Examples with SignatureTypeConverter io.getlime.security.powerauth.rest.api.jaxrs.converter.SignatureTypeConverter used on opensource projects

Example 1 with SignatureTypeConverter

use of io.getlime.security.powerauth.rest.api.jaxrs.converter.SignatureTypeConverter in project powerauth-restful-integration by lime-company.

the class SecureVaultController method unlockVault.

/**
 * Request the vault unlock key.
 * @param signatureHeader PowerAuth signature HTTP header.
 * @return PowerAuth RESTful response with {@link VaultUnlockResponse} payload.
 * @throws PowerAuthAuthenticationException In case authentication fails.
 */
@POST
@Consumes({ MediaType.APPLICATION_JSON })
@Produces({ MediaType.APPLICATION_JSON })
@Path("unlock")
public ObjectResponse<VaultUnlockResponse> unlockVault(@HeaderParam(PowerAuthSignatureHttpHeader.HEADER_NAME) String signatureHeader, ObjectRequest<VaultUnlockRequest> request, @Context HttpServletRequest httpServletRequest) throws PowerAuthAuthenticationException, PowerAuthSecureVaultException {
    try {
        PowerAuthSignatureHttpHeader header = new PowerAuthSignatureHttpHeader().fromValue(signatureHeader);
        try {
            PowerAuthSignatureHttpHeaderValidator.validate(header);
        } catch (InvalidPowerAuthHttpHeaderException e) {
            throw new PowerAuthAuthenticationException(e.getMessage());
        }
        SignatureTypeConverter converter = new SignatureTypeConverter();
        String activationId = header.getActivationId();
        String applicationId = header.getApplicationKey();
        String signature = header.getSignature();
        PowerAuthPortServiceStub.SignatureType signatureType = converter.convertFrom(header.getSignatureType());
        String nonce = header.getNonce();
        String reason = null;
        if (request != null) {
            VaultUnlockRequest vaultUnlockRequest = request.getRequestObject();
            if (vaultUnlockRequest != null && vaultUnlockRequest.getReason() != null) {
                reason = vaultUnlockRequest.getReason();
            }
        }
        String requestBodyString = ((String) httpServletRequest.getAttribute(PowerAuthRequestFilterBase.POWERAUTH_SIGNATURE_BASE_STRING));
        byte[] requestBodyBytes = requestBodyString == null ? null : BaseEncoding.base64().decode(requestBodyString);
        String data = PowerAuthHttpBody.getSignatureBaseString("POST", "/pa/vault/unlock", BaseEncoding.base64().decode(nonce), requestBodyBytes);
        PowerAuthPortServiceStub.VaultUnlockResponse soapResponse = powerAuthClient.unlockVault(activationId, applicationId, data, signature, signatureType, reason);
        if (!soapResponse.getSignatureValid()) {
            throw new PowerAuthAuthenticationException();
        }
        VaultUnlockResponse response = new VaultUnlockResponse();
        response.setActivationId(soapResponse.getActivationId());
        response.setEncryptedVaultEncryptionKey(soapResponse.getEncryptedVaultEncryptionKey());
        return new ObjectResponse<>(response);
    } catch (PowerAuthAuthenticationException ex) {
        throw ex;
    } catch (Exception ex) {
        throw new PowerAuthSecureVaultException();
    }
}

Example 2 with SignatureTypeConverter

use of io.getlime.security.powerauth.rest.api.jaxrs.converter.SignatureTypeConverter in project powerauth-restful-integration by lime-company.

the class TokenController method createToken.

@POST
@Consumes({ MediaType.APPLICATION_JSON })
@Produces({ MediaType.APPLICATION_JSON })
@Path("create")
public ObjectResponse<TokenCreateResponse> createToken(ObjectRequest<TokenCreateRequest> request, @HeaderParam(PowerAuthTokenHttpHeader.HEADER_NAME) String tokenHeader) throws RemoteException, PowerAuthAuthenticationException {
    try {
        PowerAuthApiAuthentication authentication = authenticationProvider.validateToken(tokenHeader, Arrays.asList(PowerAuthSignatureTypes.POSSESSION, PowerAuthSignatureTypes.POSSESSION_KNOWLEDGE, PowerAuthSignatureTypes.POSSESSION_BIOMETRY, PowerAuthSignatureTypes.POSSESSION_KNOWLEDGE_BIOMETRY));
        if (authentication != null && authentication.getActivationId() != null) {
            // Fetch activation ID and signature type
            final String activationId = authentication.getActivationId();
            final PowerAuthSignatureTypes signatureFactors = authentication.getSignatureFactors();
            // Fetch data from the request
            final TokenCreateRequest requestObject = request.getRequestObject();
            final String ephemeralPublicKey = requestObject.getEphemeralPublicKey();
            // Prepare a signature type converter
            SignatureTypeConverter converter = new SignatureTypeConverter();
            // Create a token
            final PowerAuthPortServiceStub.CreateTokenResponse token = powerAuthClient.createToken(activationId, ephemeralPublicKey, converter.convertFrom(signatureFactors));
            // Prepare a response
            final TokenCreateResponse responseObject = new TokenCreateResponse();
            responseObject.setMac(token.getMac());
            responseObject.setEncryptedData(token.getEncryptedData());
            return new ObjectResponse<>(responseObject);
        } else {
            throw new PowerAuthAuthenticationException();
        }
    } catch (PowerAuthAuthenticationException ex) {
        throw ex;
    } catch (Exception ex) {
        throw new PowerAuthAuthenticationException(ex.getMessage());
    }
}

Example 3 with SignatureTypeConverter

use of io.getlime.security.powerauth.rest.api.jaxrs.converter.SignatureTypeConverter in project powerauth-restful-integration by lime-company.

the class PowerAuthAuthenticationProvider method validateSignatureAuthentication.

/**
 * Validate signature based authentication.
 *
 * @param authentication Signature based authentication object.
 * @return API authentication object in case of successful authentication, null otherwise.
 */
private PowerAuthApiAuthentication validateSignatureAuthentication(PowerAuthSignatureAuthentication authentication) throws RemoteException {
    if (authentication.getSignatureType() != null) {
        SignatureTypeConverter converter = new SignatureTypeConverter();
        final PowerAuthPortServiceStub.SignatureType signatureType = converter.convertFrom(authentication.getSignatureType());
        PowerAuthPortServiceStub.VerifySignatureRequest soapRequest = new PowerAuthPortServiceStub.VerifySignatureRequest();
        soapRequest.setActivationId(authentication.getActivationId());
        soapRequest.setApplicationKey(authentication.getApplicationKey());
        soapRequest.setSignature(authentication.getSignature());
        soapRequest.setSignatureType(signatureType);
        soapRequest.setData(PowerAuthHttpBody.getSignatureBaseString(authentication.getHttpMethod(), authentication.getRequestUri(), authentication.getNonce(), authentication.getData()));
        PowerAuthPortServiceStub.VerifySignatureResponse soapResponse = powerAuthClient.verifySignature(soapRequest);
        if (soapResponse.getSignatureValid()) {
            PowerAuthApiAuthentication apiAuthentication = new PowerAuthApiAuthenticationImpl();
            apiAuthentication.setActivationId(soapResponse.getActivationId());
            apiAuthentication.setUserId(soapResponse.getUserId());
            apiAuthentication.setApplicationId(soapResponse.getApplicationId());
            apiAuthentication.setSignatureFactors(PowerAuthSignatureTypes.getEnumFromString(soapResponse.getSignatureType().getValue()));
            return apiAuthentication;
        } else {
            return null;
        }
    } else {
        return null;
    }
}