Example 41 with RepositoryException
use of org.platformlayer.RepositoryException in project platformlayer by platformlayer.
the class JdbcUserRepository method addUserToProject.
@Override
@JdbcTransaction
public void addUserToProject(String username, String projectKey, CryptoKey projectSecret, List<RoleId> roles) throws RepositoryException {
DbHelper db = new DbHelper();
try {
UserEntity user = db.findUserByKey(username);
if (user == null) {
throw new RepositoryException("User not found");
}
ProjectEntity project = db.findProjectByKey(projectKey);
if (project == null) {
throw new RepositoryException("Project not found");
}
byte[] projectSecretData = FathomdbCrypto.serialize(projectSecret);
PublicKey userPublicKey = user.getPublicKey();
byte[] newSecretData;
try {
SecretStore store = new SecretStore(project.secretData);
Writer writer = store.buildWriter();
writer.writeAsymetricUserKey(projectSecretData, user.id, userPublicKey);
writer.close();
store.appendContents(writer);
newSecretData = store.getEncoded();
} catch (IOException e) {
throw new RepositoryException("Error writing secrets", e);
}
db.updateProjectSecret(project.id, newSecretData);
UserProjectEntity userProjectEntity = new UserProjectEntity();
userProjectEntity.userId = user.id;
userProjectEntity.projectId = project.id;
userProjectEntity.addRoles(roles);
db.insertUserProject(userProjectEntity);
} catch (SQLException e) {
throw new RepositoryException("Error reading groups", e);
} finally {
db.close();
}
}
Also used :
SQLException(java.sql.SQLException)
PublicKey(java.security.PublicKey)
RepositoryException(org.platformlayer.RepositoryException)
IOException(java.io.IOException)
SecretStore(org.platformlayer.auth.crypto.SecretStore)
Writer(org.platformlayer.auth.crypto.SecretStore.Writer)
JdbcTransaction(com.fathomdb.jdbc.JdbcTransaction)
Example 42 with RepositoryException
use of org.platformlayer.RepositoryException in project platformlayer by platformlayer.
the class JdbcUserRepository method listAllUserNames.
@Override
@JdbcTransaction
public List<String> listAllUserNames(String prefix) throws RepositoryException {
String match;
if (prefix == null) {
match = "%";
} else {
match = prefix + "%";
}
DbHelper db = new DbHelper();
try {
return db.listUsers(match);
} catch (SQLException e) {
throw new RepositoryException("Error listing users", e);
} finally {
db.close();
}
}
Also used :
SQLException(java.sql.SQLException)
RepositoryException(org.platformlayer.RepositoryException)
JdbcTransaction(com.fathomdb.jdbc.JdbcTransaction)
Example 43 with RepositoryException
use of org.platformlayer.RepositoryException in project platformlayer by platformlayer.
the class JdbcUserRepository method findUserByPublicKey.
@Override
@JdbcTransaction
public UserEntity findUserByPublicKey(byte[] publicKeyHash) throws RepositoryException {
DbHelper db = new DbHelper();
try {
// We could do a join here, but we may want to do more verification in future....
// e.g. are collisions a possibility?
UserCertEntity userCert = db.findUserByPublicKeyHash(publicKeyHash);
if (userCert == null) {
return null;
}
UserEntity user = db.findUserById(userCert.userId);
return user;
} catch (SQLException e) {
throw new RepositoryException("Error reading user", e);
} finally {
db.close();
}
}
Also used :
SQLException(java.sql.SQLException)
RepositoryException(org.platformlayer.RepositoryException)
JdbcTransaction(com.fathomdb.jdbc.JdbcTransaction)
Example 44 with RepositoryException
use of org.platformlayer.RepositoryException in project platformlayer by platformlayer.
the class JdbcUserRepository method createUser.
@Override
@JdbcTransaction
public UserEntity createUser(String userName, String password, Certificate[] certificateChain) throws RepositoryException {
DbHelper db = new DbHelper();
try {
byte[] secretData;
byte[] publicKeyHash = null;
CryptoKey userSecretKey = FathomdbCrypto.generateKey();
try {
byte[] userSecret = FathomdbCrypto.serialize(userSecretKey);
ByteArrayOutputStream baos = new ByteArrayOutputStream();
SecretStore.Writer writer = new SecretStore.Writer(baos);
// For password auth
if (password != null) {
writer.writeUserPassword(userSecret, password);
}
// For token auth
{
byte[] tokenSecret = CryptoUtils.generateSecureRandom(userSecret.length);
writer.writeLockedByToken(userSecret, UserEntity.TOKEN_ID_DEFAULT, tokenSecret);
}
// For certificate auth
if (certificateChain != null) {
Certificate certificate = certificateChain[0];
PublicKey publicKey = certificate.getPublicKey();
publicKeyHash = OpenSshUtils.getSignature(publicKey).toByteArray();
writer.writeGenericAsymetricKey(userSecret, publicKey);
}
writer.close();
secretData = baos.toByteArray();
} catch (IOException e) {
throw new RepositoryException("Error encrypting secrets", e);
}
byte[] hashedPassword = null;
if (password != null) {
hashedPassword = PasswordHash.doPasswordHash(password);
}
// This keypair is for grants etc. The client doesn't (currently) get access to the private key
KeyPair userRsaKeyPair = RsaUtils.generateRsaKeyPair(RsaUtils.SMALL_KEYSIZE);
byte[] privateKeyData = RsaUtils.serialize(userRsaKeyPair.getPrivate());
privateKeyData = FathomdbCrypto.encrypt(userSecretKey, privateKeyData);
byte[] publicKeyData = RsaUtils.serialize(userRsaKeyPair.getPublic());
db.insertUser(userName, hashedPassword, secretData, publicKeyData, privateKeyData);
UserEntity user = findUser(userName);
if (password != null) {
user.unlockWithPassword(password);
}
if (publicKeyHash != null) {
UserCertEntity userCert = new UserCertEntity();
// TODO: Retry on collision
Random random = new Random();
userCert.id = random.nextInt();
userCert.userId = user.id;
userCert.publicKeyHash = publicKeyHash;
db.insertUserCert(userCert);
}
return user;
} catch (SQLException e) {
throw new RepositoryException("Error creating user", e);
} finally {
db.close();
}
}
Also used :
KeyPair(java.security.KeyPair)
SQLException(java.sql.SQLException)
PublicKey(java.security.PublicKey)
CryptoKey(com.fathomdb.crypto.CryptoKey)
RepositoryException(org.platformlayer.RepositoryException)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
IOException(java.io.IOException)
Writer(org.platformlayer.auth.crypto.SecretStore.Writer)
Random(java.util.Random)
SecretStore(org.platformlayer.auth.crypto.SecretStore)
Writer(org.platformlayer.auth.crypto.SecretStore.Writer)
X509Certificate(java.security.cert.X509Certificate)
Certificate(java.security.cert.Certificate)
JdbcTransaction(com.fathomdb.jdbc.JdbcTransaction)
Example 45 with RepositoryException
use of org.platformlayer.RepositoryException in project platformlayer by platformlayer.
the class JdbcUserRepository method createProject.
@Override
@JdbcTransaction
public ProjectEntity createProject(String key, OpsUser ownerObject) throws RepositoryException {
UserEntity owner = (UserEntity) ownerObject;
if (owner.id == 0 || owner.isLocked()) {
throw new IllegalArgumentException();
}
DbHelper db = new DbHelper();
try {
ProjectEntity project;
byte[] secretData;
byte[] metadata;
try {
CryptoKey projectSecret = FathomdbCrypto.generateKey();
byte[] plaintext = FathomdbCrypto.serialize(projectSecret);
ByteArrayOutputStream baos = new ByteArrayOutputStream();
SecretStore.Writer writer = new SecretStore.Writer(baos);
writer.writeLockedByUserKey(plaintext, owner.id, owner.getUserSecret());
writer.close();
secretData = baos.toByteArray();
String metadataString = key + "\0";
byte[] metadataPlaintext = Utf8.getBytes(metadataString);
metadata = FathomdbCrypto.encrypt(projectSecret, metadataPlaintext);
project = new ProjectEntity();
project.setProjectSecret(projectSecret);
KeyPair projectRsaKeyPair = RsaUtils.generateRsaKeyPair(RsaUtils.SMALL_KEYSIZE);
project.setPublicKey(projectRsaKeyPair.getPublic());
project.setPrivateKey(projectRsaKeyPair.getPrivate());
} catch (IOException e) {
throw new RepositoryException("Error encrypting secrets", e);
}
int rows = db.createProject(key, secretData, metadata, project.publicKeyData, project.privateKeyData);
if (rows != 1) {
throw new RepositoryException("Unexpected number of rows inserted");
}
ProjectEntity created = findProjectByKey(db, key);
if (created == null) {
throw new RepositoryException("Created project not found");
}
UserProjectEntity userProjectEntity = new UserProjectEntity();
userProjectEntity.userId = owner.id;
userProjectEntity.projectId = created.id;
userProjectEntity.addRole(RoleId.OWNER);
db.insertUserProject(userProjectEntity);
return created;
} catch (SQLException e) {
throw new RepositoryException("Error creating project", e);
} finally {
db.close();
}
}
Also used :
KeyPair(java.security.KeyPair)
SQLException(java.sql.SQLException)
CryptoKey(com.fathomdb.crypto.CryptoKey)
RepositoryException(org.platformlayer.RepositoryException)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
IOException(java.io.IOException)
Writer(org.platformlayer.auth.crypto.SecretStore.Writer)
SecretStore(org.platformlayer.auth.crypto.SecretStore)
Writer(org.platformlayer.auth.crypto.SecretStore.Writer)
JdbcTransaction(com.fathomdb.jdbc.JdbcTransaction)
Aggregations
RepositoryException (org.platformlayer.RepositoryException)56
JdbcTransaction (com.fathomdb.jdbc.JdbcTransaction)30
SQLException (java.sql.SQLException)30
OpsException (org.platformlayer.ops.OpsException)18
ProjectId (org.platformlayer.ids.ProjectId)14
ItemBase (org.platformlayer.core.model.ItemBase)10
CryptoKey (com.fathomdb.crypto.CryptoKey)8
PlatformLayerKey (org.platformlayer.core.model.PlatformLayerKey)7
ManagedItemId (org.platformlayer.ids.ManagedItemId)7
OpsContext (org.platformlayer.ops.OpsContext)7
ServiceProvider (org.platformlayer.xaas.services.ServiceProvider)7
IOException (java.io.IOException)6
AesCryptoKey (com.fathomdb.crypto.AesCryptoKey)5
PublicKey (java.security.PublicKey)4
JAXBException (javax.xml.bind.JAXBException)4
Tag (org.platformlayer.core.model.Tag)4
ServiceType (org.platformlayer.ids.ServiceType)4
JobData (org.platformlayer.jobs.model.JobData)4
JoinedQueryResult (com.fathomdb.jpa.impl.JoinedQueryResult)3
X509Certificate (java.security.cert.X509Certificate)3
