use of org.platformlayer.auth.PlatformlayerAuthenticationClientException in project platformlayer by platformlayer.
the class PlatformLayerAuthenticationClient method authenticateWithCertificate.
public PlatformlayerAuthenticationToken authenticateWithCertificate(String username, X509Certificate[] certificateChain, PrivateKey privateKey) throws PlatformlayerAuthenticationClientException {
if (username == null) {
throw new IllegalArgumentException();
}
CertificateCredentials certificateCredentials = new CertificateCredentials();
certificateCredentials.setUsername(username);
Auth auth = new Auth();
auth.setCertificateCredentials(certificateCredentials);
AuthenticateRequest request = new AuthenticateRequest();
request.setAuth(auth);
final KeyManager keyManager = new SimpleClientCertificateKeyManager(privateKey, certificateChain);
for (int i = 0; i < 2; i++) {
AuthenticateResponse response;
try {
RestfulRequest<AuthenticateResponse> httpRequest = httpClient.buildRequest(HttpMethod.POST, "api/tokens", HttpPayload.asXml(request), AuthenticateResponse.class);
httpRequest.setKeyManager(keyManager);
response = httpRequest.execute();
} catch (RestClientException e) {
throw new PlatformlayerAuthenticationClientException("Error authenticating", e);
}
if (i == 0) {
if (response == null || response.getChallenge() == null) {
return null;
}
byte[] challenge = response.getChallenge();
byte[] challengeResponse = decrypt(privateKey, challenge);
certificateCredentials.setChallengeResponse(challengeResponse);
} else {
if (response == null || response.getAccess() == null) {
return null;
}
return new PlatformlayerAuthenticationToken(response.getAccess());
}
}
return null;
}
use of org.platformlayer.auth.PlatformlayerAuthenticationClientException in project platformlayer by platformlayer.
the class SimpleMultitenantConfiguration method build.
public static MultitenantConfiguration build(Configuration configuration, EncryptionStore encryptionStore, AuthenticationService authenticationService, AuthenticationTokenValidator authenticationTokenValidator) throws OpsException {
String projectKey = configuration.lookup("multitenant.project", null);
String username = configuration.lookup("multitenant.user", null);
String password = configuration.lookup("multitenant.password", null);
String certAlias = configuration.lookup("multitenant.cert", null);
CertificateAndKey certificateAndKey = null;
if (certAlias != null) {
certificateAndKey = encryptionStore.getCertificateAndKey(certAlias);
}
String message = "Invalid multitenant configuration";
if (username == null || projectKey == null) {
throw new OpsException(message);
}
AuthenticationToken authn = null;
if (certificateAndKey != null) {
try {
authn = authenticationService.authenticateWithCertificate(username, certificateAndKey.getPrivateKey(), certificateAndKey.getCertificateChain());
} catch (PlatformlayerAuthenticationClientException e) {
throw new OpsException(message, e);
}
} else if (password != null) {
log.warn("Using password authentication with multitenant");
if (!ApplicationMode.isDevelopment()) {
throw new IllegalStateException();
}
try {
authn = authenticationService.authenticateWithPassword(username, password);
} catch (PlatformlayerAuthenticationClientException e) {
throw new OpsException(message, e);
}
}
if (authn == null) {
throw new OpsException(message);
}
ProjectAuthorization authz = authenticationTokenValidator.validateToken(authn, projectKey);
if (authz == null) {
throw new OpsException(message);
}
// {
// try {
// project = userRepository.findProject(user, projectKey);
// } catch (RepositoryException e) {
// throw new OpsException(message, e);
// }
//
// if (project == null) {
// throw new OpsException(message);
// }
// }
List<PlatformLayerKey> mappedItems = Lists.newArrayList();
for (String key : Splitter.on(",").split(configuration.lookup("multitenant.keys", ""))) {
String[] tokens = key.split("/");
if (tokens.length != 2) {
throw new IllegalStateException();
}
String serviceType = tokens[0];
String itemType = tokens[1];
mappedItems.add(PlatformLayerKey.fromServiceAndItem(serviceType, itemType));
}
if (mappedItems.isEmpty()) {
throw new OpsException(message);
}
MultitenantConfiguration config = new SimpleMultitenantConfiguration(authz, mappedItems);
return config;
}
use of org.platformlayer.auth.PlatformlayerAuthenticationClientException in project platformlayer by platformlayer.
the class PlatformLayerAuthenticationClient method authenticate.
public AuthenticateResponse authenticate(PasswordCredentials passwordCredentials) throws PlatformlayerAuthenticationClientException {
Auth auth = new Auth();
auth.setPasswordCredentials(passwordCredentials);
AuthenticateRequest request = new AuthenticateRequest();
request.setAuth(auth);
AuthenticateResponse response;
try {
response = doSimpleXmlRequest(HttpMethod.POST, "api/tokens", request, AuthenticateResponse.class);
} catch (RestClientException e) {
Integer httpResponseCode = e.getHttpResponseCode();
if (httpResponseCode != null && httpResponseCode == 401) {
throw new PlatformlayerInvalidCredentialsException("Invalid credentials");
}
throw new PlatformlayerAuthenticationClientException("Error authenticating", e);
}
return response;
}
Aggregations