mirror of
https://codeberg.org/Mercury-IM/Smack
synced 2024-11-26 00:02:06 +01:00
Log warning if account creation over insecure connection
Prepare for SMACK-644.
This commit is contained in:
parent
19f96d2c40
commit
29bda59617
1 changed files with 43 additions and 0 deletions
|
@ -22,6 +22,7 @@ import java.util.HashMap;
|
|||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
import java.util.WeakHashMap;
|
||||
import java.util.logging.Logger;
|
||||
|
||||
import org.jivesoftware.smack.Manager;
|
||||
import org.jivesoftware.smack.PacketCollector;
|
||||
|
@ -42,6 +43,9 @@ import org.jxmpp.util.XmppStringUtils;
|
|||
* @author Matt Tucker
|
||||
*/
|
||||
public class AccountManager extends Manager {
|
||||
|
||||
private static final Logger LOGGER = Logger.getLogger(AccountManager.class.getName());
|
||||
|
||||
private static final Map<XMPPConnection, AccountManager> INSTANCES = new WeakHashMap<XMPPConnection, AccountManager>();
|
||||
|
||||
/**
|
||||
|
@ -59,6 +63,35 @@ public class AccountManager extends Manager {
|
|||
return accountManager;
|
||||
}
|
||||
|
||||
private static boolean allowSensitiveOperationOverInsecureConnectionDefault = false;
|
||||
|
||||
/**
|
||||
* The default value used by new account managers for <code>allowSensitiveOperationOverInsecureConnection</code>.
|
||||
*
|
||||
* @param allow
|
||||
* @see #sensitiveOperationOverInsecureConnection(boolean)
|
||||
* @since 4.1
|
||||
*/
|
||||
public static void sensitiveOperationOverInsecureConnectionDefault(boolean allow) {
|
||||
AccountManager.allowSensitiveOperationOverInsecureConnectionDefault = allow;
|
||||
}
|
||||
|
||||
private boolean allowSensitiveOperationOverInsecureConnection = allowSensitiveOperationOverInsecureConnectionDefault;
|
||||
|
||||
/**
|
||||
* Set to <code>true</code> to allow sensitive operation over insecure connection.
|
||||
* <p>
|
||||
* Set to true to allow sensitive operations like account creation or password changes over an insecure (e.g.
|
||||
* unencrypted) connections.
|
||||
* </p>
|
||||
*
|
||||
* @param allow
|
||||
* @since 4.1
|
||||
*/
|
||||
public void sensitiveOperationOverInsecureConnection(boolean allow) {
|
||||
this.allowSensitiveOperationOverInsecureConnection = allow;
|
||||
}
|
||||
|
||||
private Registration info = null;
|
||||
|
||||
/**
|
||||
|
@ -226,6 +259,11 @@ public class AccountManager extends Manager {
|
|||
*/
|
||||
public void createAccount(String username, String password, Map<String, String> attributes)
|
||||
throws NoResponseException, XMPPErrorException, NotConnectedException {
|
||||
if (!connection().isSecureConnection() && !allowSensitiveOperationOverInsecureConnection) {
|
||||
// TODO throw exception in newer Smack versions
|
||||
LOGGER.warning("Creating account over insecure connection. "
|
||||
+ "This will throw an exception in future versions of Smack if AccountManager.sensitiveOperationOverInsecureConnection(true) is not set");
|
||||
}
|
||||
attributes.put("username", username);
|
||||
attributes.put("password", password);
|
||||
Registration reg = new Registration(attributes);
|
||||
|
@ -245,6 +283,11 @@ public class AccountManager extends Manager {
|
|||
* @throws NotConnectedException
|
||||
*/
|
||||
public void changePassword(String newPassword) throws NoResponseException, XMPPErrorException, NotConnectedException {
|
||||
if (!connection().isSecureConnection() && !allowSensitiveOperationOverInsecureConnection) {
|
||||
// TODO throw exception in newer Smack versions
|
||||
LOGGER.warning("Changing password over insecure connection. "
|
||||
+ "This will throw an exception in future versions of Smack if AccountManager.sensitiveOperationOverInsecureConnection(true) is not set");
|
||||
}
|
||||
Map<String, String> map = new HashMap<String, String>();
|
||||
map.put("username",XmppStringUtils.parseLocalpart(connection().getUser()));
|
||||
map.put("password",newPassword);
|
||||
|
|
Loading…
Reference in a new issue