use of org.platformlayer.auth.services.TokenInfo in project platformlayer by platformlayer.
the class SharedSecretTokenService method decodeToken.
@Override
public TokenInfo decodeToken(String token) {
if (token == null) {
return null;
}
try {
String base64 = unescapeBase64(token);
byte[] buffer = Base64.decode(base64);
ByteArrayInputStream bais = new ByteArrayInputStream(buffer);
byte flags = (byte) bais.read();
if (flags == -1) {
return null;
}
String expiration = readNullTerminatedString(bais);
String username = readNullTerminatedString(bais);
byte[] tokenSecret = readLengthPrefixByteArray(bais);
byte[] signature = new byte[CryptoUtils.HMAC_SHA1_BYTES];
if (bais.read(signature) != CryptoUtils.HMAC_SHA1_BYTES) {
return null;
}
SecretKeySpec secretKeySpec = userSecretKeySpec;
byte[] actualSignature = CryptoUtils.hmacSha1(secretKeySpec, buffer, 0, buffer.length - CryptoUtils.HMAC_SHA1_BYTES);
if (!SecureComparison.equal(actualSignature, signature)) {
return null;
}
long roundedTime = Long.parseLong(expiration, 16);
long time = (roundedTime * TIME_GRANULARITY) + TIME_OFFSET;
return new TokenInfo(flags, username, new Date(time), tokenSecret);
} catch (Exception e) {
return null;
}
}
use of org.platformlayer.auth.services.TokenInfo in project platformlayer by platformlayer.
the class TokensResource method validateToken.
@GET
// @HEAD support is automatic from the @GET
@Path("{tokenId}")
public ValidateTokenResponse validateToken(@PathParam("tokenId") String checkToken, @QueryParam("project") String project) {
try {
requireSystemAccess();
} catch (AuthenticatorException e) {
log.warn("Error while checking system token", e);
throwInternalError();
}
TokenInfo checkTokenInfo = tokenService.decodeToken(checkToken);
if (checkTokenInfo == null || checkTokenInfo.hasExpired()) {
throw404NotFound();
}
UserEntity userEntity = null;
try {
userEntity = userAuthenticator.getUserFromToken(checkTokenInfo.userId, checkTokenInfo.tokenSecret);
} catch (AuthenticatorException e) {
log.warn("Error while fetching user", e);
throwInternalError();
}
ValidateTokenResponse response = new ValidateTokenResponse();
response.access = new ValidateAccess();
response.access.user = Mapping.mapToUserValidation(userEntity);
response.access.token = new Token();
response.access.token.expires = checkTokenInfo.expiration;
response.access.token.id = checkToken;
String checkProject = project;
if (checkProject != null) {
ProjectEntity projectEntity = null;
try {
projectEntity = userAuthenticator.findProject(checkProject);
} catch (AuthenticatorException e) {
log.warn("Error while fetching project", e);
throwInternalError();
}
if (projectEntity == null) {
throw404NotFound();
}
projectEntity.unlockWithUser(userEntity);
if (!projectEntity.isSecretValid()) {
throw404NotFound();
}
UserProjectEntity userProject = null;
try {
userProject = userAuthenticator.findUserProject(userEntity, projectEntity);
} catch (AuthenticatorException e) {
log.warn("Error while fetching project", e);
throwInternalError();
}
if (userProject == null) {
// Not a member of project
throw404NotFound();
}
response.access.project = Mapping.mapToProject(projectEntity);
response.access.project.roles = Mapping.mapToRoles(userProject.getRoles());
}
return response;
}
Aggregations