Example 11 with PwmSecurityKey
use of password.pwm.util.secure.PwmSecurityKey in project pwm by pwm-project.
the class ChallengeValue method factory.
public static StoredValueFactory factory() {
return new StoredValueFactory() {
public ChallengeValue fromJson(final String input) {
if (input == null) {
return new ChallengeValue(Collections.<String, List<ChallengeItemConfiguration>>emptyMap());
} else {
Map<String, List<ChallengeItemConfiguration>> srcMap = JsonUtil.deserialize(input, new TypeToken<Map<String, List<ChallengeItemConfiguration>>>() {
});
srcMap = srcMap == null ? Collections.<String, List<ChallengeItemConfiguration>>emptyMap() : new TreeMap<>(srcMap);
return new ChallengeValue(Collections.unmodifiableMap(srcMap));
}
}
public ChallengeValue fromXmlElement(final Element settingElement, final PwmSecurityKey input) {
final List valueElements = settingElement.getChildren("value");
final Map<String, List<ChallengeItemConfiguration>> values = new TreeMap<>();
final boolean oldStyle = "LOCALIZED_STRING_ARRAY".equals(settingElement.getAttributeValue("syntax"));
for (final Object loopValue : valueElements) {
final Element loopValueElement = (Element) loopValue;
final String localeString = loopValueElement.getAttributeValue("locale") == null ? "" : loopValueElement.getAttributeValue("locale");
final String value = loopValueElement.getText();
if (!values.containsKey(localeString)) {
values.put(localeString, new ArrayList<ChallengeItemConfiguration>());
}
final ChallengeItemConfiguration challengeItemBean;
if (oldStyle) {
challengeItemBean = parseOldVersionString(value);
} else {
challengeItemBean = JsonUtil.deserialize(value, ChallengeItemConfiguration.class);
}
if (challengeItemBean != null) {
values.get(localeString).add(challengeItemBean);
}
}
return new ChallengeValue(values);
}
};
}
Also used :
Element(org.jdom2.Element)
ChallengeItemConfiguration(password.pwm.config.value.data.ChallengeItemConfiguration)
TreeMap(java.util.TreeMap)
PwmSecurityKey(password.pwm.util.secure.PwmSecurityKey)
ArrayList(java.util.ArrayList)
List(java.util.List)
TreeMap(java.util.TreeMap)
Map(java.util.Map)
Example 12 with PwmSecurityKey
use of password.pwm.util.secure.PwmSecurityKey in project pwm by pwm-project.
the class X509CertificateValue method factory.
public static StoredValueFactory factory() {
return new StoredValueFactory() {
public X509CertificateValue fromXmlElement(final Element settingElement, final PwmSecurityKey key) {
final List<X509Certificate> certificates = new ArrayList<>();
final List<Element> valueElements = settingElement.getChildren("value");
for (final Element loopValueElement : valueElements) {
final String b64encodedStr = loopValueElement.getText();
try {
certificates.add(X509Utils.certificateFromBase64(b64encodedStr));
} catch (Exception e) {
LOGGER.error("error decoding certificate: " + e.getMessage());
}
}
return new X509CertificateValue(certificates.toArray(new X509Certificate[certificates.size()]));
}
public X509CertificateValue fromJson(final String input) {
return new X509CertificateValue(new X509Certificate[0]);
}
};
}
Also used :
PwmSecurityKey(password.pwm.util.secure.PwmSecurityKey)
Element(org.jdom2.Element)
ArrayList(java.util.ArrayList)
X509Certificate(java.security.cert.X509Certificate)
PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException)
CertificateEncodingException(java.security.cert.CertificateEncodingException)
Example 13 with PwmSecurityKey
use of password.pwm.util.secure.PwmSecurityKey in project pwm by pwm-project.
the class CryptoCookieBeanImpl method keyForSession.
private PwmSecurityKey keyForSession(final PwmRequest pwmRequest) throws PwmUnrecoverableException {
final PasswordData configKey = pwmRequest.getConfig().readSettingAsPassword(PwmSetting.PWM_SECURITY_KEY);
final String userGuid = pwmRequest.getPwmSession().getLoginInfoBean().getGuid();
return new PwmSecurityKey(configKey.getStringValue() + userGuid);
}
Also used :
PwmSecurityKey(password.pwm.util.secure.PwmSecurityKey)
PasswordData(password.pwm.util.PasswordData)
Example 14 with PwmSecurityKey
use of password.pwm.util.secure.PwmSecurityKey in project pwm by pwm-project.
the class CryptoCookieBeanImpl method getSessionBean.
@Override
public <E extends PwmSessionBean> E getSessionBean(final PwmRequest pwmRequest, final Class<E> theClass) throws PwmUnrecoverableException {
final Map<Class<? extends PwmSessionBean>, PwmSessionBean> sessionBeans = getRequestBeanMap(pwmRequest);
if (sessionBeans.containsKey(theClass) && sessionBeans.get(theClass) != null) {
return (E) sessionBeans.get(theClass);
}
final String sessionGuid = pwmRequest.getPwmSession().getLoginInfoBean().getGuid();
final String cookieName = nameForClass(theClass);
try {
final String rawValue = pwmRequest.readCookie(cookieName);
final PwmSecurityKey key = keyForSession(pwmRequest);
final E cookieBean = pwmRequest.getPwmApplication().getSecureService().decryptObject(rawValue, key, theClass);
if (validateCookie(pwmRequest, cookieName, cookieBean)) {
sessionBeans.put(theClass, cookieBean);
return cookieBean;
}
} catch (PwmException e) {
LOGGER.debug(pwmRequest, "ignoring existing existing " + cookieName + " cookie bean due to error: " + e.getMessage());
}
final E newBean = SessionStateService.newBean(sessionGuid, theClass);
sessionBeans.put(theClass, newBean);
return newBean;
}
Also used :
PwmException(password.pwm.error.PwmException)
PwmSecurityKey(password.pwm.util.secure.PwmSecurityKey)
PwmSessionBean(password.pwm.http.bean.PwmSessionBean)
Example 15 with PwmSecurityKey
use of password.pwm.util.secure.PwmSecurityKey in project pwm by pwm-project.
the class CryptoCookieBeanImpl method saveSessionBeans.
public void saveSessionBeans(final PwmRequest pwmRequest) {
if (pwmRequest == null || pwmRequest.getPwmResponse().isCommitted()) {
return;
}
try {
if (pwmRequest != null && pwmRequest.getPwmResponse() != null) {
final Map<Class<? extends PwmSessionBean>, PwmSessionBean> beansInRequest = getRequestBeanMap(pwmRequest);
if (beansInRequest != null) {
for (final Map.Entry<Class<? extends PwmSessionBean>, PwmSessionBean> entry : beansInRequest.entrySet()) {
final Class<? extends PwmSessionBean> theClass = entry.getKey();
final String cookieName = nameForClass(theClass);
final PwmSessionBean bean = entry.getValue();
if (bean == null) {
pwmRequest.getPwmResponse().removeCookie(cookieName, COOKIE_PATH);
} else {
final PwmSecurityKey key = keyForSession(pwmRequest);
final String encrytedValue = pwmRequest.getPwmApplication().getSecureService().encryptObjectToString(entry.getValue(), key);
pwmRequest.getPwmResponse().writeCookie(cookieName, encrytedValue, -1, COOKIE_PATH);
}
}
}
}
} catch (PwmUnrecoverableException e) {
LOGGER.error(pwmRequest, "error writing cookie bean to response: " + e.getMessage(), e);
}
}
Also used :
PwmSecurityKey(password.pwm.util.secure.PwmSecurityKey)
PwmSessionBean(password.pwm.http.bean.PwmSessionBean)
PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException)
HashMap(java.util.HashMap)
Map(java.util.Map)
Aggregations
PwmSecurityKey (password.pwm.util.secure.PwmSecurityKey)26
Element (org.jdom2.Element)19
ArrayList (java.util.ArrayList)15
List (java.util.List)11
PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)6
Map (java.util.Map)4
ErrorInformation (password.pwm.error.ErrorInformation)4
PasswordData (password.pwm.util.PasswordData)4
TreeMap (java.util.TreeMap)3
IOException (java.io.IOException)2
X509Certificate (java.security.cert.X509Certificate)2
LinkedHashMap (java.util.LinkedHashMap)2
PwmException (password.pwm.error.PwmException)2
PwmOperationalException (password.pwm.error.PwmOperationalException)2
PwmSessionBean (password.pwm.http.bean.PwmSessionBean)2
PwmBlockAlgorithm (password.pwm.util.secure.PwmBlockAlgorithm)2
TypeToken (com.google.gson.reflect.TypeToken)1
InvocationTargetException (java.lang.reflect.InvocationTargetException)1
PrivateKey (java.security.PrivateKey)1
CertificateEncodingException (java.security.cert.CertificateEncodingException)1
