1 /*******************************************************************************
\r
2 * Copyright (c) 2007, 2010 Association for Decentralized Information Management
\r
3 * in Industry THTH ry.
\r
4 * All rights reserved. This program and the accompanying materials
\r
5 * are made available under the terms of the Eclipse Public License v1.0
\r
6 * which accompanies this distribution, and is available at
\r
7 * http://www.eclipse.org/legal/epl-v10.html
\r
10 * VTT Technical Research Centre of Finland - initial API and implementation
\r
11 *******************************************************************************/
\r
12 package org.simantics.db.common.auth;
\r
14 import java.io.UnsupportedEncodingException;
\r
15 import java.security.MessageDigest;
\r
16 import java.security.NoSuchAlgorithmException;
\r
18 import org.simantics.databoard.Bindings;
\r
19 import org.simantics.databoard.binding.error.BindingConstructionException;
\r
20 import org.simantics.db.ReadGraph;
\r
21 import org.simantics.db.RequestProcessor;
\r
22 import org.simantics.db.Resource;
\r
23 import org.simantics.db.authentication.UserAuthenticator;
\r
24 import org.simantics.db.exception.DatabaseException;
\r
25 import org.simantics.db.exception.InvalidAuthenticationException;
\r
26 import org.simantics.db.exception.InvalidUserException;
\r
27 import org.simantics.db.request.Read;
\r
28 import org.simantics.layer0.Layer0;
\r
29 import org.simantics.user.UserResource;
\r
30 import org.simantics.utils.bytes.Base64;
\r
32 public final class UserAuthenticators {
\r
34 private static class Digest implements UserAuthenticator {
\r
35 private final String userName;
\r
36 private final String localDigest;
\r
37 private final String remoteDigest;
\r
39 Digest(String userName, String localDigest, String remoteDigest) {
\r
40 this.userName = userName;
\r
41 this.localDigest = localDigest;
\r
42 this.remoteDigest = remoteDigest;
\r
46 public Resource getUser(RequestProcessor processor) throws InvalidUserException, InvalidAuthenticationException {
\r
50 Resource user = processor.syncRequest(new Read<Resource>() {
\r
53 public Resource perform(final ReadGraph graph) throws DatabaseException {
\r
55 Resource userLibrary = graph.getResource("http://Users");
\r
56 Resource consistsOf = graph.getResource(Layer0.URIs.ConsistsOf);
\r
57 Resource hasName = graph.getResource(Layer0.URIs.HasLabel);
\r
58 Resource hasPasswordHash = graph.getResource(UserResource.URIs.HasPasswordHash);
\r
60 for(Resource r : graph.getObjects(userLibrary, consistsOf)) {
\r
64 String name = graph.getRelatedValue(r, hasName, Bindings.STRING);
\r
66 if(name.equals(userName)) {
\r
68 String graphDigest = graph.getRelatedValue(r, hasPasswordHash, Bindings.getBinding(String.class));
\r
70 if(graphDigest.equals(localDigest)) return r;
\r
71 else throw new InvalidAuthenticationException("Password was not valid for user '" + userName + "'");
\r
74 } catch(BindingConstructionException e) {
\r
75 throw new DatabaseException(e);
\r
80 throw new InvalidUserException("User '" + userName + "' was not found.");
\r
88 } catch (InvalidAuthenticationException e) {
\r
92 } catch (InvalidUserException e) {
\r
96 } catch (DatabaseException e) {
\r
98 throw new InvalidAuthenticationException("Authentication failed, see cause for details.", e);
\r
105 public String userName() {
\r
110 public String remoteDigest() {
\r
111 return remoteDigest;
\r
115 public static UserAuthenticator byNameAndPassword(String userName, String password) {
\r
117 MessageDigest digest = MessageDigest.getInstance("SHA-512");
\r
118 String localDigest = Base64.encode(digest.digest(password.getBytes("US-ASCII"))).replace("\n", "").replace("\r", "");
\r
119 String reversePassword = new StringBuilder(password).reverse().toString();
\r
120 String remoteDigest = Base64.encode(digest.digest(reversePassword.getBytes("US-ASCII"))).replace("\n", "").replace("\r", "");
\r
122 return new Digest(userName, localDigest, remoteDigest);
\r
123 } catch (NoSuchAlgorithmException e) {
\r
124 throw new RuntimeException(e);
\r
125 } catch (UnsupportedEncodingException e) {
\r
126 throw new Error( "The JVM is required to support UTF-8 and US-ASCII encodings.");
\r