use of com.orientechnologies.orient.core.metadata.security.OToken in project orientdb by orientechnologies.
the class OTokenHandlerImplTest method testTokenForge.
@Test
public void testTokenForge() throws InvalidKeyException, NoSuchAlgorithmException, IOException {
ODatabaseDocumentTx db = new ODatabaseDocumentTx("memory:" + OTokenHandlerImplTest.class.getSimpleName());
db.create();
try {
OSecurityUser original = db.getUser();
OTokenHandlerImpl handler = new OTokenHandlerImpl("any key".getBytes(), 60, "HmacSHA256");
byte[] token = handler.getSignedWebToken(db, original);
byte[] token2 = handler.getSignedWebToken(db, original);
String s = new String(token);
String s2 = new String(token2);
String newS = s.substring(0, s.lastIndexOf('.')) + s2.substring(s2.lastIndexOf('.'));
OToken tok = handler.parseWebToken(newS.getBytes());
assertNotNull(tok);
assertFalse(tok.getIsVerified());
} finally {
db.drop();
}
}
use of com.orientechnologies.orient.core.metadata.security.OToken in project orientdb by orientechnologies.
the class OTokenHandlerImplTest method testTokenRenew.
@Test
public void testTokenRenew() {
ODatabaseDocumentTx db = new ODatabaseDocumentTx("memory:" + OTokenHandlerImplTest.class.getSimpleName());
db.create();
try {
OSecurityUser original = db.getUser();
OTokenHandlerImpl handler = new OTokenHandlerImpl("any key".getBytes(), 60, "HmacSHA256");
ONetworkProtocolData data = new ONetworkProtocolData();
data.driverName = "aa";
data.driverVersion = "aa";
data.serializationImpl = "a";
data.protocolVersion = 2;
byte[] token = handler.getSignedBinaryToken(db, original, data);
OToken tok = handler.parseBinaryToken(token);
tok.setExpiry(System.currentTimeMillis() + (handler.getSessionInMills() / 2) - 1);
token = handler.renewIfNeeded(tok);
assertTrue(token.length != 0);
} finally {
db.drop();
}
}
use of com.orientechnologies.orient.core.metadata.security.OToken in project orientdb by orientechnologies.
the class OTokenHandlerImplTest method testBinartTokenCreationValidation.
@Test
public void testBinartTokenCreationValidation() throws InvalidKeyException, NoSuchAlgorithmException, IOException {
ODatabaseDocumentTx db = new ODatabaseDocumentTx("memory:" + OTokenHandlerImplTest.class.getSimpleName());
db.create();
try {
OSecurityUser original = db.getUser();
OTokenHandlerImpl handler = new OTokenHandlerImpl("any key".getBytes(), 60, "HmacSHA256");
ONetworkProtocolData data = new ONetworkProtocolData();
data.driverName = "aa";
data.driverVersion = "aa";
data.serializationImpl = "a";
data.protocolVersion = 2;
byte[] token = handler.getSignedBinaryToken(db, original, data);
OToken tok = handler.parseBinaryToken(token);
assertNotNull(tok);
assertTrue(tok.getIsVerified());
OUser user = tok.getUser(db);
assertEquals(user.getName(), original.getName());
boolean boole = handler.validateBinaryToken(tok);
assertTrue(boole);
assertTrue(tok.getIsValid());
} finally {
db.drop();
}
}
use of com.orientechnologies.orient.core.metadata.security.OToken in project orientdb by orientechnologies.
the class OClientConnection method validateSession.
public void validateSession(byte[] tokenFromNetwork, OTokenHandler handler, ONetworkProtocolBinary protocol) {
if (tokenFromNetwork == null || tokenFromNetwork.length == 0) {
if (!protocols.contains(protocol))
throw new OTokenSecurityException("No valid session found, provide a token");
} else {
//IF the byte from the network are the same of the one i have a don't check them
if (tokenBytes != null && tokenBytes.length > 0) {
if (// SAME SESSION AND TOKEN DO
tokenBytes.equals(tokenFromNetwork))
return;
}
OToken token = null;
try {
if (tokenFromNetwork != null)
token = handler.parseBinaryToken(tokenFromNetwork);
} catch (Exception e) {
throw OException.wrapException(new OSystemException("Error on token parse"), e);
}
if (token == null || !token.getIsVerified()) {
cleanSession();
protocol.getServer().getClientConnectionManager().disconnect(this);
throw new OTokenSecurityException("The token provided is not a valid token, signature does not match");
}
if (!handler.validateBinaryToken(token)) {
cleanSession();
protocol.getServer().getClientConnectionManager().disconnect(this);
throw new OTokenSecurityException("The token provided is expired");
}
if (tokenBased == null) {
tokenBased = Boolean.TRUE;
}
if (!Arrays.equals(this.tokenBytes, tokenFromNetwork))
cleanSession();
this.tokenBytes = tokenFromNetwork;
this.token = token;
protocols.add(protocol);
}
}
use of com.orientechnologies.orient.core.metadata.security.OToken in project orientdb by orientechnologies.
the class OClientConnectionManager method connect.
/**
* Create a connection.
*
* @param iProtocol
* protocol which will be used by connection
* @return new connection
* @throws IOException
*/
public OClientConnection connect(final ONetworkProtocol iProtocol, final OClientConnection connection, final byte[] tokenBytes, final OTokenHandler handler) throws IOException {
final OToken token;
try {
token = handler.parseBinaryToken(tokenBytes);
} catch (Exception e) {
throw OException.wrapException(new OTokenSecurityException("Error on token parsing"), e);
}
OClientSessions session;
synchronized (sessions) {
session = new OClientSessions(tokenBytes, token);
sessions.put(new OHashToken(tokenBytes), session);
}
connection.setTokenBytes(tokenBytes);
connection.setTokenBased(true);
connection.setToken(token);
session.addConnection(connection);
OLogManager.instance().config(this, "Remote client connected from: " + connection);
OServerPluginHelper.invokeHandlerCallbackOnClientConnection(iProtocol.getServer(), connection);
return connection;
}
Aggregations