/** * Gets a property value. * * @param name The property name. * @param <T> The type of the property. * @return The property value or {@code null} if not set. * @throws NullPointerException if name is {@code null}. */ public <T> T getProperty(final String name) { return getProperty(json, name); }
/** * Gets a property value. * * @param name The property name. * @param <T> The type of the property. * @return The property value or {@code null} if not set. * @throws NullPointerException if name is {@code null}. */ public <T> T getProperty(final String name) { return getProperty(json, name); }
/** * Gets the subject DN of this tenant's configured trusted * certificate authority. * * @return The DN or {@code null} if no CA has been set. */ @JsonIgnore public X500Principal getTrustedCaSubjectDn() { final JsonObject trustedCa = getProperty(TenantConstants.FIELD_PAYLOAD_TRUSTED_CA); if (trustedCa == null) { return null; } else { return Optional.ofNullable((String) getProperty(trustedCa, TenantConstants.FIELD_PAYLOAD_SUBJECT_DN)) .map(dn -> new X500Principal(dn)).orElse(null); } }
/** * Gets the subject DN of this tenant's configured trusted * certificate authority. * * @return The DN or {@code null} if no CA has been set. */ @JsonIgnore public X500Principal getTrustedCaSubjectDn() { final JsonObject trustedCa = getProperty(TenantConstants.FIELD_PAYLOAD_TRUSTED_CA); if (trustedCa == null) { return null; } else { return Optional.ofNullable((String) getProperty(trustedCa, TenantConstants.FIELD_PAYLOAD_SUBJECT_DN)) .map(dn -> new X500Principal(dn)).orElse(null); } }
@JsonIgnore private TrustAnchor getTrustAnchorForPublicKey(final JsonObject keyProps) throws GeneralSecurityException { if (keyProps == null) { return null; } else { final String subjectDn = getProperty(keyProps, TenantConstants.FIELD_PAYLOAD_SUBJECT_DN); final String encodedKey = getProperty(keyProps, TenantConstants.FIELD_PAYLOAD_PUBLIC_KEY); if (subjectDn == null || encodedKey == null) { return null; } else { try { final String type = Optional.ofNullable((String) getProperty(keyProps, TenantConstants.FIELD_ADAPTERS_TYPE)).orElse("RSA"); final X509EncodedKeySpec keySpec = new X509EncodedKeySpec(Base64.getDecoder().decode(encodedKey)); final KeyFactory factory = KeyFactory.getInstance(type); final PublicKey publicKey = factory.generatePublic(keySpec); trustAnchor = new TrustAnchor(subjectDn, publicKey, null); return trustAnchor; } catch (final IllegalArgumentException e) { // Base64 decoding failed throw new InvalidKeySpecException("cannot decode Base64 encoded public key", e); } } } }
@JsonIgnore private TrustAnchor getTrustAnchorForPublicKey(final JsonObject keyProps) throws GeneralSecurityException { if (keyProps == null) { return null; } else { final String subjectDn = getProperty(keyProps, TenantConstants.FIELD_PAYLOAD_SUBJECT_DN); final String encodedKey = getProperty(keyProps, TenantConstants.FIELD_PAYLOAD_PUBLIC_KEY); if (subjectDn == null || encodedKey == null) { return null; } else { try { final String type = Optional.ofNullable((String) getProperty(keyProps, TenantConstants.FIELD_ADAPTERS_TYPE)).orElse("RSA"); final X509EncodedKeySpec keySpec = new X509EncodedKeySpec(Base64.getDecoder().decode(encodedKey)); final KeyFactory factory = KeyFactory.getInstance(type); final PublicKey publicKey = factory.generatePublic(keySpec); trustAnchor = new TrustAnchor(subjectDn, publicKey, null); return trustAnchor; } catch (final IllegalArgumentException e) { // Base64 decoding failed throw new InvalidKeySpecException("cannot decode Base64 encoded public key", e); } } } }
return Optional.ofNullable(getProperty(conf, TenantConstants.FIELD_MAX_TTD)).map(obj -> { return (Integer) obj; }).orElse(TenantConstants.DEFAULT_MAX_TTD); }).orElse(Optional.ofNullable(getProperty(TenantConstants.FIELD_MAX_TTD)).map(obj -> { return (Integer) obj; }).orElse(TenantConstants.DEFAULT_MAX_TTD));
return Optional.ofNullable(getProperty(conf, TenantConstants.FIELD_MAX_TTD)).map(obj -> { return (Integer) obj; }).orElse(TenantConstants.DEFAULT_MAX_TTD); }).orElse(Optional.ofNullable(getProperty(TenantConstants.FIELD_MAX_TTD)).map(obj -> { return (Integer) obj; }).orElse(TenantConstants.DEFAULT_MAX_TTD));
public X509Certificate getTrustedCertificateAuthority() throws CertificateException { final JsonObject trustedCa = getProperty(TenantConstants.FIELD_PAYLOAD_TRUSTED_CA); if (trustedCa == null) { return null;
public X509Certificate getTrustedCertificateAuthority() throws CertificateException { final JsonObject trustedCa = getProperty(TenantConstants.FIELD_PAYLOAD_TRUSTED_CA); if (trustedCa == null) { return null;
return trustAnchor; } else { return getTrustAnchorForPublicKey(getProperty(TenantConstants.FIELD_PAYLOAD_TRUSTED_CA));
return trustAnchor; } else { return getTrustAnchorForPublicKey(getProperty(TenantConstants.FIELD_PAYLOAD_TRUSTED_CA));
/** * Verifies that the service finds an existing tenant by the subject DN of * its configured trusted certificate authority. * * @param ctx The vert.x test context. */ @Test public void testGetForCertificateAuthoritySucceeds(final TestContext ctx) { final X500Principal subjectDn = new X500Principal("O=Eclipse, OU=Hono, CN=ca"); final JsonObject trustedCa = new JsonObject() .put(TenantConstants.FIELD_PAYLOAD_SUBJECT_DN, subjectDn.getName(X500Principal.RFC2253)) .put(TenantConstants.FIELD_PAYLOAD_PUBLIC_KEY, "NOTAPUBLICKEY"); final JsonObject tenant = buildTenantPayload("tenant") .put(TenantConstants.FIELD_PAYLOAD_TRUSTED_CA, trustedCa); addTenant("tenant", tenant).map(ok -> { getCompleteTenantService().get(subjectDn, null, ctx.asyncAssertSuccess(s -> { assertThat(s.getStatus(), is(HttpURLConnection.HTTP_OK)); final TenantObject obj = s.getPayload().mapTo(TenantObject.class); assertThat(obj.getTenantId(), is("tenant")); final JsonObject ca = obj.getProperty(TenantConstants.FIELD_PAYLOAD_TRUSTED_CA); assertThat(ca, is(trustedCa)); })); return null; }); }