001/*
002 * SonarQube
003 * Copyright (C) 2009-2017 SonarSource SA
004 * mailto:info AT sonarsource DOT com
005 *
006 * This program is free software; you can redistribute it and/or
007 * modify it under the terms of the GNU Lesser General Public
008 * License as published by the Free Software Foundation; either
009 * version 3 of the License, or (at your option) any later version.
010 *
011 * This program is distributed in the hope that it will be useful,
012 * but WITHOUT ANY WARRANTY; without even the implied warranty of
013 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
014 * Lesser General Public License for more details.
015 *
016 * You should have received a copy of the GNU Lesser General Public License
017 * along with this program; if not, write to the Free Software Foundation,
018 * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
019 */
020package org.sonar.api.security;
021
022import javax.annotation.Nullable;
023import javax.servlet.http.HttpServletRequest;
024import org.sonar.api.ExtensionPoint;
025import org.sonar.api.server.ServerSide;
026
027import static java.util.Objects.requireNonNull;
028
029/**
030 * @see SecurityRealm
031 * @since 3.1
032 */
033@ServerSide
034@ExtensionPoint
035public abstract class Authenticator {
036
037  /**
038   * @return true if user was successfully authenticated with specified credentials, false otherwise
039   * @throws RuntimeException in case of unexpected error such as connection failure
040   */
041  public abstract boolean doAuthenticate(Context context);
042
043  public static final class Context {
044    private String username;
045    private String password;
046    private HttpServletRequest request;
047
048    public Context(@Nullable String username, @Nullable String password, HttpServletRequest request) {
049      requireNonNull(request);
050      this.request = request;
051      this.username = username;
052      this.password = password;
053    }
054
055    /**
056     * Username can be null, for example when using <a href="http://www.jasig.org/cas">CAS</a>.
057     */
058    public String getUsername() {
059      return username;
060    }
061
062    /**
063     * Password can be null, for example when using <a href="http://www.jasig.org/cas">CAS</a>.
064     */
065    public String getPassword() {
066      return password;
067    }
068
069    public HttpServletRequest getRequest() {
070      return request;
071    }
072  }
073}