zydronium/google-nomulus
1
0
Fork 0
mirror of https://github.com/google/nomulus.git synced 2025-05-13 16:07:15 +02:00
Code Issues Projects Releases Packages Wiki Activity
google-nomulus/java/google/registry/tools/ValidateLoginCredentialsCommand.java
cgoldfeder 2a3a3fbc30 Break SessionSource out of SessionMetadata and rename it EppRequestSource. 
The "SessionSource" has nothing to do with sessions (and it's often
used in sessionless contexts). What it does indicate is the endpoint
used to make the request.
-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=125295224
2016-06-27 16:19:21 -04:00

120 lines
4.5 KiB
Java
Raw Blame History

// Copyright 2016 The Domain Registry Authors. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package google.registry.tools;
import static com.google.common.base.Preconditions.checkArgument;
import static com.google.common.base.Strings.isNullOrEmpty;
import static com.google.common.io.Resources.getResource;
import static google.registry.flows.EppXmlTransformer.marshalWithLenientRetry;
import static google.registry.flows.EppXmlTransformer.unmarshal;
import static google.registry.util.X509Utils.getCertificateHash;
import static google.registry.util.X509Utils.loadCertificate;
import static java.nio.charset.StandardCharsets.US_ASCII;
import static java.nio.charset.StandardCharsets.UTF_8;
import com.google.common.base.Optional;
import com.google.template.soy.SoyFileSet;
import com.google.template.soy.data.SoyMapData;
import com.beust.jcommander.Parameter;
import com.beust.jcommander.Parameters;
import google.registry.flows.EppRequestSource;
import google.registry.flows.FlowRunner;
import google.registry.flows.HttpSessionMetadata;
import google.registry.flows.TlsCredentials;
import google.registry.flows.session.LoginFlow;
import google.registry.model.eppcommon.Trid;
import google.registry.model.eppinput.EppInput;
import google.registry.tools.Command.GtechCommand;
import google.registry.tools.Command.RemoteApiCommand;
import google.registry.tools.params.PathParameter;
import google.registry.tools.soy.LoginSoyInfo;
import google.registry.util.BasicHttpSession;
import google.registry.util.SystemClock;
import java.nio.file.Files;
import java.nio.file.Path;
import javax.annotation.Nullable;
/** A command to execute an epp command. */
@Parameters(separators = " =", commandDescription = "Test registrar login credentials")
final class ValidateLoginCredentialsCommand implements RemoteApiCommand, GtechCommand {
@Parameter(
names = {"-c", "--client"},
description = "Client identifier of the registrar to test",
required = true)
private String clientIdentifier;
@Parameter(
names = {"-p", "--password"},
description = "Password of the registrar to test",
required = true)
private String password;
@Nullable
@Parameter(
names = {"-f", "--cert_file"},
description = "File containing the client certificate",
validateWith = PathParameter.InputFile.class)
private Path clientCertificatePath;
@Nullable
@Parameter(
names = {"-h", "--cert_hash"},
description = "Hash of the client certificate.")
private String clientCertificateHash;
@Parameter(
names = {"-i", "--ip_address"},
description = "Client ip address to pretend to use")
private String clientIpAddress = "10.0.0.1";
@Override
public void run() throws Exception {
checkArgument(clientCertificatePath == null || isNullOrEmpty(clientCertificateHash),
"Can't specify both --cert_hash and --cert_file");
if (clientCertificatePath != null) {
String asciiCrt = new String(Files.readAllBytes(clientCertificatePath), US_ASCII);
clientCertificateHash = getCertificateHash(loadCertificate(asciiCrt));
}
byte[] inputXmlBytes = SoyFileSet.builder()
.add(getResource(LoginSoyInfo.class, LoginSoyInfo.getInstance().getFileName()))
.build()
.compileToTofu()
.newRenderer(LoginSoyInfo.LOGIN)
.setData(new SoyMapData("clientIdentifier", clientIdentifier, "password", password))
.render()
.getBytes(UTF_8);
System.out.println(new String(marshalWithLenientRetry(
new FlowRunner(
LoginFlow.class,
unmarshal(EppInput.class, inputXmlBytes),
Trid.create(null),
new HttpSessionMetadata(new BasicHttpSession()),
new TlsCredentials(
clientCertificateHash,
Optional.of(clientIpAddress),
"placeholder"), // behave as if we have SNI on, since we're validating a cert
EppRequestSource.TOOL,
false,
false,
inputXmlBytes,
null,
new SystemClock()).run()), UTF_8));
}
}
Reference in a new issue View git blame Copy permalink