Search in sources :

Example 1 with DigestVerifierImpl

use of com.disney.http.auth.server.digest.DigestVerifierImpl in project groovity by disney.

the class VerifierFactory method processDigest.

@SuppressWarnings({ "rawtypes", "unchecked" })
private DigestVerifierImpl processDigest(Map digest, Class<Script> scriptClass) throws InstantiationException, IllegalAccessException, ClassNotFoundException {
    DigestVerifierImpl verifier = new DigestVerifierImpl();
    processCommon(verifier, digest, scriptClass);
    ArrayList<PasswordDigester> passwordDigesters = new ArrayList<PasswordDigester>();
    String nonceSecret = (String) digest.get("nonceSecret");
    if (nonceSecret != null) {
        verifier.setNonceSecret(nonceSecret);
    }
    String domain = (String) digest.get("domain");
    if (domain != null) {
        verifier.setDomain(domain);
    }
    Number maxNonceAge = (Number) digest.get("maxNonceAge");
    if (maxNonceAge != null) {
        verifier.setMaxNonceAge(maxNonceAge.longValue());
    }
    Map passwords = (Map) digest.get("passwords");
    if (passwords != null) {
        passwordDigesters.add(new MapPasswordDigester(passwords));
    }
    Object passwordDigester = digest.get("passwordDigester");
    addDigester(passwordDigester, passwordDigesters, scriptClass);
    List pds = (List) digest.get("passwordDigesters");
    if (pds != null) {
        for (Object pd : pds) {
            addDigester(pd, passwordDigesters, scriptClass);
        }
    }
    verifier.setPasswordDigesters(passwordDigesters);
    return verifier;
}
Also used : MapPasswordDigester(com.disney.http.auth.server.digest.MapPasswordDigester) PasswordDigester(com.disney.http.auth.server.digest.PasswordDigester) ArrayList(java.util.ArrayList) MapPasswordDigester(com.disney.http.auth.server.digest.MapPasswordDigester) List(java.util.List) ArrayList(java.util.ArrayList) Map(java.util.Map) HashMap(java.util.HashMap) DigestVerifierImpl(com.disney.http.auth.server.digest.DigestVerifierImpl)

Example 2 with DigestVerifierImpl

use of com.disney.http.auth.server.digest.DigestVerifierImpl in project groovity by disney.

the class XmlPolicyParser method processDigest.

private static DigestVerifierImpl processDigest(Element digest) throws InstantiationException, IllegalAccessException, ClassNotFoundException {
    DigestVerifierImpl config = new DigestVerifierImpl();
    processCommon(config, digest);
    ArrayList<PasswordDigester> passwordDigesters = new ArrayList<PasswordDigester>();
    NodeList bcnodes = digest.getChildNodes();
    for (int j = 0; j < bcnodes.getLength(); j++) {
        Node bcnode = bcnodes.item(j);
        if (bcnode instanceof Element) {
            Element bcel = (Element) bcnode;
            if (bcel.getNodeName().equals("passwords")) {
                passwordDigesters.add(new MapPasswordDigester(processPasswords(bcel)));
            } else if (bcel.getNodeName().equals("passwordDigester")) {
                passwordDigesters.add((PasswordDigester) Class.forName(bcel.getAttribute("class")).newInstance());
            } else if (bcel.getNodeName().equals("maxNonceAge")) {
                config.setMaxNonceAge(Long.valueOf(bcel.getTextContent()));
            } else if (bcel.getNodeName().equals("nonceSecret")) {
                config.setNonceSecret(bcel.getTextContent().trim());
            } else if (bcel.getNodeName().equals("domain")) {
                config.setDomain(bcel.getTextContent().trim());
            }
        }
    }
    config.setPasswordDigesters(passwordDigesters);
    return config;
}
Also used : MapPasswordDigester(com.disney.http.auth.server.digest.MapPasswordDigester) PasswordDigester(com.disney.http.auth.server.digest.PasswordDigester) NodeList(org.w3c.dom.NodeList) Node(org.w3c.dom.Node) Element(org.w3c.dom.Element) ArrayList(java.util.ArrayList) MapPasswordDigester(com.disney.http.auth.server.digest.MapPasswordDigester) DigestVerifierImpl(com.disney.http.auth.server.digest.DigestVerifierImpl)

Example 3 with DigestVerifierImpl

use of com.disney.http.auth.server.digest.DigestVerifierImpl in project groovity by disney.

the class TestDigestAuth method testDigest.

@Test
public void testDigest() throws Exception {
    DigestVerifierImpl verifier = new DigestVerifierImpl();
    Map<String, String> pmap = new HashMap<String, String>();
    List<String> accessList = new ArrayList<String>();
    ACLAccessControllerImpl acl = new ACLAccessControllerImpl();
    acl.setAcl(accessList);
    pmap.put("mykey", "mypass");
    PasswordDigester pc = new MapPasswordDigester(pmap);
    verifier.setPasswordDigesters(Arrays.asList(pc));
    verifier.setAccessControllers(Arrays.asList((AccessController) acl));
    MockHttpServletRequest request = new MockHttpServletRequest();
    request.setRequestURI("/");
    ServerAuthorizationRequest areq = new ServletAuthorizationRequest(request);
    VerifierResult result = verifier.verify(areq);
    Assert.assertEquals(ERROR_MISSING_CREDENTIALS, result.getMessage());
    String challenge = result.getChallenge();
    Pattern noncePattern = Pattern.compile("nonce=\"([^\"]+)\"");
    Matcher matcher = noncePattern.matcher(challenge);
    if (!matcher.find()) {
        throw new Exception("No nonce found in challenge");
    }
    String nonce = matcher.group(1);
    Pattern opaquePattern = Pattern.compile("opaque=\"([^\"]+)\"");
    matcher = opaquePattern.matcher(challenge);
    if (!matcher.find()) {
        throw new Exception("No opaque found in challenge");
    }
    String opaque = matcher.group(1);
    DigestAuthorization ad = new DigestAuthorization();
    ad.setNonce(nonce);
    ad.setCnonce("ClientNonce");
    ad.setNonceCount("000001");
    ad.setOpaque(opaque);
    ad.setQop("auth");
    ad.setUri("/");
    ad.setUsername("mykey");
    ad.setDigest(new byte[0]);
    ad.setRealm(verifier.getRealm());
    request.addHeader("Authorization", ad.toString());
    result = verifier.verify(areq);
    Assert.assertEquals(ERROR_UNKNOWN_CREDENTIALS, result.getMessage());
    // now fix the digest
    /*
		StringBuilder signingString = new StringBuilder();
		signingString.append(digest("mykey",verifier.getRealm(),"mypass"));
		signingString.append(":").append(nonce).append(":").append(ad.getNonceCount()).append(":").append(ad.getCnonce()).append(":auth:");
		signingString.append(digest("GET",ad.getUri()));
		*/
    request = new MockHttpServletRequest();
    areq = new ServletAuthorizationRequest(request);
    request.setMethod("GET");
    request.setRequestURI("/");
    String signingString = ad.generateSigningString("mykey", "mypass", new ServletAuthorizationRequest(request));
    MessageDigest md5 = MessageDigest.getInstance("MD5");
    ad.setDigest(md5.digest(signingString.toString().getBytes()));
    request.addHeader("Authorization", ad.toString());
    result = verifier.verify(areq);
    Assert.assertTrue("Expected successful authentication", result.isAuthenticated());
    Assert.assertFalse("Expected failed authorization", result.isAuthorized());
    accessList.add("mykey");
    result = verifier.verify(areq);
    Assert.assertTrue("Expected successful authentication", result.isAuthenticated());
    Assert.assertTrue("Expected successful authorization", result.isAuthorized());
}
Also used : DigestAuthorization(com.disney.http.auth.DigestAuthorization) Pattern(java.util.regex.Pattern) HashMap(java.util.HashMap) MapPasswordDigester(com.disney.http.auth.server.digest.MapPasswordDigester) PasswordDigester(com.disney.http.auth.server.digest.PasswordDigester) Matcher(java.util.regex.Matcher) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) ArrayList(java.util.ArrayList) ServletAuthorizationRequest(com.disney.http.auth.server.ServletAuthorizationRequest) MapPasswordDigester(com.disney.http.auth.server.digest.MapPasswordDigester) AccessController(com.disney.http.auth.server.AccessController) VerifierResult(com.disney.http.auth.server.VerifierResult) MessageDigest(java.security.MessageDigest) ACLAccessControllerImpl(com.disney.http.auth.server.ACLAccessControllerImpl) DigestVerifierImpl(com.disney.http.auth.server.digest.DigestVerifierImpl) ServerAuthorizationRequest(com.disney.http.auth.server.ServerAuthorizationRequest) Test(org.junit.Test)

Aggregations

DigestVerifierImpl (com.disney.http.auth.server.digest.DigestVerifierImpl)3 MapPasswordDigester (com.disney.http.auth.server.digest.MapPasswordDigester)3 PasswordDigester (com.disney.http.auth.server.digest.PasswordDigester)3 ArrayList (java.util.ArrayList)3 HashMap (java.util.HashMap)2 DigestAuthorization (com.disney.http.auth.DigestAuthorization)1 ACLAccessControllerImpl (com.disney.http.auth.server.ACLAccessControllerImpl)1 AccessController (com.disney.http.auth.server.AccessController)1 ServerAuthorizationRequest (com.disney.http.auth.server.ServerAuthorizationRequest)1 ServletAuthorizationRequest (com.disney.http.auth.server.ServletAuthorizationRequest)1 VerifierResult (com.disney.http.auth.server.VerifierResult)1 MessageDigest (java.security.MessageDigest)1 List (java.util.List)1 Map (java.util.Map)1 Matcher (java.util.regex.Matcher)1 Pattern (java.util.regex.Pattern)1 Test (org.junit.Test)1 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)1 Element (org.w3c.dom.Element)1 Node (org.w3c.dom.Node)1