Example 1 with NamedSecretData
use of password.pwm.config.value.data.NamedSecretData in project pwm by pwm-project.
the class RestAuthenticationProcessor method readNamedSecretName.
private String readNamedSecretName() throws PwmUnrecoverableException {
final BasicAuthInfo basicAuthInfo = BasicAuthInfo.parseAuthHeader(pwmApplication, httpServletRequest);
if (basicAuthInfo != null) {
final String basicAuthUsername = basicAuthInfo.getUsername();
final Map<String, NamedSecretData> secrets = pwmApplication.getConfig().readSettingAsNamedPasswords(PwmSetting.WEBSERVICES_EXTERNAL_SECRET);
final NamedSecretData namedSecretData = secrets.get(basicAuthUsername);
if (namedSecretData != null) {
if (namedSecretData.getPassword().equals(basicAuthInfo.getPassword())) {
return basicAuthUsername;
}
throw PwmUnrecoverableException.newException(PwmError.ERROR_WRONGPASSWORD, "incorrect password value for named secret");
}
}
return null;
}
Also used :
NamedSecretData(password.pwm.config.value.data.NamedSecretData)
BasicAuthInfo(password.pwm.util.BasicAuthInfo)
Example 2 with NamedSecretData
use of password.pwm.config.value.data.NamedSecretData in project pwm by pwm-project.
the class NamedSecretValue method toXmlValues.
public List<Element> toXmlValues(final String valueElementName, final PwmSecurityKey key) {
if (values == null) {
final Element valueElement = new Element(valueElementName);
return Collections.singletonList(valueElement);
}
final List<Element> valuesElement = new ArrayList<>();
try {
for (final Map.Entry<String, NamedSecretData> entry : values.entrySet()) {
final String name = entry.getKey();
final PasswordData passwordData = entry.getValue().getPassword();
final String encodedValue = SecureEngine.encryptToString(passwordData.getStringValue(), key, PwmBlockAlgorithm.CONFIG);
final Element newValueElement = new Element("value");
final Element nameElement = new Element(ELEMENT_NAME);
nameElement.setText(name);
final Element encodedValueElement = new Element(ELEMENT_PASSWORD);
encodedValueElement.setText(encodedValue);
newValueElement.addContent(nameElement);
newValueElement.addContent(encodedValueElement);
for (final String usages : values.get(name).getUsage()) {
final Element usageElement = new Element(ELEMENT_USAGE);
usageElement.setText(usages);
newValueElement.addContent(usageElement);
}
valuesElement.add(newValueElement);
}
} catch (Exception e) {
throw new RuntimeException("missing required AES and SHA1 libraries, or other crypto fault: " + e.getMessage());
}
return Collections.unmodifiableList(valuesElement);
}
Also used :
NamedSecretData(password.pwm.config.value.data.NamedSecretData)
PasswordData(password.pwm.util.PasswordData)
Element(org.jdom2.Element)
ArrayList(java.util.ArrayList)
LinkedHashMap(java.util.LinkedHashMap)
Map(java.util.Map)
PwmOperationalException(password.pwm.error.PwmOperationalException)
PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException)
Example 3 with NamedSecretData
use of password.pwm.config.value.data.NamedSecretData in project pwm by pwm-project.
the class NamedSecretValue method factory.
public static StoredValue.StoredValueFactory factory() {
return new StoredValue.StoredValueFactory() {
public NamedSecretValue fromJson(final String value) {
try {
final Map<String, NamedSecretData> values = JsonUtil.deserialize(value, new TypeToken<Map<String, NamedSecretData>>() {
}.getType());
final Map<String, NamedSecretData> linkedValues = new LinkedHashMap<>(values);
return new NamedSecretValue(linkedValues);
} catch (Exception e) {
throw new IllegalStateException("NamedPasswordValue can not be json de-serialized: " + e.getMessage());
}
}
public NamedSecretValue fromXmlElement(final Element settingElement, final PwmSecurityKey key) throws PwmOperationalException, PwmUnrecoverableException {
final Map<String, NamedSecretData> values = new LinkedHashMap<>();
final List<Element> valueElements = settingElement.getChildren("value");
try {
if (valueElements != null) {
for (final Element value : valueElements) {
if (value.getChild(ELEMENT_NAME) != null && value.getChild(ELEMENT_PASSWORD) != null) {
final String name = value.getChild(ELEMENT_NAME).getText();
final String encodedValue = value.getChild(ELEMENT_PASSWORD).getText();
final PasswordData passwordData = new PasswordData(SecureEngine.decryptStringValue(encodedValue, key, PwmBlockAlgorithm.CONFIG));
final List<Element> usages = value.getChildren(ELEMENT_USAGE);
final List<String> strUsages = new ArrayList<>();
if (usages != null) {
for (final Element usageElement : usages) {
strUsages.add(usageElement.getText());
}
}
values.put(name, new NamedSecretData(passwordData, Collections.unmodifiableList(strUsages)));
}
}
}
} catch (Exception e) {
final String errorMsg = "unable to decode encrypted password value for setting: " + e.getMessage();
final ErrorInformation errorInfo = new ErrorInformation(PwmError.CONFIG_FORMAT_ERROR, errorMsg);
throw new PwmOperationalException(errorInfo);
}
return new NamedSecretValue(values);
}
};
}
Also used :
Element(org.jdom2.Element)
ArrayList(java.util.ArrayList)
PwmOperationalException(password.pwm.error.PwmOperationalException)
PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException)
LinkedHashMap(java.util.LinkedHashMap)
PwmOperationalException(password.pwm.error.PwmOperationalException)
PwmSecurityKey(password.pwm.util.secure.PwmSecurityKey)
ErrorInformation(password.pwm.error.ErrorInformation)
NamedSecretData(password.pwm.config.value.data.NamedSecretData)
PasswordData(password.pwm.util.PasswordData)
TypeToken(com.google.gson.reflect.TypeToken)
Example 4 with NamedSecretData
use of password.pwm.config.value.data.NamedSecretData in project pwm by pwm-project.
the class NamedSecretValue method toDebugJsonObject.
@Override
public Serializable toDebugJsonObject(final Locale locale) {
if (values == null) {
return null;
}
try {
final LinkedHashMap<String, NamedSecretData> copiedValues = new LinkedHashMap<>();
for (final Map.Entry<String, NamedSecretData> entry : values.entrySet()) {
final String name = entry.getKey();
final NamedSecretData existingData = entry.getValue();
final NamedSecretData newData = new NamedSecretData(PasswordData.forStringValue(PwmConstants.LOG_REMOVED_VALUE_REPLACEMENT), existingData.getUsage());
copiedValues.put(name, newData);
}
return copiedValues;
} catch (PwmUnrecoverableException e) {
throw new IllegalStateException(e.getErrorInformation().toDebugStr());
}
}
Also used :
NamedSecretData(password.pwm.config.value.data.NamedSecretData)
PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException)
LinkedHashMap(java.util.LinkedHashMap)
Map(java.util.Map)
LinkedHashMap(java.util.LinkedHashMap)
Example 5 with NamedSecretData
use of password.pwm.config.value.data.NamedSecretData in project pwm by pwm-project.
the class NamedSecretValue method toDebugString.
@Override
public String toDebugString(final Locale locale) {
final StringBuilder sb = new StringBuilder();
for (final Map.Entry<String, NamedSecretData> entry : values.entrySet()) {
final NamedSecretData existingData = entry.getValue();
sb.append("Named password '").append(entry.getKey()).append("' with usage for ");
sb.append(StringUtil.collectionToString(existingData.getUsage(), ","));
sb.append("\n");
}
return sb.toString();
}
Also used :
NamedSecretData(password.pwm.config.value.data.NamedSecretData)
LinkedHashMap(java.util.LinkedHashMap)
Map(java.util.Map)
Aggregations
NamedSecretData (password.pwm.config.value.data.NamedSecretData)5
LinkedHashMap (java.util.LinkedHashMap)4
Map (java.util.Map)3
PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)3
ArrayList (java.util.ArrayList)2
Element (org.jdom2.Element)2
PwmOperationalException (password.pwm.error.PwmOperationalException)2
PasswordData (password.pwm.util.PasswordData)2
TypeToken (com.google.gson.reflect.TypeToken)1
ErrorInformation (password.pwm.error.ErrorInformation)1
BasicAuthInfo (password.pwm.util.BasicAuthInfo)1
PwmSecurityKey (password.pwm.util.secure.PwmSecurityKey)1
