Class UserAuthKeyboardInteractive

All Implemented Interfaces:
UserAuth, ClientSessionHolder, UserAuthInstance<ClientSession>, NamedResource

public class UserAuthKeyboardInteractive extends AbstractUserAuth
Manages a "keyboard-interactive" exchange according to RFC4256
  • Field Details

  • Constructor Details

    • UserAuthKeyboardInteractive

      public UserAuthKeyboardInteractive()
  • Method Details

    • init

      public void init(ClientSession session, String service) throws Exception
      Specified by:
      init in interface UserAuth
      Overrides:
      init in class AbstractUserAuth
      Parameters:
      session - The ClientSession
      service - The requesting service name
      Throws:
      Exception - If failed to initialize the mechanism
    • sendAuthDataRequest

      protected boolean sendAuthDataRequest(ClientSession session, String service) throws Exception
      Specified by:
      sendAuthDataRequest in class AbstractUserAuth
      Throws:
      Exception
    • processAuthDataRequest

      protected boolean processAuthDataRequest(ClientSession session, String service, Buffer buffer) throws Exception
      Specified by:
      processAuthDataRequest in class AbstractUserAuth
      Throws:
      Exception
    • getExchangeLanguageTag

      protected String getExchangeLanguageTag(ClientSession session)
    • getExchangeSubMethods

      protected String getExchangeSubMethods(ClientSession session)
    • getCurrentPasswordCandidate

      protected String getCurrentPasswordCandidate()
    • verifyTrialsCount

      protected boolean verifyTrialsCount(ClientSession session, String service, int cmd, int nbTrials, int maxAllowed)
    • getUserResponses

      protected String[] getUserResponses(String name, String instruction, String lang, String[] prompt, boolean[] echo)
      Parameters:
      name - The interaction name - may be empty
      instruction - The instruction - may be empty
      lang - The language tag - may be empty
      prompt - The prompts - may be empty
      echo - Whether to echo the response for the prompt or not - same length as the prompts
      Returns:
      The response for each prompt - if null then the assumption is that some internal error occurred and no response is sent. Note: according to RFC4256 the number of responses should be exactly the same as the number of prompts. However, since it is the server's responsibility to enforce this we do not validate the response (other than logging it as a warning...)
    • useCurrentPassword

      protected boolean useCurrentPassword(ClientSession session, String password, String name, String instruction, String lang, String[] prompt, boolean[] echo)
      Checks if we have a candidate password and exactly one prompt is requested with no echo, and the prompt matches a configurable pattern.
      Parameters:
      session - The ClientSession through which the request is received
      password - The current password candidate to use
      name - The service name
      instruction - The request instruction
      lang - The reported language tag
      prompt - The requested prompts
      echo - The matching prompts echo flags
      Returns:
      Whether to use the password candidate as reply to the prompts
      See Also:
    • getAuthCommandName

      public static String getAuthCommandName(int cmd)