use of com.fathomdb.jdbc.JdbcTransaction in project platformlayer by platformlayer.
the class JdbcUserRepository method addUserToProject.
@Override
@JdbcTransaction
public void addUserToProject(String username, String projectKey, CryptoKey projectSecret, List<RoleId> roles) throws RepositoryException {
DbHelper db = new DbHelper();
try {
UserEntity user = db.findUserByKey(username);
if (user == null) {
throw new RepositoryException("User not found");
}
ProjectEntity project = db.findProjectByKey(projectKey);
if (project == null) {
throw new RepositoryException("Project not found");
}
byte[] projectSecretData = FathomdbCrypto.serialize(projectSecret);
PublicKey userPublicKey = user.getPublicKey();
byte[] newSecretData;
try {
SecretStore store = new SecretStore(project.secretData);
Writer writer = store.buildWriter();
writer.writeAsymetricUserKey(projectSecretData, user.id, userPublicKey);
writer.close();
store.appendContents(writer);
newSecretData = store.getEncoded();
} catch (IOException e) {
throw new RepositoryException("Error writing secrets", e);
}
db.updateProjectSecret(project.id, newSecretData);
UserProjectEntity userProjectEntity = new UserProjectEntity();
userProjectEntity.userId = user.id;
userProjectEntity.projectId = project.id;
userProjectEntity.addRoles(roles);
db.insertUserProject(userProjectEntity);
} catch (SQLException e) {
throw new RepositoryException("Error reading groups", e);
} finally {
db.close();
}
}
use of com.fathomdb.jdbc.JdbcTransaction in project platformlayer by platformlayer.
the class JdbcUserRepository method listAllUserNames.
@Override
@JdbcTransaction
public List<String> listAllUserNames(String prefix) throws RepositoryException {
String match;
if (prefix == null) {
match = "%";
} else {
match = prefix + "%";
}
DbHelper db = new DbHelper();
try {
return db.listUsers(match);
} catch (SQLException e) {
throw new RepositoryException("Error listing users", e);
} finally {
db.close();
}
}
use of com.fathomdb.jdbc.JdbcTransaction in project platformlayer by platformlayer.
the class JdbcUserRepository method findUserByPublicKey.
@Override
@JdbcTransaction
public UserEntity findUserByPublicKey(byte[] publicKeyHash) throws RepositoryException {
DbHelper db = new DbHelper();
try {
// We could do a join here, but we may want to do more verification in future....
// e.g. are collisions a possibility?
UserCertEntity userCert = db.findUserByPublicKeyHash(publicKeyHash);
if (userCert == null) {
return null;
}
UserEntity user = db.findUserById(userCert.userId);
return user;
} catch (SQLException e) {
throw new RepositoryException("Error reading user", e);
} finally {
db.close();
}
}
use of com.fathomdb.jdbc.JdbcTransaction in project platformlayer by platformlayer.
the class JdbcUserRepository method createUser.
@Override
@JdbcTransaction
public UserEntity createUser(String userName, String password, Certificate[] certificateChain) throws RepositoryException {
DbHelper db = new DbHelper();
try {
byte[] secretData;
byte[] publicKeyHash = null;
CryptoKey userSecretKey = FathomdbCrypto.generateKey();
try {
byte[] userSecret = FathomdbCrypto.serialize(userSecretKey);
ByteArrayOutputStream baos = new ByteArrayOutputStream();
SecretStore.Writer writer = new SecretStore.Writer(baos);
// For password auth
if (password != null) {
writer.writeUserPassword(userSecret, password);
}
// For token auth
{
byte[] tokenSecret = CryptoUtils.generateSecureRandom(userSecret.length);
writer.writeLockedByToken(userSecret, UserEntity.TOKEN_ID_DEFAULT, tokenSecret);
}
// For certificate auth
if (certificateChain != null) {
Certificate certificate = certificateChain[0];
PublicKey publicKey = certificate.getPublicKey();
publicKeyHash = OpenSshUtils.getSignature(publicKey).toByteArray();
writer.writeGenericAsymetricKey(userSecret, publicKey);
}
writer.close();
secretData = baos.toByteArray();
} catch (IOException e) {
throw new RepositoryException("Error encrypting secrets", e);
}
byte[] hashedPassword = null;
if (password != null) {
hashedPassword = PasswordHash.doPasswordHash(password);
}
// This keypair is for grants etc. The client doesn't (currently) get access to the private key
KeyPair userRsaKeyPair = RsaUtils.generateRsaKeyPair(RsaUtils.SMALL_KEYSIZE);
byte[] privateKeyData = RsaUtils.serialize(userRsaKeyPair.getPrivate());
privateKeyData = FathomdbCrypto.encrypt(userSecretKey, privateKeyData);
byte[] publicKeyData = RsaUtils.serialize(userRsaKeyPair.getPublic());
db.insertUser(userName, hashedPassword, secretData, publicKeyData, privateKeyData);
UserEntity user = findUser(userName);
if (password != null) {
user.unlockWithPassword(password);
}
if (publicKeyHash != null) {
UserCertEntity userCert = new UserCertEntity();
// TODO: Retry on collision
Random random = new Random();
userCert.id = random.nextInt();
userCert.userId = user.id;
userCert.publicKeyHash = publicKeyHash;
db.insertUserCert(userCert);
}
return user;
} catch (SQLException e) {
throw new RepositoryException("Error creating user", e);
} finally {
db.close();
}
}
use of com.fathomdb.jdbc.JdbcTransaction in project platformlayer by platformlayer.
the class JdbcUserRepository method createProject.
@Override
@JdbcTransaction
public ProjectEntity createProject(String key, OpsUser ownerObject) throws RepositoryException {
UserEntity owner = (UserEntity) ownerObject;
if (owner.id == 0 || owner.isLocked()) {
throw new IllegalArgumentException();
}
DbHelper db = new DbHelper();
try {
ProjectEntity project;
byte[] secretData;
byte[] metadata;
try {
CryptoKey projectSecret = FathomdbCrypto.generateKey();
byte[] plaintext = FathomdbCrypto.serialize(projectSecret);
ByteArrayOutputStream baos = new ByteArrayOutputStream();
SecretStore.Writer writer = new SecretStore.Writer(baos);
writer.writeLockedByUserKey(plaintext, owner.id, owner.getUserSecret());
writer.close();
secretData = baos.toByteArray();
String metadataString = key + "\0";
byte[] metadataPlaintext = Utf8.getBytes(metadataString);
metadata = FathomdbCrypto.encrypt(projectSecret, metadataPlaintext);
project = new ProjectEntity();
project.setProjectSecret(projectSecret);
KeyPair projectRsaKeyPair = RsaUtils.generateRsaKeyPair(RsaUtils.SMALL_KEYSIZE);
project.setPublicKey(projectRsaKeyPair.getPublic());
project.setPrivateKey(projectRsaKeyPair.getPrivate());
} catch (IOException e) {
throw new RepositoryException("Error encrypting secrets", e);
}
int rows = db.createProject(key, secretData, metadata, project.publicKeyData, project.privateKeyData);
if (rows != 1) {
throw new RepositoryException("Unexpected number of rows inserted");
}
ProjectEntity created = findProjectByKey(db, key);
if (created == null) {
throw new RepositoryException("Created project not found");
}
UserProjectEntity userProjectEntity = new UserProjectEntity();
userProjectEntity.userId = owner.id;
userProjectEntity.projectId = created.id;
userProjectEntity.addRole(RoleId.OWNER);
db.insertUserProject(userProjectEntity);
return created;
} catch (SQLException e) {
throw new RepositoryException("Error creating project", e);
} finally {
db.close();
}
}
Aggregations