Search in sources :

Example 1 with PlatformlayerAuthenticationClientException

use of org.platformlayer.auth.PlatformlayerAuthenticationClientException in project platformlayer by platformlayer.

the class PlatformLayerAuthenticationClient method authenticateWithCertificate.

public PlatformlayerAuthenticationToken authenticateWithCertificate(String username, X509Certificate[] certificateChain, PrivateKey privateKey) throws PlatformlayerAuthenticationClientException {
    if (username == null) {
        throw new IllegalArgumentException();
    }
    CertificateCredentials certificateCredentials = new CertificateCredentials();
    certificateCredentials.setUsername(username);
    Auth auth = new Auth();
    auth.setCertificateCredentials(certificateCredentials);
    AuthenticateRequest request = new AuthenticateRequest();
    request.setAuth(auth);
    final KeyManager keyManager = new SimpleClientCertificateKeyManager(privateKey, certificateChain);
    for (int i = 0; i < 2; i++) {
        AuthenticateResponse response;
        try {
            RestfulRequest<AuthenticateResponse> httpRequest = httpClient.buildRequest(HttpMethod.POST, "api/tokens", HttpPayload.asXml(request), AuthenticateResponse.class);
            httpRequest.setKeyManager(keyManager);
            response = httpRequest.execute();
        } catch (RestClientException e) {
            throw new PlatformlayerAuthenticationClientException("Error authenticating", e);
        }
        if (i == 0) {
            if (response == null || response.getChallenge() == null) {
                return null;
            }
            byte[] challenge = response.getChallenge();
            byte[] challengeResponse = decrypt(privateKey, challenge);
            certificateCredentials.setChallengeResponse(challengeResponse);
        } else {
            if (response == null || response.getAccess() == null) {
                return null;
            }
            return new PlatformlayerAuthenticationToken(response.getAccess());
        }
    }
    return null;
}
Also used : SimpleClientCertificateKeyManager(com.fathomdb.crypto.SimpleClientCertificateKeyManager) AuthenticateResponse(org.platformlayer.auth.v1.AuthenticateResponse) PlatformlayerAuthenticationToken(org.platformlayer.auth.PlatformlayerAuthenticationToken) PlatformlayerAuthenticationClientException(org.platformlayer.auth.PlatformlayerAuthenticationClientException) AuthenticateRequest(org.platformlayer.auth.v1.AuthenticateRequest) CertificateCredentials(org.platformlayer.auth.v1.CertificateCredentials) Auth(org.platformlayer.auth.v1.Auth) RestClientException(org.platformlayer.rest.RestClientException) SimpleClientCertificateKeyManager(com.fathomdb.crypto.SimpleClientCertificateKeyManager) KeyManager(javax.net.ssl.KeyManager)

Example 2 with PlatformlayerAuthenticationClientException

use of org.platformlayer.auth.PlatformlayerAuthenticationClientException in project platformlayer by platformlayer.

the class SimpleMultitenantConfiguration method build.

public static MultitenantConfiguration build(Configuration configuration, EncryptionStore encryptionStore, AuthenticationService authenticationService, AuthenticationTokenValidator authenticationTokenValidator) throws OpsException {
    String projectKey = configuration.lookup("multitenant.project", null);
    String username = configuration.lookup("multitenant.user", null);
    String password = configuration.lookup("multitenant.password", null);
    String certAlias = configuration.lookup("multitenant.cert", null);
    CertificateAndKey certificateAndKey = null;
    if (certAlias != null) {
        certificateAndKey = encryptionStore.getCertificateAndKey(certAlias);
    }
    String message = "Invalid multitenant configuration";
    if (username == null || projectKey == null) {
        throw new OpsException(message);
    }
    AuthenticationToken authn = null;
    if (certificateAndKey != null) {
        try {
            authn = authenticationService.authenticateWithCertificate(username, certificateAndKey.getPrivateKey(), certificateAndKey.getCertificateChain());
        } catch (PlatformlayerAuthenticationClientException e) {
            throw new OpsException(message, e);
        }
    } else if (password != null) {
        log.warn("Using password authentication with multitenant");
        if (!ApplicationMode.isDevelopment()) {
            throw new IllegalStateException();
        }
        try {
            authn = authenticationService.authenticateWithPassword(username, password);
        } catch (PlatformlayerAuthenticationClientException e) {
            throw new OpsException(message, e);
        }
    }
    if (authn == null) {
        throw new OpsException(message);
    }
    ProjectAuthorization authz = authenticationTokenValidator.validateToken(authn, projectKey);
    if (authz == null) {
        throw new OpsException(message);
    }
    // {
    // try {
    // project = userRepository.findProject(user, projectKey);
    // } catch (RepositoryException e) {
    // throw new OpsException(message, e);
    // }
    // 
    // if (project == null) {
    // throw new OpsException(message);
    // }
    // }
    List<PlatformLayerKey> mappedItems = Lists.newArrayList();
    for (String key : Splitter.on(",").split(configuration.lookup("multitenant.keys", ""))) {
        String[] tokens = key.split("/");
        if (tokens.length != 2) {
            throw new IllegalStateException();
        }
        String serviceType = tokens[0];
        String itemType = tokens[1];
        mappedItems.add(PlatformLayerKey.fromServiceAndItem(serviceType, itemType));
    }
    if (mappedItems.isEmpty()) {
        throw new OpsException(message);
    }
    MultitenantConfiguration config = new SimpleMultitenantConfiguration(authz, mappedItems);
    return config;
}
Also used : OpsException(org.platformlayer.ops.OpsException) AuthenticationToken(org.platformlayer.auth.AuthenticationToken) ProjectAuthorization(org.platformlayer.model.ProjectAuthorization) PlatformlayerAuthenticationClientException(org.platformlayer.auth.PlatformlayerAuthenticationClientException) PlatformLayerKey(org.platformlayer.core.model.PlatformLayerKey) CertificateAndKey(com.fathomdb.crypto.CertificateAndKey) MultitenantConfiguration(org.platformlayer.ops.MultitenantConfiguration)

Example 3 with PlatformlayerAuthenticationClientException

use of org.platformlayer.auth.PlatformlayerAuthenticationClientException in project platformlayer by platformlayer.

the class PlatformLayerAuthenticationClient method authenticate.

public AuthenticateResponse authenticate(PasswordCredentials passwordCredentials) throws PlatformlayerAuthenticationClientException {
    Auth auth = new Auth();
    auth.setPasswordCredentials(passwordCredentials);
    AuthenticateRequest request = new AuthenticateRequest();
    request.setAuth(auth);
    AuthenticateResponse response;
    try {
        response = doSimpleXmlRequest(HttpMethod.POST, "api/tokens", request, AuthenticateResponse.class);
    } catch (RestClientException e) {
        Integer httpResponseCode = e.getHttpResponseCode();
        if (httpResponseCode != null && httpResponseCode == 401) {
            throw new PlatformlayerInvalidCredentialsException("Invalid credentials");
        }
        throw new PlatformlayerAuthenticationClientException("Error authenticating", e);
    }
    return response;
}
Also used : AuthenticateResponse(org.platformlayer.auth.v1.AuthenticateResponse) AuthenticateRequest(org.platformlayer.auth.v1.AuthenticateRequest) PlatformlayerInvalidCredentialsException(org.platformlayer.auth.PlatformlayerInvalidCredentialsException) Auth(org.platformlayer.auth.v1.Auth) RestClientException(org.platformlayer.rest.RestClientException) PlatformlayerAuthenticationClientException(org.platformlayer.auth.PlatformlayerAuthenticationClientException)

Aggregations

PlatformlayerAuthenticationClientException (org.platformlayer.auth.PlatformlayerAuthenticationClientException)3 Auth (org.platformlayer.auth.v1.Auth)2 AuthenticateRequest (org.platformlayer.auth.v1.AuthenticateRequest)2 AuthenticateResponse (org.platformlayer.auth.v1.AuthenticateResponse)2 RestClientException (org.platformlayer.rest.RestClientException)2 CertificateAndKey (com.fathomdb.crypto.CertificateAndKey)1 SimpleClientCertificateKeyManager (com.fathomdb.crypto.SimpleClientCertificateKeyManager)1 KeyManager (javax.net.ssl.KeyManager)1 AuthenticationToken (org.platformlayer.auth.AuthenticationToken)1 PlatformlayerAuthenticationToken (org.platformlayer.auth.PlatformlayerAuthenticationToken)1 PlatformlayerInvalidCredentialsException (org.platformlayer.auth.PlatformlayerInvalidCredentialsException)1 CertificateCredentials (org.platformlayer.auth.v1.CertificateCredentials)1 PlatformLayerKey (org.platformlayer.core.model.PlatformLayerKey)1 ProjectAuthorization (org.platformlayer.model.ProjectAuthorization)1 MultitenantConfiguration (org.platformlayer.ops.MultitenantConfiguration)1 OpsException (org.platformlayer.ops.OpsException)1