Package au.net.causal.projo.prefs.security

Source Code of au.net.causal.projo.prefs.security.ConsoleUiPasswordSource

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
package au.net.causal.projo.prefs.security;

import java.io.Console;
import java.util.Arrays;
import java.util.NoSuchElementException;
import java.util.Scanner;

import org.apache.commons.lang3.StringUtils;

import au.net.causal.projo.prefs.PreferencesException;

/**
* Password source that reads passwords from the console.
* <p>
*
* By default, if a non-echoing method of reading passwords from the console is not available, this password source throws an exception when attempting
* to read a password.  However, if having passwords echoed on the screen is not a problem, the {@link #setEchoAllowed(boolean)} method can be used to control
* this behaviour.
*
* @author prunge
*/
public class ConsoleUiPasswordSource implements UiPromptPasswordSource
{
  private boolean echoAllowed;
  private String echoWarningText = "Warning: password will be echoed to the screen!";
  private String prompt = "Configuration master password";
  private String verifyPrompt = "Re-enter password";
  private String verifyErrorMessage = "Passwords were not the same.";

  public static void main(String... args)
  throws Exception
  {
    ConsoleUiPasswordSource s = new ConsoleUiPasswordSource();
    s.setEchoAllowed(true);
    char[] p = s.readPassword(Mode.ENCRYPTION);
    System.err.println("The password is: " + String.valueOf(p));
  }
 
  /**
   * Returns whether the password is allowed to be echoed on the screen.
   *
   * @return true if the password can be echoed to the console, false if not.
   *
   * @see #setEchoAllowed(boolean)
   * @see #setEchoWarningText(String)
   */
  public boolean isEchoAllowed()
  {
    return(echoAllowed);
  }

  /**
   * Sets whether the password entered by the user may be echoed to the console.
   * <p>
   *
   * This source will always try to get a non-echoing password when possible.  However, when this capability is not available, if this setting is enabled,
   * password may still be entered by the user, however it will be echoed to the screen.  If this setting is disabled, an error will occur in the
   * application instead.
   *
   * @param echoAllowed true to allow echo, false not to.
   *
   * @see #isEchoAllowed()
   * @see #setEchoWarningText(String)
   */
  public void setEchoAllowed(boolean echoAllowed)
  {
    this.echoAllowed = echoAllowed;
  }
 
  /**
   * If password echo is allowed, and when there is no capability to read passwords from the console without echoing, this warning text is displayed to
   * the user to inform them that others may be able to read the password from the screen.
   *
   * @return the echo warning text.
   *
   * @see #setEchoWarningText(String)
   */
  public String getEchoWarningText()
  {
    return(echoWarningText);
  }

  /**
   * Sets the warning text that is written to the console before the prompt when entering the password will cause it to echo on the screen.
   * <p>
   *
   * Only used when echo is allowed.
   *
   * @param echoWarningText the echo warning text.
   *
   * @see #getEchoWarningText()
   */
  public void setEchoWarningText(String echoWarningText)
  {
    this.echoWarningText = echoWarningText;
  }
 
  /**
   * Returns the message displayed when the password and the verify password are not the same.
   *
   * @return the verify error message.
   *
   * @see #setVerifyErrorMessage(String)
   */
  public String getVerifyErrorMessage()
  {
    return(verifyErrorMessage);
  }

  /**
   * Sets the message displayed when the password and the verify password are not the same.
   *
   * @param verifyErrorMessage the verify error message.
   *
   * @see #getVerifyErrorMessage()
   */
  public void setVerifyErrorMessage(String verifyErrorMessage)
  {
    this.verifyErrorMessage = verifyErrorMessage;
  }

  @Override
  public char[] readPassword(Mode mode) throws PreferencesException
  {
    char[] password;
   
    Console console = System.console();
    if (console == null)
    {
       if (isEchoAllowed())
       {
         //Since we are echoing the password anyway no need to make the user validate by typing second time
        
         if (!StringUtils.isEmpty(getEchoWarningText()))
           System.err.println(getEchoWarningText());
     
         if (!StringUtils.isEmpty(getPasswordPrompt()))
           System.err.print(getPasswordPrompt() + ": ");
        
         @SuppressWarnings("resource") //Don't want to close System.in
         Scanner sc = new Scanner(System.in);
         try
         {
           password = sc.nextLine().toCharArray();
         }
         catch (NoSuchElementException e)
         {
           //End of System.in stream possible I guess, regard as a cancel
           password = null;
         }
       }
       else
         throw new PreferencesException("Console not available, cannot read password from user securely.");
    }
    else
    {
      if (mode == Mode.ENCRYPTION)
      {
        boolean passwordsAreTheSame;
        do
        {
          if (!StringUtils.isEmpty(getPasswordPrompt()))
             System.err.print(getPasswordPrompt() + ": ");
         
          password = console.readPassword();
         
          //User cancelled
          if (password.length == 0)
            return(null);
         
          if (!StringUtils.isEmpty(getVerifyPrompt()))
            System.err.print(getVerifyPrompt() + ": ");
           
          char[] verifyPassword = console.readPassword();
         
          passwordsAreTheSame = Arrays.equals(password, verifyPassword);
          if (!passwordsAreTheSame && !StringUtils.isEmpty(getVerifyErrorMessage()))
            System.err.println(getVerifyErrorMessage());
        }
        while (!passwordsAreTheSame);
      }
      else
      {
        if (!StringUtils.isEmpty(getPasswordPrompt()))
           System.err.print(getPasswordPrompt() + ": ");
       
        password = console.readPassword();
      }
    }
     
    //If the user just presses ENTER regard as a cancel
    if (password != null && password.length == 0)
      password = null;
   
    return(password);
  }

  @Override
  public String getPasswordPrompt()
  {
    return(prompt);
  }

  @Override
  public void setPasswordPrompt(String prompt)
  {
    this.prompt = prompt;
  }

  public String getVerifyPrompt()
  {
    return(verifyPrompt);
  }

  public void setVerifyPrompt(String verifyPrompt)
  {
    this.verifyPrompt = verifyPrompt;
  }
}
TOP

Related Classes of au.net.causal.projo.prefs.security.ConsoleUiPasswordSource

  • java.io.Console
  • java.util.Scanner
  • au.net.causal.projo.prefs.PreferencesException
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.