bundles/org.simantics.db.common/src/org/simantics/db/common/auth/UserAuthenticators.java

   1 /*******************************************************************************
   2  * Copyright (c) 2007, 2010 Association for Decentralized Information Management
   3  * in Industry THTH ry.
   4  * All rights reserved. This program and the accompanying materials
   5  * are made available under the terms of the Eclipse Public License v1.0
   6  * which accompanies this distribution, and is available at
   7  * http://www.eclipse.org/legal/epl-v10.html
   8  *
   9  * Contributors:
  10  *     VTT Technical Research Centre of Finland - initial API and implementation
  11  *******************************************************************************/
  12 package org.simantics.db.common.auth;
  13
  14 import java.io.UnsupportedEncodingException;
  15 import java.security.MessageDigest;
  16 import java.security.NoSuchAlgorithmException;
  17
  18 import org.simantics.databoard.Bindings;
  19 import org.simantics.databoard.binding.error.BindingConstructionException;
  20 import org.simantics.db.ReadGraph;
  21 import org.simantics.db.RequestProcessor;
  22 import org.simantics.db.Resource;
  23 import org.simantics.db.authentication.UserAuthenticator;
  24 import org.simantics.db.exception.DatabaseException;
  25 import org.simantics.db.exception.InvalidAuthenticationException;
  26 import org.simantics.db.exception.InvalidUserException;
  27 import org.simantics.db.request.Read;
  28 import org.simantics.layer0.Layer0;
  29 import org.simantics.user.UserResource;
  30 import org.simantics.utils.bytes.Base64;
  31
  32 public final class UserAuthenticators {
  33
  34     private static class Digest implements UserAuthenticator {
  35         private final String userName;
  36         private final String localDigest;
  37         private final String remoteDigest;
  38
  39         Digest(String userName, String localDigest, String remoteDigest) {
  40             this.userName = userName;
  41             this.localDigest = localDigest;
  42             this.remoteDigest = remoteDigest;
  43         }
  44
  45         @Override
  46         public Resource getUser(RequestProcessor processor) throws InvalidUserException, InvalidAuthenticationException {
  47
  48             try {
  49
  50                 Resource user = processor.syncRequest(new Read<Resource>() {
  51
  52                     @Override
  53                     public Resource perform(final ReadGraph graph) throws DatabaseException {
  54
  55                         Resource userLibrary = graph.getResource("http://Users");
  56                         Resource consistsOf = graph.getResource(Layer0.URIs.ConsistsOf);
  57                         Resource hasName = graph.getResource(Layer0.URIs.HasLabel);
  58                         Resource hasPasswordHash = graph.getResource(UserResource.URIs.HasPasswordHash);
  59
  60                         for(Resource r : graph.getObjects(userLibrary, consistsOf)) {
  61
  62                                 try {
  63
  64                                         String name = graph.getRelatedValue(r, hasName, Bindings.STRING);
  65
  66                                     if(name.equals(userName)) {
  67
  68                                         String graphDigest = graph.getRelatedValue(r, hasPasswordHash, Bindings.getBinding(String.class));
  69
  70                                         if(graphDigest.equals(localDigest)) return r;
  71                                         else throw new InvalidAuthenticationException("Password was not valid for user '" + userName + "'");
  72
  73                                     }
  74                                 } catch(BindingConstructionException e) {
  75                                         throw new DatabaseException(e);
  76                                 }
  77
  78                         }
  79
  80                         throw new InvalidUserException("User '" + userName + "' was not found.");
  81
  82                     }
  83
  84                 });
  85
  86                 return user;
  87
  88             } catch (InvalidAuthenticationException e) {
  89
  90                 throw e;
  91
  92             } catch (InvalidUserException e) {
  93
  94                 throw e;
  95
  96             } catch (DatabaseException e) {
  97
  98                 throw new InvalidAuthenticationException("Authentication failed, see cause for details.", e);
  99
 100             }
 101
 102         }
 103
 104         @Override
 105         public String userName() {
 106             return userName;
 107         }
 108
 109         @Override
 110         public String remoteDigest() {
 111             return remoteDigest;
 112         }
 113     }
 114
 115     public static UserAuthenticator byNameAndPassword(String userName, String password) {
 116         try {
 117             MessageDigest digest = MessageDigest.getInstance("SHA-512");
 118             String localDigest = Base64.encode(digest.digest(password.getBytes("US-ASCII"))).replace("\n", "").replace("\r", "");
 119             String reversePassword = new StringBuilder(password).reverse().toString();
 120             String remoteDigest = Base64.encode(digest.digest(reversePassword.getBytes("US-ASCII"))).replace("\n", "").replace("\r", "");
 121
 122             return new Digest(userName, localDigest, remoteDigest);
 123         } catch (NoSuchAlgorithmException e) {
 124             throw new RuntimeException(e);
 125         } catch (UnsupportedEncodingException e) {
 126             throw new Error( "The JVM is required to support UTF-8 and US-ASCII encodings.");
 127         }
 128     }
 129
 130 }