diff --git a/src/main/scala/ssh/GitCommand.scala b/src/main/scala/ssh/GitCommand.scala index 26cb2e9..06e450a 100644 --- a/src/main/scala/ssh/GitCommand.scala +++ b/src/main/scala/ssh/GitCommand.scala @@ -98,4 +98,3 @@ } } } - diff --git a/src/main/scala/ssh/PublicKeyAuthenticator.scala b/src/main/scala/ssh/PublicKeyAuthenticator.scala index fb8222e..a3c8ef0 100644 --- a/src/main/scala/ssh/PublicKeyAuthenticator.scala +++ b/src/main/scala/ssh/PublicKeyAuthenticator.scala @@ -3,22 +3,35 @@ import org.apache.sshd.server.{PublickeyAuthenticator, PasswordAuthenticator} import org.slf4j.LoggerFactory import org.apache.sshd.server.session.ServerSession -import java.security.PublicKey +import java.security.{KeyFactory, PublicKey} +import org.apache.commons.codec.binary.Base64 +import java.security.spec.X509EncodedKeySpec +import org.apache.sshd.common.util.Buffer class PublicKeyAuthenticator extends PublickeyAuthenticator { + private val logger = LoggerFactory.getLogger(classOf[PublicKeyAuthenticator]) + override def authenticate(username: String, key: PublicKey, session: ServerSession): Boolean = { - // TODO Implements PublicKeyAuthenticator - true + // TODO this string is read from DB and Users register this public key string on Account Profile view + val testAuthkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDRzuX0WtSLzCY45nEhfFDPXzYGmvQdqnOgOUY4yGL5io/2ztyUvJdhWowkyakeoPxVk/jIP7Tu8Are5TuSD+fJp7aUbZW2CYOEsxo8cwndh/ezIX6RFjlu+xvKvZ8G7BtFLlLCcnza9uB+uEAyPH5HvGQLdV7dXctLfFqXPTr1p1RjSI7Noubm+vN4n9108rILd32MlhQiToXjL4HKWWwmppaln6bEsonOQW4/GieRjQeyWDkbVekIofnedjWl4+W0kAA+WosNwRFShgsaJLfU964HT/cGjK5auqOG+nATY0suECnxAK+5Wb6jXXYNmKiIMHypeXG1Qy2wMyMB1Gq9 tanacasino-local" + toPublicKey(testAuthkey) match { + case Some(publicKey) => key.equals(publicKey) + case _ => false + } + } + + private def toPublicKey(key: String): Option[PublicKey] = { + try { + val parts = key.split(" ") + val encodedKey = key.split(" ")(1) + val decode = Base64.decodeBase64(encodedKey) + Some(new Buffer(decode).getRawPublicKey) + } catch { + case e: Throwable => { + logger.error(e.getMessage, e) + None + } + } } } - -// always true authenticator... -class MyPasswordAuthenticator extends PasswordAuthenticator { - private val logger = LoggerFactory.getLogger(classOf[MyPasswordAuthenticator]) - - override def authenticate(username: String, password: String, session: ServerSession): Boolean = { - logger.info("noop authenticate!!!") - true - } -} \ No newline at end of file diff --git a/src/main/scala/ssh/SshServerListener.scala b/src/main/scala/ssh/SshServerListener.scala index aa62c61..0d36339 100644 --- a/src/main/scala/ssh/SshServerListener.scala +++ b/src/main/scala/ssh/SshServerListener.scala @@ -16,13 +16,10 @@ private def configure() = { server.setPort(DEFAULT_PORT) - - // TODO not password use PublicKeyAuthenticator - val authenticator = new MyPasswordAuthenticator - server.setPasswordAuthenticator(authenticator) - // TODO gitbucket.ser should be in GITBUCKET_HOME server.setKeyPairProvider(new SimpleGeneratorHostKeyProvider("gitbucket.ser")) + + server.setPublickeyAuthenticator(new PublicKeyAuthenticator) server.setCommandFactory(new GitCommandFactory) } @@ -30,6 +27,7 @@ if (SSH_SERVICE_ENABLE) { configure() server.start() + logger.info(s"Start SSH Server Listen on ${server.getPort}") } } @@ -39,19 +37,20 @@ } /* - * Start a SSH Service Daemon + * Start a SSH Server Daemon * - * How to use ? - * git clone ssh://username@host_or_ip:29418/username/repository_name.git + * How to use: + * git clone ssh://username@host_or_ip:29418/owner/repository_name.git * */ class SshServerListener extends ServletContextListener { + override def contextInitialized(sce: ServletContextEvent): Unit = { - SshServer.start + SshServer.start() } override def contextDestroyed(sce: ServletContextEvent): Unit = { - SshServer.stop + SshServer.stop() } }