Example 1 with Secret
use of io.hops.hopsworks.common.security.utils.Secret in project hopsworks by logicalclocks.
the class ApiKeyController method getApiKey.
/**
* @param key
* @return
* @throws ApiKeyException
*/
public ApiKey getApiKey(String key) throws ApiKeyException {
String[] parts = key.split(Secret.KEY_ID_SEPARATOR_REGEX);
if (parts.length < 2) {
throw new ApiKeyException(RESTCodes.ApiKeyErrorCode.KEY_NOT_FOUND, Level.FINE);
}
ApiKey apiKey = apiKeyFacade.findByPrefix(parts[0]);
if (apiKey == null) {
throw new ApiKeyException(RESTCodes.ApiKeyErrorCode.KEY_NOT_FOUND, Level.FINE);
}
// ___MinLength can be set to 0 b/c no validation is needed if the key was in db
Secret secret = new Secret(parts[0], parts[1], apiKey.getSalt());
if (!secret.getSha256HexDigest().equals(apiKey.getSecret())) {
throw new ApiKeyException(RESTCodes.ApiKeyErrorCode.KEY_NOT_FOUND, Level.FINE);
}
return apiKey;
}
Also used :
ApiKeyException(io.hops.hopsworks.exceptions.ApiKeyException)
Secret(io.hops.hopsworks.common.security.utils.Secret)
ApiKey(io.hops.hopsworks.persistence.entity.user.security.apiKey.ApiKey)
Example 2 with Secret
use of io.hops.hopsworks.common.security.utils.Secret in project hopsworks by logicalclocks.
the class ApiKeyController method generateApiKey.
private Secret generateApiKey() throws ApiKeyException {
int retry = RETRY_KEY_CREATION;
Secret secret = securityUtils.generateSecret();
while ((apiKeyFacade.findByPrefix(secret.getPrefix()) != null || !secret.validateSize()) && (retry-- > 0)) {
secret = securityUtils.generateSecret();
}
if (retry < 1) {
throw new ApiKeyException(RESTCodes.ApiKeyErrorCode.KEY_NOT_CREATED, Level.SEVERE, "Failed to generate unique key prefix after " + RETRY_KEY_CREATION + " retries.");
}
return secret;
}
Also used :
Secret(io.hops.hopsworks.common.security.utils.Secret)
ApiKeyException(io.hops.hopsworks.exceptions.ApiKeyException)
Example 3 with Secret
use of io.hops.hopsworks.common.security.utils.Secret in project hopsworks by logicalclocks.
the class UsersController method createNewUser.
/**
* Create a new user
*
* @param newUser
* @param accountStatus
* @param accountType
* @return
*/
public Users createNewUser(UserDTO newUser, UserAccountStatus accountStatus, UserAccountType accountType) {
String otpSecret = securityUtils.calculateSecretKey();
String activationKey = securityUtils.generateSecureRandomString();
String uname = generateUsername(newUser.getEmail());
List<BbcGroup> groups = new ArrayList<>();
Secret secret = securityUtils.generateSecret(newUser.getChosenPassword());
Timestamp now = new Timestamp(new Date().getTime());
int maxNumProjects = newUser.getMaxNumProjects() > 0 ? newUser.getMaxNumProjects() : settings.getMaxNumProjPerUser();
Users user = new Users(uname, secret.getSha256HexDigest(), newUser.getEmail(), newUser.getFirstName(), newUser.getLastName(), now, "-", "-", accountStatus, otpSecret, activationKey, now, ValidationKeyType.EMAIL, accountType, now, maxNumProjects, newUser.isTwoFactor(), secret.getSalt(), newUser.getToursState());
user.setBbcGroupCollection(groups);
return user;
}Example 4 with Secret
use of io.hops.hopsworks.common.security.utils.Secret in project hopsworks by logicalclocks.
the class UsersController method changePassword.
private void changePassword(Users user, String newPassword, String confirmedPassword) throws UserException {
if (userValidator.isValidPassword(newPassword, confirmedPassword)) {
try {
Secret secret = securityUtils.generateSecret(newPassword);
authController.changePassword(user, secret);
} catch (Exception ex) {
throw new UserException(RESTCodes.UserErrorCode.PASSWORD_RESET_UNSUCCESSFUL, Level.SEVERE, null, ex.getMessage(), ex);
}
}
}
Also used :
Secret(io.hops.hopsworks.common.security.utils.Secret)
UserException(io.hops.hopsworks.exceptions.UserException)
MessagingException(javax.mail.MessagingException)
WriterException(com.google.zxing.WriterException)
IOException(java.io.IOException)
ServiceException(io.hops.hopsworks.exceptions.ServiceException)
UserException(io.hops.hopsworks.exceptions.UserException)
ConstraintViolationException(javax.validation.ConstraintViolationException)
Example 5 with Secret
use of io.hops.hopsworks.common.security.utils.Secret in project hopsworks by logicalclocks.
the class UsersController method createNewRemoteUser.
/**
* Remote user
* @param email
* @param fname
* @param lname
* @param pwd
* @param accStatus
* @return
*/
public Users createNewRemoteUser(String email, String fname, String lname, String pwd, UserAccountStatus accStatus) {
String uname = generateUsername(email);
List<BbcGroup> groups = new ArrayList<>();
Secret secret = securityUtils.generateSecret(pwd);
Users user = new Users(uname, secret.getSha256HexDigest(), email, fname, lname, new Timestamp(new Date().getTime()), "-", "-", accStatus, UserAccountType.REMOTE_ACCOUNT_TYPE, new Timestamp(new Date().getTime()), settings.getMaxNumProjPerUser(), secret.getSalt());
user.setBbcGroupCollection(groups);
return user;
}Aggregations
Secret (io.hops.hopsworks.common.security.utils.Secret)8
ApiKeyException (io.hops.hopsworks.exceptions.ApiKeyException)3
UserException (io.hops.hopsworks.exceptions.UserException)3
Date (java.util.Date)3
WriterException (com.google.zxing.WriterException)2
ServiceException (io.hops.hopsworks.exceptions.ServiceException)2
BbcGroup (io.hops.hopsworks.persistence.entity.user.BbcGroup)2
Users (io.hops.hopsworks.persistence.entity.user.Users)2
ApiKey (io.hops.hopsworks.persistence.entity.user.security.apiKey.ApiKey)2
IOException (java.io.IOException)2
Timestamp (java.sql.Timestamp)2
ArrayList (java.util.ArrayList)2
MessagingException (javax.mail.MessagingException)2
ConstraintViolationException (javax.validation.ConstraintViolationException)2
ApiKeyScope (io.hops.hopsworks.persistence.entity.user.security.apiKey.ApiKeyScope)1
