X-Git-Url: https://gerrit.simantics.org/r/gitweb?a=blobdiff_plain;f=bundles%2Forg.simantics.db.common%2Fsrc%2Forg%2Fsimantics%2Fdb%2Fcommon%2Fauth%2FUserAuthenticators.java;fp=bundles%2Forg.simantics.db.common%2Fsrc%2Forg%2Fsimantics%2Fdb%2Fcommon%2Fauth%2FUserAuthenticators.java;h=0dd759d6c7d25927bd644d2b62cb0ca6b9dd61c8;hb=969bd23cab98a79ca9101af33334000879fb60c5;hp=0000000000000000000000000000000000000000;hpb=866dba5cd5a3929bbeae85991796acb212338a08;p=simantics%2Fplatform.git

diff --git a/bundles/org.simantics.db.common/src/org/simantics/db/common/auth/UserAuthenticators.java b/bundles/org.simantics.db.common/src/org/simantics/db/common/auth/UserAuthenticators.java
new file mode 100644
index 000000000..0dd759d6c
--- /dev/null
+++ b/bundles/org.simantics.db.common/src/org/simantics/db/common/auth/UserAuthenticators.java
@@ -0,0 +1,130 @@
+/*******************************************************************************
+ * Copyright (c) 2007, 2010 Association for Decentralized Information Management
+ * in Industry THTH ry.
+ * All rights reserved. This program and the accompanying materials
+ * are made available under the terms of the Eclipse Public License v1.0
+ * which accompanies this distribution, and is available at
+ * http://www.eclipse.org/legal/epl-v10.html
+ *
+ * Contributors:
+ *     VTT Technical Research Centre of Finland - initial API and implementation
+ *******************************************************************************/
+package org.simantics.db.common.auth;
+
+import java.io.UnsupportedEncodingException;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+
+import org.simantics.databoard.Bindings;
+import org.simantics.databoard.binding.error.BindingConstructionException;
+import org.simantics.db.ReadGraph;
+import org.simantics.db.RequestProcessor;
+import org.simantics.db.Resource;
+import org.simantics.db.authentication.UserAuthenticator;
+import org.simantics.db.exception.DatabaseException;
+import org.simantics.db.exception.InvalidAuthenticationException;
+import org.simantics.db.exception.InvalidUserException;
+import org.simantics.db.request.Read;
+import org.simantics.layer0.Layer0;
+import org.simantics.user.UserResource;
+import org.simantics.utils.bytes.Base64;
+
+public final class UserAuthenticators {
+
+    private static class Digest implements UserAuthenticator {
+        private final String userName;
+        private final String localDigest;
+        private final String remoteDigest;
+
+        Digest(String userName, String localDigest, String remoteDigest) {
+            this.userName = userName;
+            this.localDigest = localDigest;
+            this.remoteDigest = remoteDigest;
+        }
+
+        @Override
+        public Resource getUser(RequestProcessor processor) throws InvalidUserException, InvalidAuthenticationException {
+
+            try {
+
+                Resource user = processor.syncRequest(new Read<Resource>() {
+
+                    @Override
+                    public Resource perform(final ReadGraph graph) throws DatabaseException {
+
+                        Resource userLibrary = graph.getResource("http://Users");
+                        Resource consistsOf = graph.getResource(Layer0.URIs.ConsistsOf);
+                        Resource hasName = graph.getResource(Layer0.URIs.HasLabel);
+                        Resource hasPasswordHash = graph.getResource(UserResource.URIs.HasPasswordHash);
+
+                        for(Resource r : graph.getObjects(userLibrary, consistsOf)) {
+
+                        	try {
+
+                        		String name = graph.getRelatedValue(r, hasName, Bindings.STRING);
+	
+	                            if(name.equals(userName)) {
+	
+	                                String graphDigest = graph.getRelatedValue(r, hasPasswordHash, Bindings.getBinding(String.class));
+	
+	                                if(graphDigest.equals(localDigest)) return r;
+	                                else throw new InvalidAuthenticationException("Password was not valid for user '" + userName + "'");
+	
+	                            }
+                        	} catch(BindingConstructionException e) {
+                        		throw new DatabaseException(e);
+                        	}
+	                            
+                        }
+
+                        throw new InvalidUserException("User '" + userName + "' was not found.");
+
+                    }
+
+                });
+
+                return user;
+
+            } catch (InvalidAuthenticationException e) {
+
+                throw e;
+
+            } catch (InvalidUserException e) {
+
+                throw e;
+
+            } catch (DatabaseException e) {
+
+                throw new InvalidAuthenticationException("Authentication failed, see cause for details.", e);
+
+            }
+
+        }
+
+        @Override
+        public String userName() {
+            return userName;
+        }
+
+        @Override
+        public String remoteDigest() {
+            return remoteDigest;
+        }
+    }
+
+    public static UserAuthenticator byNameAndPassword(String userName, String password) {
+        try {
+            MessageDigest digest = MessageDigest.getInstance("SHA-512");
+            String localDigest = Base64.encode(digest.digest(password.getBytes("US-ASCII"))).replace("\n", "").replace("\r", "");
+            String reversePassword = new StringBuilder(password).reverse().toString();
+            String remoteDigest = Base64.encode(digest.digest(reversePassword.getBytes("US-ASCII"))).replace("\n", "").replace("\r", "");
+
+            return new Digest(userName, localDigest, remoteDigest);
+        } catch (NoSuchAlgorithmException e) {
+            throw new RuntimeException(e);
+        } catch (UnsupportedEncodingException e) {
+            throw new Error( "The JVM is required to support UTF-8 and US-ASCII encodings.");
+        }
+    }
+
+}