Example 16 with URIParcel
use of com.disney.uriparcel.URIParcel in project groovity by disney.
the class VerifierFactory method processPolicy.
private PolicyVerifierImpl processPolicy(@SuppressWarnings("rawtypes") final Map policy, Class<Script> scriptClass) throws MalformedURLException, URISyntaxException, InstantiationException, IllegalAccessException, ClassNotFoundException {
PolicyVerifierImpl verifier = new PolicyVerifierImpl();
processCommon(verifier, policy, scriptClass);
verifier.setPolicyLoader(new Callable<Verifier>() {
String curPolicy = null;
Callable<Verifier> curLoader = null;
public Verifier call() throws Exception {
String loc = resolve(policy, "policy", String.class);
if (!loc.equals(curPolicy)) {
// location has changed, update loaded policy
URI policyURI = null;
if (loc.startsWith("/")) {
URL url = viewResolver.getServletContext().getResource(loc);
if (url != null) {
policyURI = url.toURI();
} else {
ViewPolicyLoader vpl = new ViewPolicyLoader();
vpl.setLocation(loc);
vpl.setViewResolver(viewResolver);
curLoader = vpl;
}
} else {
policyURI = new URI(loc);
}
if (policyURI != null) {
Number ttl = (Number) policy.get("ttl");
// set right loader based on location: view, file, HTTP url or servlet url ...
URIParcel<Verifier> parcel = new URIParcel<Verifier>(Verifier.class, policyURI);
if (ttl != null) {
parcel.setRefresh(ttl.longValue());
}
curLoader = parcel;
}
curPolicy = loc;
}
return curLoader.call();
}
});
return verifier;
}
Also used :
URIParcel(com.disney.uriparcel.URIParcel)
PolicyVerifierImpl(com.disney.http.auth.server.policy.PolicyVerifierImpl)
AbstractVerifier(com.disney.http.auth.server.AbstractVerifier)
Verifier(com.disney.http.auth.server.Verifier)
URI(java.net.URI)
URISyntaxException(java.net.URISyntaxException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
InvalidKeySpecException(java.security.spec.InvalidKeySpecException)
MalformedURLException(java.net.MalformedURLException)
CertificateException(java.security.cert.CertificateException)
URL(java.net.URL)
Example 17 with URIParcel
use of com.disney.uriparcel.URIParcel in project groovity by disney.
the class TestKeyUtils method TestKeyGeneration.
@Test
public void TestKeyGeneration() throws Exception {
KeyPair pair = KeyUtils.generateKeyPair(2048);
Assert.assertNotNull(pair);
PrivateKey privateKey = pair.getPrivate();
Assert.assertNotNull(privateKey);
Assert.assertEquals(privateKey.getAlgorithm(), "RSA");
PublicKey publicKey = pair.getPublic();
Assert.assertNotNull(publicKey);
Assert.assertEquals(publicKey.getAlgorithm(), "RSA");
String alias = "apiUser123";
// Store private key
File privateKeyFile = new File("target/testPrivateKey.pem");
File privateKeyStore = new File("target/testKey.store");
String privatePassword = "passwordForPrivateKey";
URIParcel.put(privateKeyFile.toURI(), pair);
writePrivateKeystoreToFile(pair, privateKeyStore.getAbsolutePath(), alias, privatePassword);
// test retrieval of KeyStore
Map<String, Object> config = new HashMap<String, Object>();
config.put(KeyStoreValueHandler.KEYSTORE_PASSWORD, privatePassword);
config.put(KeyStoreValueHandler.KEYSTORE_TYPE, "JCEKS");
URIParcel<KeyStore> parcel = new URIParcel<KeyStore>(KeyStore.class, privateKeyStore.toURI(), config);
KeyChain chain = new KeyStoreKeyChainImpl(parcel, "".toCharArray());
KeyChainKeyLoader privateKeyStoreLoader = new KeyChainKeyLoader(chain);
privateKeyStoreLoader.setAlias(alias);
PrivateKey loadedKeyFromKeyStore = (PrivateKey) privateKeyStoreLoader.call();
Assert.assertEquals(privateKey, loadedKeyFromKeyStore);
// test retrieval of Key
URIParcel<KeyPair> pkParcel = new URIParcel<KeyPair>(KeyPair.class, privateKeyFile.toURI());
KeyPair loadedPrivateKey = pkParcel.call();
Assert.assertArrayEquals(privateKey.getEncoded(), loadedPrivateKey.getPrivate().getEncoded());
// check storage and retrieval of public key
String publicKeyFileName = "testPublicKey.store";
String password = "publicPassword";
File publicKeyFile = new File("target/" + publicKeyFileName);
KeyUtils.writePublicKeyStoreToFile(publicKey, publicKeyFile.getAbsolutePath(), alias, password);
PublicKey loadedPublicKey = loadPublicKeyStore(publicKeyFile.getAbsolutePath(), alias, password);
Assert.assertArrayEquals(publicKey.getEncoded(), loadedPublicKey.getEncoded());
// check if valid key pair by trying to sign and verify a string
String testString = "This is the message to encode.";
Signature rsaSign = Signature.getInstance("MD5withRSA");
rsaSign.initSign(privateKey);
rsaSign.update(testString.getBytes("UTF-8"));
byte[] signedMessage = rsaSign.sign();
Signature rsaVerify = Signature.getInstance("MD5withRSA");
rsaVerify.initVerify(loadedPublicKey);
rsaVerify.update(testString.getBytes("UTF-8"));
boolean valid = rsaVerify.verify(signedMessage);
Assert.assertTrue(valid);
// make new key pair and save KeyStore to file.
KeyPair keyPairForFile = KeyUtils.generateKeyPair();
String location = new File("target/testKeytool.store").getAbsolutePath();
writePrivateKeystoreToFile(keyPairForFile, location, "test", "rachel");
// load from file
config = new HashMap<String, Object>();
config.put(KeyStoreValueHandler.KEYSTORE_PASSWORD, "rachel");
config.put(KeyStoreValueHandler.KEYSTORE_TYPE, "JCEKS");
URIParcel<KeyStore> ksParcel = new URIParcel<KeyStore>(KeyStore.class, new File(location).toURI(), config);
KeyChain chain2 = new KeyStoreKeyChainImpl(ksParcel, "".toCharArray());
KeyChainKeyLoader savedKeyStoreLoader = new KeyChainKeyLoader(chain2);
savedKeyStoreLoader.setAlias("test");
Key newKey = savedKeyStoreLoader.call();
Assert.assertEquals(keyPairForFile.getPrivate(), newKey);
KeyStore importedKeystore = ksParcel.call();
Assert.assertEquals(keyPairForFile.getPublic(), importedKeystore.getCertificate("test").getPublicKey());
}
Also used :
KeyPair(java.security.KeyPair)
PrivateKey(java.security.PrivateKey)
HashMap(java.util.HashMap)
URIParcel(com.disney.uriparcel.URIParcel)
PublicKey(java.security.PublicKey)
KeyChain(com.disney.http.auth.keychain.KeyChain)
KeyStore(java.security.KeyStore)
KeyStoreKeyChainImpl(com.disney.http.auth.keychain.KeyStoreKeyChainImpl)
KeyChainKeyLoader(com.disney.http.auth.client.keyloader.KeyChainKeyLoader)
Signature(java.security.Signature)
File(java.io.File)
PublicKey(java.security.PublicKey)
Key(java.security.Key)
PrivateKey(java.security.PrivateKey)
Test(org.junit.Test)
Example 18 with URIParcel
use of com.disney.uriparcel.URIParcel in project groovity by disney.
the class Signature method tag.
@SuppressWarnings({ "rawtypes", "unchecked" })
public Object tag(Map attributes, Closure body) throws Exception {
Object keyId = resolve(attributes, "keyId");
if (keyId == null) {
throw new RuntimeException("<g:signature> requires a keyId for signing");
}
Callable<Key> useLoader = null;
Object key = resolve(attributes, "key");
if (key == null) {
Object keystore = resolve(attributes, "keystore");
if (keystore == null) {
throw new RuntimeException("<g:signature> requires a key or keystore for signing");
}
String password = resolve(attributes, "password", String.class);
if (password == null) {
throw new RuntimeException("<g:signature> requires a password when using a keystore");
}
String alias = resolve(attributes, "alias", String.class);
if (alias == null) {
throw new RuntimeException("<g:signature> requires an alias when using a keystore");
}
if (!(keystore instanceof KeyStore)) {
String ksl = keystore.toString();
KeyChainKeyLoader loader = keystores.get(ksl);
if (loader == null) {
URIParcel<KeyStore> keystoreParcel = new URIParcel<KeyStore>(KeyStore.class, new URI(ksl));
keystoreParcel.setRefresh(60000);
Map conf = new HashMap();
conf.put("password", password);
String type = resolve(attributes, "type", String.class);
if (type != null) {
conf.put("type", type);
}
keystoreParcel.setConfig(conf);
loader = new KeyChainKeyLoader(new KeyStoreKeyChainImpl(keystoreParcel, password.toCharArray()), alias);
keystores.put(ksl, loader);
}
useLoader = loader;
} else {
useLoader = new KeyChainKeyLoader(new KeyStoreKeyChainImpl((KeyStore) keystore, password.toCharArray()), alias);
}
}
if (key instanceof Callable<?>) {
useLoader = (Callable<Key>) key;
} else if (key instanceof Key) {
useLoader = new KeyObjectKeyLoader((Key) key);
}
String useAlgorithm = "hmac-sha256";
Object algorithm = resolve(attributes, "algorithm");
if (algorithm != null) {
useAlgorithm = algorithm.toString();
}
if (useLoader == null) {
if (useAlgorithm.startsWith("rsa")) {
// TODO load private key from object
} else {
String signingAlg = Algorithms.getSecurityAlgorithm(useAlgorithm);
// System.out.println("Generating hmac key "+signingAlg+" with "+new String(DatatypeConverter.parseBase64Binary(key.toString())));
useLoader = new KeyObjectKeyLoader(new SecretKeySpec(DatatypeConverter.parseBase64Binary(key.toString()), signingAlg));
}
}
Object headers = resolve(attributes, "headers");
HttpSignatureSigner signer = new HttpSignatureSigner();
signer.setAlgorithm(useAlgorithm);
signer.setKeyId(keyId.toString());
signer.setKeyLoader(useLoader);
if (headers != null) {
if (!(headers instanceof List)) {
throw new RuntimeException("signature tag requires that 'headers' attribut contains a List, instead found " + headers.getClass().toString());
}
signer.setHeaders((List) headers);
}
bind(body, SIGNATURE_BINDING, Optional.of(signer));
return null;
}
Also used :
URIParcel(com.disney.uriparcel.URIParcel)
ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap)
HashMap(java.util.HashMap)
KeyStore(java.security.KeyStore)
URI(java.net.URI)
Callable(java.util.concurrent.Callable)
KeyStoreKeyChainImpl(com.disney.http.auth.keychain.KeyStoreKeyChainImpl)
SecretKeySpec(javax.crypto.spec.SecretKeySpec)
KeyChainKeyLoader(com.disney.http.auth.client.keyloader.KeyChainKeyLoader)
HttpSignatureSigner(com.disney.http.auth.client.signer.HttpSignatureSigner)
List(java.util.List)
KeyObjectKeyLoader(com.disney.http.auth.client.keyloader.KeyObjectKeyLoader)
ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap)
HashMap(java.util.HashMap)
Map(java.util.Map)
Key(java.security.Key)
Example 19 with URIParcel
use of com.disney.uriparcel.URIParcel in project groovity by disney.
the class TestParcels method testBytes.
@Test
public void testBytes() throws Exception {
byte[] val = "kirksulu".getBytes();
URI uri = new URI("mem:bytesTest");
MemoryContext.put(uri, new MemoryPayload(val, "application/octet-stream"));
URIParcel<byte[]> parcel = new URIParcel<byte[]>(byte[].class, uri);
byte[] rval = parcel.call();
Assert.assertFalse(rval == val);
Assert.assertArrayEquals(rval, val);
}
Also used :
URIParcel(com.disney.uriparcel.URIParcel)
URI(java.net.URI)
MemoryPayload(com.disney.uriparcel.MemoryPayload)
Test(org.junit.Test)
Example 20 with URIParcel
use of com.disney.uriparcel.URIParcel in project groovity by disney.
the class TestParcels method testMemObject.
@Test
public void testMemObject() throws Exception {
SomeThing originalThing = new SomeThing();
originalThing.setWhat("sample");
originalThing.setWhen(new Date());
originalThing.setWhere("here");
originalThing.setWho("us");
URI uri = new URI("mem:thing");
URIParcel<Object> parcel = new URIParcel<Object>(Object.class, uri);
parcel.put(originalThing);
parcel = new URIParcel<Object>(Object.class, uri);
Object po = parcel.call();
Assert.assertEquals(SomeThing.class, po.getClass());
Assert.assertFalse(po == originalThing);
Assert.assertEquals(po, originalThing);
}Aggregations
URIParcel (com.disney.uriparcel.URIParcel)24
URI (java.net.URI)18
Test (org.junit.Test)17
HashMap (java.util.HashMap)11
File (java.io.File)8
KeyStore (java.security.KeyStore)8
KeyStoreKeyChainImpl (com.disney.http.auth.keychain.KeyStoreKeyChainImpl)7
KeyChainKeyLoader (com.disney.http.auth.client.keyloader.KeyChainKeyLoader)5
KeyPair (java.security.KeyPair)5
Date (java.util.Date)5
KeyChain (com.disney.http.auth.keychain.KeyChain)4
Key (java.security.Key)4
KeyPairGenerator (java.security.KeyPairGenerator)4
KeyObjectKeyLoader (com.disney.http.auth.client.keyloader.KeyObjectKeyLoader)3
HttpSignatureSigner (com.disney.http.auth.client.signer.HttpSignatureSigner)3
URL (java.net.URL)3
PublicKey (java.security.PublicKey)3
Map (java.util.Map)3
SecretKeySpec (javax.crypto.spec.SecretKeySpec)3
MemoryPayload (com.disney.uriparcel.MemoryPayload)2
