Search in sources :

Example 1 with NonUniqueSecurityInfoException

use of org.eclipse.leshan.server.security.NonUniqueSecurityInfoException in project leshan by eclipse.

the class SecurityServlet method doPut.

/**
 * {@inheritDoc}
 */
@Override
protected void doPut(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
    String[] path = StringUtils.split(req.getPathInfo(), '/');
    if (path.length != 1 && "clients".equals(path[0])) {
        resp.sendError(HttpServletResponse.SC_BAD_REQUEST);
        return;
    }
    try {
        SecurityInfo info = gsonDes.fromJson(new InputStreamReader(req.getInputStream()), SecurityInfo.class);
        LOG.debug("New security info for end-point {}: {}", info.getEndpoint(), info);
        store.add(info);
        resp.setStatus(HttpServletResponse.SC_OK);
    } catch (NonUniqueSecurityInfoException e) {
        LOG.warn("Non unique security info: " + e.getMessage());
        resp.setStatus(HttpServletResponse.SC_BAD_REQUEST);
        resp.getWriter().append(e.getMessage()).flush();
    } catch (JsonParseException e) {
        LOG.warn("Could not parse request body", e);
        resp.setStatus(HttpServletResponse.SC_BAD_REQUEST);
        resp.getWriter().append("Invalid request body").flush();
    } catch (RuntimeException e) {
        LOG.warn("unexpected error for request " + req.getPathInfo(), e);
        resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
    }
}
Also used : NonUniqueSecurityInfoException(org.eclipse.leshan.server.security.NonUniqueSecurityInfoException) InputStreamReader(java.io.InputStreamReader) JsonParseException(com.google.gson.JsonParseException) SecurityInfo(org.eclipse.leshan.server.security.SecurityInfo)

Example 2 with NonUniqueSecurityInfoException

use of org.eclipse.leshan.server.security.NonUniqueSecurityInfoException in project leshan by eclipse.

the class InMemorySecurityStore method add.

@Override
public SecurityInfo add(SecurityInfo info) throws NonUniqueSecurityInfoException {
    writeLock.lock();
    try {
        String identity = info.getIdentity();
        if (identity != null) {
            SecurityInfo infoByIdentity = securityByIdentity.get(info.getIdentity());
            if (infoByIdentity != null && !info.getEndpoint().equals(infoByIdentity.getEndpoint())) {
                throw new NonUniqueSecurityInfoException("PSK Identity " + info.getIdentity() + " is already used");
            }
            securityByIdentity.put(info.getIdentity(), info);
        }
        SecurityInfo previous = securityByEp.put(info.getEndpoint(), info);
        String previousIdentity = previous == null ? null : previous.getIdentity();
        if (previousIdentity != null && !previousIdentity.equals(identity)) {
            securityByIdentity.remove(previousIdentity);
        }
        return previous;
    } finally {
        writeLock.unlock();
    }
}
Also used : NonUniqueSecurityInfoException(org.eclipse.leshan.server.security.NonUniqueSecurityInfoException) SecurityInfo(org.eclipse.leshan.server.security.SecurityInfo)

Example 3 with NonUniqueSecurityInfoException

use of org.eclipse.leshan.server.security.NonUniqueSecurityInfoException in project leshan by eclipse.

the class RedisSecurityStore method add.

@Override
public SecurityInfo add(SecurityInfo info) throws NonUniqueSecurityInfoException {
    byte[] data = serialize(info);
    try (Jedis j = pool.getResource()) {
        if (info.getIdentity() != null) {
            // populate the secondary index (security info by PSK id)
            String oldEndpoint = j.hget(PSKID_SEC, info.getIdentity());
            if (oldEndpoint != null && !oldEndpoint.equals(info.getEndpoint())) {
                throw new NonUniqueSecurityInfoException("PSK Identity " + info.getIdentity() + " is already used");
            }
            j.hset(PSKID_SEC.getBytes(), info.getIdentity().getBytes(), info.getEndpoint().getBytes());
        }
        byte[] previousData = j.getSet((SEC_EP + info.getEndpoint()).getBytes(), data);
        SecurityInfo previous = previousData == null ? null : deserialize(previousData);
        String previousIdentity = previous == null ? null : previous.getIdentity();
        if (previousIdentity != null && !previousIdentity.equals(info.getIdentity())) {
            j.hdel(PSKID_SEC, previousIdentity);
        }
        return previous;
    }
}
Also used : Jedis(redis.clients.jedis.Jedis) NonUniqueSecurityInfoException(org.eclipse.leshan.server.security.NonUniqueSecurityInfoException) SecurityInfo(org.eclipse.leshan.server.security.SecurityInfo)

Example 4 with NonUniqueSecurityInfoException

use of org.eclipse.leshan.server.security.NonUniqueSecurityInfoException in project leshan by eclipse.

the class SecurityTest method nonunique_psk_identity.

@Test
public void nonunique_psk_identity() throws NonUniqueSecurityInfoException {
    helper.createServer();
    helper.server.start();
    EditableSecurityStore ess = helper.getSecurityStore();
    ess.add(SecurityInfo.newPreSharedKeyInfo(GOOD_ENDPOINT, GOOD_PSK_ID, GOOD_PSK_KEY));
    try {
        ess.add(SecurityInfo.newPreSharedKeyInfo(BAD_ENDPOINT, GOOD_PSK_ID, GOOD_PSK_KEY));
        fail("Non-unique PSK identity should throw exception on add");
    } catch (NonUniqueSecurityInfoException e) {
    }
}
Also used : NonUniqueSecurityInfoException(org.eclipse.leshan.server.security.NonUniqueSecurityInfoException) EditableSecurityStore(org.eclipse.leshan.server.security.EditableSecurityStore) Test(org.junit.Test)

Example 5 with NonUniqueSecurityInfoException

use of org.eclipse.leshan.server.security.NonUniqueSecurityInfoException in project leshan by eclipse.

the class SecurityTest method change_psk_identity_cleanup.

@Test
public void change_psk_identity_cleanup() throws NonUniqueSecurityInfoException {
    helper.createServer();
    helper.server.start();
    EditableSecurityStore ess = helper.getSecurityStore();
    ess.add(SecurityInfo.newPreSharedKeyInfo(GOOD_ENDPOINT, BAD_PSK_ID, BAD_PSK_KEY));
    // Change PSK id for endpoint
    ess.add(SecurityInfo.newPreSharedKeyInfo(GOOD_ENDPOINT, GOOD_PSK_ID, GOOD_PSK_KEY));
    // Original/old PSK id should not be reserved any more
    try {
        ess.add(SecurityInfo.newPreSharedKeyInfo(BAD_ENDPOINT, BAD_PSK_ID, BAD_PSK_KEY));
    } catch (NonUniqueSecurityInfoException e) {
        fail("PSK identity change for existing endpoint should have cleaned up old PSK identity");
    }
}
Also used : NonUniqueSecurityInfoException(org.eclipse.leshan.server.security.NonUniqueSecurityInfoException) EditableSecurityStore(org.eclipse.leshan.server.security.EditableSecurityStore) Test(org.junit.Test)

Aggregations

NonUniqueSecurityInfoException (org.eclipse.leshan.server.security.NonUniqueSecurityInfoException)5 SecurityInfo (org.eclipse.leshan.server.security.SecurityInfo)3 EditableSecurityStore (org.eclipse.leshan.server.security.EditableSecurityStore)2 Test (org.junit.Test)2 JsonParseException (com.google.gson.JsonParseException)1 InputStreamReader (java.io.InputStreamReader)1 Jedis (redis.clients.jedis.Jedis)1