public void execute()

in core/src/main/java/org/apache/ftpserver/command/impl/AUTH.java [60:122]

• 38 lines of code
• 9 McCabe index (conditional complexity)

    public void execute(final FtpIoSession session, final FtpServerContext context, final FtpRequest request)
        throws IOException, FtpException {

    // reset state variables
    session.resetState();

    // argument check
    if (!request.hasArgument()) {
        session.write(LocalizedFtpReply.translate(session, request, context,
            FtpReply.REPLY_501_SYNTAX_ERROR_IN_PARAMETERS_OR_ARGUMENTS, "AUTH", null));
        return;
    }

    // check SSL configuration
    if (session.getListener().getSslConfiguration() == null) {
        session.write(LocalizedFtpReply.translate(session, request, context, 431, "AUTH", null));
        return;
    }

    // check that we don't already have a SSL filter in place due to running
    // in implicit mode
    // or because the AUTH command has already been issued. This is what the
    // RFC says:

    // "Some servers will allow the AUTH command to be reissued in order
    // to establish new authentication. The AUTH command, if accepted,
    // removes any state associated with prior FTP Security commands.
    // The server must also require that the user reauthorize (that is,
    // reissue some or all of the USER, PASS, and ACCT commands) in this
    // case (see section 4 for an explanation of "authorize" in this
    // context)."

    // Here we choose not to support reissued AUTH
    if (session.getFilterChain().contains(SslFilter.class)) {
        session.write(LocalizedFtpReply.translate(session, request, context, 534, "AUTH", null));
        return;
    }

    // check parameter
    String authType = request.getArgument().toUpperCase();
    if (VALID_AUTH_TYPES.contains(authType)) {
        if (authType.equals("TLS-C")) {
        authType = "TLS";
        } else if (authType.equals("TLS-P")) {
        authType = "SSL";
        }

        try {
                LocalizedFtpReply reply = LocalizedFtpReply.translate(session, request, context, 234, "AUTH." + authType, null);
                secureSession(session, authType, reply);

                session.write(reply);
        } catch (FtpException ex) {
        throw ex;
        } catch (Exception ex) {
        LOG.warn("AUTH.execute()", ex);
        throw new FtpException("AUTH.execute()", ex);
        }
    } else {
        session.write(LocalizedFtpReply.translate(session, request, context,
            FtpReply.REPLY_502_COMMAND_NOT_IMPLEMENTED, "AUTH", null));
    }
    }