org.apache.sshd.client.auth.keyboard

Interface UserInteraction

public interface UserInteraction

Interface used by the ssh client to communicate with the end user.

See Also:

RFC 4256

Field Summary

Fields

Modifier and Type	Field and Description
static java.lang.String	AUTO_DETECT_PASSWORD_PROMPT Whether to auto-detect password challenge prompt
static java.lang.String	CHECK_INTERACTIVE_PASSWORD_DELIM If password prompt detected then check it ends with any of the comma separated list of these values.
static boolean	DEFAULT_AUTO_DETECT_PASSWORD_PROMPT Default value for "user-interaction-auto-detect-password-prompt"
static java.lang.String	DEFAULT_CHECK_INTERACTIVE_PASSWORD_DELIM Default value of "user-interaction-check-password-delimiter"
static java.lang.String	DEFAULT_INTERACTIVE_PASSWORD_PROMPT Default value for "user-interaction-password-prompt"
static java.lang.String	INTERACTIVE_PASSWORD_PROMPT Comma separated list of values used to detect request for a password in interactive mode.
static UserInteraction	NONE A useful "placeholder" that indicates that no interaction is expected.

Method Summary

Modifier and Type	Method and Description
static int	findPromptComponentLastPosition(java.lang.String prompt, java.lang.String tokensList)
java.lang.String	getUpdatedPassword(ClientSession session, java.lang.String prompt, java.lang.String lang) Invoked when the server returns an SSH_MSG_USERAUTH_PASSWD_CHANGEREQ response indicating that the password should be changed - e.g., expired or not strong enough (as per the server's policy).
java.lang.String[]	interactive(ClientSession session, java.lang.String name, java.lang.String instruction, java.lang.String lang, java.lang.String[] prompt, boolean[] echo) Invoked when "keyboard-interactive" authentication mechanism is used in order to provide responses for the server's challenges (a.k.a.
default boolean	isInteractionAllowed(ClientSession session)
default void	serverVersionInfo(ClientSession session, java.util.List<java.lang.String> lines) Called if the server sent any extra information beyond the standard version line
default void	welcome(ClientSession session, java.lang.String banner, java.lang.String lang) Displays the welcome banner to the user.

Field Detail

AUTO_DETECT_PASSWORD_PROMPT

static final java.lang.String AUTO_DETECT_PASSWORD_PROMPT

Whether to auto-detect password challenge prompt

See Also:

INTERACTIVE_PASSWORD_PROMPT, CHECK_INTERACTIVE_PASSWORD_DELIM, Constant Field Values

DEFAULT_AUTO_DETECT_PASSWORD_PROMPT

static final boolean DEFAULT_AUTO_DETECT_PASSWORD_PROMPT

Default value for "user-interaction-auto-detect-password-prompt"

See Also:

Constant Field Values

INTERACTIVE_PASSWORD_PROMPT

static final java.lang.String INTERACTIVE_PASSWORD_PROMPT

Comma separated list of values used to detect request for a password in interactive mode. Note: the matched prompt is assumed to be lowercase.

See Also:

Constant Field Values

DEFAULT_INTERACTIVE_PASSWORD_PROMPT

static final java.lang.String DEFAULT_INTERACTIVE_PASSWORD_PROMPT

Default value for "user-interaction-password-prompt"

See Also:

Constant Field Values

CHECK_INTERACTIVE_PASSWORD_DELIM

static final java.lang.String CHECK_INTERACTIVE_PASSWORD_DELIM

If password prompt detected then check it ends with any of the comma separated list of these values. Use "none" to disable this extra check. Note: the matched prompt is assumed to be lowercase.

See Also:

Constant Field Values

DEFAULT_CHECK_INTERACTIVE_PASSWORD_DELIM

static final java.lang.String DEFAULT_CHECK_INTERACTIVE_PASSWORD_DELIM

Default value of "user-interaction-check-password-delimiter"

See Also:

Constant Field Values

NONE

static final UserInteraction NONE

A useful "placeholder" that indicates that no interaction is expected. Note: throws IllegalStateException is any of the interaction methods is called

Method Detail

isInteractionAllowed

default boolean isInteractionAllowed(ClientSession session)

Parameters:

session - The ClientSession

Returns:

true if user interaction allowed for this session (default)

serverVersionInfo

default void serverVersionInfo(ClientSession session,
                               java.util.List<java.lang.String> lines)

Called if the server sent any extra information beyond the standard version line

Parameters:

session - The ClientSession through which this information was received

lines - The sent extra lines - without the server version

See Also:

RFC 4253 - section 4.2

welcome

default void welcome(ClientSession session,
                     java.lang.String banner,
                     java.lang.String lang)

Displays the welcome banner to the user.

Parameters:

session - The ClientSession through which the banner was received

banner - The welcome banner

lang - The banner language code - may be empty

interactive

java.lang.String[] interactive(ClientSession session,
                               java.lang.String name,
                               java.lang.String instruction,
                               java.lang.String lang,
                               java.lang.String[] prompt,
                               boolean[] echo)

Invoked when "keyboard-interactive" authentication mechanism is used in order to provide responses for the server's challenges (a.k.a. prompts)

Parameters:

session - The ClientSession through which the request was received

name - The interaction name (may be empty)

instruction - The instruction (may be empty)

lang - The language for the data (may be empty)

prompt - The prompts to be displayed (may be empty)

echo - For each prompt whether to echo the user's response

Returns:

The replies - Note: the protocol states that the number of replies should be exactly the same as the number of prompts, however we do not enforce it since it is defined as the server's job to check and manage this violation.

getUpdatedPassword

java.lang.String getUpdatedPassword(ClientSession session,
                                    java.lang.String prompt,
                                    java.lang.String lang)

Invoked when the server returns an SSH_MSG_USERAUTH_PASSWD_CHANGEREQ response indicating that the password should be changed - e.g., expired or not strong enough (as per the server's policy).

Parameters:

session - The ClientSession through which the request was received

prompt - The server's prompt (may be empty)

lang - The prompt's language (may be empty)

Returns:

The password to use - if null/empty then no updated password was provided - thus failing the authentication via passwords (Note: authentication might still succeed via some other means - be it other passwords, public keys, etc...)

findPromptComponentLastPosition

static int findPromptComponentLastPosition(java.lang.String prompt,
                                           java.lang.String tokensList)

Parameters:

prompt - The user interaction prompt

tokensList - A comma-separated list of tokens whose last index is prompt is sought.

Returns:

The position of any token in the prompt - negative if not found