use of org.eclipse.milo.opcua.sdk.client.api.identity.X509IdentityProvider in project vantiq-extension-sources by Vantiq.
the class OpcUaESClient method constructIdentityProvider.
private IdentityProvider constructIdentityProvider(Map<String, Object> config) throws OpcExtConfigException, OpcExtKeyStoreException {
IdentityProvider retVal = null;
String anonymous = (String) config.get(OpcConstants.CONFIG_IDENTITY_ANONYMOUS);
// This can be empty -- presence is sufficient
boolean anonIsPresent = anonymous != null;
String certAlias = (String) config.get(OpcConstants.CONFIG_IDENTITY_CERTIFICATE);
boolean certIsPresent = foundValue(certAlias);
String userPass = (String) config.get(OpcConstants.CONFIG_IDENTITY_USERNAME_PASSWORD);
boolean upwIsPresent = foundValue(userPass);
boolean exactlyOnePresent = (anonIsPresent ^ certIsPresent ^ upwIsPresent) ^ (anonIsPresent && certIsPresent && upwIsPresent);
if (!anonIsPresent && !certIsPresent && !upwIsPresent) {
log.warn(ERROR_PREFIX + ".noIdentitySpecification: No identity specification was provided. Using Anonymous as default.");
retVal = new AnonymousProvider();
} else if (exactlyOnePresent) {
// Now we know there is exactly one of them set.
if (anonIsPresent) {
retVal = new AnonymousProvider();
} else if (certIsPresent) {
X509Certificate namedCert = keyStoreManager.fetchCertByAlias(certAlias);
PrivateKey pKey = keyStoreManager.fetchPrivateKeyByAlias(certAlias);
retVal = new X509IdentityProvider(namedCert, pKey);
} else if (upwIsPresent) {
String[] upw = userPass.split(",[ ]*");
if (upw.length != 2) {
String errMsg = MessageFormatter.arrayFormat(ERROR_PREFIX + ".invalidUserPasswordSpecification: the {} ({}) must contain only a username AND password separated by a comma.", new Object[] { OpcConstants.CONFIG_IDENTITY_USERNAME_PASSWORD, userPass }).getMessage();
log.error(errMsg);
throw new OpcExtConfigException(errMsg);
} else {
retVal = new UsernameProvider(upw[0], upw[1]);
}
}
} else {
String errMsg = MessageFormatter.arrayFormat(ERROR_PREFIX + ".invalidIdentitySpecification: exactly one identity specification ({}, {}, {}) is required.", new Object[] { OpcConstants.CONFIG_IDENTITY_ANONYMOUS, OpcConstants.CONFIG_IDENTITY_CERTIFICATE, OpcConstants.CONFIG_IDENTITY_USERNAME_PASSWORD }).getMessage();
log.error(errMsg);
throw new OpcExtConfigException(errMsg);
}
return retVal;
}
Aggregations