Examples with ServiceAccountEntity org.platformlayer.auth.ServiceAccountEntity used on opensource projects

Example 1 with ServiceAccountEntity

use of org.platformlayer.auth.ServiceAccountEntity in project platformlayer by platformlayer.

the class ServicesResource method checkServiceAccess.

@POST
@Path("check")
public CheckServiceAccessResponse checkServiceAccess(CheckServiceAccessRequest request) {
    try {
        requireSystemAccess();
    } catch (AuthenticatorException e) {
        log.warn("Error while checking system token", e);
        throwInternalError();
    }
    ServiceAccountEntity serviceAccount = null;
    try {
        serviceAccount = systemAuthenticator.authenticate(request.chain);
    } catch (AuthenticatorException e) {
        log.warn("Error while authenticating chain", e);
        throwInternalError();
    }
    CheckServiceAccessResponse response = new CheckServiceAccessResponse();
    if (serviceAccount != null) {
        response.serviceAccount = serviceAccount.subject;
    }
    return response;
}

Example 2 with ServiceAccountEntity

use of org.platformlayer.auth.ServiceAccountEntity in project platformlayer by platformlayer.

the class ClientCertificateSystemAuthenticator method authenticate.

@Override
public ServiceAccountEntity authenticate(CertificateChainInfo certChainInfo) throws AuthenticatorException {
    if (certChainInfo.certificates.size() == 0) {
        log.debug("Chain empty; can't authenticate");
        return null;
    }
    // If it's a single cert; we check the cert.
    // Otherwise, we assume a CA signed the tail cert, so we check the penultimate cert
    CertificateInfo inspect;
    if (certChainInfo.certificates.size() == 1) {
        inspect = certChainInfo.certificates.get(0);
    } else {
        inspect = certChainInfo.certificates.get(1);
    }
    String subject = inspect.subjectDN;
    if (Strings.isNullOrEmpty(inspect.publicKey)) {
        throw new IllegalArgumentException();
    }
    byte[] publicKey = Hex.fromHex(inspect.publicKey);
    ServiceAccountEntity auth;
    try {
        auth = repository.findServiceAccount(subject, publicKey);
    } catch (RepositoryException e) {
        throw new AuthenticatorException("Error while authenticating user", e);
    }
    if (auth == null) {
        log.debug("Certificate validation failed (though the caller was authenticated)");
        log.debug("Certificate validation failed - public key not recognized: " + Hex.toHex(publicKey));
        log.debug("Certificate validation failed - chain: " + certChainInfo);
    }
    return auth;
}

Example 3 with ServiceAccountEntity

use of org.platformlayer.auth.ServiceAccountEntity in project platformlayer by platformlayer.

the class ListServiceAccounts method runCommand.

@Override
public Object runCommand() throws RepositoryException {
    UserDatabase userRepository = getContext().getUserRepository();
    byte[] publicKeyBytes = null;
    if (publicKey != null) {
        publicKeyBytes = Hex.fromHex(publicKey);
    }
    List<ServiceAccountEntity> serviceAcccounts = userRepository.listAllServiceAccounts(publicKeyBytes);
    return serviceAcccounts;
}

Example 4 with ServiceAccountEntity

use of org.platformlayer.auth.ServiceAccountEntity in project platformlayer by platformlayer.

the class ServiceAccountFormatter method visit.

@Override
public void visit(CliContext context, ServiceAccount o, OutputSink sink) throws IOException {
    LinkedHashMap<String, Object> values = Maps.newLinkedHashMap();
    ServiceAccountEntity entity = (ServiceAccountEntity) o;
    values.put("subject", entity.subject);
    values.put("publicKeyData", Hex.toHex(entity.publicKeyData));
    sink.outputRow(values);
}