mirror of
https://codeberg.org/Mercury-IM/Smack
synced 2024-11-26 00:02:06 +01:00
Log warning if account creation over insecure connection
Prepare for SMACK-644.
This commit is contained in:
parent
19f96d2c40
commit
29bda59617
1 changed files with 43 additions and 0 deletions
|
@ -22,6 +22,7 @@ import java.util.HashMap;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
import java.util.WeakHashMap;
|
import java.util.WeakHashMap;
|
||||||
|
import java.util.logging.Logger;
|
||||||
|
|
||||||
import org.jivesoftware.smack.Manager;
|
import org.jivesoftware.smack.Manager;
|
||||||
import org.jivesoftware.smack.PacketCollector;
|
import org.jivesoftware.smack.PacketCollector;
|
||||||
|
@ -42,6 +43,9 @@ import org.jxmpp.util.XmppStringUtils;
|
||||||
* @author Matt Tucker
|
* @author Matt Tucker
|
||||||
*/
|
*/
|
||||||
public class AccountManager extends Manager {
|
public class AccountManager extends Manager {
|
||||||
|
|
||||||
|
private static final Logger LOGGER = Logger.getLogger(AccountManager.class.getName());
|
||||||
|
|
||||||
private static final Map<XMPPConnection, AccountManager> INSTANCES = new WeakHashMap<XMPPConnection, AccountManager>();
|
private static final Map<XMPPConnection, AccountManager> INSTANCES = new WeakHashMap<XMPPConnection, AccountManager>();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -59,6 +63,35 @@ public class AccountManager extends Manager {
|
||||||
return accountManager;
|
return accountManager;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private static boolean allowSensitiveOperationOverInsecureConnectionDefault = false;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The default value used by new account managers for <code>allowSensitiveOperationOverInsecureConnection</code>.
|
||||||
|
*
|
||||||
|
* @param allow
|
||||||
|
* @see #sensitiveOperationOverInsecureConnection(boolean)
|
||||||
|
* @since 4.1
|
||||||
|
*/
|
||||||
|
public static void sensitiveOperationOverInsecureConnectionDefault(boolean allow) {
|
||||||
|
AccountManager.allowSensitiveOperationOverInsecureConnectionDefault = allow;
|
||||||
|
}
|
||||||
|
|
||||||
|
private boolean allowSensitiveOperationOverInsecureConnection = allowSensitiveOperationOverInsecureConnectionDefault;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Set to <code>true</code> to allow sensitive operation over insecure connection.
|
||||||
|
* <p>
|
||||||
|
* Set to true to allow sensitive operations like account creation or password changes over an insecure (e.g.
|
||||||
|
* unencrypted) connections.
|
||||||
|
* </p>
|
||||||
|
*
|
||||||
|
* @param allow
|
||||||
|
* @since 4.1
|
||||||
|
*/
|
||||||
|
public void sensitiveOperationOverInsecureConnection(boolean allow) {
|
||||||
|
this.allowSensitiveOperationOverInsecureConnection = allow;
|
||||||
|
}
|
||||||
|
|
||||||
private Registration info = null;
|
private Registration info = null;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -226,6 +259,11 @@ public class AccountManager extends Manager {
|
||||||
*/
|
*/
|
||||||
public void createAccount(String username, String password, Map<String, String> attributes)
|
public void createAccount(String username, String password, Map<String, String> attributes)
|
||||||
throws NoResponseException, XMPPErrorException, NotConnectedException {
|
throws NoResponseException, XMPPErrorException, NotConnectedException {
|
||||||
|
if (!connection().isSecureConnection() && !allowSensitiveOperationOverInsecureConnection) {
|
||||||
|
// TODO throw exception in newer Smack versions
|
||||||
|
LOGGER.warning("Creating account over insecure connection. "
|
||||||
|
+ "This will throw an exception in future versions of Smack if AccountManager.sensitiveOperationOverInsecureConnection(true) is not set");
|
||||||
|
}
|
||||||
attributes.put("username", username);
|
attributes.put("username", username);
|
||||||
attributes.put("password", password);
|
attributes.put("password", password);
|
||||||
Registration reg = new Registration(attributes);
|
Registration reg = new Registration(attributes);
|
||||||
|
@ -245,6 +283,11 @@ public class AccountManager extends Manager {
|
||||||
* @throws NotConnectedException
|
* @throws NotConnectedException
|
||||||
*/
|
*/
|
||||||
public void changePassword(String newPassword) throws NoResponseException, XMPPErrorException, NotConnectedException {
|
public void changePassword(String newPassword) throws NoResponseException, XMPPErrorException, NotConnectedException {
|
||||||
|
if (!connection().isSecureConnection() && !allowSensitiveOperationOverInsecureConnection) {
|
||||||
|
// TODO throw exception in newer Smack versions
|
||||||
|
LOGGER.warning("Changing password over insecure connection. "
|
||||||
|
+ "This will throw an exception in future versions of Smack if AccountManager.sensitiveOperationOverInsecureConnection(true) is not set");
|
||||||
|
}
|
||||||
Map<String, String> map = new HashMap<String, String>();
|
Map<String, String> map = new HashMap<String, String>();
|
||||||
map.put("username",XmppStringUtils.parseLocalpart(connection().getUser()));
|
map.put("username",XmppStringUtils.parseLocalpart(connection().getUser()));
|
||||||
map.put("password",newPassword);
|
map.put("password",newPassword);
|
||||||
|
|
Loading…
Reference in a new issue