Examples with PlatformlayerAuthenticationToken org.platformlayer.auth.PlatformlayerAuthenticationToken used on opensource projects

Example 1 with PlatformlayerAuthenticationToken

use of org.platformlayer.auth.PlatformlayerAuthenticationToken in project platformlayer by platformlayer.

the class PlatformLayerAuthenticationClient method authenticateWithCertificate.

public PlatformlayerAuthenticationToken authenticateWithCertificate(String username, X509Certificate[] certificateChain, PrivateKey privateKey) throws PlatformlayerAuthenticationClientException {
    if (username == null) {
        throw new IllegalArgumentException();
    }
    CertificateCredentials certificateCredentials = new CertificateCredentials();
    certificateCredentials.setUsername(username);
    Auth auth = new Auth();
    auth.setCertificateCredentials(certificateCredentials);
    AuthenticateRequest request = new AuthenticateRequest();
    request.setAuth(auth);
    final KeyManager keyManager = new SimpleClientCertificateKeyManager(privateKey, certificateChain);
    for (int i = 0; i < 2; i++) {
        AuthenticateResponse response;
        try {
            RestfulRequest<AuthenticateResponse> httpRequest = httpClient.buildRequest(HttpMethod.POST, "api/tokens", HttpPayload.asXml(request), AuthenticateResponse.class);
            httpRequest.setKeyManager(keyManager);
            response = httpRequest.execute();
        } catch (RestClientException e) {
            throw new PlatformlayerAuthenticationClientException("Error authenticating", e);
        }
        if (i == 0) {
            if (response == null || response.getChallenge() == null) {
                return null;
            }
            byte[] challenge = response.getChallenge();
            byte[] challengeResponse = decrypt(privateKey, challenge);
            certificateCredentials.setChallengeResponse(challengeResponse);
        } else {
            if (response == null || response.getAccess() == null) {
                return null;
            }
            return new PlatformlayerAuthenticationToken(response.getAccess());
        }
    }
    return null;
}

Example 2 with PlatformlayerAuthenticationToken

use of org.platformlayer.auth.PlatformlayerAuthenticationToken in project platformlayer by platformlayer.

the class PlatformLayerAuthAdminClient method validateToken.

@Override
public ProjectAuthorization validateToken(AuthenticationToken authToken, String projectId) {
    // v2.0/tokens/{userToken}[?project={tenant}]
    String tokenId = ((PlatformlayerAuthenticationToken) authToken).getAuthTokenValue();
    tokenId = tokenId.trim();
    String url = "v2.0/tokens/" + tokenId;
    url += "?project=" + UrlUtils.urlEncode(projectId);
    try {
        ValidateTokenResponse response = doSimpleXmlRequest(HttpMethod.GET, url, null, ValidateTokenResponse.class);
        ValidateAccess access = response.getAccess();
        if (access == null) {
            return null;
        }
        // ProjectValidation project = access.getProject();
        // if (project == null || !Objects.equal(projectId, project.getId())) {
        // return null;
        // }
        UserValidation userInfo = access.getUser();
        if (userInfo == null) {
            return null;
        }
        ProjectValidation projectInfo = access.getProject();
        if (projectInfo == null) {
            return null;
        }
        // List<String> roles = Lists.newArrayList();
        // UserValidation userInfo = access.getUser();
        // for (Role role : userInfo.getRoles()) {
        // if (!role.getTenantId().equals(projectId)) {
        // throw new IllegalStateException("Tenant mismatch: " + role.getTenantId() + " vs " + projectId);
        // }
        // roles.add(role.getName());
        // }
        // byte[] userSecret = userInfo.getSecret();
        String userKey = userInfo.getName();
        PlatformlayerUserAuthentication user = new PlatformlayerUserAuthentication(authToken, userKey);
        PlatformlayerProjectAuthorization project = buildPlatformlayerProjectAuthorization(user, projectInfo);
        return project;
    } catch (RestClientException e) {
        if (e.getHttpResponseCode() != null && e.getHttpResponseCode() == 404) {
            // Not found => invalid token
            return null;
        }
        log.warn("Error while validating token", e);
        throw new IllegalArgumentException("Error while validating token", e);
    }
}

Example 3 with PlatformlayerAuthenticationToken

use of org.platformlayer.auth.PlatformlayerAuthenticationToken in project platformlayer by platformlayer.

the class PlatformlayerAuthenticationService method authenticateWithPassword.

@Override
public PlatformlayerAuthenticationToken authenticateWithPassword(String username, String password) throws PlatformlayerAuthenticationClientException {
    PasswordCredentials passwordCredentials = new PasswordCredentials();
    passwordCredentials.setUsername(username);
    passwordCredentials.setPassword(password);
    // TODO: Cache auth tokens??
    AuthenticateResponse response = keystoneUserClient.authenticate(passwordCredentials);
    PlatformlayerAuthenticationToken authToken = new PlatformlayerAuthenticationToken(response.getAccess());
    return authToken;
// // TODO: Cache decoded tokens?
// KeystoneAuthentication auth = (KeystoneAuthentication) keystoneSystemClient.validate(
// authToken.getAuthTokenValue(), project);
// if (auth == null) {
// return null;
// }
// 
// return new KeystoneUser(auth);
}

Example 4 with PlatformlayerAuthenticationToken

use of org.platformlayer.auth.PlatformlayerAuthenticationToken in project platformlayer by platformlayer.

the class OpsAuthenticationFilter method findCredentials.

// protected void populateScope(Scope authenticatedScope, Authentication auth) throws Exception {
// authenticatedScope.put(Authentication.class, auth);
// 
// OpsProject project;
// OpsUser user = null;
// if (auth instanceof DirectAuthentication) {
// project = ((DirectAuthentication) auth).getOpsProject();
// if (project == null) {
// throw new IllegalStateException();
// }
// } else {
// KeystoneUser keystoneUser = new KeystoneUser((KeystoneUserAuthentication) auth);
// user = keystoneUser;
// 
// // String projectKey = auth.getProject().getName();
// // project = authenticationService.findProject(user, projectKey);
// //
// // if (project == null) {
// // log.warn("Project not found: " + projectKey);
// // throw new SecurityException();
// // }
// }
// 
// OpsAuthentication opsAuthentication = new OpsAuthentication(auth, user, project);
// 
// authenticatedScope.put(OpsAuthentication.class, opsAuthentication);
// }
protected AuthenticationCredentials findCredentials(HttpServletRequest httpRequest) throws Exception {
    AuthenticationCredentials creds = null;
    final String authToken = httpRequest.getHeader("X-Auth-Token");
    if (authToken != null) {
        creds = new AuthenticationCredentials() {

            @Override
            public AuthenticationToken getToken() {
                return new PlatformlayerAuthenticationToken(authToken);
            }
        };
    }
    if (creds == null) {
        // Direct authentication
        // TODO: Enforce SSL?
        String authKey = httpRequest.getHeader("X-Auth-Key");
        String authSecret = httpRequest.getHeader("X-Auth-Secret");
        if (authKey != null && authSecret != null) {
            creds = DirectAuthentication.build(authKey, authSecret);
        }
    }
    return creds;
}