(refs #115) Add PublicKeyAuthenticator sample impl

Auth TODOs

* Fetch user account pubkeys from DB

src/main/scala/ssh/GitCommand.scala

@@ -98,4 +98,3 @@ class GitReceivePack(command: String) extends GitCommand(command: String) {
     }
   }
 }
-

src/main/scala/ssh/PublicKeyAuthenticator.scala

@@ -3,22 +3,35 @@ package ssh
 import org.apache.sshd.server.{PublickeyAuthenticator, PasswordAuthenticator}
 import org.slf4j.LoggerFactory
 import org.apache.sshd.server.session.ServerSession
-import java.security.PublicKey
+import java.security.{KeyFactory, PublicKey}
+import org.apache.commons.codec.binary.Base64
+import java.security.spec.X509EncodedKeySpec
+import org.apache.sshd.common.util.Buffer
 
 
 class PublicKeyAuthenticator extends PublickeyAuthenticator {
+  private val logger = LoggerFactory.getLogger(classOf[PublicKeyAuthenticator])
+
   override def authenticate(username: String, key: PublicKey, session: ServerSession): Boolean = {
-    // TODO Implements PublicKeyAuthenticator
+    // TODO this string is read from DB and Users register this public key string on Account Profile view
-    true
+    val testAuthkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDRzuX0WtSLzCY45nEhfFDPXzYGmvQdqnOgOUY4yGL5io/2ztyUvJdhWowkyakeoPxVk/jIP7Tu8Are5TuSD+fJp7aUbZW2CYOEsxo8cwndh/ezIX6RFjlu+xvKvZ8G7BtFLlLCcnza9uB+uEAyPH5HvGQLdV7dXctLfFqXPTr1p1RjSI7Noubm+vN4n9108rILd32MlhQiToXjL4HKWWwmppaln6bEsonOQW4/GieRjQeyWDkbVekIofnedjWl4+W0kAA+WosNwRFShgsaJLfU964HT/cGjK5auqOG+nATY0suECnxAK+5Wb6jXXYNmKiIMHypeXG1Qy2wMyMB1Gq9 tanacasino-local"
-  }
+    toPublicKey(testAuthkey) match {
-}
+      case Some(publicKey) => key.equals(publicKey)
-
+      case _ => false
-// always true authenticator...
+    }
-class MyPasswordAuthenticator extends PasswordAuthenticator {
+  }
-  private val logger = LoggerFactory.getLogger(classOf[MyPasswordAuthenticator])
+
-
+  private def toPublicKey(key: String): Option[PublicKey] = {
-  override def authenticate(username: String, password: String, session: ServerSession): Boolean = {
+    try {
-    logger.info("noop authenticate!!!")
+      val parts = key.split(" ")
-    true
+      val encodedKey = key.split(" ")(1)
+      val decode = Base64.decodeBase64(encodedKey)
+      Some(new Buffer(decode).getRawPublicKey)
+    } catch {
+      case e: Throwable => {
+        logger.error(e.getMessage, e)
+        None
+      }
+    }
   }
 }

src/main/scala/ssh/SshServerListener.scala

@@ -16,13 +16,10 @@ object SshServer {
 
   private def configure() = {
     server.setPort(DEFAULT_PORT)
-
-    // TODO not password use PublicKeyAuthenticator
-    val authenticator = new MyPasswordAuthenticator
-    server.setPasswordAuthenticator(authenticator)
-
     // TODO gitbucket.ser should be in GITBUCKET_HOME
     server.setKeyPairProvider(new SimpleGeneratorHostKeyProvider("gitbucket.ser"))
+
+    server.setPublickeyAuthenticator(new PublicKeyAuthenticator)
     server.setCommandFactory(new GitCommandFactory)
   }
 
@@ -30,6 +27,7 @@ object SshServer {
     if (SSH_SERVICE_ENABLE) {
       configure()
       server.start()
+      logger.info(s"Start SSH Server Listen on ${server.getPort}")
     }
   }
 
@@ -39,19 +37,20 @@ object SshServer {
 }
 
 /*
- * Start a SSH Service Daemon
+ * Start a SSH Server Daemon
  *
- * How to use ?
+ * How to use:
- * git clone ssh://username@host_or_ip:29418/username/repository_name.git
+ * git clone ssh://username@host_or_ip:29418/owner/repository_name.git
  *
  */
 class SshServerListener extends ServletContextListener {
+
   override def contextInitialized(sce: ServletContextEvent): Unit = {
-    SshServer.start
+    SshServer.start()
   }
 
   override def contextDestroyed(sce: ServletContextEvent): Unit = {
-    SshServer.stop
+    SshServer.stop()
   }
 
 }