Attachment #129973 for bug #224586

This Bugzilla instance is a read-only archive of historic NetBeans bug reports. To report a bug in NetBeans please follow the project's instructions for reporting issues.

View | Details | Raw Unified | Return to bug 224586
Collapse All | Expand All




package org.netbeans.modules.hudson.api;

import java.awt.EventQueue;
import java.io.ByteArrayOutputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.io.InterruptedIOException;
import java.io.OutputStream;
import java.net.HttpRetryException;

import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.LinkedHashMap;

import org.openide.util.Lookup;
import org.openide.util.NbBundle.Messages;
import static org.netbeans.modules.hudson.api.Bundle.*;
import org.openide.filesystems.FileUtil;
import org.openide.util.RequestProcessor;
import org.openide.xml.XMLUtil;
import org.w3c.dom.Document;

     */
    private static final Map</*URL*/String,String[]> COOKIES = new HashMap<String,String[]>();

    private static final Map</*URL*/String,/*[field,crumb]*/String[]> crumbs = Collections.synchronizedMap(new HashMap<String,String[]>()); // #193008

    private URL home;
    private URL url;
    private final Map<String,String> requestHeaders = new LinkedHashMap<String,String>();

                        conn.setRequestProperty("Cookie", cookieBare); // NOI18N
                    }
                }
                String[] fieldCrumb = crumbs.get(home.toString());
                if (fieldCrumb != null) {
                    conn.setRequestProperty(fieldCrumb[0], fieldCrumb[1]);
                }
            }
            if (postData != null) {
                conn.setDoOutput(true);

                                if (retry != null) {
                                    LOG.log(Level.FINER, "Retrying after auth from {0}", authenticator);
                                    conn = retry;
                                    try { // check for CSRF before continuing
                                        InputStream is = new ConnectionBuilder().url(new URL(home, "crumbIssuer/api/xml?xpath=concat(//crumbRequestField,'=',//crumb)")).homeURL(home).connection().getInputStream();
                                        try {
                                            ByteArrayOutputStream baos = new ByteArrayOutputStream();
                                            FileUtil.copy(is, baos);
                                            String crumb = baos.toString("UTF-8");
                                            String[] crumbA = crumb.split("=", 2);
                                            if (crumbA.length == 2 && crumbA[0].indexOf('\n') == -1) {
                                                LOG.log(Level.FINER, "Received crumb: {0}", crumb);
                                                crumbs.put(home.toString(), crumbA);
                                            } else {
                                                LOG.log(Level.WARNING, "Bad crumb response: {0}", crumb);
                                            }
                                        } finally {
                                            is.close();
                                        }
                                    } catch (FileNotFoundException x) {
                                        LOG.finer("not using crumbs");
                                    }
                                    continue RETRY;
                                }
                            }





package org.netbeans.modules.hudson.impl;

import java.io.ByteArrayOutputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.net.URLConnection;
import java.net.URLEncoder;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.netbeans.modules.hudson.api.ConnectionBuilder;
import org.netbeans.modules.hudson.spi.PasswordAuthorizer;
import org.netbeans.modules.hudson.spi.ConnectionAuthenticator;
import org.openide.filesystems.FileUtil;
import org.openide.util.Lookup;
import org.openide.util.lookup.ServiceProvider;



    private static final Logger LOGGER = Logger.getLogger(ServletConnectionAuthenticator.class.getName());

    public @Override void prepareRequest(URLConnection conn, URL home) {}

    public @Override void prepareRequest(URLConnection conn, URL home) {
        String[] fieldCrumb = crumbs.get(home.toString());
        if (fieldCrumb != null) {
           conn.setRequestProperty(fieldCrumb[0], fieldCrumb[1]);
        }
    }

    public @Override URLConnection forbidden(URLConnection conn, URL home) {
        for (PasswordAuthorizer aa : Lookup.getDefault().lookupAll(PasswordAuthorizer.class)) {

                                URLEncoder.encode(auth[1], "UTF-8")).getBytes("UTF-8")). // NOI18N
                                homeURL(home).authentication(false).connection();
                        LOGGER.log(Level.FINER, "Posted authentication to {0} worked", realmURI);
                        try {
                            InputStream is = new ConnectionBuilder().url(new URL(home, "crumbIssuer/api/xml?xpath=concat(//crumbRequestField,'=',//crumb)")).homeURL(home).connection().getInputStream();
                            try {
                                ByteArrayOutputStream baos = new ByteArrayOutputStream();
                                FileUtil.copy(is, baos);
                                String crumb = baos.toString("UTF-8");
                                String[] crumbA = crumb.split("=", 2);
                                if (crumbA.length == 2 && crumbA[0].indexOf('\n') == -1) {
                                    LOGGER.log(Level.FINER, "Received crumb: {0}", crumb);
                                    crumbs.put(home.toString(), crumbA);
                                } else {
                                    LOGGER.log(Level.WARNING, "Bad crumb response: {0}", crumb);
                                }
                            } finally {
                                is.close();
                            }
                        } catch (FileNotFoundException x) {
                            LOGGER.finer("not using crumbs");
                        }
                        return conn.getURL().openConnection();
                    } catch (IOException x) {
                        LOGGER.log(Level.FINE, null, x);

Return to bug 224586

Lines 43-50 Link Here

(-)a/hudson/src/org/netbeans/modules/hudson/api/ConnectionBuilder.java (+29 lines)
43	package org.netbeans.modules.hudson.api;	43	package org.netbeans.modules.hudson.api;
44		44
45	import java.awt.EventQueue;	45	import java.awt.EventQueue;
		46	import java.io.ByteArrayOutputStream;
46	import java.io.FileNotFoundException;	47	import java.io.FileNotFoundException;
47	import java.io.IOException;	48	import java.io.IOException;
		49	import java.io.InputStream;
48	import java.io.InterruptedIOException;	50	import java.io.InterruptedIOException;
49	import java.io.OutputStream;	51	import java.io.OutputStream;
50	import java.net.HttpRetryException;	52	import java.net.HttpRetryException;
Lines 55-60 Link Here
55	import java.security.SecureRandom;	57	import java.security.SecureRandom;
56	import java.security.cert.CertificateException;	58	import java.security.cert.CertificateException;
57	import java.security.cert.X509Certificate;	59	import java.security.cert.X509Certificate;
		60	import java.util.Collections;
58	import java.util.HashMap;	61	import java.util.HashMap;
59	import java.util.HashSet;	62	import java.util.HashSet;
60	import java.util.LinkedHashMap;	63	import java.util.LinkedHashMap;
Lines 75-80 Link Here
75	import org.openide.util.Lookup;	78	import org.openide.util.Lookup;
76	import org.openide.util.NbBundle.Messages;	79	import org.openide.util.NbBundle.Messages;
77	import static org.netbeans.modules.hudson.api.Bundle.*;	80	import static org.netbeans.modules.hudson.api.Bundle.*;
		81	import org.openide.filesystems.FileUtil;
78	import org.openide.util.RequestProcessor;	82	import org.openide.util.RequestProcessor;
79	import org.openide.xml.XMLUtil;	83	import org.openide.xml.XMLUtil;
80	import org.w3c.dom.Document;	84	import org.w3c.dom.Document;
Lines 98-103 Link Here
98	*/	102	*/
99	private static final Map</URL/String,String[]> COOKIES = new HashMap<String,String[]>();	103	private static final Map</URL/String,String[]> COOKIES = new HashMap<String,String[]>();
100		104
		105	private static final Map</URL/String,/[field,crumb]/String[]> crumbs = Collections.synchronizedMap(new HashMap<String,String[]>()); // #193008
		106
101	private URL home;	107	private URL home;
102	private URL url;	108	private URL url;
103	private final Map<String,String> requestHeaders = new LinkedHashMap<String,String>();	109	private final Map<String,String> requestHeaders = new LinkedHashMap<String,String>();
Lines 313-318 Link Here
313	conn.setRequestProperty("Cookie", cookieBare); // NOI18N	319	conn.setRequestProperty("Cookie", cookieBare); // NOI18N
314	}	320	}
315	}	321	}
		322	String[] fieldCrumb = crumbs.get(home.toString());
		323	if (fieldCrumb != null) {
		324	conn.setRequestProperty(fieldCrumb[0], fieldCrumb[1]);
		325	}
316	}	326	}
317	if (postData != null) {	327	if (postData != null) {
318	conn.setDoOutput(true);	328	conn.setDoOutput(true);
Lines 367-372 Link Here
367	if (retry != null) {	377	if (retry != null) {
368	LOG.log(Level.FINER, "Retrying after auth from {0}", authenticator);	378	LOG.log(Level.FINER, "Retrying after auth from {0}", authenticator);
369	conn = retry;	379	conn = retry;
		380	try { // check for CSRF before continuing
		381	InputStream is = new ConnectionBuilder().url(new URL(home, "crumbIssuer/api/xml?xpath=concat(//crumbRequestField,'=',//crumb)")).homeURL(home).connection().getInputStream();
		382	try {
		383	ByteArrayOutputStream baos = new ByteArrayOutputStream();
		384	FileUtil.copy(is, baos);
		385	String crumb = baos.toString("UTF-8");
		386	String[] crumbA = crumb.split("=", 2);
		387	if (crumbA.length == 2 && crumbA[0].indexOf('\n') == -1) {
		388	LOG.log(Level.FINER, "Received crumb: {0}", crumb);
		389	crumbs.put(home.toString(), crumbA);
		390	} else {
		391	LOG.log(Level.WARNING, "Bad crumb response: {0}", crumb);
		392	}
		393	} finally {
		394	is.close();
		395	}
		396	} catch (FileNotFoundException x) {
		397	LOG.finer("not using crumbs");
		398	}
370	continue RETRY;	399	continue RETRY;
371	}	400	}
372	}	401	}

Lines 42-63 Link Here

(-)a/hudson/src/org/netbeans/modules/hudson/impl/ServletConnectionAuthenticator.java (-34 / +1 lines)
42		42
43	package org.netbeans.modules.hudson.impl;	43	package org.netbeans.modules.hudson.impl;
44		44
45	import java.io.ByteArrayOutputStream;
46	import java.io.FileNotFoundException;
47	import java.io.IOException;	45	import java.io.IOException;
48	import java.io.InputStream;
49	import java.net.URL;	46	import java.net.URL;
50	import java.net.URLConnection;	47	import java.net.URLConnection;
51	import java.net.URLEncoder;	48	import java.net.URLEncoder;
52	import java.util.Collections;
53	import java.util.HashMap;
54	import java.util.Map;
55	import java.util.logging.Level;	49	import java.util.logging.Level;
56	import java.util.logging.Logger;	50	import java.util.logging.Logger;
57	import org.netbeans.modules.hudson.api.ConnectionBuilder;	51	import org.netbeans.modules.hudson.api.ConnectionBuilder;
58	import org.netbeans.modules.hudson.spi.PasswordAuthorizer;	52	import org.netbeans.modules.hudson.spi.PasswordAuthorizer;
59	import org.netbeans.modules.hudson.spi.ConnectionAuthenticator;	53	import org.netbeans.modules.hudson.spi.ConnectionAuthenticator;
60	import org.openide.filesystems.FileUtil;
61	import org.openide.util.Lookup;	54	import org.openide.util.Lookup;
62	import org.openide.util.lookup.ServiceProvider;	55	import org.openide.util.lookup.ServiceProvider;
63		56
Lines 73-86 Link Here
73		66
74	private static final Logger LOGGER = Logger.getLogger(ServletConnectionAuthenticator.class.getName());	67	private static final Logger LOGGER = Logger.getLogger(ServletConnectionAuthenticator.class.getName());
75		68
76	private final Map</URL/String,/[field,crumb]/String[]> crumbs = Collections.synchronizedMap(new HashMap<String,String[]>()); // #193008	69	public @Override void prepareRequest(URLConnection conn, URL home) {}
77
78	public @Override void prepareRequest(URLConnection conn, URL home) {
79	String[] fieldCrumb = crumbs.get(home.toString());
80	if (fieldCrumb != null) {
81	conn.setRequestProperty(fieldCrumb[0], fieldCrumb[1]);
82	}
83	}
84		70
85	public @Override URLConnection forbidden(URLConnection conn, URL home) {	71	public @Override URLConnection forbidden(URLConnection conn, URL home) {
86	for (PasswordAuthorizer aa : Lookup.getDefault().lookupAll(PasswordAuthorizer.class)) {	72	for (PasswordAuthorizer aa : Lookup.getDefault().lookupAll(PasswordAuthorizer.class)) {
Lines 98-122 Link Here
98	URLEncoder.encode(auth[1], "UTF-8")).getBytes("UTF-8")). // NOI18N	84	URLEncoder.encode(auth[1], "UTF-8")).getBytes("UTF-8")). // NOI18N
99	homeURL(home).authentication(false).connection();	85	homeURL(home).authentication(false).connection();
100	LOGGER.log(Level.FINER, "Posted authentication to {0} worked", realmURI);	86	LOGGER.log(Level.FINER, "Posted authentication to {0} worked", realmURI);
101	try {
102	InputStream is = new ConnectionBuilder().url(new URL(home, "crumbIssuer/api/xml?xpath=concat(//crumbRequestField,'=',//crumb)")).homeURL(home).connection().getInputStream();
103	try {
104	ByteArrayOutputStream baos = new ByteArrayOutputStream();
105	FileUtil.copy(is, baos);
106	String crumb = baos.toString("UTF-8");
107	String[] crumbA = crumb.split("=", 2);
108	if (crumbA.length == 2 && crumbA[0].indexOf('\n') == -1) {
109	LOGGER.log(Level.FINER, "Received crumb: {0}", crumb);
110	crumbs.put(home.toString(), crumbA);
111	} else {
112	LOGGER.log(Level.WARNING, "Bad crumb response: {0}", crumb);
113	}
114	} finally {
115	is.close();
116	}
117	} catch (FileNotFoundException x) {
118	LOGGER.finer("not using crumbs");
119	}
120	return conn.getURL().openConnection();	87	return conn.getURL().openConnection();
121	} catch (IOException x) {	88	} catch (IOException x) {
122	LOGGER.log(Level.FINE, null, x);	89	LOGGER.log(Level.FINE, null, x);