com.oberasoftware.jasdb.api.security.CryptoEngine java code examples

  @Override
  public User addUser(String userName, String allowedHost, String contentKey, String password) throws JasDBStorageException {
    if(!userMetadataProvider.hasUser(userName)) {
      CryptoEngine cryptoEngine = CryptoFactory.getEngine();
      String salt = cryptoEngine.generateSalt();
      String encryptedContentKey = cryptoEngine.encrypt(salt, password, contentKey);
      String passwordHash = cryptoEngine.hash(salt, password);

      User user = new UserMeta(userName, allowedHost, encryptedContentKey, salt, passwordHash, cryptoEngine.getDescriptor());
      userMetadataProvider.addUser(user);
      return user;
    } else {
      return userMetadataProvider.getUser(userName);
    }
  }
}

private EncryptedGrants encryptGrants(GrantObject grantObject, UserSession userSession) throws JasDBStorageException {
  CryptoEngine cryptoEngine = CryptoFactory.getEngine();
  String contentKey = CryptoFactory.getEngine().decrypt(userSession.getUser().getPasswordSalt(), userSession.getAccessToken(), userSession.getEncryptedContentKey());
  String salt = cryptoEngine.generateSalt();
  String unencryptedData = SimpleEntity.toJson(GrantObjectMeta.toEntity(grantObject));
  String encryptedData = cryptoEngine.encrypt(salt, contentKey, unencryptedData);
  return new EncryptedGrants(grantObject.getObjectName(), encryptedData, salt, cryptoEngine.getDescriptor());
}

@Override
public UserSession startSession(Credentials credentials) throws JasDBStorageException {
  User user = userManager.authenticate(credentials);
  String sessionId = UUID.randomUUID().toString();
  String token = UUID.randomUUID().toString();
  CryptoEngine userEncryptionEngine = CryptoFactory.getEngine(user.getEncryptionEngine());
  String encryptedContentKey = user.getEncryptedContentKey();
  String contentKey = userEncryptionEngine.decrypt(user.getPasswordSalt(), credentials.getPassword(), encryptedContentKey);
  encryptedContentKey = userEncryptionEngine.encrypt(user.getPasswordSalt(), token, contentKey);
  UserSession session = new UserSessionImpl(sessionId, token, encryptedContentKey, user);
  userManager.authorize(session, "/", AccessMode.CONNECT);
  secureUserSessionMap.put(sessionId, new SecureUserSession(session));
  return session;
}

@Override
public User getUser(String userName, String sourceHost, String password) throws JasDBStorageException {
  User user = userMetadataProvider.getUser(userName);
  LOG.debug("Expected host: {} actual: {}", user.getHost(), sourceHost);
  CryptoEngine cryptoEngine = CryptoFactory.getEngine(user.getEncryptionEngine());
  if(user.getPasswordHash().equals(cryptoEngine.hash(user.getPasswordSalt(), password)) && (user.getHost().equals("*") || user.getHost().equals(sourceHost))) {
    LOG.debug("User: {} has been authenticated", user);
    return user;
  } else {
    throw new JasDBSecurityException("Could not authenticate, invalid credentials");
  }
}

private GrantObject decrypt(UserSession session, EncryptedGrants encryptedGrants) throws JasDBStorageException {
  CryptoEngine contentCryptoEngine = CryptoFactory.getEngine();
  String contentKey = contentCryptoEngine.decrypt(session.getUser().getPasswordSalt(), session.getAccessToken(), session.getEncryptedContentKey());
  CryptoEngine cryptoEngine = CryptoFactory.getEngine(encryptedGrants.getEncryptionEngine());
  String decryptedData = cryptoEngine.decrypt(encryptedGrants.getSalt(), contentKey, encryptedGrants.getEncryptedData());
  return GrantObjectMeta.fromEntity(SimpleEntity.fromJson(decryptedData));
}

private void checkToken(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws IOException, ServletException {
  try {
    String token = httpServletRequest.getHeader("oauth_token");
    String sessionId = httpServletRequest.getHeader("sessionid");
    LOG.debug("Token: {} for session: {}", token, sessionId);
    if(StringUtils.stringNotEmpty(token) && StringUtils.stringNotEmpty(sessionId)) {
      UserSession session = sessionManager.getSession(sessionId);
      if(session != null) {
        CryptoEngine cryptoEngine = CryptoFactory.getEngine();
        String expectedTokenHash = cryptoEngine.hash(sessionId, token);
        if (expectedTokenHash.equals(session.getAccessToken())) {
          httpServletRequest.setAttribute("session", new UserSessionImpl(sessionId, token, session.getEncryptedContentKey(), session.getUser()));
          filterChain.doFilter(httpServletRequest, httpServletResponse);
        } else {
          handleErrorResponse(httpServletResponse, UNAUTHORIZED_CODE, "Invalid token");
        }
      } else {
        handleErrorResponse(httpServletResponse, UNAUTHORIZED_CODE, "Invalid token");
      }
    } else {
      handleErrorResponse(httpServletResponse, UNAUTHORIZED_CODE, "No token");
    }
  } catch(JasDBStorageException e) {
    LOG.error("Unknown error happened when processing token", e);
    handleErrorResponse(httpServletResponse, 500, "Unknown error");
  }
}

@Override
public User addUser(UserSession currentSession, String userName, String allowedHost, String password) throws JasDBStorageException {
  authorize(currentSession, "/Users", AccessMode.WRITE);
  User currentUser = currentSession.getUser();
  CryptoEngine cryptoEngine = CryptoFactory.getEngine();
  String contentKey = cryptoEngine.decrypt(currentUser.getPasswordSalt(), currentSession.getAccessToken(), currentSession.getEncryptedContentKey());
  return credentialsProvider.addUser(userName, allowedHost, contentKey, password);
}

private void createMandatoryAdminUser() throws JasDBStorageException {
  CryptoEngine cryptoEngine = CryptoFactory.getEngine();
  String salt = cryptoEngine.generateSalt();
  String contentKey = cryptoEngine.generateSalt();
  String encryptedContentKey = cryptoEngine.encrypt(salt, "", contentKey);
  User user = new UserMeta("admin", "localhost", encryptedContentKey, salt, cryptoEngine.hash(salt, ""), cryptoEngine.getDescriptor());
  userMetadataProvider.addUser(user);
  Grant grant = new GrantMeta("admin", AccessMode.ADMIN);
  GrantObjectMeta grantsMeta = new GrantObjectMeta(Constants.OBJECT_SEPARATOR, grant);
  String unencryptedGrants = SimpleEntity.toJson(GrantObjectMeta.toEntity(grantsMeta));
  String encryptedGrants = cryptoEngine.encrypt(salt, contentKey, unencryptedGrants);
  EncryptedGrants grants = new EncryptedGrants(grantsMeta.getObjectName(), encryptedGrants, salt, cryptoEngine.getDescriptor());
  grantMetadataProvider.persistGrant(grants);
}

public SecureUserSession(UserSession userSession) {
  this.sessionId = userSession.getSessionId();
  this.user = userSession.getUser();
  this.encryptedContentKey = userSession.getEncryptedContentKey();
  try {
    CryptoEngine cryptoEngine = CryptoFactory.getEngine();
    accessTokenHash = cryptoEngine.hash(sessionId, userSession.getAccessToken());
  } catch(JasDBSecurityException e) {
    throw new RuntimeJasDBException("Unable to hash token", e);
  }
}

Most used methods

Popular in Java

Updating database using SQL prepared statement
compareTo (BigDecimal)
setRequestProperty (URLConnection)
getSystemService (Context)
BorderLayout (java.awt)
A border layout lays out a container, arranging and resizing its components to fit in five regions:
RandomAccessFile (java.io)
Allows reading from and writing to a file in a random-access manner. This is different from the uni-
ConnectException (java.net)
A ConnectException is thrown if a connection cannot be established to a remote host on a specific po
Collection (java.util)
Collection is the root of the collection hierarchy. It defines operations on data collections and t
Collectors (java.util.stream)
Annotation (javassist.bytecode.annotation)
The annotation structure.An instance of this class is returned bygetAnnotations() in AnnotationsAttr
Top 12 Jupyter Notebook extensions

How to useCryptoEngine in com.oberasoftware.jasdb.api.security

Best Java code snippets using com.oberasoftware.jasdb.api.security.CryptoEngine (Showing top 9 results out of 315)

How to use
CryptoEngine
in
com.oberasoftware.jasdb.api.security