public static String createAuthorizationHeader(AuthCredentialsServiceState authState) { if (authState == null) { return null; } if (AuthCredentialsType.Bearer.toString().equals(authState.type)) { String token = EncryptionUtils.decrypt(authState.privateKey); return "Bearer " + token; } AuthCredentialsType authCredentialsType = AuthCredentialsType.valueOf(authState.type); if (AuthCredentialsType.Password == authCredentialsType) { String username = authState.userEmail; String password = EncryptionUtils.decrypt(authState.privateKey); String code = new String(Base64.getEncoder().encode( (username + ":" + password).getBytes())); return "Basic " + code; } return null; }
if (trustStorePassword != null) { System.setProperty(JAVAX_NET_SSL_TRUST_STORE_PASSWORD, EncryptionUtils.decrypt(trustStorePassword));
public static KubeConfig constructKubeConfig(String clusterAddress, AuthCredentialsServiceState credentials) { KubeConfig config = createKubeConfig(clusterAddress); KubeConfig.UserEntry userEntry = new KubeConfig.UserEntry(); userEntry.name = config.contexts.get(0).context.user; userEntry.user = new KubeConfig.AuthInfo(); config.users = Arrays.asList(userEntry); AuthCredentialsType credentialsType = AuthCredentialsType.valueOf(credentials.type); switch (credentialsType) { case Bearer: userEntry.user.token = EncryptionUtils.decrypt(credentials.privateKey); break; case PublicKey: userEntry.user.clientCertificateData = new String( Base64.getEncoder().encode(credentials.publicKey.getBytes())); userEntry.user.clientKeyData = new String(Base64.getEncoder() .encode(EncryptionUtils.decrypt(credentials.privateKey).getBytes())); break; case Password: userEntry.user.username = credentials.userEmail; userEntry.user.password = EncryptionUtils.decrypt(credentials.privateKey); break; default: throw new LocalizableValidationException("Unsupported credentials type", "adapter.unsuported.auth.credentials.type"); } return config; }
/** * Utility method to decode a PEM encoded private key string to a PrivateKey instance * * @param key * - a PEM encoded private key string * @return - decoded PrivateKey instance */ public static KeyPair createKeyPair(String key) { AssertUtil.assertNotNull(key, "key"); String decryptedKey = EncryptionUtils.decrypt(key); try (PEMParser parser = new PEMParser(new StringReader(decryptedKey))) { JcaPEMKeyConverter converter = new JcaPEMKeyConverter(); PEMKeyPair keyPair = (PEMKeyPair) parser.readObject(); if (keyPair == null) { throw new RuntimeException("A valid key pair was not found"); } return converter.getKeyPair(keyPair); } catch (IOException e) { throw new RuntimeException("Failed to create key pair", e); } }
clientKey = EncryptionUtils.decrypt(input.getCredentials().privateKey); clientCert = input.getCredentials().publicKey;
EncryptionUtils.decrypt(this.auth.privateKey).getBytes(), null, null); java.util.Properties config = new java.util.Properties(); config.put("StrictHostKeyChecking", "no");
EncryptionUtils.decrypt(this.auth.privateKey).getBytes(), null, null); java.util.Properties config = new java.util.Properties(); config.put("StrictHostKeyChecking", "no");
private void createOrUpdateTargetSsl(KubernetesContext context) { URI uri = UriUtils.buildUri(context.host.address); if (!isSecure(uri)) { return; } String sslTrust = context.SSLTrustCertificate; if (sslTrust != null && trustManager != null) { String trustAlias = context.SSLTrustAlias; trustManager.putDelegate(trustAlias, sslTrust); } if (context.credentials == null || !AuthCredentialsType.PublicKey.name().equals(context.credentials.type)) { return; } String clientKey = EncryptionUtils.decrypt(context.credentials.privateKey); String clientCert = context.credentials.publicKey; String alias = context.host.address.toLowerCase(); if (clientKey != null && !clientKey.isEmpty()) { X509ExtendedKeyManager delegateKeyManager = (X509ExtendedKeyManager) CertificateUtil .getKeyManagers(alias, clientKey, clientCert)[0]; keyManager.putDelegate(alias, delegateKeyManager); } }
private void createOrUpdateTargetSsl(CommandInput input, DelegatingX509KeyManager keyM, ServerX509TrustManager trustM) { if (!isSecure(input.getDockerUri())) { return; } String sslTrust = (String) input.getProperties().get(SSL_TRUST_CERT_PROP_NAME); String trustAlias = (String) input.getProperties().get(SSL_TRUST_ALIAS_PROP_NAME); if (trustAlias == null) { logger.warning("No trust alias property set, not using certificate."); return; } if (sslTrust != null && trustM != null) { trustM.putDelegate(trustAlias, sslTrust); } if (input.getCredentials() == null) { return; } String clientKey = EncryptionUtils.decrypt(input.getCredentials().privateKey); String clientCert = input.getCredentials().publicKey; // TODO use an LRU cache to limit the number of stored // KeyManagers while minimizing time wasted repeatedly // recreating them if (clientKey != null && !clientKey.isEmpty()) { X509ExtendedKeyManager delegateKeyManager = (X509ExtendedKeyManager) CertificateUtil .getKeyManagers(trustAlias, clientKey, clientCert)[0]; keyM.putDelegate(trustAlias, delegateKeyManager); } }
/** * Login in PKS and returns PKS context instance with token. */ private DeferredResult<PKSContext> login(Endpoint endpoint, AuthCredentialsServiceState authCredentials) { if (authCredentials == null) { return DeferredResult.completed(PKSContext.create(endpoint, null)); } AuthCredentialsType authCredentialsType = AuthCredentialsType.valueOf(authCredentials.type); if (AuthCredentialsType.Password == authCredentialsType) { String username = authCredentials.userEmail; String password = EncryptionUtils.decrypt(authCredentials.privateKey); return getClient() .login(endpoint.uaaEndpoint, username, password) .thenApply(uaaTokenResponse -> PKSContext.create(endpoint, uaaTokenResponse)); } throw new IllegalArgumentException("Credential type " + authCredentialsType.name() + " is not supported"); }
new DockerAdapterService.AuthConfig(); authConfig.username = authState.userEmail; authConfig.password = EncryptionUtils.decrypt(authState.privateKey); authConfig.email = ""; authConfig.auth = "";
&& dto.password.equals(EncryptionUtils.decrypt(password))) {
private void createUserCredentials(LocalPrincipalState state, Operation op) { try { state.password = EncryptionUtils.decrypt(state.password); } catch (Exception e) { log(Level.SEVERE, "Could not initialize user '%s': %s", state.email, Utils.toString(e)); op.fail(e); return; } AuthCredentialsServiceState auth = new AuthCredentialsServiceState(); auth.userEmail = state.email; auth.privateKey = state.password; auth.customProperties = new HashMap<>(); auth.customProperties.put(PROPERTY_SCOPE, CredentialsScope.SYSTEM.toString()); auth.documentSelfLink = encode(state.email); URI credentialFactoryUri = UriUtils.buildUri(getHost(), ServiceUriPaths.CORE_CREDENTIALS); Operation postCreds = Operation.createPost(credentialFactoryUri) .setBody(auth) .setReferer(op.getUri()) .setCompletion((o, ex) -> { if (ex != null) { logWarning("Unable to create user credentials: %s", Utils.toString(ex)); op.fail(ex); return; } createUserSpecificRole(state, op); }); addReplicationFactor(postCreds); sendRequest(postCreds); }