@Override public CredentialStorage createCredentialStorage(IdentityContext context, Account account, X509Certificate cert, CredentialStore<?> store, Date effectiveDate, Date expiryDate) { X509CertificateStorage storage = new X509CertificateStorage(cert); if (effectiveDate != null) { storage.setEffectiveDate(effectiveDate); } storage.setExpiryDate(expiryDate); return storage; } }
@Override public int compare(final T o1, final T o2) { return o2.getEffectiveDate().compareTo(o1.getEffectiveDate()); } });
/** * <p>Checks if the given {@link CredentialStorage} holds an expired credential.</p> * * @param credentialStorage * @return */ public static boolean isCredentialExpired(CredentialStorage credentialStorage) { return credentialStorage != null && credentialStorage.getExpiryDate() != null && new Date().compareTo(credentialStorage.getExpiryDate()) > 0; } }
@Override public CredentialStorage createCredentialStorage(IdentityContext context, Account account, U credential, S store, Date effectiveDate, Date expiryDate) { TokenCredentialStorage tokenStorage = createCredentialStorageInstance(); tokenStorage.setType(credential.getType()); tokenStorage.setToken(credential.getToken()); if (effectiveDate != null) { tokenStorage.setEffectiveDate(effectiveDate); } if (tokenStorage.getExpiryDate() == null) { tokenStorage.setExpiryDate(expiryDate); } if (tokenStorage.getType() == null) { throw new IdentityManagementException("TokenCredentialStorage can not have a null type."); } return tokenStorage; }
@Override public void update(IdentityContext context, Account account, TOTPCredential credential, CredentialStore<?> store, Date effectiveDate, Date expiryDate) { // if a credential was not provided, updates only the secret. if (credential.getValue() != null && credential.getValue().length > 0) { super.update(context, account, credential, store, effectiveDate, expiryDate); } OTPCredentialStorage storage = new OTPCredentialStorage(); if (effectiveDate != null) { storage.setEffectiveDate(effectiveDate); } storage.setExpiryDate(expiryDate); storage.setSecretKey(credential.getSecret()); storage.setDevice(getDevice(credential.getDevice())); store.storeCredential(context, account, storage); }
@Override protected boolean validateCredential(IdentityContext context, final CredentialStorage storage, final V credentials, S store) { EncodedPasswordStorage hash = (EncodedPasswordStorage) storage; if (hash != null) { String rawPassword = new String(credentials.getPassword().getValue()); return this.passwordEncoder.verify(saltPassword(rawPassword, hash.getSalt()), hash.getEncodedHash()); } return false; }
/** * <p>Checks if the given {@link OTPCredentialStorage} references the given <code>device</code>. A null device * means that this storage can reference any device and this method will return true.</p> * * @param device * @param storage * @return */ private boolean isDeviceStorage(String device, final OTPCredentialStorage storage) { return device == null || device.equals(storage.getDevice()); }
private boolean isValid(final IdentityContext context, final TOTPCredentials credentials, final CredentialStore<?> store) { for (OTPCredentialStorage storage : getCredentialStorages(context, credentials, store)) { String secretKey = storage.getSecretKey(); String token = credentials.getToken(); if (this.totp.validate(token, secretKey.getBytes())) { return true; } } return false; }
@Override protected CredentialStorage getCredentialStorage(final IdentityContext context, final Account account, final DigestCredentials credentials, final CredentialStore<?> store) { List<DigestCredentialStorage> storages = store.retrieveCredentials(context, account, DigestCredentialStorage.class); for (DigestCredentialStorage storage : storages) { if (storage.getRealm().equals(credentials.getDigest().getRealm()) && isCurrentCredential(storage)) { return storage; } } return null; }
@Override public CredentialStorage createCredentialStorage(IdentityContext context, Account account, U credential, S store, Date effectiveDate, Date expiryDate) { TokenCredentialStorage tokenStorage = createCredentialStorageInstance(); tokenStorage.setType(credential.getType()); tokenStorage.setToken(credential.getToken()); if (effectiveDate != null) { tokenStorage.setEffectiveDate(effectiveDate); } if (tokenStorage.getExpiryDate() == null) { tokenStorage.setExpiryDate(expiryDate); } if (tokenStorage.getType() == null) { throw new IdentityManagementException("TokenCredentialStorage can not have a null type."); } return tokenStorage; }
@Override public CredentialStorage createCredentialStorage(IdentityContext context, Account account, X509Certificate cert, CredentialStore<?> store, Date effectiveDate, Date expiryDate) { X509CertificateStorage storage = new X509CertificateStorage(cert); if (effectiveDate != null) { storage.setEffectiveDate(effectiveDate); } storage.setExpiryDate(expiryDate); return storage; } }
@Override public int compare(final T o1, final T o2) { return o2.getEffectiveDate().compareTo(o1.getEffectiveDate()); } });
/** * <p>Checks if the given {@link CredentialStorage} holds an expired credential.</p> * * @param credentialStorage * @return */ public static boolean isCredentialExpired(CredentialStorage credentialStorage) { return credentialStorage != null && credentialStorage.getExpiryDate() != null && new Date().compareTo(credentialStorage.getExpiryDate()) > 0; } }
/** * <p>Checks if the given {@link OTPCredentialStorage} references the given <code>device</code>. A null device * means that this storage can reference any device and this method will return true.</p> * * @param device * @param storage * @return */ private boolean isDeviceStorage(String device, final OTPCredentialStorage storage) { return device == null || device.equals(storage.getDevice()); }
private boolean isValid(final IdentityContext context, final TOTPCredentials credentials, final CredentialStore<?> store) { for (OTPCredentialStorage storage : getCredentialStorages(context, credentials, store)) { String secretKey = storage.getSecretKey(); String token = credentials.getToken(); if (this.totp.validate(token, secretKey.getBytes())) { return true; } } return false; }
@Override protected CredentialStorage getCredentialStorage(final IdentityContext context, final Account account, final DigestCredentials credentials, final CredentialStore<?> store) { List<DigestCredentialStorage> storages = store.retrieveCredentials(context, account, DigestCredentialStorage.class); for (DigestCredentialStorage storage : storages) { if (storage.getRealm().equals(credentials.getDigest().getRealm()) && isCurrentCredential(storage)) { return storage; } } return null; }
/** * <p> * Checks if the specified {@link CredentialStorage} maps to the current credential. * </p> * * @param credential * @return */ public static boolean isCurrentCredential(CredentialStorage credential) { Date actualDate = new Date(); if (credential.getEffectiveDate() != null) { if (credential.getEffectiveDate().compareTo(actualDate) <= 0) { return true; } } return false; }
/** * <p> * Checks if the specified {@link CredentialStorage} maps to the current credential. * </p> * * @param credential * @return */ public static boolean isCurrentCredential(CredentialStorage credential) { Date actualDate = new Date(); if (credential.getEffectiveDate() != null) { if (credential.getEffectiveDate().compareTo(actualDate) <= 0) { return true; } } return false; }
/** * <p>Returns the current credential for the given {@link Agent}.</p> * * @param agent * @param store * @param storageClass * @return */ public static <T extends CredentialStorage> T getCurrentCredential(IdentityContext context, Account agent, CredentialStore<?> store, Class<T> storageClass) { T lastCredential = null; Date actualDate = new Date(); for (T storedCredential : store.retrieveCredentials(context, agent, storageClass)) { if (storedCredential.getEffectiveDate().compareTo(actualDate) <= 0) { if (lastCredential == null || lastCredential.getEffectiveDate().compareTo(storedCredential.getEffectiveDate()) <= 0) { lastCredential = storedCredential; } } } return lastCredential; }
/** * <p>Returns the current credential for the given {@link Agent}.</p> * * @param agent * @param store * @param storageClass * @return */ public static <T extends CredentialStorage> T getCurrentCredential(IdentityContext context, Account agent, CredentialStore<?> store, Class<T> storageClass) { T lastCredential = null; Date actualDate = new Date(); for (T storedCredential : store.retrieveCredentials(context, agent, storageClass)) { if (storedCredential.getEffectiveDate().compareTo(actualDate) <= 0) { if (lastCredential == null || lastCredential.getEffectiveDate().compareTo(storedCredential.getEffectiveDate()) <= 0) { lastCredential = storedCredential; } } } return lastCredential; }