in core/src/main/java/org/apache/brooklyn/core/location/LocationConfigUtils.java [221:328]
private synchronized void infer() {
if (!dirty) return;
warningMessages.clear();
log.debug("Inferring OS credentials");
privateKeyData = config.get(LocationConfigKeys.PRIVATE_KEY_DATA);
password = config.get(LocationConfigKeys.PASSWORD);
publicKeyData = getKeyDataFromDataKeyOrFileKey(config, LocationConfigKeys.PUBLIC_KEY_DATA, LocationConfigKeys.PUBLIC_KEY_FILE, getResourceUtils());
KeyPair privateKey = null;
if (Strings.isBlank(privateKeyData)) {
// look up private key files
String privateKeyFiles = null;
boolean privateKeyFilesExplicitlySet = config.containsKey(LocationConfigKeys.PRIVATE_KEY_FILE);
if (privateKeyFilesExplicitlySet || (tryDefaultKeys && password==null))
privateKeyFiles = config.get(LocationConfigKeys.PRIVATE_KEY_FILE);
if (Strings.isNonBlank(privateKeyFiles)) {
Iterator<String> fi = Arrays.asList(privateKeyFiles.split(File.pathSeparator)).iterator();
while (fi.hasNext()) {
String file = fi.next();
if (Strings.isNonBlank(file)) {
try {
// real URL's won't actual work, due to use of path separator above
// not real important, but we get it for free if "files" is a list instead.
// using ResourceUtils is useful for classpath resources
if (file!=null)
privateKeyData = getResourceUtils().getResourceAsString(file);
// else use data already set
privateKey = getValidatedPrivateKey(file);
if (privateKeyData==null) {
// was cleared due to validation error
} else if (Strings.isNonBlank(publicKeyData)) {
log.debug("Loaded private key data from "+file+" (public key data explicitly set)");
break;
} else {
String publicKeyFile = (file!=null ? file+".pub" : "(data)");
try {
publicKeyData = getResourceUtils().getResourceAsString(publicKeyFile);
log.debug("Loaded private key data from "+file+
" and public key data from "+publicKeyFile);
break;
} catch (Exception e) {
Exceptions.propagateIfFatal(e);
log.debug("No public key file "+publicKeyFile+"; will try extracting from private key");
publicKeyData = AuthorizedKeysParser.encodePublicKey(privateKey.getPublic());
if (publicKeyData==null) {
if (requirePublicKey) {
addWarning("Unable to find or extract public key for "+file, "skipping");
} else {
log.debug("Loaded private key data from "+file+" (public key data not found but not required)");
break;
}
} else {
log.debug("Loaded private key data from "+file+" (public key data extracted)");
break;
}
privateKeyData = null;
}
}
} catch (Exception e) {
Exceptions.propagateIfFatal(e);
String message = "Missing/invalid private key file "+file;
if (privateKeyFilesExplicitlySet) addWarning(message, (!fi.hasNext() ? "no more files to try" : "trying next file")+": "+e);
}
}
}
if (privateKeyFilesExplicitlySet && Strings.isBlank(privateKeyData))
error("No valid private keys found", ""+warningMessages);
}
} else {
privateKey = getValidatedPrivateKey("(data)");
}
if (privateKeyData!=null) {
if (requirePublicKey && Strings.isBlank(publicKeyData)) {
if (privateKey!=null) {
publicKeyData = AuthorizedKeysParser.encodePublicKey(privateKey.getPublic());
}
if (Strings.isBlank(publicKeyData)) {
error("If explicit "+LocationConfigKeys.PRIVATE_KEY_DATA.getName()+" is supplied, then "
+ "the corresponding "+LocationConfigKeys.PUBLIC_KEY_DATA.getName()+" must also be supplied.", null);
} else {
log.debug("Public key data extracted");
}
}
if (doKeyValidation && privateKey!=null && privateKey.getPublic()!=null && Strings.isNonBlank(publicKeyData)) {
PublicKey decoded = null;
try {
decoded = AuthorizedKeysParser.decodePublicKey(publicKeyData);
} catch (Exception e) {
Exceptions.propagateIfFatal(e);
addWarning("Invalid public key: "+decoded);
}
if (decoded!=null && !privateKey.getPublic().equals( decoded )) {
error("Public key inferred from does not match public key extracted from private key", null);
}
}
}
log.debug("OS credential inference: "+this);
dirty = false;
}