Skip to content

Commit

Permalink
agent auth failure
Browse files Browse the repository at this point in the history 
Signed-off-by: Max Cao <macao@redhat.com>
  • Loading branch information
@maxcao13
maxcao13 committed Mar 28, 2023
1 parent 6b4f202 commit 97f87cc
Show file tree
Hide file tree
Showing 2 changed files with 70 additions and 38 deletions.
89 changes: 53 additions & 36 deletions src/main/java/io/cryostat/net/AgentClient.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -81,8 +81,10 @@
import io.vertx.ext.web.client.WebClient;
import io.vertx.ext.web.codec.BodyCodec;
import org.apache.commons.lang3.tuple.Pair;
import org.apache.http.auth.InvalidCredentialsException;

class AgentClient {
public class AgentClient {
public static final String NULL_CREDENTIALS = "No credentials found for agent";

private final Vertx vertx;
private final Gson gson;
Expand Down Expand Up @@ -212,41 +214,56 @@ Future<List<String>> eventTemplates() {
private <T> Future<HttpResponse<T>> invoke(HttpMethod mtd, String path, BodyCodec<T> codec) {
return Future.fromCompletionStage(
CompletableFuture.supplyAsync(
() -> {
logger.info("{} {} {}", mtd, agentUri, path);
HttpRequest<T> req =
webClient
.request(
mtd,
agentUri.getPort(),
agentUri.getHost(),
path)
.ssl("https".equals(agentUri.getScheme()))
.timeout(Duration.ofSeconds(httpTimeout).toMillis())
.followRedirects(true)
.as(codec);
try {
Credentials credentials =
credentialsManager.getCredentialsByTargetId(
agentUri.toString());
req =
req.authentication(
new UsernamePasswordCredentials(
credentials.getUsername(),
credentials.getPassword()));
} catch (ScriptException e) {
logger.error(e);
throw new RuntimeException(e);
}

try {
return req.send().toCompletionStage().toCompletableFuture().get();
} catch (InterruptedException | ExecutionException e) {
logger.error(e);
throw new RuntimeException(e);
}
},
ForkJoinPool.commonPool()));
() -> {
logger.info("{} {} {}", mtd, agentUri, path);
HttpRequest<T> req =
webClient
.request(
mtd,
agentUri.getPort(),
agentUri.getHost(),
path)
.ssl("https".equals(agentUri.getScheme()))
.timeout(
Duration.ofSeconds(httpTimeout)
.toMillis())
.followRedirects(true)
.as(codec);
try {
Credentials credentials =
credentialsManager.getCredentialsByTargetId(
agentUri.toString());
if (credentials == null
|| credentials.getUsername() == null
|| credentials.getPassword() == null) {
throw new InvalidCredentialsException(
NULL_CREDENTIALS + " " + agentUri);
}
req =
req.authentication(
new UsernamePasswordCredentials(
credentials.getUsername(),
credentials.getPassword()));
} catch (ScriptException | InvalidCredentialsException e) {
logger.error(e);
throw new RuntimeException(e);
}

try {
return req.send()
.toCompletionStage()
.toCompletableFuture()
.get();
} catch (InterruptedException | ExecutionException e) {
logger.error(e);
throw new RuntimeException(e);
}
},
ForkJoinPool.commonPool())
.exceptionally(
t -> {
throw new RuntimeException(t);
}));
}

static class Factory {
Expand Down
19 changes: 17 additions & 2 deletions src/main/java/io/cryostat/net/web/http/api/beta/CredentialTestPostHandler.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,8 +43,11 @@

import javax.inject.Inject;

import org.openjdk.jmc.rjmx.ConnectionException;

import io.cryostat.configuration.CredentialsManager;
import io.cryostat.core.net.Credentials;
import io.cryostat.net.AgentClient;
import io.cryostat.net.AuthManager;
import io.cryostat.net.ConnectionDescriptor;
import io.cryostat.net.TargetConnectionManager;
Expand All @@ -61,6 +64,7 @@
import com.google.gson.Gson;
import io.vertx.core.http.HttpMethod;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.exception.ExceptionUtils;

public class CredentialTestPostHandler extends AbstractV2RequestHandler<CredentialTestResult> {

Expand Down Expand Up @@ -145,7 +149,8 @@ public IntermediateResponse<CredentialTestResult> handle(RequestParameters param
return CredentialTestResult.NA;
}));
} catch (Exception e1) {
if (AbstractAuthenticatedRequestHandler.isJmxAuthFailure(e1)) {
if (AbstractAuthenticatedRequestHandler.isJmxAuthFailure(e1)
|| isAgentAuthFailure(e1)) {
ConnectionDescriptor creds =
new ConnectionDescriptor(targetId, new Credentials(username, password));
try {
Expand All @@ -158,7 +163,8 @@ public IntermediateResponse<CredentialTestResult> handle(RequestParameters param
return CredentialTestResult.SUCCESS;
}));
} catch (Exception e2) {
if (AbstractAuthenticatedRequestHandler.isJmxAuthFailure(e2)) {
if (AbstractAuthenticatedRequestHandler.isJmxAuthFailure(e2)
|| isAgentAuthFailure(e2)) {
return new IntermediateResponse<CredentialTestResult>()
.body(CredentialTestResult.FAILURE);
}
Expand All @@ -169,6 +175,15 @@ public IntermediateResponse<CredentialTestResult> handle(RequestParameters param
}
}

boolean isAgentAuthFailure(Exception e) {
int index = ExceptionUtils.indexOfType(e, ConnectionException.class);
if (index >= 0) {
Throwable ce = ExceptionUtils.getThrowableList(e).get(index);
return ce.getMessage().contains(AgentClient.NULL_CREDENTIALS);
}
return false;
}

static enum CredentialTestResult {
SUCCESS,
FAILURE,
Expand Down

0 comments on commit 97f87cc

Please sign in to comment.