Examples with Key org.apache.nifi.key.Key used on opensource projects

Example 1 with Key

use of org.apache.nifi.key.Key in project nifi by apache.

the class JwtService method generateSignedToken.

/**
 * Generates a signed JWT token from the provided (Spring Security) login authentication token.
 *
 * @param authenticationToken an instance of the Spring Security token after login credentials have been verified against the respective information source
 * @return a signed JWT containing the user identity and the identity provider, Base64-encoded
 * @throws JwtException if there is a problem generating the signed token
 */
public String generateSignedToken(final LoginAuthenticationToken authenticationToken) throws JwtException {
    if (authenticationToken == null) {
        throw new IllegalArgumentException("Cannot generate a JWT for a null authentication token");
    }
    // Set expiration from the token
    final Calendar expiration = Calendar.getInstance();
    expiration.setTimeInMillis(authenticationToken.getExpiration());
    final Object principal = authenticationToken.getPrincipal();
    if (principal == null || StringUtils.isEmpty(principal.toString())) {
        final String errorMessage = "Cannot generate a JWT for a token with an empty identity issued by " + authenticationToken.getIssuer();
        logger.error(errorMessage);
        throw new JwtException(errorMessage);
    }
    // Create a JWT with the specified authentication
    final String identity = principal.toString();
    final String username = authenticationToken.getName();
    try {
        // Get/create the key for this user
        final Key key = keyService.getOrCreateKey(identity);
        final byte[] keyBytes = key.getKey().getBytes(StandardCharsets.UTF_8);
        logger.trace("Generating JWT for " + authenticationToken);
        // Build the token
        return Jwts.builder().setSubject(identity).setIssuer(authenticationToken.getIssuer()).setAudience(authenticationToken.getIssuer()).claim(USERNAME_CLAIM, username).claim(KEY_ID_CLAIM, key.getId()).setExpiration(expiration.getTime()).setIssuedAt(Calendar.getInstance().getTime()).signWith(SIGNATURE_ALGORITHM, keyBytes).compact();
    } catch (NullPointerException | AdministrationException e) {
        final String errorMessage = "Could not retrieve the signing key for JWT for " + identity;
        logger.error(errorMessage, e);
        throw new JwtException(errorMessage, e);
    }
}

Example 2 with Key

use of org.apache.nifi.key.Key in project nifi by apache.

the class JwtServiceTest method setUp.

@Before
public void setUp() throws Exception {
    final Key key = new Key();
    key.setId(1);
    key.setIdentity(DEFAULT_IDENTITY);
    key.setKey(HMAC_SECRET);
    mockKeyService = Mockito.mock(KeyService.class);
    when(mockKeyService.getKey(anyInt())).thenReturn(key);
    when(mockKeyService.getOrCreateKey(anyString())).thenReturn(key);
    jwtService = new JwtService(mockKeyService);
}

Example 3 with Key

use of org.apache.nifi.key.Key in project nifi by apache.

the class StandardKeyDAO method findLatestKeyByIdentity.

@Override
public Key findLatestKeyByIdentity(String identity) {
    if (identity == null) {
        throw new IllegalArgumentException("Specified identity cannot be null.");
    }
    Key key = null;
    PreparedStatement statement = null;
    ResultSet rs = null;
    try {
        // add each authority for the specified user
        statement = connection.prepareStatement(SELECT_KEY_FOR_USER_BY_IDENTITY);
        statement.setString(1, identity);
        // execute the query
        rs = statement.executeQuery();
        // if the key was found, add it
        if (rs.next()) {
            key = new Key();
            key.setId(rs.getInt("ID"));
            key.setIdentity(rs.getString("IDENTITY"));
            key.setKey(rs.getString("KEY"));
        }
    } catch (SQLException sqle) {
        throw new DataAccessException(sqle);
    } finally {
        RepositoryUtils.closeQuietly(rs);
        RepositoryUtils.closeQuietly(statement);
    }
    return key;
}

Example 4 with Key

use of org.apache.nifi.key.Key in project nifi by apache.

the class StandardKeyService method getOrCreateKey.

@Override
public Key getOrCreateKey(String identity) {
    Transaction transaction = null;
    Key key = null;
    writeLock.lock();
    try {
        // start the transaction
        transaction = transactionBuilder.start();
        // get or create a key
        GetOrCreateKeyAction addActions = new GetOrCreateKeyAction(identity);
        key = transaction.execute(addActions);
        // commit the transaction
        transaction.commit();
    } catch (TransactionException | DataAccessException te) {
        rollback(transaction);
        throw new AdministrationException(te);
    } catch (Throwable t) {
        rollback(transaction);
        throw t;
    } finally {
        closeQuietly(transaction);
        writeLock.unlock();
    }
    return key;
}

Example 5 with Key

use of org.apache.nifi.key.Key in project nifi by apache.

the class StandardKeyService method getKey.

@Override
public Key getKey(int id) {
    Transaction transaction = null;
    Key key = null;
    readLock.lock();
    try {
        // start the transaction
        transaction = transactionBuilder.start();
        // get the key
        GetKeyByIdAction addActions = new GetKeyByIdAction(id);
        key = transaction.execute(addActions);
        // commit the transaction
        transaction.commit();
    } catch (TransactionException | DataAccessException te) {
        rollback(transaction);
        throw new AdministrationException(te);
    } catch (Throwable t) {
        rollback(transaction);
        throw t;
    } finally {
        closeQuietly(transaction);
        readLock.unlock();
    }
    return key;
}