use of com.disney.http.auth.server.digest.DigestVerifierImpl in project groovity by disney.
the class VerifierFactory method processDigest.
@SuppressWarnings({ "rawtypes", "unchecked" })
private DigestVerifierImpl processDigest(Map digest, Class<Script> scriptClass) throws InstantiationException, IllegalAccessException, ClassNotFoundException {
DigestVerifierImpl verifier = new DigestVerifierImpl();
processCommon(verifier, digest, scriptClass);
ArrayList<PasswordDigester> passwordDigesters = new ArrayList<PasswordDigester>();
String nonceSecret = (String) digest.get("nonceSecret");
if (nonceSecret != null) {
verifier.setNonceSecret(nonceSecret);
}
String domain = (String) digest.get("domain");
if (domain != null) {
verifier.setDomain(domain);
}
Number maxNonceAge = (Number) digest.get("maxNonceAge");
if (maxNonceAge != null) {
verifier.setMaxNonceAge(maxNonceAge.longValue());
}
Map passwords = (Map) digest.get("passwords");
if (passwords != null) {
passwordDigesters.add(new MapPasswordDigester(passwords));
}
Object passwordDigester = digest.get("passwordDigester");
addDigester(passwordDigester, passwordDigesters, scriptClass);
List pds = (List) digest.get("passwordDigesters");
if (pds != null) {
for (Object pd : pds) {
addDigester(pd, passwordDigesters, scriptClass);
}
}
verifier.setPasswordDigesters(passwordDigesters);
return verifier;
}
use of com.disney.http.auth.server.digest.DigestVerifierImpl in project groovity by disney.
the class XmlPolicyParser method processDigest.
private static DigestVerifierImpl processDigest(Element digest) throws InstantiationException, IllegalAccessException, ClassNotFoundException {
DigestVerifierImpl config = new DigestVerifierImpl();
processCommon(config, digest);
ArrayList<PasswordDigester> passwordDigesters = new ArrayList<PasswordDigester>();
NodeList bcnodes = digest.getChildNodes();
for (int j = 0; j < bcnodes.getLength(); j++) {
Node bcnode = bcnodes.item(j);
if (bcnode instanceof Element) {
Element bcel = (Element) bcnode;
if (bcel.getNodeName().equals("passwords")) {
passwordDigesters.add(new MapPasswordDigester(processPasswords(bcel)));
} else if (bcel.getNodeName().equals("passwordDigester")) {
passwordDigesters.add((PasswordDigester) Class.forName(bcel.getAttribute("class")).newInstance());
} else if (bcel.getNodeName().equals("maxNonceAge")) {
config.setMaxNonceAge(Long.valueOf(bcel.getTextContent()));
} else if (bcel.getNodeName().equals("nonceSecret")) {
config.setNonceSecret(bcel.getTextContent().trim());
} else if (bcel.getNodeName().equals("domain")) {
config.setDomain(bcel.getTextContent().trim());
}
}
}
config.setPasswordDigesters(passwordDigesters);
return config;
}
use of com.disney.http.auth.server.digest.DigestVerifierImpl in project groovity by disney.
the class TestDigestAuth method testDigest.
@Test
public void testDigest() throws Exception {
DigestVerifierImpl verifier = new DigestVerifierImpl();
Map<String, String> pmap = new HashMap<String, String>();
List<String> accessList = new ArrayList<String>();
ACLAccessControllerImpl acl = new ACLAccessControllerImpl();
acl.setAcl(accessList);
pmap.put("mykey", "mypass");
PasswordDigester pc = new MapPasswordDigester(pmap);
verifier.setPasswordDigesters(Arrays.asList(pc));
verifier.setAccessControllers(Arrays.asList((AccessController) acl));
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRequestURI("/");
ServerAuthorizationRequest areq = new ServletAuthorizationRequest(request);
VerifierResult result = verifier.verify(areq);
Assert.assertEquals(ERROR_MISSING_CREDENTIALS, result.getMessage());
String challenge = result.getChallenge();
Pattern noncePattern = Pattern.compile("nonce=\"([^\"]+)\"");
Matcher matcher = noncePattern.matcher(challenge);
if (!matcher.find()) {
throw new Exception("No nonce found in challenge");
}
String nonce = matcher.group(1);
Pattern opaquePattern = Pattern.compile("opaque=\"([^\"]+)\"");
matcher = opaquePattern.matcher(challenge);
if (!matcher.find()) {
throw new Exception("No opaque found in challenge");
}
String opaque = matcher.group(1);
DigestAuthorization ad = new DigestAuthorization();
ad.setNonce(nonce);
ad.setCnonce("ClientNonce");
ad.setNonceCount("000001");
ad.setOpaque(opaque);
ad.setQop("auth");
ad.setUri("/");
ad.setUsername("mykey");
ad.setDigest(new byte[0]);
ad.setRealm(verifier.getRealm());
request.addHeader("Authorization", ad.toString());
result = verifier.verify(areq);
Assert.assertEquals(ERROR_UNKNOWN_CREDENTIALS, result.getMessage());
// now fix the digest
/*
StringBuilder signingString = new StringBuilder();
signingString.append(digest("mykey",verifier.getRealm(),"mypass"));
signingString.append(":").append(nonce).append(":").append(ad.getNonceCount()).append(":").append(ad.getCnonce()).append(":auth:");
signingString.append(digest("GET",ad.getUri()));
*/
request = new MockHttpServletRequest();
areq = new ServletAuthorizationRequest(request);
request.setMethod("GET");
request.setRequestURI("/");
String signingString = ad.generateSigningString("mykey", "mypass", new ServletAuthorizationRequest(request));
MessageDigest md5 = MessageDigest.getInstance("MD5");
ad.setDigest(md5.digest(signingString.toString().getBytes()));
request.addHeader("Authorization", ad.toString());
result = verifier.verify(areq);
Assert.assertTrue("Expected successful authentication", result.isAuthenticated());
Assert.assertFalse("Expected failed authorization", result.isAuthorized());
accessList.add("mykey");
result = verifier.verify(areq);
Assert.assertTrue("Expected successful authentication", result.isAuthenticated());
Assert.assertTrue("Expected successful authorization", result.isAuthorized());
}
Aggregations