001/* 002 * Copyright 2012-2017 the original author or authors. 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 */ 016 017package org.springframework.boot.cli.compiler.maven; 018 019import java.io.File; 020import java.lang.reflect.Field; 021 022import org.apache.maven.settings.Settings; 023import org.apache.maven.settings.building.DefaultSettingsBuilderFactory; 024import org.apache.maven.settings.building.DefaultSettingsBuildingRequest; 025import org.apache.maven.settings.building.SettingsBuildingException; 026import org.apache.maven.settings.building.SettingsBuildingRequest; 027import org.apache.maven.settings.crypto.DefaultSettingsDecrypter; 028import org.apache.maven.settings.crypto.DefaultSettingsDecryptionRequest; 029import org.apache.maven.settings.crypto.SettingsDecrypter; 030import org.apache.maven.settings.crypto.SettingsDecryptionResult; 031import org.sonatype.plexus.components.cipher.DefaultPlexusCipher; 032import org.sonatype.plexus.components.cipher.PlexusCipherException; 033import org.sonatype.plexus.components.sec.dispatcher.DefaultSecDispatcher; 034 035import org.springframework.boot.cli.util.Log; 036 037/** 038 * {@code MavenSettingsReader} reads settings from a user's Maven settings.xml file, 039 * decrypting them if necessary using settings-security.xml. 040 * 041 * @author Andy Wilkinson 042 * @since 1.3.0 043 */ 044public class MavenSettingsReader { 045 046 private final String homeDir; 047 048 public MavenSettingsReader() { 049 this(System.getProperty("user.home")); 050 } 051 052 public MavenSettingsReader(String homeDir) { 053 this.homeDir = homeDir; 054 } 055 056 public MavenSettings readSettings() { 057 Settings settings = loadSettings(); 058 SettingsDecryptionResult decrypted = decryptSettings(settings); 059 if (!decrypted.getProblems().isEmpty()) { 060 Log.error( 061 "Maven settings decryption failed. Some Maven repositories may be inaccessible"); 062 // Continue - the encrypted credentials may not be used 063 } 064 return new MavenSettings(settings, decrypted); 065 } 066 067 private Settings loadSettings() { 068 File settingsFile = new File(this.homeDir, ".m2/settings.xml"); 069 SettingsBuildingRequest request = new DefaultSettingsBuildingRequest(); 070 request.setUserSettingsFile(settingsFile); 071 request.setSystemProperties(System.getProperties()); 072 try { 073 return new DefaultSettingsBuilderFactory().newInstance().build(request) 074 .getEffectiveSettings(); 075 } 076 catch (SettingsBuildingException ex) { 077 throw new IllegalStateException( 078 "Failed to build settings from " + settingsFile, ex); 079 } 080 } 081 082 private SettingsDecryptionResult decryptSettings(Settings settings) { 083 DefaultSettingsDecryptionRequest request = new DefaultSettingsDecryptionRequest( 084 settings); 085 086 return createSettingsDecrypter().decrypt(request); 087 } 088 089 private SettingsDecrypter createSettingsDecrypter() { 090 SettingsDecrypter settingsDecrypter = new DefaultSettingsDecrypter(); 091 setField(DefaultSettingsDecrypter.class, "securityDispatcher", settingsDecrypter, 092 new SpringBootSecDispatcher()); 093 return settingsDecrypter; 094 } 095 096 private void setField(Class<?> sourceClass, String fieldName, Object target, 097 Object value) { 098 try { 099 Field field = sourceClass.getDeclaredField(fieldName); 100 field.setAccessible(true); 101 field.set(target, value); 102 } 103 catch (Exception ex) { 104 throw new IllegalStateException( 105 "Failed to set field '" + fieldName + "' on '" + target + "'", ex); 106 } 107 } 108 109 private class SpringBootSecDispatcher extends DefaultSecDispatcher { 110 111 private static final String SECURITY_XML = ".m2/settings-security.xml"; 112 113 SpringBootSecDispatcher() { 114 File file = new File(MavenSettingsReader.this.homeDir, SECURITY_XML); 115 this._configurationFile = file.getAbsolutePath(); 116 try { 117 this._cipher = new DefaultPlexusCipher(); 118 } 119 catch (PlexusCipherException ex) { 120 throw new IllegalStateException(ex); 121 } 122 } 123 124 } 125 126}