according to any implementation and could set the
137    * rootFromAuth. If NOOP is returned,
138    * isIdentifed must be TRUE.
139    *
140    * @param account
141    *
142    * @return (NOOP, 230) if the Account is OK, else return the following
143    *     command
144    *     that must follow and the
145    *     associated reply
146    *
147    * @throws Reply421Exception if there is a problem during the
148    *     authentication
149    * @throws Reply530Exception if there is a problem during the
150    *     authentication
151    */
152   @Override
153   protected final NextCommandReply setBusinessAccount(final String account)
154       throws Reply530Exception {
155     if (currentAuth == null) {
156       throw new Reply530Exception("ACCT needs a USER first");
157     }
158     if (currentAuth.isAccountValid(account)) {
159       // logger.debug("Account: {}", account)
160       setIsIdentified(true);
161       logger.info("User {} is authentified with account {}", user, account);
162       return new NextCommandReply(FtpCommandCode.NOOP,
163                                   ReplyCode.REPLY_230_USER_LOGGED_IN, null);
164     }
165     throw new Reply530Exception("Account is not valid");
166   }
167 
168   @Override
169   public final boolean isBusinessPathValid(final String newPath) {
170     if (newPath == null) {
171       return false;
172     }
173     return newPath.startsWith(getBusinessPath());
174   }
175 
176   @Override
177   protected final String setBusinessRootFromAuth() throws Reply421Exception {
178     final String path;
179     if (account == null) {
180       path = DirInterface.SEPARATOR + user;
181     } else {
182       path = DirInterface.SEPARATOR + user + DirInterface.SEPARATOR + account;
183     }
184     final String fullpath = getAbsolutePath(path);
185     final File file = new File(fullpath);
186     if (!file.isDirectory()) {
187       throw new Reply421Exception("Filesystem not ready");
188     }
189     return path;
190   }
191 
192   @Override
193   public final boolean isAdmin() {
194     return currentAuth.isAdmin();
195   }
196 }