use of org.eclipse.leshan.server.security.NonUniqueSecurityInfoException in project leshan by eclipse.
the class SecurityServlet method doPut.
/**
* {@inheritDoc}
*/
@Override
protected void doPut(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
String[] path = StringUtils.split(req.getPathInfo(), '/');
if (path.length != 1 && "clients".equals(path[0])) {
resp.sendError(HttpServletResponse.SC_BAD_REQUEST);
return;
}
try {
SecurityInfo info = gsonDes.fromJson(new InputStreamReader(req.getInputStream()), SecurityInfo.class);
LOG.debug("New security info for end-point {}: {}", info.getEndpoint(), info);
store.add(info);
resp.setStatus(HttpServletResponse.SC_OK);
} catch (NonUniqueSecurityInfoException e) {
LOG.warn("Non unique security info: " + e.getMessage());
resp.setStatus(HttpServletResponse.SC_BAD_REQUEST);
resp.getWriter().append(e.getMessage()).flush();
} catch (JsonParseException e) {
LOG.warn("Could not parse request body", e);
resp.setStatus(HttpServletResponse.SC_BAD_REQUEST);
resp.getWriter().append("Invalid request body").flush();
} catch (RuntimeException e) {
LOG.warn("unexpected error for request " + req.getPathInfo(), e);
resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
}
}
use of org.eclipse.leshan.server.security.NonUniqueSecurityInfoException in project leshan by eclipse.
the class InMemorySecurityStore method add.
@Override
public SecurityInfo add(SecurityInfo info) throws NonUniqueSecurityInfoException {
writeLock.lock();
try {
String identity = info.getIdentity();
if (identity != null) {
SecurityInfo infoByIdentity = securityByIdentity.get(info.getIdentity());
if (infoByIdentity != null && !info.getEndpoint().equals(infoByIdentity.getEndpoint())) {
throw new NonUniqueSecurityInfoException("PSK Identity " + info.getIdentity() + " is already used");
}
securityByIdentity.put(info.getIdentity(), info);
}
SecurityInfo previous = securityByEp.put(info.getEndpoint(), info);
String previousIdentity = previous == null ? null : previous.getIdentity();
if (previousIdentity != null && !previousIdentity.equals(identity)) {
securityByIdentity.remove(previousIdentity);
}
return previous;
} finally {
writeLock.unlock();
}
}
use of org.eclipse.leshan.server.security.NonUniqueSecurityInfoException in project leshan by eclipse.
the class RedisSecurityStore method add.
@Override
public SecurityInfo add(SecurityInfo info) throws NonUniqueSecurityInfoException {
byte[] data = serialize(info);
try (Jedis j = pool.getResource()) {
if (info.getIdentity() != null) {
// populate the secondary index (security info by PSK id)
String oldEndpoint = j.hget(PSKID_SEC, info.getIdentity());
if (oldEndpoint != null && !oldEndpoint.equals(info.getEndpoint())) {
throw new NonUniqueSecurityInfoException("PSK Identity " + info.getIdentity() + " is already used");
}
j.hset(PSKID_SEC.getBytes(), info.getIdentity().getBytes(), info.getEndpoint().getBytes());
}
byte[] previousData = j.getSet((SEC_EP + info.getEndpoint()).getBytes(), data);
SecurityInfo previous = previousData == null ? null : deserialize(previousData);
String previousIdentity = previous == null ? null : previous.getIdentity();
if (previousIdentity != null && !previousIdentity.equals(info.getIdentity())) {
j.hdel(PSKID_SEC, previousIdentity);
}
return previous;
}
}
use of org.eclipse.leshan.server.security.NonUniqueSecurityInfoException in project leshan by eclipse.
the class SecurityTest method nonunique_psk_identity.
@Test
public void nonunique_psk_identity() throws NonUniqueSecurityInfoException {
helper.createServer();
helper.server.start();
EditableSecurityStore ess = helper.getSecurityStore();
ess.add(SecurityInfo.newPreSharedKeyInfo(GOOD_ENDPOINT, GOOD_PSK_ID, GOOD_PSK_KEY));
try {
ess.add(SecurityInfo.newPreSharedKeyInfo(BAD_ENDPOINT, GOOD_PSK_ID, GOOD_PSK_KEY));
fail("Non-unique PSK identity should throw exception on add");
} catch (NonUniqueSecurityInfoException e) {
}
}
use of org.eclipse.leshan.server.security.NonUniqueSecurityInfoException in project leshan by eclipse.
the class SecurityTest method change_psk_identity_cleanup.
@Test
public void change_psk_identity_cleanup() throws NonUniqueSecurityInfoException {
helper.createServer();
helper.server.start();
EditableSecurityStore ess = helper.getSecurityStore();
ess.add(SecurityInfo.newPreSharedKeyInfo(GOOD_ENDPOINT, BAD_PSK_ID, BAD_PSK_KEY));
// Change PSK id for endpoint
ess.add(SecurityInfo.newPreSharedKeyInfo(GOOD_ENDPOINT, GOOD_PSK_ID, GOOD_PSK_KEY));
// Original/old PSK id should not be reserved any more
try {
ess.add(SecurityInfo.newPreSharedKeyInfo(BAD_ENDPOINT, BAD_PSK_ID, BAD_PSK_KEY));
} catch (NonUniqueSecurityInfoException e) {
fail("PSK identity change for existing endpoint should have cleaned up old PSK identity");
}
}
Aggregations