Skip to content

Commit

Permalink
Issue #11560 - Implement EIP-4361 Sign-In With Ethereum
Browse files Browse the repository at this point in the history 
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
  • Loading branch information
@lachlan-roberts
lachlan-roberts committed Jun 6, 2024
1 parent bc03176 commit 144710b
Show file tree
Hide file tree
Showing 22 changed files with 2,337 additions and 3 deletions.
15 changes: 13 additions & 2 deletions jetty-core/jetty-http/src/main/java/org/eclipse/jetty/http/MultiPartFormData.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -98,8 +98,7 @@ public static CompletableFuture<Parts> from(Attributes attributes, String bounda
*/
public static CompletableFuture<Parts> from(Attributes attributes, MultiPartCompliance compliance, ComplianceViolation.Listener listener, String boundary, Function<Parser, CompletableFuture<Parts>> parse)
{
@SuppressWarnings("unchecked")
CompletableFuture<Parts> futureParts = (CompletableFuture<Parts>)attributes.getAttribute(MultiPartFormData.class.getName());
CompletableFuture<Parts> futureParts = get(attributes);
if (futureParts == null)
{
futureParts = parse.apply(new Parser(boundary, compliance, listener));
Expand All @@ -108,6 +107,18 @@ public static CompletableFuture<Parts> from(Attributes attributes, MultiPartComp
return futureParts;
}

/**
* Returns {@code multipart/form-data} parts if they have already been created.
*
* @param attributes the attributes where the futureParts are tracked
* @return the future parts
*/
@SuppressWarnings("unchecked")
public static CompletableFuture<Parts> get(Attributes attributes)
{
return (CompletableFuture<Parts>)attributes.getAttribute(MultiPartFormData.class.getName());
}

/**
* <p>An ordered list of {@link MultiPart.Part}s that can
* be accessed by index or by name, or iterated over.</p>
Expand Down
2 changes: 1 addition & 1 deletion jetty-core/jetty-openid/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
<version>12.0.10-SNAPSHOT</version>
</parent>
<artifactId>jetty-openid</artifactId>
<name>EE10 :: OpenID</name>
<name>Core :: OpenID</name>
<description>Jetty OpenID Connect Infrastructure</description>

<properties>
Expand Down
1 change: 1 addition & 0 deletions jetty-core/jetty-security/src/main/java/org/eclipse/jetty/security/Authenticator.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,7 @@ public interface Authenticator
String SPNEGO_AUTH = "SPNEGO";
String NEGOTIATE_AUTH = "NEGOTIATE";
String OPENID_AUTH = "OPENID";
String SIWE_AUTH = "SIWE";

/**
* Configure the Authenticator
Expand Down
152 changes: 152 additions & 0 deletions jetty-core/jetty-server/src/main/java/org/eclipse/jetty/server/MultiPartFormFields.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,152 @@
//
// ========================================================================
// Copyright (c) 1995 Mort Bay Consulting Pty Ltd and others.
//
// This program and the accompanying materials are made available under the
// terms of the Eclipse Public License v. 2.0 which is available at
// https://www.eclipse.org/legal/epl-2.0, or the Apache License, Version 2.0
// which is available at https://www.apache.org/licenses/LICENSE-2.0.
//
// SPDX-License-Identifier: EPL-2.0 OR Apache-2.0
// ========================================================================
//

package org.eclipse.jetty.server;

import java.io.File;
import java.util.concurrent.CompletableFuture;

import org.eclipse.jetty.http.ComplianceViolation;
import org.eclipse.jetty.http.HttpField;
import org.eclipse.jetty.http.HttpHeader;
import org.eclipse.jetty.http.MimeTypes;
import org.eclipse.jetty.http.MultiPart;
import org.eclipse.jetty.http.MultiPartCompliance;
import org.eclipse.jetty.http.MultiPartFormData;
import org.eclipse.jetty.io.Content;
import org.eclipse.jetty.util.Attributes;
import org.eclipse.jetty.util.StringUtil;

public class MultiPartFormFields
{
public static class Config
{
private final long fileSizeThreshold;
private final long maxFileSize;
private final long maxRequestSize;
private final int maxFormKeys;
private final File tempDir;
private final String location;

public Config(int maxFormKeys, long maxRequestSize, long maxFileSize, long fileSizeThreshold, String location, File tempDir)
{
this.location = location;
this.tempDir = tempDir;
this.maxFormKeys = maxFormKeys;
this.maxRequestSize = maxRequestSize;
this.maxFileSize = maxFileSize;
this.fileSizeThreshold = fileSizeThreshold;
}

public long getFileSizeThreshold()
{
return fileSizeThreshold;
}

public long getMaxFileSize()
{
return maxFileSize;
}

public long getMaxRequestSize()
{
return maxRequestSize;
}

public int getMaxFormKeys()
{
return maxFormKeys;
}

public File getTempDirectory()
{
return tempDir;
}

public String getLocation()
{
return location;
}
}

public static CompletableFuture<MultiPartFormData.Parts> from(Request request, Config config)
{
return from(request, request, config);
}

public static CompletableFuture<MultiPartFormData.Parts> from(Request request, Content.Source source, Config config)
{
String contentType = request.getHeaders().get(HttpHeader.CONTENT_TYPE);
HttpChannel httpChannel = HttpChannel.from(request);
ComplianceViolation.Listener complianceViolationListener = httpChannel.getComplianceViolationListener();
HttpConfiguration httpConfiguration = request.getConnectionMetaData().getHttpConfiguration();
return from(source, request, contentType, config, httpConfiguration, complianceViolationListener);
}

public static CompletableFuture<MultiPartFormData.Parts> from(Content.Source content, Attributes attributes, String contentType, Config config, HttpConfiguration httpConfiguration, ComplianceViolation.Listener violationListener)
{
// Look for an existing future (we use the future here rather than the parts as it can remember any failure).
CompletableFuture<MultiPartFormData.Parts> futureParts = MultiPartFormData.get(attributes);
if (futureParts == null)
{
// No existing parts, so we need to try to read them ourselves

// Are we the right content type to produce our own parts?
if (contentType == null || !MimeTypes.Type.MULTIPART_FORM_DATA.is(HttpField.getValueParameters(contentType, null)))
return CompletableFuture.failedFuture(new IllegalStateException("Not multipart Content-Type"));

// Do we have a boundary?
String boundary = MultiPart.extractBoundary(contentType);
if (boundary == null)
return CompletableFuture.failedFuture(new IllegalStateException("No multipart boundary parameter in Content-Type"));

// Get a temporary directory for larger parts.
File filesDirectory;
boolean locationIsBlank = StringUtil.isBlank(config.getLocation());
if (locationIsBlank && config.getTempDirectory() == null)
filesDirectory = null;
else
{
filesDirectory = locationIsBlank
? config.getTempDirectory()
: new File(config.getLocation());
}

MultiPartCompliance compliance = httpConfiguration.getMultiPartCompliance();

// Look for an existing future MultiPartFormData.Parts
futureParts = MultiPartFormData.from(attributes, compliance, violationListener, boundary, parser ->
{
try
{
// No existing core parts, so we need to configure the parser.
parser.setMaxParts(config.getMaxFormKeys());
parser.setMaxMemoryFileSize(config.getFileSizeThreshold());
parser.setMaxFileSize(config.getMaxFileSize());
parser.setMaxLength(config.getMaxRequestSize());
parser.setPartHeadersMaxLength(httpConfiguration.getRequestHeaderSize());
if (filesDirectory != null)
parser.setFilesDirectory(filesDirectory.toPath());

// parse the core parts.
return parser.parse(content);
}
catch (Throwable failure)
{
return CompletableFuture.failedFuture(failure);
}
});
}
return futureParts;
}
}
3 changes: 3 additions & 0 deletions jetty-core/jetty-session/src/main/java/org/eclipse/jetty/session/SessionHandler.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -131,6 +131,9 @@ public boolean process(Handler handler, Response response, Callback callback) th
_requestedSessionId = requestedSession.sessionId();
ManagedSession session = requestedSession.session();

// TODO: Implement a better mechanism in core to determine if the Session ID is from a Cookie.
response.getRequest().setAttribute("org.eclipse.jetty.session.sessionIdFromCookie", requestedSession.sessionIdFromCookie());

if (session != null)
{
_session.set(session);
Expand Down
118 changes: 118 additions & 0 deletions jetty-core/jetty-siwe/pom.xml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,118 @@
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">

<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-core</artifactId>
<version>12.0.10-SNAPSHOT</version>
</parent>
<artifactId>jetty-siwe</artifactId>
<name>Core :: Sign-In with Ethereum</name>
<description>Jetty Sign-In with Ethereum</description>

<properties>
<bundle-symbolic-name>${project.groupId}.siwe</bundle-symbolic-name>
</properties>

<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.jetbrains.kotlin</groupId>
<artifactId>kotlin-stdlib-common</artifactId>
<version>1.9.10</version>
</dependency>
<dependency>
<groupId>org.jetbrains.kotlin</groupId>
<artifactId>kotlin-stdlib-jdk7</artifactId>
<version>1.9.10</version>
</dependency>
<dependency>
<groupId>org.jetbrains.kotlin</groupId>
<artifactId>kotlin-stdlib-jdk8</artifactId>
<version>1.9.10</version>
</dependency>
</dependencies>
</dependencyManagement>

<dependencies>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15to18</artifactId>
<version>1.78.1</version>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-client</artifactId>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-security</artifactId>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-server</artifactId>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-util-ajax</artifactId>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
</dependency>
<dependency>
<groupId>org.web3j</groupId>
<artifactId>core</artifactId>
<version>4.12.0</version>
<exclusions>
<exclusion>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
</exclusion>
<exclusion>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-session</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-slf4j-impl</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.eclipse.jetty.toolchain</groupId>
<artifactId>jetty-test-helper</artifactId>
<scope>test</scope>
</dependency>
</dependencies>

<build>
<plugins>
<plugin>
<groupId>org.apache.felix</groupId>
<artifactId>maven-bundle-plugin</artifactId>
<extensions>true</extensions>
<executions>
<execution>
<goals>
<goal>manifest</goal>
</goals>
<configuration>
<instructions>
<Require-Capability>osgi.extender; filter:="(osgi.extender=osgi.serviceloader.registrar)"</Require-Capability>
<Provide-Capability>osgi.serviceloader;osgi.serviceloader=org.eclipse.jetty.security.Authenticator$Factory</Provide-Capability>
</instructions>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>
70 changes: 70 additions & 0 deletions jetty-core/jetty-siwe/src/main/java/org/eclipse/jetty/security/siwe/AnyUserLoginService.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,70 @@
//
// ========================================================================
// Copyright (c) 1995 Mort Bay Consulting Pty Ltd and others.
//
// This program and the accompanying materials are made available under the
// terms of the Eclipse Public License v. 2.0 which is available at
// https://www.eclipse.org/legal/epl-2.0, or the Apache License, Version 2.0
// which is available at https://www.apache.org/licenses/LICENSE-2.0.
//
// SPDX-License-Identifier: EPL-2.0 OR Apache-2.0
// ========================================================================
//

package org.eclipse.jetty.security.siwe;

import java.util.function.Function;
import javax.security.auth.Subject;

import org.eclipse.jetty.security.DefaultIdentityService;
import org.eclipse.jetty.security.IdentityService;
import org.eclipse.jetty.security.LoginService;
import org.eclipse.jetty.security.UserIdentity;
import org.eclipse.jetty.security.UserPrincipal;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.Session;

public class AnyUserLoginService implements LoginService
{
private IdentityService identityService = new DefaultIdentityService();

@Override
public String getName()
{
return "ANY_USER";
}

@Override
public UserIdentity login(String username, Object credentials, Request request, Function<Boolean, Session> getOrCreateSession)
{
UserPrincipal principal = new UserPrincipal(username, null);
Subject subject = new Subject();
subject.getPrincipals().add(principal);
subject.setReadOnly();
return identityService.newUserIdentity(subject, principal, new String[0]);
}

@Override
public boolean validate(UserIdentity user)
{
return user != null;
}

@Override
public IdentityService getIdentityService()
{
return identityService;
}

@Override
public void setIdentityService(IdentityService service)
{
identityService = service;
}

@Override
public void logout(UserIdentity user)
{
// Do nothing.
}
}
Loading

0 comments on commit 144710b

Please sign in to comment.