001    package org.kuali.common.deploy.channel.spring;
002    
003    import java.util.List;
004    
005    import org.kuali.common.deploy.env.spring.DefaultDeployEnvironmentConfig;
006    import org.kuali.common.deploy.env.spring.DeployEnvironmentConfig;
007    import org.kuali.common.util.secure.channel.DefaultSecureChannel;
008    import org.kuali.common.util.secure.channel.SecureChannel;
009    import org.kuali.common.util.secure.channel.spring.SecureChannelConfig;
010    import org.kuali.common.util.spring.SpringUtils;
011    import org.kuali.common.util.spring.env.EnvironmentService;
012    import org.kuali.common.util.spring.service.SpringServiceConfig;
013    import org.springframework.beans.factory.annotation.Autowired;
014    import org.springframework.context.annotation.Bean;
015    import org.springframework.context.annotation.Configuration;
016    import org.springframework.context.annotation.Import;
017    import org.springframework.util.Assert;
018    
019    @Configuration
020    @Import({ DefaultDeployEnvironmentConfig.class, SpringServiceConfig.class })
021    public class DefaultSecureChannelConfig implements SecureChannelConfig {
022    
023            private static final String USERNAME_KEY = "channel.username";
024            private static final String HOSTNAME_KEY = "channel.hostname";
025    
026            private static final String ROOT = "root";
027    
028            @Autowired
029            DeployEnvironmentConfig envConfig;
030    
031            @Autowired
032            EnvironmentService env;
033    
034            @Override
035            @Bean
036            public SecureChannel secureChannel() {
037    
038                    // User to connect as
039                    String username = env.getString(USERNAME_KEY, ROOT);
040    
041                    // Hostname to connect to
042                    String hostname = env.getString(HOSTNAME_KEY, envConfig.deployEnvironment().getDns().getHostname());
043    
044                    // Turn off strict host key checking by default
045                    boolean strictHostKeyChecking = env.getBoolean("channel.strictHostKeyChecking", false);
046    
047                    // Turn off use of ~/.ssh/config
048                    boolean useConfigFile = env.getBoolean("channel.useConfigFile", false);
049    
050                    // Don't check file system locations for private keys
051                    boolean includeDefaultPrivateKeyLocations = env.getBoolean("channel.includeDefaultPrivateKeyLocations", false);
052    
053                    // Require at least one private key string
054                    List<String> privateKeyStrings = SpringUtils.getNoneSensitiveListFromCSV(env, "channel.privateKeyStrings");
055    
056                    Assert.isTrue(privateKeyStrings.size() > 0, "no private key strings");
057    
058                    // Setup the channel
059                    return new DefaultSecureChannel.Builder(username, hostname).strictHostKeyChecking(strictHostKeyChecking).useConfigFile(useConfigFile)
060                                    .includeDefaultPrivateKeyLocations(includeDefaultPrivateKeyLocations).privateKeyStrings(privateKeyStrings).build();
061    
062            }
063    
064    }