Example 6 with Key
use of org.apache.nifi.key.Key in project nifi by apache.
the class StandardKeyDAO method createKey.
@Override
public Key createKey(final String identity) {
PreparedStatement statement = null;
ResultSet rs = null;
try {
final String keyValue = UUID.randomUUID().toString();
// add each authority for the specified user
statement = connection.prepareStatement(INSERT_KEY, Statement.RETURN_GENERATED_KEYS);
statement.setString(1, identity);
statement.setString(2, keyValue);
// insert the key
int updateCount = statement.executeUpdate();
rs = statement.getGeneratedKeys();
// verify the results
if (updateCount == 1 && rs.next()) {
final Key key = new Key();
key.setId(rs.getInt(1));
key.setIdentity(identity);
key.setKey(keyValue);
return key;
} else {
throw new DataAccessException("Unable to add key for user.");
}
} catch (SQLException sqle) {
throw new DataAccessException(sqle);
} finally {
RepositoryUtils.closeQuietly(rs);
RepositoryUtils.closeQuietly(statement);
}
}
Also used :
SQLException(java.sql.SQLException)
ResultSet(java.sql.ResultSet)
PreparedStatement(java.sql.PreparedStatement)
Key(org.apache.nifi.key.Key)
DataAccessException(org.apache.nifi.admin.dao.DataAccessException)
Example 7 with Key
use of org.apache.nifi.key.Key in project nifi by apache.
the class StandardKeyDAO method findKeyById.
@Override
public Key findKeyById(int id) {
Key key = null;
PreparedStatement statement = null;
ResultSet rs = null;
try {
// add each authority for the specified user
statement = connection.prepareStatement(SELECT_KEY_FOR_USER_BY_ID);
statement.setInt(1, id);
// execute the query
rs = statement.executeQuery();
// if the key was found, add it
if (rs.next()) {
key = new Key();
key.setId(rs.getInt("ID"));
key.setIdentity(rs.getString("IDENTITY"));
key.setKey(rs.getString("KEY"));
}
} catch (SQLException sqle) {
throw new DataAccessException(sqle);
} finally {
RepositoryUtils.closeQuietly(rs);
RepositoryUtils.closeQuietly(statement);
}
return key;
}
Also used :
SQLException(java.sql.SQLException)
ResultSet(java.sql.ResultSet)
PreparedStatement(java.sql.PreparedStatement)
Key(org.apache.nifi.key.Key)
DataAccessException(org.apache.nifi.admin.dao.DataAccessException)
Example 8 with Key
use of org.apache.nifi.key.Key in project nifi by apache.
the class GetOrCreateKeyAction method execute.
@Override
public Key execute(DAOFactory daoFactory) {
final KeyDAO keyDao = daoFactory.getKeyDAO();
Key key = keyDao.findLatestKeyByIdentity(identity);
if (key == null) {
key = keyDao.createKey(identity);
}
return key;
}Example 9 with Key
use of org.apache.nifi.key.Key in project nifi by apache.
the class JwtService method parseTokenFromBase64EncodedString.
private Jws<Claims> parseTokenFromBase64EncodedString(final String base64EncodedToken) throws JwtException {
try {
return Jwts.parser().setSigningKeyResolver(new SigningKeyResolverAdapter() {
@Override
public byte[] resolveSigningKeyBytes(JwsHeader header, Claims claims) {
final String identity = claims.getSubject();
// Get the key based on the key id in the claims
final Integer keyId = claims.get(KEY_ID_CLAIM, Integer.class);
final Key key = keyService.getKey(keyId);
// Ensure we were able to find a key that was previously issued by this key service for this user
if (key == null || key.getKey() == null) {
throw new UnsupportedJwtException("Unable to determine signing key for " + identity + " [kid: " + keyId + "]");
}
return key.getKey().getBytes(StandardCharsets.UTF_8);
}
}).parseClaimsJws(base64EncodedToken);
} catch (final MalformedJwtException | UnsupportedJwtException | SignatureException | ExpiredJwtException | IllegalArgumentException | AdministrationException e) {
// TODO: Exercise all exceptions to ensure none leak key material to logs
final String errorMessage = "Unable to validate the access token.";
throw new JwtException(errorMessage, e);
}
}
Also used :
Claims(io.jsonwebtoken.Claims)
SigningKeyResolverAdapter(io.jsonwebtoken.SigningKeyResolverAdapter)
ExpiredJwtException(io.jsonwebtoken.ExpiredJwtException)
JwsHeader(io.jsonwebtoken.JwsHeader)
SignatureException(io.jsonwebtoken.SignatureException)
AdministrationException(org.apache.nifi.admin.service.AdministrationException)
UnsupportedJwtException(io.jsonwebtoken.UnsupportedJwtException)
MalformedJwtException(io.jsonwebtoken.MalformedJwtException)
ExpiredJwtException(io.jsonwebtoken.ExpiredJwtException)
JwtException(io.jsonwebtoken.JwtException)
MalformedJwtException(io.jsonwebtoken.MalformedJwtException)
Key(org.apache.nifi.key.Key)
UnsupportedJwtException(io.jsonwebtoken.UnsupportedJwtException)
Aggregations
Key (org.apache.nifi.key.Key)9
DataAccessException (org.apache.nifi.admin.dao.DataAccessException)5
AdministrationException (org.apache.nifi.admin.service.AdministrationException)4
PreparedStatement (java.sql.PreparedStatement)3
ResultSet (java.sql.ResultSet)3
SQLException (java.sql.SQLException)3
ExpiredJwtException (io.jsonwebtoken.ExpiredJwtException)2
JwtException (io.jsonwebtoken.JwtException)2
MalformedJwtException (io.jsonwebtoken.MalformedJwtException)2
UnsupportedJwtException (io.jsonwebtoken.UnsupportedJwtException)2
Transaction (org.apache.nifi.admin.service.transaction.Transaction)2
TransactionException (org.apache.nifi.admin.service.transaction.TransactionException)2
Claims (io.jsonwebtoken.Claims)1
JwsHeader (io.jsonwebtoken.JwsHeader)1
SignatureException (io.jsonwebtoken.SignatureException)1
SigningKeyResolverAdapter (io.jsonwebtoken.SigningKeyResolverAdapter)1
Calendar (java.util.Calendar)1
KeyDAO (org.apache.nifi.admin.dao.KeyDAO)1
KeyService (org.apache.nifi.admin.service.KeyService)1
GetKeyByIdAction (org.apache.nifi.admin.service.action.GetKeyByIdAction)1
