Search in sources :

Example 1 with NamedSecretData

use of password.pwm.config.value.data.NamedSecretData in project pwm by pwm-project.

the class RestAuthenticationProcessor method readNamedSecretName.

private String readNamedSecretName() throws PwmUnrecoverableException {
    final BasicAuthInfo basicAuthInfo = BasicAuthInfo.parseAuthHeader(pwmApplication, httpServletRequest);
    if (basicAuthInfo != null) {
        final String basicAuthUsername = basicAuthInfo.getUsername();
        final Map<String, NamedSecretData> secrets = pwmApplication.getConfig().readSettingAsNamedPasswords(PwmSetting.WEBSERVICES_EXTERNAL_SECRET);
        final NamedSecretData namedSecretData = secrets.get(basicAuthUsername);
        if (namedSecretData != null) {
            if (namedSecretData.getPassword().equals(basicAuthInfo.getPassword())) {
                return basicAuthUsername;
            }
            throw PwmUnrecoverableException.newException(PwmError.ERROR_WRONGPASSWORD, "incorrect password value for named secret");
        }
    }
    return null;
}
Also used : NamedSecretData(password.pwm.config.value.data.NamedSecretData) BasicAuthInfo(password.pwm.util.BasicAuthInfo)

Example 2 with NamedSecretData

use of password.pwm.config.value.data.NamedSecretData in project pwm by pwm-project.

the class NamedSecretValue method toXmlValues.

public List<Element> toXmlValues(final String valueElementName, final PwmSecurityKey key) {
    if (values == null) {
        final Element valueElement = new Element(valueElementName);
        return Collections.singletonList(valueElement);
    }
    final List<Element> valuesElement = new ArrayList<>();
    try {
        for (final Map.Entry<String, NamedSecretData> entry : values.entrySet()) {
            final String name = entry.getKey();
            final PasswordData passwordData = entry.getValue().getPassword();
            final String encodedValue = SecureEngine.encryptToString(passwordData.getStringValue(), key, PwmBlockAlgorithm.CONFIG);
            final Element newValueElement = new Element("value");
            final Element nameElement = new Element(ELEMENT_NAME);
            nameElement.setText(name);
            final Element encodedValueElement = new Element(ELEMENT_PASSWORD);
            encodedValueElement.setText(encodedValue);
            newValueElement.addContent(nameElement);
            newValueElement.addContent(encodedValueElement);
            for (final String usages : values.get(name).getUsage()) {
                final Element usageElement = new Element(ELEMENT_USAGE);
                usageElement.setText(usages);
                newValueElement.addContent(usageElement);
            }
            valuesElement.add(newValueElement);
        }
    } catch (Exception e) {
        throw new RuntimeException("missing required AES and SHA1 libraries, or other crypto fault: " + e.getMessage());
    }
    return Collections.unmodifiableList(valuesElement);
}
Also used : NamedSecretData(password.pwm.config.value.data.NamedSecretData) PasswordData(password.pwm.util.PasswordData) Element(org.jdom2.Element) ArrayList(java.util.ArrayList) LinkedHashMap(java.util.LinkedHashMap) Map(java.util.Map) PwmOperationalException(password.pwm.error.PwmOperationalException) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException)

Example 3 with NamedSecretData

use of password.pwm.config.value.data.NamedSecretData in project pwm by pwm-project.

the class NamedSecretValue method factory.

public static StoredValue.StoredValueFactory factory() {
    return new StoredValue.StoredValueFactory() {

        public NamedSecretValue fromJson(final String value) {
            try {
                final Map<String, NamedSecretData> values = JsonUtil.deserialize(value, new TypeToken<Map<String, NamedSecretData>>() {
                }.getType());
                final Map<String, NamedSecretData> linkedValues = new LinkedHashMap<>(values);
                return new NamedSecretValue(linkedValues);
            } catch (Exception e) {
                throw new IllegalStateException("NamedPasswordValue can not be json de-serialized: " + e.getMessage());
            }
        }

        public NamedSecretValue fromXmlElement(final Element settingElement, final PwmSecurityKey key) throws PwmOperationalException, PwmUnrecoverableException {
            final Map<String, NamedSecretData> values = new LinkedHashMap<>();
            final List<Element> valueElements = settingElement.getChildren("value");
            try {
                if (valueElements != null) {
                    for (final Element value : valueElements) {
                        if (value.getChild(ELEMENT_NAME) != null && value.getChild(ELEMENT_PASSWORD) != null) {
                            final String name = value.getChild(ELEMENT_NAME).getText();
                            final String encodedValue = value.getChild(ELEMENT_PASSWORD).getText();
                            final PasswordData passwordData = new PasswordData(SecureEngine.decryptStringValue(encodedValue, key, PwmBlockAlgorithm.CONFIG));
                            final List<Element> usages = value.getChildren(ELEMENT_USAGE);
                            final List<String> strUsages = new ArrayList<>();
                            if (usages != null) {
                                for (final Element usageElement : usages) {
                                    strUsages.add(usageElement.getText());
                                }
                            }
                            values.put(name, new NamedSecretData(passwordData, Collections.unmodifiableList(strUsages)));
                        }
                    }
                }
            } catch (Exception e) {
                final String errorMsg = "unable to decode encrypted password value for setting: " + e.getMessage();
                final ErrorInformation errorInfo = new ErrorInformation(PwmError.CONFIG_FORMAT_ERROR, errorMsg);
                throw new PwmOperationalException(errorInfo);
            }
            return new NamedSecretValue(values);
        }
    };
}
Also used : Element(org.jdom2.Element) ArrayList(java.util.ArrayList) PwmOperationalException(password.pwm.error.PwmOperationalException) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) LinkedHashMap(java.util.LinkedHashMap) PwmOperationalException(password.pwm.error.PwmOperationalException) PwmSecurityKey(password.pwm.util.secure.PwmSecurityKey) ErrorInformation(password.pwm.error.ErrorInformation) NamedSecretData(password.pwm.config.value.data.NamedSecretData) PasswordData(password.pwm.util.PasswordData) TypeToken(com.google.gson.reflect.TypeToken)

Example 4 with NamedSecretData

use of password.pwm.config.value.data.NamedSecretData in project pwm by pwm-project.

the class NamedSecretValue method toDebugJsonObject.

@Override
public Serializable toDebugJsonObject(final Locale locale) {
    if (values == null) {
        return null;
    }
    try {
        final LinkedHashMap<String, NamedSecretData> copiedValues = new LinkedHashMap<>();
        for (final Map.Entry<String, NamedSecretData> entry : values.entrySet()) {
            final String name = entry.getKey();
            final NamedSecretData existingData = entry.getValue();
            final NamedSecretData newData = new NamedSecretData(PasswordData.forStringValue(PwmConstants.LOG_REMOVED_VALUE_REPLACEMENT), existingData.getUsage());
            copiedValues.put(name, newData);
        }
        return copiedValues;
    } catch (PwmUnrecoverableException e) {
        throw new IllegalStateException(e.getErrorInformation().toDebugStr());
    }
}
Also used : NamedSecretData(password.pwm.config.value.data.NamedSecretData) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) LinkedHashMap(java.util.LinkedHashMap) Map(java.util.Map) LinkedHashMap(java.util.LinkedHashMap)

Example 5 with NamedSecretData

use of password.pwm.config.value.data.NamedSecretData in project pwm by pwm-project.

the class NamedSecretValue method toDebugString.

@Override
public String toDebugString(final Locale locale) {
    final StringBuilder sb = new StringBuilder();
    for (final Map.Entry<String, NamedSecretData> entry : values.entrySet()) {
        final NamedSecretData existingData = entry.getValue();
        sb.append("Named password '").append(entry.getKey()).append("' with usage for ");
        sb.append(StringUtil.collectionToString(existingData.getUsage(), ","));
        sb.append("\n");
    }
    return sb.toString();
}
Also used : NamedSecretData(password.pwm.config.value.data.NamedSecretData) LinkedHashMap(java.util.LinkedHashMap) Map(java.util.Map)

Aggregations

NamedSecretData (password.pwm.config.value.data.NamedSecretData)5 LinkedHashMap (java.util.LinkedHashMap)4 Map (java.util.Map)3 PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)3 ArrayList (java.util.ArrayList)2 Element (org.jdom2.Element)2 PwmOperationalException (password.pwm.error.PwmOperationalException)2 PasswordData (password.pwm.util.PasswordData)2 TypeToken (com.google.gson.reflect.TypeToken)1 ErrorInformation (password.pwm.error.ErrorInformation)1 BasicAuthInfo (password.pwm.util.BasicAuthInfo)1 PwmSecurityKey (password.pwm.util.secure.PwmSecurityKey)1