Examples with SEPASecurityException it.unibo.arces.wot.sepa.commons.exceptions.SEPASecurityException used on opensource projects

Example 46 with SEPASecurityException

use of it.unibo.arces.wot.sepa.commons.exceptions.SEPASecurityException in project SEPA by arces-wot.

the class Credentials method serialize.

public byte[] serialize() throws SEPASecurityException {
    ByteArrayOutputStream bos = new ByteArrayOutputStream();
    ObjectOutput out = null;
    try {
        out = new ObjectOutputStream(bos);
        out.writeObject(this);
        out.flush();
        return bos.toByteArray();
    } catch (IOException e) {
        logger.error(e.getMessage());
        throw new SEPASecurityException("Serialize exception: " + e.getMessage());
    } finally {
        try {
            bos.close();
        } catch (IOException ex) {
        }
    }
}

Example 47 with SEPASecurityException

use of it.unibo.arces.wot.sepa.commons.exceptions.SEPASecurityException in project SEPA by arces-wot.

the class Encryption method decrypt.

/**
 * Decrypt.
 *
 * @param encryptedData the encrypted data
 * @return the string
 * @throws SEPASecurityException
 */
String decrypt(String encryptedData) throws SEPASecurityException {
    Cipher c;
    try {
        c = Cipher.getInstance(ALGO);
    } catch (NoSuchAlgorithmException | NoSuchPaddingException e) {
        if (logger.isTraceEnabled())
            e.printStackTrace();
        throw new SEPASecurityException(e.getMessage());
    }
    try {
        c.init(Cipher.DECRYPT_MODE, key);
    } catch (InvalidKeyException e) {
        if (logger.isTraceEnabled())
            e.printStackTrace();
        throw new SEPASecurityException(e.getMessage());
    }
    byte[] decoded;
    try {
        decoded = Base64.getDecoder().decode(encryptedData);
    } catch (IllegalArgumentException e) {
        if (logger.isTraceEnabled())
            e.printStackTrace();
        throw new SEPASecurityException(e.getMessage());
    }
    byte[] decrypted;
    try {
        decrypted = c.doFinal(decoded);
    } catch (IllegalBlockSizeException | BadPaddingException e) {
        if (logger.isTraceEnabled())
            e.printStackTrace();
        throw new SEPASecurityException(e.getMessage());
    }
    return new String(decrypted);
}

Example 48 with SEPASecurityException

use of it.unibo.arces.wot.sepa.commons.exceptions.SEPASecurityException in project SEPA by arces-wot.

the class Encryption method encrypt.

/**
 * Encrypt.
 *
 * @param Data the data
 * @return the string
 * @throws SEPASecurityException
 */
String encrypt(String Data) throws SEPASecurityException {
    Cipher c;
    try {
        c = Cipher.getInstance(ALGO);
        c.init(Cipher.ENCRYPT_MODE, key);
        return new String(Base64.getEncoder().encode(c.doFinal(Data.getBytes("UTF-8"))));
    } catch (Exception e) {
        throw new SEPASecurityException(e);
    }
}

Example 49 with SEPASecurityException

use of it.unibo.arces.wot.sepa.commons.exceptions.SEPASecurityException in project SEPA by arces-wot.

the class LdapSecurityManager method getUserExpiringPeriod.

@Override
public long getUserExpiringPeriod() throws SEPASecurityException {
    logger.log(Level.getLevel("ldap"), "[LDAP] getUserExpiringPeriod " + "uid=user,uid=expiring,ou=jwt," + prop.getBase(), "(objectclass=*)");
    bind();
    try {
        cursor = ldap.search("uid=user,uid=expiring,ou=jwt," + prop.getBase(), "(objectclass=*)", SearchScope.OBJECT, "*");
        if (!cursor.next())
            throw new SEPASecurityException("uid=user,uid=expiring,ou=jwt," + prop.getBase() + " NOT FOUND");
        if (cursor.get().get("pwdGraceExpire") == null)
            throw new SEPASecurityException("uid=user,uid=expiring,ou=jwt," + prop.getBase() + " pwdGraceExpire NOT FOUND");
        return Long.parseLong(cursor.get().get("pwdGraceExpire").getString());
    } catch (LdapException | CursorException e) {
        logger.error("getUserExpiringPeriod exception " + e.getMessage());
        throw new SEPASecurityException("getUserExpiringPeriod exception " + e.getMessage());
    } finally {
        unbind();
    }
}

Example 50 with SEPASecurityException

use of it.unibo.arces.wot.sepa.commons.exceptions.SEPASecurityException in project SEPA by arces-wot.

the class SecurityManager method register.

/**
 * <pre>
 * POST https://wot.arces.unibo.it:8443/oauth/token
 *
 * Accept: application/json
 * Content-Type: application/json
 *
 * {
 *  "client_identity": ”<ClientIdentity>",
 *  "grant_types": ["client_credentials"]
 * }
 *
 * Response example:
 *
 * {
 *  "clientId": "889d02cf-16dd-4934-9341-a754088faxyz",
 *  "clientSecret": "ahd5MU42J0hIxPXzhUhjJHt2d0Oc5M6B644CtuwUlE9zpSuF14-kXYZ",
 *  "signature" : JWK RSA public key (can be used to verify the signature),
 *  "authorized" : Boolean
 * }
 *
 * In case of error, the following applies:
 *	{
 *	"error":"Unless specified otherwise see RFC6749. Otherwise, this is specific of the SPARQL 1.1 SE Protocol",
 *	"error_description":"Unless specified otherwise, see RFC6749. Otherwise, this is specific of the SPARQL 1.1 SE Protocol", (OPTIONAL)
 *	"status_code" : the HTTP status code (would be 400 for Oauth 2.0 errors).
 *	}
 * </pre>
 *
 * Create client credentials for an authorized identity
 *
 * @param identity the client identity to be registered
 * @throws SEPASecurityException
 */
public synchronized Response register(String uid) {
    logger.info("REGISTER: " + uid);
    // Check if entity is authorized to request credentials
    try {
        if (!isAuthorized(uid)) {
            logger.warn("Not authorized identity " + uid);
            return new ErrorResponse(HttpStatus.SC_UNAUTHORIZED, "not_authorized_identity", "Client " + uid + " is not authorized");
        }
    } catch (SEPASecurityException e) {
        logger.error(e.getMessage());
        return new ErrorResponse(HttpStatus.SC_UNAUTHORIZED, "not_authorized_identity", "Exception on authorizing client " + uid + " " + e.getMessage());
    }
    // Generate password
    String client_secret = UUID.randomUUID().toString();
    boolean forTesting = false;
    try {
        forTesting = isForTesting(uid);
    } catch (SEPASecurityException e1) {
        logger.error(e1.getMessage());
        return new ErrorResponse(HttpStatus.SC_UNAUTHORIZED, "check_for_testing", "Exception on for test checking " + uid + " " + e1.getMessage());
    }
    if (forTesting)
        client_secret = uid;
    // Store credentials
    try {
        boolean res = storeCredentials(getIdentity(uid), client_secret);
        if (!res) {
            return new ErrorResponse(HttpStatus.SC_UNAUTHORIZED, "storing_credentials", "Failed to store credentials for uid:" + uid);
        }
    } catch (SEPASecurityException e) {
        logger.error(e.getMessage());
        return new ErrorResponse(HttpStatus.SC_UNAUTHORIZED, "storing_credentials", "Exception on storing credentials " + uid + " " + e.getMessage());
    }
    // One time registration (not removed for testing purposes)
    if (!forTesting)
        try {
            removeAuthorizedIdentity(uid);
        } catch (SEPASecurityException e) {
            logger.error(e.getMessage());
            return new ErrorResponse(HttpStatus.SC_UNAUTHORIZED, "remove_identity", "Exception on removing identity " + uid + " " + e.getMessage());
        }
    return new RegistrationResponse(uid, client_secret, jwkPublicKey);
}