Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 1 | /* |
Amit Ghosh | c9ac1e5 | 2017-07-28 12:31:18 +0100 | [diff] [blame] | 2 | * Copyright 2017-present Open Networking Foundation |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | * |
| 16 | */ |
| 17 | |
Matteo Scandolo | cf847b8 | 2019-04-26 15:00:00 -0700 | [diff] [blame] | 18 | package org.opencord.aaa.impl; |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 19 | |
| 20 | import org.onlab.packet.MacAddress; |
| 21 | import org.onosproject.net.ConnectPoint; |
Matteo Scandolo | cf847b8 | 2019-04-26 15:00:00 -0700 | [diff] [blame] | 22 | import org.opencord.aaa.AuthenticationEvent; |
| 23 | import org.opencord.aaa.StateMachineDelegate; |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 24 | import org.slf4j.Logger; |
Thomas Vachuska | e989420 | 2015-07-30 11:59:07 -0700 | [diff] [blame] | 25 | |
Shubham Sharma | 4900ce6 | 2019-06-19 14:18:50 +0000 | [diff] [blame] | 26 | import java.util.HashSet; |
Shubham Sharma | 4900ce6 | 2019-06-19 14:18:50 +0000 | [diff] [blame] | 27 | import java.util.Set; |
Jonathan Hart | 612651f | 2019-11-25 09:21:43 -0800 | [diff] [blame^] | 28 | import java.util.concurrent.ScheduledExecutorService; |
| 29 | import java.util.concurrent.TimeUnit; |
Shubham Sharma | 4900ce6 | 2019-06-19 14:18:50 +0000 | [diff] [blame] | 30 | |
| 31 | import static org.slf4j.LoggerFactory.getLogger; |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 32 | |
| 33 | /** |
| 34 | * AAA Finite State Machine. |
| 35 | */ |
Carmelo Cascone | 58b5329 | 2019-09-30 12:35:31 -0700 | [diff] [blame] | 36 | public class StateMachine { |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 37 | //INDEX to identify the state in the transition table |
| 38 | static final int STATE_IDLE = 0; |
| 39 | static final int STATE_STARTED = 1; |
| 40 | static final int STATE_PENDING = 2; |
| 41 | static final int STATE_AUTHORIZED = 3; |
| 42 | static final int STATE_UNAUTHORIZED = 4; |
| 43 | |
Shubham Sharma | 1e43c56 | 2019-06-19 14:18:12 +0000 | [diff] [blame] | 44 | // Defining the states where timeout can happen |
Jonathan Hart | 612651f | 2019-11-25 09:21:43 -0800 | [diff] [blame^] | 45 | static final Set<Integer> TIMEOUT_ELIGIBLE_STATES = new HashSet<>(); |
Shubham Sharma | 1e43c56 | 2019-06-19 14:18:12 +0000 | [diff] [blame] | 46 | static { |
| 47 | TIMEOUT_ELIGIBLE_STATES.add(STATE_STARTED); |
| 48 | TIMEOUT_ELIGIBLE_STATES.add(STATE_PENDING); |
| 49 | } |
| 50 | // INDEX to identify the transition in the transition table |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 51 | static final int TRANSITION_START = 0; // --> started |
| 52 | static final int TRANSITION_REQUEST_ACCESS = 1; |
| 53 | static final int TRANSITION_AUTHORIZE_ACCESS = 2; |
| 54 | static final int TRANSITION_DENY_ACCESS = 3; |
| 55 | static final int TRANSITION_LOGOFF = 4; |
| 56 | |
Jonathan Hart | 612651f | 2019-11-25 09:21:43 -0800 | [diff] [blame^] | 57 | private static int identifier = -1; |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 58 | private byte challengeIdentifier; |
| 59 | private byte[] challengeState; |
| 60 | private byte[] username; |
| 61 | private byte[] requestAuthenticator; |
| 62 | |
| 63 | // Supplicant connectivity info |
Ray Milkey | f61a24e | 2015-09-24 16:34:02 -0700 | [diff] [blame] | 64 | private ConnectPoint supplicantConnectpoint; |
| 65 | private MacAddress supplicantAddress; |
| 66 | private short vlanId; |
Amit Ghosh | c9ac1e5 | 2017-07-28 12:31:18 +0100 | [diff] [blame] | 67 | private byte priorityCode; |
Kartikey Dubey | adeb26e | 2019-10-01 12:18:35 +0000 | [diff] [blame] | 68 | private long sessionStartTime; |
| 69 | private String eapolTypeVal; |
| 70 | |
| 71 | public enum EapolType { |
| 72 | EAPOL_PACKET("EAPOL_PACKET"), |
| 73 | EAPOL_START("EAPOL_START"), |
| 74 | EAPOL_LOGOFF("EAPOL_LOGOFF"), |
| 75 | EAPOL_KEY("EAPOL_KEY"), |
| 76 | EAPOL_ASF("EAPOL_ASF"); |
| 77 | |
| 78 | private final String eaptype; |
| 79 | |
| 80 | private EapolType(String value) { |
| 81 | this.eaptype = value; |
| 82 | } |
| 83 | }; |
| 84 | |
| 85 | private String sessionTerminateReason; |
| 86 | |
| 87 | public enum SessionTerminationReasons { |
| 88 | SUPPLICANT_LOGOFF("SUPPLICANT_LOGOFF"), |
| 89 | TIME_OUT("TIME_OUT"), |
| 90 | PORT_REMOVED("PORT_REMOVED"); |
| 91 | |
| 92 | private final String reason; |
| 93 | |
| 94 | private SessionTerminationReasons(String value) { |
| 95 | this.reason = value; |
| 96 | } |
| 97 | |
| 98 | public String getReason() { |
| 99 | return this.reason; |
| 100 | } |
| 101 | }; |
| 102 | |
| 103 | // Supplicant packet count |
| 104 | private int totalPacketsSent; |
| 105 | private int totalPacketsReceived; |
| 106 | private int totalOctetSent; |
| 107 | private int totalOctetReceived; |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 108 | |
Shubham Sharma | 1e43c56 | 2019-06-19 14:18:12 +0000 | [diff] [blame] | 109 | // Boolean flag indicating whether response is pending from AAA Server. |
| 110 | // Used for counting timeout happening for AAA Sessions due to no response. |
| 111 | private boolean waitingForRadiusResponse; |
| 112 | |
| 113 | private static int cleanupTimerTimeOutInMins; |
| 114 | |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 115 | private String sessionId = null; |
| 116 | |
| 117 | private final Logger log = getLogger(getClass()); |
| 118 | |
Shubham Sharma | 1e43c56 | 2019-06-19 14:18:12 +0000 | [diff] [blame] | 119 | private State[] states = {new Idle(), new Started(), new Pending(), new Authorized(), new Unauthorized() }; |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 120 | |
Shubham Sharma | 1e43c56 | 2019-06-19 14:18:12 +0000 | [diff] [blame] | 121 | // Cleanup Timer instance created for this session |
Jonathan Hart | 612651f | 2019-11-25 09:21:43 -0800 | [diff] [blame^] | 122 | private ScheduledExecutorService executor; |
Shubham Sharma | 1e43c56 | 2019-06-19 14:18:12 +0000 | [diff] [blame] | 123 | private java.util.concurrent.ScheduledFuture<?> cleanupTimer = null; |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 124 | |
Shubham Sharma | 1e43c56 | 2019-06-19 14:18:12 +0000 | [diff] [blame] | 125 | // TimeStamp of last EAPOL or RADIUS message received. |
| 126 | private long lastPacketReceivedTime = 0; |
| 127 | |
| 128 | // State transition table |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 129 | /* |
Shubham Sharma | 1e43c56 | 2019-06-19 14:18:12 +0000 | [diff] [blame] | 130 | * |
| 131 | * state IDLE | STARTED | PENDING | AUTHORIZED | UNAUTHORIZED //// input |
| 132 | * ----------------------------------------------------------------------------- |
| 133 | * ----------------------- |
| 134 | * |
| 135 | * START STARTED | _ | _ | STARTED | STARTED |
| 136 | * |
| 137 | * REQUEST_ACCESS _ | PENDING | _ | _ | _ |
| 138 | * |
| 139 | * AUTHORIZE_ACCESS _ | _ | AUTHORIZED | _ | _ |
| 140 | * |
| 141 | * DENY_ACCESS _ | - | UNAUTHORIZED | _ | _ |
| 142 | * |
| 143 | * LOGOFF _ | _ | _ | IDLE | IDLE |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 144 | */ |
| 145 | |
Shubham Sharma | 1e43c56 | 2019-06-19 14:18:12 +0000 | [diff] [blame] | 146 | private int[] idleTransition = {STATE_STARTED, STATE_IDLE, STATE_IDLE, STATE_IDLE, STATE_IDLE }; |
| 147 | private int[] startedTransition = {STATE_STARTED, STATE_PENDING, STATE_STARTED, STATE_STARTED, STATE_STARTED }; |
| 148 | private int[] pendingTransition = {STATE_PENDING, STATE_PENDING, STATE_AUTHORIZED, STATE_UNAUTHORIZED, |
| 149 | STATE_PENDING }; |
| 150 | private int[] authorizedTransition = {STATE_STARTED, STATE_AUTHORIZED, STATE_AUTHORIZED, STATE_AUTHORIZED, |
| 151 | STATE_IDLE }; |
| 152 | private int[] unauthorizedTransition = {STATE_STARTED, STATE_UNAUTHORIZED, STATE_UNAUTHORIZED, STATE_UNAUTHORIZED, |
| 153 | STATE_IDLE }; |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 154 | |
Shubham Sharma | 1e43c56 | 2019-06-19 14:18:12 +0000 | [diff] [blame] | 155 | // THE TRANSITION TABLE |
| 156 | private int[][] transition = {idleTransition, startedTransition, pendingTransition, authorizedTransition, |
| 157 | unauthorizedTransition }; |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 158 | |
| 159 | private int currentState = STATE_IDLE; |
| 160 | |
Jonathan Hart | 5db4453 | 2018-07-12 18:13:54 -0700 | [diff] [blame] | 161 | private static StateMachineDelegate delegate; |
| 162 | |
Matteo Scandolo | cf847b8 | 2019-04-26 15:00:00 -0700 | [diff] [blame] | 163 | public static void setDelegate(StateMachineDelegate delegate) { |
| 164 | StateMachine.delegate = delegate; |
Jonathan Hart | 5db4453 | 2018-07-12 18:13:54 -0700 | [diff] [blame] | 165 | } |
| 166 | |
Shubham Sharma | 1e43c56 | 2019-06-19 14:18:12 +0000 | [diff] [blame] | 167 | public static void setcleanupTimerTimeOutInMins(int cleanupTimerTimeoutInMins) { |
| 168 | cleanupTimerTimeOutInMins = cleanupTimerTimeoutInMins; |
| 169 | } |
| 170 | |
Jonathan Hart | 612651f | 2019-11-25 09:21:43 -0800 | [diff] [blame^] | 171 | private void scheduleTimeout() { |
| 172 | cleanupTimer = executor.schedule(this::timeout, cleanupTimerTimeOutInMins, TimeUnit.MINUTES); |
| 173 | } |
| 174 | |
Jonathan Hart | 5db4453 | 2018-07-12 18:13:54 -0700 | [diff] [blame] | 175 | public static void unsetDelegate(StateMachineDelegate delegate) { |
| 176 | if (StateMachine.delegate == delegate) { |
| 177 | StateMachine.delegate = null; |
| 178 | } |
| 179 | } |
| 180 | |
Amit Ghosh | c9ac1e5 | 2017-07-28 12:31:18 +0100 | [diff] [blame] | 181 | public static void deleteStateMachineMapping(StateMachine machine) { |
Shubham Sharma | 1e43c56 | 2019-06-19 14:18:12 +0000 | [diff] [blame] | 182 | if (machine.cleanupTimer != null) { |
| 183 | machine.cleanupTimer.cancel(false); |
| 184 | machine.cleanupTimer = null; |
| 185 | } |
| 186 | } |
| 187 | |
Jonathan Hart | 612651f | 2019-11-25 09:21:43 -0800 | [diff] [blame^] | 188 | public void stop() { |
| 189 | if (cleanupTimer != null) { |
| 190 | cleanupTimer.cancel(false); |
| 191 | } |
Shubham Sharma | 1e43c56 | 2019-06-19 14:18:12 +0000 | [diff] [blame] | 192 | } |
| 193 | |
| 194 | public boolean isWaitingForRadiusResponse() { |
| 195 | return waitingForRadiusResponse; |
| 196 | } |
| 197 | |
| 198 | public void setWaitingForRadiusResponse(boolean waitingForRadiusResponse) { |
| 199 | this.waitingForRadiusResponse = waitingForRadiusResponse; |
| 200 | } |
| 201 | |
David K. Bainbridge | 6201949 | 2017-07-28 17:02:10 -0700 | [diff] [blame] | 202 | /** |
Jonathan Hart | 932bedc | 2018-07-12 13:46:09 -0700 | [diff] [blame] | 203 | * Creates a new StateMachine with the given session ID. |
Thomas Vachuska | e989420 | 2015-07-30 11:59:07 -0700 | [diff] [blame] | 204 | * |
Shubham Sharma | 1e43c56 | 2019-06-19 14:18:12 +0000 | [diff] [blame] | 205 | * @param sessionId session Id represented by the switch dpid + port number |
Jonathan Hart | 612651f | 2019-11-25 09:21:43 -0800 | [diff] [blame^] | 206 | * @param executor executor to run background tasks on |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 207 | */ |
Jonathan Hart | 612651f | 2019-11-25 09:21:43 -0800 | [diff] [blame^] | 208 | public StateMachine(String sessionId, ScheduledExecutorService executor) { |
Jonathan Hart | 932bedc | 2018-07-12 13:46:09 -0700 | [diff] [blame] | 209 | log.info("Creating a new state machine for {}", sessionId); |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 210 | this.sessionId = sessionId; |
Jonathan Hart | 612651f | 2019-11-25 09:21:43 -0800 | [diff] [blame^] | 211 | this.executor = executor; |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 212 | } |
| 213 | |
| 214 | /** |
Ray Milkey | f61a24e | 2015-09-24 16:34:02 -0700 | [diff] [blame] | 215 | * Gets the connect point for the supplicant side. |
| 216 | * |
| 217 | * @return supplicant connect point |
| 218 | */ |
| 219 | public ConnectPoint supplicantConnectpoint() { |
| 220 | return supplicantConnectpoint; |
| 221 | } |
| 222 | |
| 223 | /** |
| 224 | * Sets the supplicant side connect point. |
| 225 | * |
| 226 | * @param supplicantConnectpoint supplicant select point. |
| 227 | */ |
| 228 | public void setSupplicantConnectpoint(ConnectPoint supplicantConnectpoint) { |
| 229 | this.supplicantConnectpoint = supplicantConnectpoint; |
| 230 | } |
| 231 | |
| 232 | /** |
| 233 | * Gets the MAC address of the supplicant. |
| 234 | * |
| 235 | * @return supplicant MAC address |
| 236 | */ |
| 237 | public MacAddress supplicantAddress() { |
| 238 | return supplicantAddress; |
| 239 | } |
| 240 | |
| 241 | /** |
| 242 | * Sets the supplicant MAC address. |
| 243 | * |
| 244 | * @param supplicantAddress new supplicant MAC address |
| 245 | */ |
| 246 | public void setSupplicantAddress(MacAddress supplicantAddress) { |
| 247 | this.supplicantAddress = supplicantAddress; |
| 248 | } |
| 249 | |
| 250 | /** |
Shubham Sharma | 1e43c56 | 2019-06-19 14:18:12 +0000 | [diff] [blame] | 251 | * Sets the lastPacketReceivedTime. |
| 252 | * |
| 253 | * @param lastPacketReceivedTime timelastPacket was received |
| 254 | */ |
| 255 | public void setLastPacketReceivedTime(long lastPacketReceivedTime) { |
| 256 | this.lastPacketReceivedTime = lastPacketReceivedTime; |
| 257 | } |
| 258 | |
| 259 | /** |
| 260 | * Gets the lastPacketReceivedTime. |
| 261 | * |
| 262 | * @return lastPacketReceivedTime |
| 263 | */ |
| 264 | public long getLastPacketReceivedTime() { |
| 265 | return lastPacketReceivedTime; |
| 266 | } |
| 267 | |
| 268 | /** |
Ray Milkey | f61a24e | 2015-09-24 16:34:02 -0700 | [diff] [blame] | 269 | * Gets the client's Vlan ID. |
| 270 | * |
| 271 | * @return client vlan ID |
| 272 | */ |
| 273 | public short vlanId() { |
| 274 | return vlanId; |
| 275 | } |
| 276 | |
| 277 | /** |
| 278 | * Sets the client's vlan ID. |
| 279 | * |
| 280 | * @param vlanId new client vlan ID |
| 281 | */ |
| 282 | public void setVlanId(short vlanId) { |
| 283 | this.vlanId = vlanId; |
| 284 | } |
| 285 | |
| 286 | /** |
Amit Ghosh | c9ac1e5 | 2017-07-28 12:31:18 +0100 | [diff] [blame] | 287 | * Gets the client's priority Code. |
| 288 | * |
| 289 | * @return client Priority code |
| 290 | */ |
| 291 | public byte priorityCode() { |
| 292 | return priorityCode; |
| 293 | } |
| 294 | |
| 295 | /** |
| 296 | * Sets the client's priority Code. |
| 297 | * |
| 298 | * @param priorityCode new client priority Code |
| 299 | */ |
| 300 | public void setPriorityCode(byte priorityCode) { |
| 301 | this.priorityCode = priorityCode; |
| 302 | } |
| 303 | |
| 304 | /** |
Kartikey Dubey | adeb26e | 2019-10-01 12:18:35 +0000 | [diff] [blame] | 305 | * Gets the session start time. |
| 306 | * |
| 307 | * @return session start time |
| 308 | */ |
| 309 | public long sessionStartTime() { |
| 310 | return sessionStartTime; |
| 311 | } |
| 312 | |
| 313 | /** |
| 314 | * Sets the session start time. |
| 315 | * |
| 316 | * @param sessionStartTime new session start time |
| 317 | */ |
| 318 | public void setSessionStartTime(long sessionStartTime) { |
| 319 | this.sessionStartTime = sessionStartTime; |
| 320 | } |
| 321 | |
| 322 | /** |
| 323 | * returns eapol Type. |
| 324 | * |
| 325 | * @return eapolTypeVal. |
| 326 | */ |
| 327 | public String eapolType() { |
| 328 | return this.eapolTypeVal; |
| 329 | } |
| 330 | |
| 331 | /** |
| 332 | * Sets eapol Type name from eapol value. |
| 333 | * |
| 334 | * @param value eapol type as byte. |
| 335 | */ |
| 336 | public void setEapolTypeVal(byte value) { |
| 337 | switch (value) { |
| 338 | case (byte) 0: this.eapolTypeVal = EapolType.EAPOL_PACKET.eaptype; |
| 339 | break; |
| 340 | case (byte) 1: this.eapolTypeVal = EapolType.EAPOL_START.eaptype; |
| 341 | break; |
| 342 | case (byte) 2: this.eapolTypeVal = EapolType.EAPOL_LOGOFF.eaptype; |
| 343 | break; |
| 344 | case (byte) 3: this.eapolTypeVal = EapolType.EAPOL_KEY.eaptype; |
| 345 | break; |
| 346 | case (byte) 4: this.eapolTypeVal = EapolType.EAPOL_ASF.eaptype; |
| 347 | break; |
| 348 | default : this.eapolTypeVal = "INVALID TYPE"; |
| 349 | } |
| 350 | } |
| 351 | |
| 352 | public String getSessionTerminateReason() { |
| 353 | return sessionTerminateReason; |
| 354 | } |
| 355 | |
| 356 | public void setSessionTerminateReason(String sessionTerminateReason) { |
| 357 | this.sessionTerminateReason = sessionTerminateReason; |
| 358 | } |
| 359 | |
| 360 | public int totalPacketsReceived() { |
| 361 | return this.totalPacketsReceived; |
| 362 | } |
| 363 | |
| 364 | public void incrementTotalPacketsReceived() { |
| 365 | this.totalPacketsReceived = this.totalPacketsReceived + 1; |
| 366 | } |
| 367 | |
| 368 | public int totalPacketsSent() { |
| 369 | return this.totalPacketsSent; |
| 370 | } |
| 371 | |
| 372 | public void incrementTotalPacketsSent() { |
| 373 | this.totalPacketsSent = this.totalPacketsSent + 1; |
| 374 | } |
| 375 | |
| 376 | public void incrementTotalOctetReceived(short packetLen) { |
| 377 | this.totalOctetReceived = this.totalOctetReceived + packetLen; |
| 378 | } |
| 379 | |
| 380 | public void incrementTotalOctetSent(short packetLen) { |
| 381 | this.totalOctetSent = this.totalOctetSent + packetLen; |
| 382 | } |
| 383 | |
| 384 | /** |
Ray Milkey | f61a24e | 2015-09-24 16:34:02 -0700 | [diff] [blame] | 385 | * Gets the client id that is requesting for access. |
Thomas Vachuska | e989420 | 2015-07-30 11:59:07 -0700 | [diff] [blame] | 386 | * |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 387 | * @return The client id. |
| 388 | */ |
Ray Milkey | f61a24e | 2015-09-24 16:34:02 -0700 | [diff] [blame] | 389 | public String sessionId() { |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 390 | return this.sessionId; |
| 391 | } |
| 392 | |
| 393 | /** |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 394 | * Set the challenge identifier and the state issued by the RADIUS. |
Thomas Vachuska | e989420 | 2015-07-30 11:59:07 -0700 | [diff] [blame] | 395 | * |
Shubham Sharma | 1e43c56 | 2019-06-19 14:18:12 +0000 | [diff] [blame] | 396 | * @param challengeIdentifier The challenge identifier set into the EAP packet |
| 397 | * from the RADIUS message. |
Thomas Vachuska | e989420 | 2015-07-30 11:59:07 -0700 | [diff] [blame] | 398 | * @param challengeState The challenge state from the RADIUS. |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 399 | */ |
| 400 | protected void setChallengeInfo(byte challengeIdentifier, byte[] challengeState) { |
| 401 | this.challengeIdentifier = challengeIdentifier; |
| 402 | this.challengeState = challengeState; |
| 403 | } |
Thomas Vachuska | e989420 | 2015-07-30 11:59:07 -0700 | [diff] [blame] | 404 | |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 405 | /** |
Shubham Sharma | 1e43c56 | 2019-06-19 14:18:12 +0000 | [diff] [blame] | 406 | * Set the challenge identifier issued by the RADIUS on the access challenge |
| 407 | * request. |
Thomas Vachuska | e989420 | 2015-07-30 11:59:07 -0700 | [diff] [blame] | 408 | * |
Shubham Sharma | 1e43c56 | 2019-06-19 14:18:12 +0000 | [diff] [blame] | 409 | * @param challengeIdentifier The challenge identifier set into the EAP packet |
| 410 | * from the RADIUS message. |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 411 | */ |
| 412 | protected void setChallengeIdentifier(byte challengeIdentifier) { |
| 413 | log.info("Set Challenge Identifier to {}", challengeIdentifier); |
| 414 | this.challengeIdentifier = challengeIdentifier; |
| 415 | } |
| 416 | |
| 417 | /** |
Ray Milkey | f61a24e | 2015-09-24 16:34:02 -0700 | [diff] [blame] | 418 | * Gets the challenge EAP identifier set by the RADIUS. |
Thomas Vachuska | e989420 | 2015-07-30 11:59:07 -0700 | [diff] [blame] | 419 | * |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 420 | * @return The challenge EAP identifier. |
| 421 | */ |
Ray Milkey | f61a24e | 2015-09-24 16:34:02 -0700 | [diff] [blame] | 422 | protected byte challengeIdentifier() { |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 423 | return this.challengeIdentifier; |
| 424 | } |
| 425 | |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 426 | /** |
| 427 | * Set the challenge state info issued by the RADIUS. |
Thomas Vachuska | e989420 | 2015-07-30 11:59:07 -0700 | [diff] [blame] | 428 | * |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 429 | * @param challengeState The challenge state from the RADIUS. |
| 430 | */ |
| 431 | protected void setChallengeState(byte[] challengeState) { |
| 432 | log.info("Set Challenge State"); |
| 433 | this.challengeState = challengeState; |
| 434 | } |
| 435 | |
| 436 | /** |
Ray Milkey | f61a24e | 2015-09-24 16:34:02 -0700 | [diff] [blame] | 437 | * Gets the challenge state set by the RADIUS. |
Thomas Vachuska | e989420 | 2015-07-30 11:59:07 -0700 | [diff] [blame] | 438 | * |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 439 | * @return The challenge state. |
| 440 | */ |
Ray Milkey | f61a24e | 2015-09-24 16:34:02 -0700 | [diff] [blame] | 441 | protected byte[] challengeState() { |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 442 | return this.challengeState; |
| 443 | } |
| 444 | |
| 445 | /** |
| 446 | * Set the username. |
Thomas Vachuska | e989420 | 2015-07-30 11:59:07 -0700 | [diff] [blame] | 447 | * |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 448 | * @param username The username sent to the RADIUS upon access request. |
| 449 | */ |
| 450 | protected void setUsername(byte[] username) { |
| 451 | this.username = username; |
| 452 | } |
| 453 | |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 454 | /** |
Ray Milkey | f61a24e | 2015-09-24 16:34:02 -0700 | [diff] [blame] | 455 | * Gets the username. |
Thomas Vachuska | e989420 | 2015-07-30 11:59:07 -0700 | [diff] [blame] | 456 | * |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 457 | * @return The requestAuthenticator. |
| 458 | */ |
Ray Milkey | f61a24e | 2015-09-24 16:34:02 -0700 | [diff] [blame] | 459 | protected byte[] requestAuthenticator() { |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 460 | return this.requestAuthenticator; |
| 461 | } |
| 462 | |
| 463 | /** |
Ray Milkey | f61a24e | 2015-09-24 16:34:02 -0700 | [diff] [blame] | 464 | * Sets the authenticator. |
Thomas Vachuska | e989420 | 2015-07-30 11:59:07 -0700 | [diff] [blame] | 465 | * |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 466 | * @param authenticator The username sent to the RADIUS upon access request. |
| 467 | */ |
| 468 | protected void setRequestAuthenticator(byte[] authenticator) { |
| 469 | this.requestAuthenticator = authenticator; |
| 470 | } |
| 471 | |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 472 | /** |
Ray Milkey | f61a24e | 2015-09-24 16:34:02 -0700 | [diff] [blame] | 473 | * Gets the username. |
Thomas Vachuska | e989420 | 2015-07-30 11:59:07 -0700 | [diff] [blame] | 474 | * |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 475 | * @return The username. |
| 476 | */ |
Carmelo Cascone | 58b5329 | 2019-09-30 12:35:31 -0700 | [diff] [blame] | 477 | public byte[] username() { |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 478 | return this.username; |
| 479 | } |
| 480 | |
| 481 | /** |
| 482 | * Return the identifier of the state machine. |
Thomas Vachuska | e989420 | 2015-07-30 11:59:07 -0700 | [diff] [blame] | 483 | * |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 484 | * @return The state machine identifier. |
| 485 | */ |
Amit Ghosh | c9ac1e5 | 2017-07-28 12:31:18 +0100 | [diff] [blame] | 486 | public synchronized byte identifier() { |
Jonathan Hart | 612651f | 2019-11-25 09:21:43 -0800 | [diff] [blame^] | 487 | identifier = (identifier + 1) % 255; |
| 488 | return (byte) identifier; |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 489 | } |
| 490 | |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 491 | /** |
| 492 | * Move to the next state. |
Thomas Vachuska | e989420 | 2015-07-30 11:59:07 -0700 | [diff] [blame] | 493 | * |
Ray Milkey | 78e95a4 | 2015-09-24 08:36:45 -0700 | [diff] [blame] | 494 | * @param msg message |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 495 | */ |
Thomas Vachuska | e989420 | 2015-07-30 11:59:07 -0700 | [diff] [blame] | 496 | private void next(int msg) { |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 497 | currentState = transition[currentState][msg]; |
| 498 | log.info("Current State " + currentState); |
| 499 | } |
| 500 | |
| 501 | /** |
| 502 | * Client has requested the start action to allow network access. |
| 503 | */ |
Jonathan Hart | 612651f | 2019-11-25 09:21:43 -0800 | [diff] [blame^] | 504 | public void start() { |
| 505 | this.scheduleTimeout(); |
| 506 | |
Ray Milkey | 78e95a4 | 2015-09-24 08:36:45 -0700 | [diff] [blame] | 507 | states[currentState].start(); |
Jonathan Hart | 5db4453 | 2018-07-12 18:13:54 -0700 | [diff] [blame] | 508 | |
Shubham Sharma | 1e43c56 | 2019-06-19 14:18:12 +0000 | [diff] [blame] | 509 | delegate.notify(new AuthenticationEvent(AuthenticationEvent.Type.STARTED, supplicantConnectpoint)); |
Jonathan Hart | 5db4453 | 2018-07-12 18:13:54 -0700 | [diff] [blame] | 510 | |
Shubham Sharma | 1e43c56 | 2019-06-19 14:18:12 +0000 | [diff] [blame] | 511 | // move to the next state |
Ray Milkey | 78e95a4 | 2015-09-24 08:36:45 -0700 | [diff] [blame] | 512 | next(TRANSITION_START); |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 513 | } |
| 514 | |
| 515 | /** |
Shubham Sharma | 1e43c56 | 2019-06-19 14:18:12 +0000 | [diff] [blame] | 516 | * An Identification information has been sent by the supplicant. Move to the |
| 517 | * next state if possible. |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 518 | */ |
Jonathan Hart | 612651f | 2019-11-25 09:21:43 -0800 | [diff] [blame^] | 519 | public void requestAccess() { |
Ray Milkey | 78e95a4 | 2015-09-24 08:36:45 -0700 | [diff] [blame] | 520 | states[currentState].requestAccess(); |
Jonathan Hart | 5db4453 | 2018-07-12 18:13:54 -0700 | [diff] [blame] | 521 | |
Shubham Sharma | 1e43c56 | 2019-06-19 14:18:12 +0000 | [diff] [blame] | 522 | delegate.notify(new AuthenticationEvent(AuthenticationEvent.Type.REQUESTED, supplicantConnectpoint)); |
Jonathan Hart | 5db4453 | 2018-07-12 18:13:54 -0700 | [diff] [blame] | 523 | |
Shubham Sharma | 1e43c56 | 2019-06-19 14:18:12 +0000 | [diff] [blame] | 524 | // move to the next state |
Ray Milkey | 78e95a4 | 2015-09-24 08:36:45 -0700 | [diff] [blame] | 525 | next(TRANSITION_REQUEST_ACCESS); |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 526 | } |
| 527 | |
| 528 | /** |
Shubham Sharma | 1e43c56 | 2019-06-19 14:18:12 +0000 | [diff] [blame] | 529 | * RADIUS has accepted the identification. Move to the next state if possible. |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 530 | */ |
Jonathan Hart | 612651f | 2019-11-25 09:21:43 -0800 | [diff] [blame^] | 531 | public void authorizeAccess() { |
Ray Milkey | 78e95a4 | 2015-09-24 08:36:45 -0700 | [diff] [blame] | 532 | states[currentState].radiusAccepted(); |
Shubham Sharma | 1e43c56 | 2019-06-19 14:18:12 +0000 | [diff] [blame] | 533 | // move to the next state |
Ray Milkey | 78e95a4 | 2015-09-24 08:36:45 -0700 | [diff] [blame] | 534 | next(TRANSITION_AUTHORIZE_ACCESS); |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 535 | |
Shubham Sharma | 1e43c56 | 2019-06-19 14:18:12 +0000 | [diff] [blame] | 536 | delegate.notify(new AuthenticationEvent(AuthenticationEvent.Type.APPROVED, supplicantConnectpoint)); |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 537 | |
Amit Ghosh | c9ac1e5 | 2017-07-28 12:31:18 +0100 | [diff] [blame] | 538 | // Clear mapping |
| 539 | deleteStateMachineMapping(this); |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 540 | } |
| 541 | |
| 542 | /** |
Shubham Sharma | 1e43c56 | 2019-06-19 14:18:12 +0000 | [diff] [blame] | 543 | * RADIUS has denied the identification. Move to the next state if possible. |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 544 | */ |
Jonathan Hart | 612651f | 2019-11-25 09:21:43 -0800 | [diff] [blame^] | 545 | public void denyAccess() { |
Ray Milkey | 78e95a4 | 2015-09-24 08:36:45 -0700 | [diff] [blame] | 546 | states[currentState].radiusDenied(); |
Shubham Sharma | 1e43c56 | 2019-06-19 14:18:12 +0000 | [diff] [blame] | 547 | // move to the next state |
Ray Milkey | 78e95a4 | 2015-09-24 08:36:45 -0700 | [diff] [blame] | 548 | next(TRANSITION_DENY_ACCESS); |
Jonathan Hart | 5db4453 | 2018-07-12 18:13:54 -0700 | [diff] [blame] | 549 | |
Shubham Sharma | 1e43c56 | 2019-06-19 14:18:12 +0000 | [diff] [blame] | 550 | delegate.notify(new AuthenticationEvent(AuthenticationEvent.Type.DENIED, supplicantConnectpoint)); |
Jonathan Hart | 5db4453 | 2018-07-12 18:13:54 -0700 | [diff] [blame] | 551 | |
Amit Ghosh | c9ac1e5 | 2017-07-28 12:31:18 +0100 | [diff] [blame] | 552 | // Clear mappings |
| 553 | deleteStateMachineMapping(this); |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 554 | } |
| 555 | |
| 556 | /** |
Shubham Sharma | 1e43c56 | 2019-06-19 14:18:12 +0000 | [diff] [blame] | 557 | * Logoff request has been requested. Move to the next state if possible. |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 558 | */ |
Jonathan Hart | 612651f | 2019-11-25 09:21:43 -0800 | [diff] [blame^] | 559 | public void logoff() { |
Ray Milkey | 78e95a4 | 2015-09-24 08:36:45 -0700 | [diff] [blame] | 560 | states[currentState].logoff(); |
Shubham Sharma | 1e43c56 | 2019-06-19 14:18:12 +0000 | [diff] [blame] | 561 | // move to the next state |
Ray Milkey | 78e95a4 | 2015-09-24 08:36:45 -0700 | [diff] [blame] | 562 | next(TRANSITION_LOGOFF); |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 563 | } |
| 564 | |
| 565 | /** |
Ray Milkey | f61a24e | 2015-09-24 16:34:02 -0700 | [diff] [blame] | 566 | * Gets the current state. |
Thomas Vachuska | e989420 | 2015-07-30 11:59:07 -0700 | [diff] [blame] | 567 | * |
Shubham Sharma | 1e43c56 | 2019-06-19 14:18:12 +0000 | [diff] [blame] | 568 | * @return The current state. Could be STATE_IDLE, STATE_STARTED, STATE_PENDING, |
| 569 | * STATE_AUTHORIZED, STATE_UNAUTHORIZED. |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 570 | */ |
Ray Milkey | f61a24e | 2015-09-24 16:34:02 -0700 | [diff] [blame] | 571 | public int state() { |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 572 | return currentState; |
| 573 | } |
| 574 | |
Jonathan Hart | 612651f | 2019-11-25 09:21:43 -0800 | [diff] [blame^] | 575 | public String stateString() { |
| 576 | return states[currentState].name(); |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 577 | } |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 578 | |
Jonathan Hart | 612651f | 2019-11-25 09:21:43 -0800 | [diff] [blame^] | 579 | @Override |
| 580 | public String toString() { |
| 581 | return ("sessionId: " + this.sessionId) + "\t" + ("state: " + this.currentState); |
| 582 | } |
| 583 | |
| 584 | abstract static class State { |
Ray Milkey | 78e95a4 | 2015-09-24 08:36:45 -0700 | [diff] [blame] | 585 | private final Logger log = getLogger(getClass()); |
Thomas Vachuska | e989420 | 2015-07-30 11:59:07 -0700 | [diff] [blame] | 586 | |
Jonathan Hart | 612651f | 2019-11-25 09:21:43 -0800 | [diff] [blame^] | 587 | abstract String name(); |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 588 | |
Jonathan Hart | 612651f | 2019-11-25 09:21:43 -0800 | [diff] [blame^] | 589 | public void start() { |
Ray Milkey | 78e95a4 | 2015-09-24 08:36:45 -0700 | [diff] [blame] | 590 | log.warn("START transition from this state is not allowed."); |
| 591 | } |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 592 | |
Jonathan Hart | 612651f | 2019-11-25 09:21:43 -0800 | [diff] [blame^] | 593 | public void requestAccess() { |
Ray Milkey | 78e95a4 | 2015-09-24 08:36:45 -0700 | [diff] [blame] | 594 | log.warn("REQUEST ACCESS transition from this state is not allowed."); |
| 595 | } |
| 596 | |
Jonathan Hart | 612651f | 2019-11-25 09:21:43 -0800 | [diff] [blame^] | 597 | public void radiusAccepted() { |
Ray Milkey | 78e95a4 | 2015-09-24 08:36:45 -0700 | [diff] [blame] | 598 | log.warn("AUTHORIZE ACCESS transition from this state is not allowed."); |
| 599 | } |
| 600 | |
Jonathan Hart | 612651f | 2019-11-25 09:21:43 -0800 | [diff] [blame^] | 601 | public void radiusDenied() { |
Ray Milkey | 78e95a4 | 2015-09-24 08:36:45 -0700 | [diff] [blame] | 602 | log.warn("DENY ACCESS transition from this state is not allowed."); |
| 603 | } |
| 604 | |
Jonathan Hart | 612651f | 2019-11-25 09:21:43 -0800 | [diff] [blame^] | 605 | public void logoff() { |
Ray Milkey | 78e95a4 | 2015-09-24 08:36:45 -0700 | [diff] [blame] | 606 | log.warn("LOGOFF transition from this state is not allowed."); |
| 607 | } |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 608 | } |
Thomas Vachuska | e989420 | 2015-07-30 11:59:07 -0700 | [diff] [blame] | 609 | |
Ray Milkey | 78e95a4 | 2015-09-24 08:36:45 -0700 | [diff] [blame] | 610 | /** |
Jonathan Hart | 612651f | 2019-11-25 09:21:43 -0800 | [diff] [blame^] | 611 | * Idle state: supplicant is logged off from the network. |
Ray Milkey | 78e95a4 | 2015-09-24 08:36:45 -0700 | [diff] [blame] | 612 | */ |
Jonathan Hart | 612651f | 2019-11-25 09:21:43 -0800 | [diff] [blame^] | 613 | static class Idle extends State { |
Ray Milkey | 78e95a4 | 2015-09-24 08:36:45 -0700 | [diff] [blame] | 614 | private final Logger log = getLogger(getClass()); |
| 615 | private String name = "IDLE_STATE"; |
| 616 | |
Shubham Sharma | 1e43c56 | 2019-06-19 14:18:12 +0000 | [diff] [blame] | 617 | @Override |
Jonathan Hart | 612651f | 2019-11-25 09:21:43 -0800 | [diff] [blame^] | 618 | String name() { |
| 619 | return this.name; |
| 620 | } |
| 621 | |
| 622 | @Override |
Ray Milkey | 78e95a4 | 2015-09-24 08:36:45 -0700 | [diff] [blame] | 623 | public void start() { |
| 624 | log.info("Moving from IDLE state to STARTED state."); |
| 625 | } |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 626 | } |
Thomas Vachuska | e989420 | 2015-07-30 11:59:07 -0700 | [diff] [blame] | 627 | |
Ray Milkey | 78e95a4 | 2015-09-24 08:36:45 -0700 | [diff] [blame] | 628 | /** |
Shubham Sharma | 1e43c56 | 2019-06-19 14:18:12 +0000 | [diff] [blame] | 629 | * Started state: supplicant has entered the network and informed the |
| 630 | * authenticator. |
Ray Milkey | 78e95a4 | 2015-09-24 08:36:45 -0700 | [diff] [blame] | 631 | */ |
Jonathan Hart | 612651f | 2019-11-25 09:21:43 -0800 | [diff] [blame^] | 632 | static class Started extends State { |
Ray Milkey | 78e95a4 | 2015-09-24 08:36:45 -0700 | [diff] [blame] | 633 | private final Logger log = getLogger(getClass()); |
| 634 | private String name = "STARTED_STATE"; |
| 635 | |
Shubham Sharma | 1e43c56 | 2019-06-19 14:18:12 +0000 | [diff] [blame] | 636 | @Override |
Jonathan Hart | 612651f | 2019-11-25 09:21:43 -0800 | [diff] [blame^] | 637 | String name() { |
| 638 | return this.name; |
| 639 | } |
| 640 | |
| 641 | @Override |
Ray Milkey | 78e95a4 | 2015-09-24 08:36:45 -0700 | [diff] [blame] | 642 | public void requestAccess() { |
| 643 | log.info("Moving from STARTED state to PENDING state."); |
| 644 | } |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 645 | } |
Thomas Vachuska | e989420 | 2015-07-30 11:59:07 -0700 | [diff] [blame] | 646 | |
Ray Milkey | 78e95a4 | 2015-09-24 08:36:45 -0700 | [diff] [blame] | 647 | /** |
Shubham Sharma | 1e43c56 | 2019-06-19 14:18:12 +0000 | [diff] [blame] | 648 | * Pending state: supplicant has been identified by the authenticator but has |
| 649 | * not access yet. |
Ray Milkey | 78e95a4 | 2015-09-24 08:36:45 -0700 | [diff] [blame] | 650 | */ |
Jonathan Hart | 612651f | 2019-11-25 09:21:43 -0800 | [diff] [blame^] | 651 | static class Pending extends State { |
Ray Milkey | 78e95a4 | 2015-09-24 08:36:45 -0700 | [diff] [blame] | 652 | private final Logger log = getLogger(getClass()); |
| 653 | private String name = "PENDING_STATE"; |
| 654 | |
Shubham Sharma | 1e43c56 | 2019-06-19 14:18:12 +0000 | [diff] [blame] | 655 | @Override |
Jonathan Hart | 612651f | 2019-11-25 09:21:43 -0800 | [diff] [blame^] | 656 | String name() { |
| 657 | return this.name; |
| 658 | } |
| 659 | |
| 660 | @Override |
Ray Milkey | 78e95a4 | 2015-09-24 08:36:45 -0700 | [diff] [blame] | 661 | public void radiusAccepted() { |
| 662 | log.info("Moving from PENDING state to AUTHORIZED state."); |
| 663 | } |
| 664 | |
Shubham Sharma | 1e43c56 | 2019-06-19 14:18:12 +0000 | [diff] [blame] | 665 | @Override |
Ray Milkey | 78e95a4 | 2015-09-24 08:36:45 -0700 | [diff] [blame] | 666 | public void radiusDenied() { |
| 667 | log.info("Moving from PENDING state to UNAUTHORIZED state."); |
| 668 | } |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 669 | } |
Thomas Vachuska | e989420 | 2015-07-30 11:59:07 -0700 | [diff] [blame] | 670 | |
Ray Milkey | 78e95a4 | 2015-09-24 08:36:45 -0700 | [diff] [blame] | 671 | /** |
| 672 | * Authorized state: supplicant port has been accepted, access is granted. |
| 673 | */ |
Jonathan Hart | 612651f | 2019-11-25 09:21:43 -0800 | [diff] [blame^] | 674 | static class Authorized extends State { |
Ray Milkey | 78e95a4 | 2015-09-24 08:36:45 -0700 | [diff] [blame] | 675 | private final Logger log = getLogger(getClass()); |
| 676 | private String name = "AUTHORIZED_STATE"; |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 677 | |
Shubham Sharma | 1e43c56 | 2019-06-19 14:18:12 +0000 | [diff] [blame] | 678 | @Override |
Jonathan Hart | 612651f | 2019-11-25 09:21:43 -0800 | [diff] [blame^] | 679 | String name() { |
| 680 | return this.name; |
| 681 | } |
| 682 | |
| 683 | @Override |
Qianqian Hu | 0c34981 | 2016-02-15 17:25:22 +0800 | [diff] [blame] | 684 | public void start() { |
| 685 | log.info("Moving from AUTHORIZED state to STARTED state."); |
| 686 | } |
| 687 | |
Shubham Sharma | 1e43c56 | 2019-06-19 14:18:12 +0000 | [diff] [blame] | 688 | @Override |
Ray Milkey | 78e95a4 | 2015-09-24 08:36:45 -0700 | [diff] [blame] | 689 | public void logoff() { |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 690 | |
Ray Milkey | 78e95a4 | 2015-09-24 08:36:45 -0700 | [diff] [blame] | 691 | log.info("Moving from AUTHORIZED state to IDLE state."); |
| 692 | } |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 693 | } |
| 694 | |
Ray Milkey | 78e95a4 | 2015-09-24 08:36:45 -0700 | [diff] [blame] | 695 | /** |
| 696 | * Unauthorized state: supplicant port has been rejected, access is denied. |
| 697 | */ |
Jonathan Hart | 612651f | 2019-11-25 09:21:43 -0800 | [diff] [blame^] | 698 | static class Unauthorized extends State { |
Ray Milkey | 78e95a4 | 2015-09-24 08:36:45 -0700 | [diff] [blame] | 699 | private final Logger log = getLogger(getClass()); |
| 700 | private String name = "UNAUTHORIZED_STATE"; |
| 701 | |
Shubham Sharma | 1e43c56 | 2019-06-19 14:18:12 +0000 | [diff] [blame] | 702 | @Override |
Jonathan Hart | 612651f | 2019-11-25 09:21:43 -0800 | [diff] [blame^] | 703 | String name() { |
| 704 | return this.name; |
| 705 | } |
| 706 | |
| 707 | @Override |
ke han | 04e47f3 | 2016-10-28 14:15:43 +0800 | [diff] [blame] | 708 | public void start() { |
| 709 | log.info("Moving from UNAUTHORIZED state to STARTED state."); |
| 710 | } |
| 711 | |
Shubham Sharma | 1e43c56 | 2019-06-19 14:18:12 +0000 | [diff] [blame] | 712 | @Override |
Ray Milkey | 78e95a4 | 2015-09-24 08:36:45 -0700 | [diff] [blame] | 713 | public void logoff() { |
| 714 | log.info("Moving from UNAUTHORIZED state to IDLE state."); |
| 715 | } |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 716 | } |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 717 | |
Jonathan Hart | 612651f | 2019-11-25 09:21:43 -0800 | [diff] [blame^] | 718 | private void timeout() { |
| 719 | boolean noTrafficWithinThreshold = |
| 720 | (System.currentTimeMillis() - lastPacketReceivedTime) > ((cleanupTimerTimeOutInMins * 60 * 1000) / 2); |
Shubham Sharma | 1e43c56 | 2019-06-19 14:18:12 +0000 | [diff] [blame] | 721 | |
Jonathan Hart | 612651f | 2019-11-25 09:21:43 -0800 | [diff] [blame^] | 722 | if (TIMEOUT_ELIGIBLE_STATES.contains(currentState) && noTrafficWithinThreshold) { |
| 723 | delegate.notify(new AuthenticationEvent(AuthenticationEvent.Type.TIMEOUT, this.supplicantConnectpoint)); |
| 724 | // If StateMachine is not eligible for cleanup yet, reschedule cleanupTimer further. |
| 725 | } else { |
| 726 | this.scheduleTimeout(); |
Shubham Sharma | 1e43c56 | 2019-06-19 14:18:12 +0000 | [diff] [blame] | 727 | } |
| 728 | } |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 729 | |
Ari Saha | 8983174 | 2015-06-26 10:31:48 -0700 | [diff] [blame] | 730 | } |