Line data    Source code

       1             : // Copyright (C) 2013 The Android Open Source Project
       2             : //
       3             : // Licensed under the Apache License, Version 2.0 (the "License");
       4             : // you may not use this file except in compliance with the License.
       5             : // You may obtain a copy of the License at
       6             : //
       7             : // http://www.apache.org/licenses/LICENSE-2.0
       8             : //
       9             : // Unless required by applicable law or agreed to in writing, software
      10             : // distributed under the License is distributed on an "AS IS" BASIS,
      11             : // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
      12             : // See the License for the specific language governing permissions and
      13             : // limitations under the License.
      14             : 
      15             : package com.google.gerrit.server.restapi.account;
      16             : 
      17             : import static com.google.gerrit.server.account.externalids.ExternalId.SCHEME_USERNAME;
      18             : import static java.nio.charset.StandardCharsets.UTF_8;
      19             : 
      20             : import com.google.common.base.Strings;
      21             : import com.google.common.flogger.FluentLogger;
      22             : import com.google.common.io.BaseEncoding;
      23             : import com.google.gerrit.common.UsedAt;
      24             : import com.google.gerrit.exceptions.EmailException;
      25             : import com.google.gerrit.extensions.common.HttpPasswordInput;
      26             : import com.google.gerrit.extensions.restapi.AuthException;
      27             : import com.google.gerrit.extensions.restapi.ResourceConflictException;
      28             : import com.google.gerrit.extensions.restapi.ResourceNotFoundException;
      29             : import com.google.gerrit.extensions.restapi.Response;
      30             : import com.google.gerrit.extensions.restapi.RestModifyView;
      31             : import com.google.gerrit.server.CurrentUser;
      32             : import com.google.gerrit.server.IdentifiedUser;
      33             : import com.google.gerrit.server.UserInitiated;
      34             : import com.google.gerrit.server.account.AccountResource;
      35             : import com.google.gerrit.server.account.AccountsUpdate;
      36             : import com.google.gerrit.server.account.externalids.ExternalId;
      37             : import com.google.gerrit.server.account.externalids.ExternalIdFactory;
      38             : import com.google.gerrit.server.account.externalids.ExternalIdKeyFactory;
      39             : import com.google.gerrit.server.account.externalids.ExternalIds;
      40             : import com.google.gerrit.server.mail.send.HttpPasswordUpdateSender;
      41             : import com.google.gerrit.server.permissions.GlobalPermission;
      42             : import com.google.gerrit.server.permissions.PermissionBackend;
      43             : import com.google.gerrit.server.permissions.PermissionBackendException;
      44             : import com.google.inject.Inject;
      45             : import com.google.inject.Provider;
      46             : import com.google.inject.Singleton;
      47             : import java.io.IOException;
      48             : import java.security.NoSuchAlgorithmException;
      49             : import java.security.SecureRandom;
      50             : import java.util.Optional;
      51             : import org.eclipse.jgit.errors.ConfigInvalidException;
      52             : 
      53             : /**
      54             :  * REST endpoint to set/delete the password for HTTP access of an account.
      55             :  *
      56             :  * <p>This REST endpoint handles {@code PUT /accounts/<account-identifier>/password.http} and {@code
      57             :  * DELETE /accounts/<account-identifier>/password.http} requests.
      58             :  *
      59             :  * <p>Gerrit only stores the hash of the HTTP password, hence if an HTTP password was set it's not
      60             :  * possible to get it back from Gerrit.
      61             :  */
      62             : @Singleton
      63             : public class PutHttpPassword implements RestModifyView<AccountResource, HttpPasswordInput> {
      64         148 :   private static final FluentLogger logger = FluentLogger.forEnclosingClass();
      65             : 
      66             :   private static final int LEN = 31;
      67             :   private static final SecureRandom rng;
      68             : 
      69             :   static {
      70             :     try {
      71         148 :       rng = SecureRandom.getInstance("SHA1PRNG");
      72           0 :     } catch (NoSuchAlgorithmException e) {
      73           0 :       throw new IllegalStateException("Cannot create RNG for password generator", e);
      74         148 :     }
      75         148 :   }
      76             : 
      77             :   private final Provider<CurrentUser> self;
      78             :   private final PermissionBackend permissionBackend;
      79             :   private final ExternalIds externalIds;
      80             :   private final Provider<AccountsUpdate> accountsUpdateProvider;
      81             :   private final HttpPasswordUpdateSender.Factory httpPasswordUpdateSenderFactory;
      82             :   private final ExternalIdFactory externalIdFactory;
      83             :   private final ExternalIdKeyFactory externalIdKeyFactory;
      84             : 
      85             :   @Inject
      86             :   PutHttpPassword(
      87             :       Provider<CurrentUser> self,
      88             :       PermissionBackend permissionBackend,
      89             :       ExternalIds externalIds,
      90             :       @UserInitiated Provider<AccountsUpdate> accountsUpdateProvider,
      91             :       HttpPasswordUpdateSender.Factory httpPasswordUpdateSenderFactory,
      92             :       ExternalIdFactory externalIdFactory,
      93         148 :       ExternalIdKeyFactory externalIdKeyFactory) {
      94         148 :     this.self = self;
      95         148 :     this.permissionBackend = permissionBackend;
      96         148 :     this.externalIds = externalIds;
      97         148 :     this.accountsUpdateProvider = accountsUpdateProvider;
      98         148 :     this.httpPasswordUpdateSenderFactory = httpPasswordUpdateSenderFactory;
      99         148 :     this.externalIdFactory = externalIdFactory;
     100         148 :     this.externalIdKeyFactory = externalIdKeyFactory;
     101         148 :   }
     102             : 
     103             :   @Override
     104             :   public Response<String> apply(AccountResource rsrc, HttpPasswordInput input)
     105             :       throws AuthException, ResourceNotFoundException, ResourceConflictException, IOException,
     106             :           ConfigInvalidException, PermissionBackendException {
     107           6 :     if (!self.get().hasSameAccountId(rsrc.getUser())) {
     108           4 :       permissionBackend.currentUser().check(GlobalPermission.ADMINISTRATE_SERVER);
     109             :     }
     110             : 
     111           6 :     if (input == null) {
     112           0 :       input = new HttpPasswordInput();
     113             :     }
     114           6 :     input.httpPassword = Strings.emptyToNull(input.httpPassword);
     115             : 
     116             :     String newPassword;
     117           6 :     if (input.generate) {
     118           3 :       newPassword = generate();
     119           4 :     } else if (input.httpPassword == null) {
     120           2 :       newPassword = null;
     121             :     } else {
     122             :       // Only administrators can explicitly set the password.
     123           3 :       permissionBackend.currentUser().check(GlobalPermission.ADMINISTRATE_SERVER);
     124           3 :       newPassword = input.httpPassword;
     125             :     }
     126           6 :     return apply(rsrc.getUser(), newPassword);
     127             :   }
     128             : 
     129             :   @UsedAt(UsedAt.Project.PLUGIN_SERVICEUSER)
     130             :   public Response<String> apply(IdentifiedUser user, String newPassword)
     131             :       throws ResourceNotFoundException, ResourceConflictException, IOException,
     132             :           ConfigInvalidException {
     133           6 :     String userName =
     134           6 :         user.getUserName().orElseThrow(() -> new ResourceConflictException("username must be set"));
     135           6 :     Optional<ExternalId> optionalExtId =
     136           6 :         externalIds.get(externalIdKeyFactory.create(SCHEME_USERNAME, userName));
     137           6 :     ExternalId extId = optionalExtId.orElseThrow(ResourceNotFoundException::new);
     138           6 :     accountsUpdateProvider
     139           6 :         .get()
     140           6 :         .update(
     141             :             "Set HTTP Password via API",
     142           6 :             extId.accountId(),
     143             :             u ->
     144           6 :                 u.updateExternalId(
     145           6 :                     externalIdFactory.createWithPassword(
     146           6 :                         extId.key(), extId.accountId(), extId.email(), newPassword)));
     147             : 
     148             :     try {
     149           6 :       httpPasswordUpdateSenderFactory
     150           6 :           .create(user, newPassword == null ? "deleted" : "added or updated")
     151           6 :           .send();
     152           0 :     } catch (EmailException e) {
     153           0 :       logger.atSevere().withCause(e).log(
     154           0 :           "Cannot send HttpPassword update message to %s", user.getAccount().preferredEmail());
     155           6 :     }
     156             : 
     157           6 :     return Strings.isNullOrEmpty(newPassword) ? Response.none() : Response.ok(newPassword);
     158             :   }
     159             : 
     160             :   @UsedAt(UsedAt.Project.PLUGIN_SERVICEUSER)
     161             :   public static String generate() {
     162           3 :     byte[] rand = new byte[LEN];
     163           3 :     rng.nextBytes(rand);
     164             : 
     165           3 :     byte[] enc = BaseEncoding.base64().encode(rand).getBytes(UTF_8);
     166           3 :     StringBuilder r = new StringBuilder(enc.length);
     167           3 :     for (int i = 0; i < enc.length; i++) {
     168           3 :       if (enc[i] == '=') {
     169           3 :         break;
     170             :       }
     171           3 :       r.append((char) enc[i]);
     172             :     }
     173           3 :     return r.toString();
     174             :   }
     175             : }