/** * Creates a new device for a tenant and device identifier. * * @param tenantId The tenant. * @param deviceId The device identifier. * @throws NullPointerException if any of the params is {@code null}. */ public Device(final String tenantId, final String deviceId) { super(); this.principal = getPrincipal(tenantId, deviceId); }
/** * Creates an instance from the {Base64(salt)}password-hash formatted String. * * @param formattedPassword Password hash in the {Base64(salt)}password-hash format */ public EncodedPassword(final String formattedPassword) { parse(formattedPassword); }
/** * Adds an authority to perform one or more activities on a resource. * * @param resource The resource. * @param activities The activities. * @return This instance for command chaining. */ public AuthoritiesImpl addResource(final String resource, final Activity... activities) { return addResource(resource, null, activities); }
@Override public final String toString() { return String.format("device [%s: %s, %s: %s]", CredentialsConstants.FIELD_PAYLOAD_DEVICE_ID, getDeviceId(), CredentialsConstants.FIELD_PAYLOAD_TENANT_ID, getTenantId()); }
@Override public Future<Boolean> isAuthorized(final HonoUser user, final ResourceIdentifier resource, final String operation) { Objects.requireNonNull(user); Objects.requireNonNull(resource); Objects.requireNonNull(operation); if (user.isExpired()) { return Future.failedFuture(new ClientErrorException(HttpURLConnection.HTTP_FORBIDDEN, "user information expired")); } else { return Future.succeededFuture(user.getAuthorities().isAuthorized(resource, operation)); } } }
/** * Adds an authority to execute an operation. * * @param resource The resource the operation belongs to. * @param operation The operation. * @return This instance for command chaining. */ public AuthoritiesImpl addOperation(final String resource, final String operation) { return addOperation(resource, null, operation); }
/** * Adds an authority to execute an operation. * * @param endpoint The endpoint segment of the resource the operation belongs to. * @param tenant The tenant segment of the resource the operation belongs to. * @param operation The operation. * @return This instance for command chaining. */ public AuthoritiesImpl addOperation(final String endpoint, final String tenant, final String operation) { authorities.put(getOperationKey(endpoint, tenant, operation), String.valueOf(Activity.EXECUTE.getCode())); return this; }
/** * Gets the single character representation for this activity. * * @return The first character of this activity's name. */ public char getCode() { return name().charAt(0); } }
/** * Creates a new encoder. * <p> * This constructor will create a new {@code SecureRandom} * as follows: * <ol> * <li>try to create a SecureRandom using algorithm <em>NativePRNGNonBlocking</em></li> * <li>if that fails, create a default SecureRandom, i.e. without specifying an * algorithm</li> * </ol> * and then invoke {@link #SpringBasedHonoPasswordEncoder(SecureRandom, int)}. * * @see "https://tersesystems.com/blog/2015/12/17/the-right-way-to-use-securerandom/" * @see "https://hackernoon.com/hack-how-to-use-securerandom-with-kubernetes-and-docker-a375945a7b21" */ public SpringBasedHonoPasswordEncoder() { this(newSecureRandom(), DEFAULT_BCRYPT_STRENGTH); }
/** * @return {@code false} */ @Override public boolean isExpired() { return !Instant.now().isBefore(getExpirationTime()); }
/** * Creates a string representation of this password that is compatible with * Spring Security password encoders. * * @return The value of this object formatted as {Base64(salt)}password. */ public String format() { final StringBuilder result = new StringBuilder(); append(salt, result); result.append(password); return result.toString(); }
/** * Gets the device id in an address structure. * * @param device The device. * @return tenantId and deviceId as an address. * @throws NullPointerException if device is {@code null}. */ public static final String asAddress(final Device device) { return String.format("%s/%s", device.getTenantId(), device.getDeviceId()); } }
@Override public Future<Boolean> isAuthorized(final HonoUser user, final ResourceIdentifier resource, final Activity intent) { Objects.requireNonNull(user); Objects.requireNonNull(resource); Objects.requireNonNull(intent); if (user.isExpired()) { return Future.failedFuture(new ClientErrorException(HttpURLConnection.HTTP_FORBIDDEN, "user information expired")); } else { return Future.succeededFuture(user.getAuthorities().isAuthorized(resource, intent)); } }
/** * Adds an authority to perform one or more activities on a resource. * * @param resource The resource. * @param activities The activities. * @return This instance for command chaining. */ public AuthoritiesImpl addResource(final String resource, final Activity... activities) { return addResource(resource, null, activities); }
/** * Adds an authority to execute an operation. * * @param resource The resource the operation belongs to. * @param operation The operation. * @return This instance for command chaining. */ public AuthoritiesImpl addOperation(final String resource, final String operation) { return addOperation(resource, null, operation); }
/** * Adds an authority to execute an operation. * * @param endpoint The endpoint segment of the resource the operation belongs to. * @param tenant The tenant segment of the resource the operation belongs to. * @param operation The operation. * @return This instance for command chaining. */ public AuthoritiesImpl addOperation(final String endpoint, final String tenant, final String operation) { authorities.put(getOperationKey(endpoint, tenant, operation), String.valueOf(Activity.EXECUTE.getCode())); return this; }
/** * Creates a new device for a tenant and device identifier. * * @param tenantId The tenant. * @param deviceId The device identifier. * @throws NullPointerException if any of the params is {@code null}. */ public Device(final String tenantId, final String deviceId) { super(); this.principal = getPrincipal(tenantId, deviceId); }
/** * Gets the single character representation for this activity. * * @return The first character of this activity's name. */ public char getCode() { return name().charAt(0); } }
/** * Gets the device id in an address structure. * * @param device The device. * @return tenantId and deviceId as an address. * @throws NullPointerException if device is {@code null}. */ public static final String asAddress(final Device device) { return String.format("%s/%s", device.getTenantId(), device.getDeviceId()); } }