Examples with CredentialStoreException org.wildfly.security.credential.store.CredentialStoreException used on opensource projects

Example 1 with CredentialStoreException

use of org.wildfly.security.credential.store.CredentialStoreException in project keycloak by keycloak.

the class ElytronCSKeyStoreProviderFactory method create.

@Override
public VaultProvider create(KeycloakSession session) {
    if (this.credentialStoreLocation == null || this.credentialStoreSecret == null) {
        logger.debug("Can not create an elytron-based vault provider since it's not initialized correctly");
        return null;
    }
    Map<String, String> attributes = new HashMap<>();
    attributes.put(CS_LOCATION, this.credentialStoreLocation);
    attributes.put(CS_KEYSTORE_TYPE, this.credentialStoreType);
    CredentialStore credentialStore;
    try {
        credentialStore = CredentialStore.getInstance(KeyStoreCredentialStore.KEY_STORE_CREDENTIAL_STORE);
        credentialStore.initialize(attributes, new CredentialStore.CredentialSourceProtectionParameter(this.getCredentialSource(this.credentialStoreSecret)));
    } catch (NoSuchAlgorithmException | CredentialStoreException e) {
        logger.debug("Error instantiating credential store", e);
        return null;
    }
    return new ElytronCSKeyStoreProvider(credentialStore, getRealmName(session), super.keyResolvers);
}

Example 2 with CredentialStoreException

use of org.wildfly.security.credential.store.CredentialStoreException in project fuse-karaf by jboss-fuse.

the class Activator method replaced.

/**
 * Replaces any value that is given in Credential Store reference format with the value from the Credential Store by
 * using {@link System#setProperty(String, String)}.
 *
 * @param credentialStore
 *            {@link CredentialStore} containing the secret values
 * @param key
 *            property key
 * @param value
 *            property value, expected to be in Credential store reference format
 * @return true if any replacement was done
 */
boolean replaced(final CredentialStore credentialStore, final String key, final String value) {
    if (!CredentialStoreHelper.couldBeCredentialStoreAlias(value)) {
        return false;
    }
    final String alias = CredentialStoreHelper.toCredentialStoreAlias(value);
    final PasswordCredential passwordCredential;
    try {
        passwordCredential = credentialStore.retrieve(alias, PasswordCredential.class);
    } catch (final CredentialStoreException e) {
        return false;
    }
    if (passwordCredential == null) {
        return false;
    }
    final Password password = passwordCredential.getPassword();
    final ClearPassword clearPassword = password.castAs(ClearPassword.class);
    final char[] rawClearPassword = clearPassword.getPassword();
    System.setProperty(key, String.valueOf(rawClearPassword));
    return true;
}

Example 3 with CredentialStoreException

use of org.wildfly.security.credential.store.CredentialStoreException in project wildfly by wildfly.

the class ReadCredentialServlet method doGet.

@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
    resp.setContentType("text/plain");
    resp.setCharacterEncoding("UTF-8");
    final PrintWriter writer = resp.getWriter();
    final String credentialStore = req.getParameter(PARAM_CREDENTIAL_STORE);
    final String alias = req.getParameter(PARAM_ALIAS);
    String separator = req.getParameter(PARAM_SEPARATOR);
    if (separator == null) {
        separator = PARAM_SEPARATOR_DEFAULT;
    }
    ServiceRegistry registry = CurrentServiceContainer.getServiceContainer();
    if (credentialStore == null || credentialStore.length() == 0) {
        for (ServiceName name : registry.getServiceNames()) {
            if (SERVICE_NAME_CRED_STORE.equals(name.getParent())) {
                writer.print(name.getSimpleName());
                writer.print(separator);
            }
        }
        return;
    }
    ServiceController<?> credStoreService = registry.getService(ServiceName.of(SERVICE_NAME_CRED_STORE, credentialStore));
    if (credStoreService == null) {
        resp.setStatus(HttpServletResponse.SC_NOT_FOUND);
        writer.print(credentialStore + " not found");
        return;
    }
    CredentialStore cs = (CredentialStore) credStoreService.getValue();
    if (alias == null || alias.length() == 0) {
        try {
            for (String csAlias : cs.getAliases()) {
                writer.print(csAlias);
                writer.print(separator);
            }
        } catch (UnsupportedOperationException | CredentialStoreException e) {
            throw new ServletException("Unable to list aliases", e);
        }
        return;
    }
    String clearPassword = null;
    try {
        if (cs.exists(alias, PasswordCredential.class)) {
            Password password = cs.retrieve(alias, PasswordCredential.class).getPassword();
            if (password instanceof ClearPassword) {
                clearPassword = new String(((ClearPassword) password).getPassword());
            }
        }
    } catch (CredentialStoreException | IllegalStateException e) {
        throw new ServletException("Unable to retrieve password  from credential store", e);
    }
    if (clearPassword == null) {
        resp.setStatus(HttpServletResponse.SC_NOT_FOUND);
        writer.print(alias + " password not found in " + credentialStore);
    } else {
        writer.print(clearPassword);
    }
}

Example 4 with CredentialStoreException

use of org.wildfly.security.credential.store.CredentialStoreException in project keycloak by keycloak.

the class ElytronCSKeyStoreProvider method obtainSecretInternal.

@Override
protected VaultRawSecret obtainSecretInternal(String vaultSecretId) {
    try {
        PasswordCredential credential = this.credentialStore.retrieve(vaultSecretId, PasswordCredential.class);
        if (credential == null) {
            // alias not found, password type doesn't match entry, or algorithm (clear) doesn't match entry.
            logger.debugf("Cannot find secret %s in credential store", vaultSecretId);
            return DefaultVaultRawSecret.forBuffer(Optional.empty());
        }
        char[] secret = credential.getPassword().castAndApply(ClearPassword.class, ClearPassword::getPassword);
        ByteBuffer buffer = StandardCharsets.UTF_8.encode(CharBuffer.wrap(secret));
        return DefaultVaultRawSecret.forBuffer(Optional.of(buffer));
    } catch (CredentialStoreException e) {
        // this might happen if there is an error when trying to retrieve the secret from the store.
        logger.debugf(e, "Unable to retrieve secret %s from credential store", vaultSecretId);
        return DefaultVaultRawSecret.forBuffer(Optional.empty());
    }
}