Examples with ObjectInputStream java.io.ObjectInputStream used on opensource projects

Example 46 with ObjectInputStream

use of java.io.ObjectInputStream in project camel by apache.

the class ShiroSecurityProcessor method applySecurityPolicy.

private void applySecurityPolicy(Exchange exchange) throws Exception {
    ByteSource encryptedToken;
    // if we have username and password as headers then use them to create a token
    String username = exchange.getIn().getHeader(ShiroSecurityConstants.SHIRO_SECURITY_USERNAME, String.class);
    String password = exchange.getIn().getHeader(ShiroSecurityConstants.SHIRO_SECURITY_PASSWORD, String.class);
    if (username != null && password != null) {
        ShiroSecurityToken token = new ShiroSecurityToken(username, password);
        // store the token as header, either as base64 or as the object as-is
        if (policy.isBase64()) {
            ByteSource bytes = ShiroSecurityHelper.encrypt(token, policy.getPassPhrase(), policy.getCipherService());
            String base64 = bytes.toBase64();
            exchange.getIn().setHeader(ShiroSecurityConstants.SHIRO_SECURITY_TOKEN, base64);
        } else {
            exchange.getIn().setHeader(ShiroSecurityConstants.SHIRO_SECURITY_TOKEN, token);
        }
        // and now remove the headers as we turned those into the token instead
        exchange.getIn().removeHeader(ShiroSecurityConstants.SHIRO_SECURITY_USERNAME);
        exchange.getIn().removeHeader(ShiroSecurityConstants.SHIRO_SECURITY_PASSWORD);
    }
    Object token = ExchangeHelper.getMandatoryHeader(exchange, ShiroSecurityConstants.SHIRO_SECURITY_TOKEN, Object.class);
    // we support the token in a number of ways
    if (token instanceof ShiroSecurityToken) {
        ShiroSecurityToken sst = (ShiroSecurityToken) token;
        encryptedToken = ShiroSecurityHelper.encrypt(sst, policy.getPassPhrase(), policy.getCipherService());
        // Remove unencrypted token + replace with an encrypted token
        exchange.getIn().removeHeader(ShiroSecurityConstants.SHIRO_SECURITY_TOKEN);
        exchange.getIn().setHeader(ShiroSecurityConstants.SHIRO_SECURITY_TOKEN, encryptedToken);
    } else if (token instanceof String) {
        String data = (String) token;
        if (policy.isBase64()) {
            byte[] bytes = Base64.decode(data);
            encryptedToken = ByteSource.Util.bytes(bytes);
        } else {
            encryptedToken = ByteSource.Util.bytes(data);
        }
    } else if (token instanceof ByteSource) {
        encryptedToken = (ByteSource) token;
    } else {
        throw new CamelExchangeException("Shiro security header " + ShiroSecurityConstants.SHIRO_SECURITY_TOKEN + " is unsupported type: " + ObjectHelper.classCanonicalName(token), exchange);
    }
    ByteSource decryptedToken = policy.getCipherService().decrypt(encryptedToken.getBytes(), policy.getPassPhrase());
    ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(decryptedToken.getBytes());
    ObjectInputStream objectInputStream = new ObjectInputStream(byteArrayInputStream);
    ShiroSecurityToken securityToken;
    try {
        securityToken = (ShiroSecurityToken) objectInputStream.readObject();
    } finally {
        IOHelper.close(objectInputStream, byteArrayInputStream);
    }
    Subject currentUser = SecurityUtils.getSubject();
    // Authenticate user if not authenticated
    try {
        authenticateUser(currentUser, securityToken);
        // Test whether user's role is authorized to perform functions in the permissions list
        authorizeUser(currentUser, exchange);
    } finally {
        if (policy.isAlwaysReauthenticate()) {
            currentUser.logout();
        }
    }
}

Example 47 with ObjectInputStream

use of java.io.ObjectInputStream in project okio by square.

the class TestUtil method reserialize.

/** Serializes original to bytes, then deserializes those bytes and returns the result. */
// Assume serialization doesn't change types.
@SuppressWarnings("unchecked")
public static <T extends Serializable> T reserialize(T original) throws Exception {
    Buffer buffer = new Buffer();
    ObjectOutputStream out = new ObjectOutputStream(buffer.outputStream());
    out.writeObject(original);
    ObjectInputStream in = new ObjectInputStream(buffer.inputStream());
    return (T) in.readObject();
}

Example 48 with ObjectInputStream

use of java.io.ObjectInputStream in project spring-security-oauth by spring-projects.

the class SerializationUtils method deserialize.

public static <T> T deserialize(byte[] byteArray) {
    ObjectInputStream oip = null;
    try {
        oip = new ConfigurableObjectInputStream(new ByteArrayInputStream(byteArray), Thread.currentThread().getContextClassLoader());
        @SuppressWarnings("unchecked") T result = (T) oip.readObject();
        return result;
    } catch (IOException e) {
        throw new IllegalArgumentException(e);
    } catch (ClassNotFoundException e) {
        throw new IllegalArgumentException(e);
    } finally {
        if (oip != null) {
            try {
                oip.close();
            } catch (IOException e) {
            // eat it
            }
        }
    }
}

Example 49 with ObjectInputStream

use of java.io.ObjectInputStream in project japid42 by branaway.

the class JapidRenderer method recoverClasses.

/**
	 * @author Bing Ran (bing.ran@gmail.com)
	 */
@SuppressWarnings("unchecked")
private static void recoverClasses() {
    String templateRoot = getClassCacheRoot();
    FileInputStream fos;
    File file = new File(new File(templateRoot), JAPID_CLASSES_CACHE);
    try {
        if (file.exists()) {
            // discard it if the file is too old
            long t = System.currentTimeMillis();
            if (t - file.lastModified() > 10000) {
                // too old
                JapidFlags.debug("the japid cache was too old. discarded.");
                file.delete();
            } else {
                fos = new FileInputStream(file);
                BufferedInputStream bos = new BufferedInputStream(fos);
                ObjectInputStream ois = new ObjectInputStream(bos);
                String version = (String) ois.readObject();
                JapidFlags.debug("Japid version: " + VERSION + ". JapidCache version: " + version);
                if (!version.equals(VERSION)) {
                    JapidFlags.debug("Japid classes mismatch. Discard cache.");
                } else {
                    japidClasses = (Map<String, RendererClass>) ois.readObject();
                    resourceJars = (HashSet<File>) ois.readObject();
                    HashSet<File> versionCheckedDirs = (HashSet<File>) ois.readObject();
                    JapidFlags.setVersionCheckedDirs(versionCheckedDirs);
                    JapidFlags.debug("recovered Japid classes from cache");
                }
                ois.close();
            }
        }
    } catch (Exception e) {
        JapidFlags.info("error in recovering class cache. Ignored: " + e);
    // e.printStackTrace();
    } finally {
        if (file.exists()) {
            file.delete();
        }
    }
}

Example 50 with ObjectInputStream

use of java.io.ObjectInputStream in project HanLP by hankcs.

the class CharTable method loadBin.

private static boolean loadBin(String path) {
    try {
        ObjectInputStream in = new ObjectInputStream(IOUtil.newInputStream(path));
        CONVERT = (char[]) in.readObject();
        in.close();
    } catch (Exception e) {
        logger.warning("字符正规化表缓存加载失败，原因如下：" + e);
        return false;
    }
    return true;
}