@Override public User getUser(String userName, String sourceHost, String password) throws JasDBStorageException { User user = userMetadataProvider.getUser(userName); LOG.debug("Expected host: {} actual: {}", user.getHost(), sourceHost); CryptoEngine cryptoEngine = CryptoFactory.getEngine(user.getEncryptionEngine()); if(user.getPasswordHash().equals(cryptoEngine.hash(user.getPasswordSalt(), password)) && (user.getHost().equals("*") || user.getHost().equals(sourceHost))) { LOG.debug("User: {} has been authenticated", user); return user; } else { throw new JasDBSecurityException("Could not authenticate, invalid credentials"); } }
@Override public UserSession startSession(Credentials credentials) throws JasDBStorageException { User user = userManager.authenticate(credentials); String sessionId = UUID.randomUUID().toString(); String token = UUID.randomUUID().toString(); CryptoEngine userEncryptionEngine = CryptoFactory.getEngine(user.getEncryptionEngine()); String encryptedContentKey = user.getEncryptedContentKey(); String contentKey = userEncryptionEngine.decrypt(user.getPasswordSalt(), credentials.getPassword(), encryptedContentKey); encryptedContentKey = userEncryptionEngine.encrypt(user.getPasswordSalt(), token, contentKey); UserSession session = new UserSessionImpl(sessionId, token, encryptedContentKey, user); userManager.authorize(session, "/", AccessMode.CONNECT); secureUserSessionMap.put(sessionId, new SecureUserSession(session)); return session; }
public static SimpleEntity toEntity(User user) { SimpleEntity entity = new SimpleEntity(); entity.addProperty(Constants.USER_NAME, user.getUsername()); entity.addProperty(Constants.HOST, user.getHost()); entity.addProperty(Constants.USER_CONTENT_KEY, user.getEncryptedContentKey()); entity.addProperty(Constants.SALT, user.getPasswordSalt()); entity.addProperty(Constants.USER_PASSWORD_HASH, user.getPasswordHash()); entity.addProperty(Constants.USER_ENGINE, user.getEncryptionEngine()); entity.addProperty(Constants.META_TYPE, UserMetadataProvider.USERMETA_TYPE); return entity; }