X-Git-Url: https://gerrit.simantics.org/r/gitweb?a=blobdiff_plain;f=bundles%2Forg.simantics.db.common%2Fsrc%2Forg%2Fsimantics%2Fdb%2Fcommon%2Fauth%2FUserAuthenticators.java;h=782ff618bc6875b65ff59a747e6fc2a41d1d9da9;hb=6259de5991b9c11f6d46807d88f51830473adb13;hp=0dd759d6c7d25927bd644d2b62cb0ca6b9dd61c8;hpb=969bd23cab98a79ca9101af33334000879fb60c5;p=simantics%2Fplatform.git diff --git a/bundles/org.simantics.db.common/src/org/simantics/db/common/auth/UserAuthenticators.java b/bundles/org.simantics.db.common/src/org/simantics/db/common/auth/UserAuthenticators.java index 0dd759d6c..782ff618b 100644 --- a/bundles/org.simantics.db.common/src/org/simantics/db/common/auth/UserAuthenticators.java +++ b/bundles/org.simantics.db.common/src/org/simantics/db/common/auth/UserAuthenticators.java @@ -1,130 +1,130 @@ -/******************************************************************************* - * Copyright (c) 2007, 2010 Association for Decentralized Information Management - * in Industry THTH ry. - * All rights reserved. This program and the accompanying materials - * are made available under the terms of the Eclipse Public License v1.0 - * which accompanies this distribution, and is available at - * http://www.eclipse.org/legal/epl-v10.html - * - * Contributors: - * VTT Technical Research Centre of Finland - initial API and implementation - *******************************************************************************/ -package org.simantics.db.common.auth; - -import java.io.UnsupportedEncodingException; -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; - -import org.simantics.databoard.Bindings; -import org.simantics.databoard.binding.error.BindingConstructionException; -import org.simantics.db.ReadGraph; -import org.simantics.db.RequestProcessor; -import org.simantics.db.Resource; -import org.simantics.db.authentication.UserAuthenticator; -import org.simantics.db.exception.DatabaseException; -import org.simantics.db.exception.InvalidAuthenticationException; -import org.simantics.db.exception.InvalidUserException; -import org.simantics.db.request.Read; -import org.simantics.layer0.Layer0; -import org.simantics.user.UserResource; -import org.simantics.utils.bytes.Base64; - -public final class UserAuthenticators { - - private static class Digest implements UserAuthenticator { - private final String userName; - private final String localDigest; - private final String remoteDigest; - - Digest(String userName, String localDigest, String remoteDigest) { - this.userName = userName; - this.localDigest = localDigest; - this.remoteDigest = remoteDigest; - } - - @Override - public Resource getUser(RequestProcessor processor) throws InvalidUserException, InvalidAuthenticationException { - - try { - - Resource user = processor.syncRequest(new Read() { - - @Override - public Resource perform(final ReadGraph graph) throws DatabaseException { - - Resource userLibrary = graph.getResource("http://Users"); - Resource consistsOf = graph.getResource(Layer0.URIs.ConsistsOf); - Resource hasName = graph.getResource(Layer0.URIs.HasLabel); - Resource hasPasswordHash = graph.getResource(UserResource.URIs.HasPasswordHash); - - for(Resource r : graph.getObjects(userLibrary, consistsOf)) { - - try { - - String name = graph.getRelatedValue(r, hasName, Bindings.STRING); - - if(name.equals(userName)) { - - String graphDigest = graph.getRelatedValue(r, hasPasswordHash, Bindings.getBinding(String.class)); - - if(graphDigest.equals(localDigest)) return r; - else throw new InvalidAuthenticationException("Password was not valid for user '" + userName + "'"); - - } - } catch(BindingConstructionException e) { - throw new DatabaseException(e); - } - - } - - throw new InvalidUserException("User '" + userName + "' was not found."); - - } - - }); - - return user; - - } catch (InvalidAuthenticationException e) { - - throw e; - - } catch (InvalidUserException e) { - - throw e; - - } catch (DatabaseException e) { - - throw new InvalidAuthenticationException("Authentication failed, see cause for details.", e); - - } - - } - - @Override - public String userName() { - return userName; - } - - @Override - public String remoteDigest() { - return remoteDigest; - } - } - - public static UserAuthenticator byNameAndPassword(String userName, String password) { - try { - MessageDigest digest = MessageDigest.getInstance("SHA-512"); - String localDigest = Base64.encode(digest.digest(password.getBytes("US-ASCII"))).replace("\n", "").replace("\r", ""); - String reversePassword = new StringBuilder(password).reverse().toString(); - String remoteDigest = Base64.encode(digest.digest(reversePassword.getBytes("US-ASCII"))).replace("\n", "").replace("\r", ""); - - return new Digest(userName, localDigest, remoteDigest); - } catch (NoSuchAlgorithmException e) { - throw new RuntimeException(e); - } catch (UnsupportedEncodingException e) { - throw new Error( "The JVM is required to support UTF-8 and US-ASCII encodings."); - } - } - -} +/******************************************************************************* + * Copyright (c) 2007, 2010 Association for Decentralized Information Management + * in Industry THTH ry. + * All rights reserved. This program and the accompanying materials + * are made available under the terms of the Eclipse Public License v1.0 + * which accompanies this distribution, and is available at + * http://www.eclipse.org/legal/epl-v10.html + * + * Contributors: + * VTT Technical Research Centre of Finland - initial API and implementation + *******************************************************************************/ +package org.simantics.db.common.auth; + +import java.io.UnsupportedEncodingException; +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; + +import org.simantics.databoard.Bindings; +import org.simantics.databoard.binding.error.BindingConstructionException; +import org.simantics.db.ReadGraph; +import org.simantics.db.RequestProcessor; +import org.simantics.db.Resource; +import org.simantics.db.authentication.UserAuthenticator; +import org.simantics.db.exception.DatabaseException; +import org.simantics.db.exception.InvalidAuthenticationException; +import org.simantics.db.exception.InvalidUserException; +import org.simantics.db.request.Read; +import org.simantics.layer0.Layer0; +import org.simantics.user.UserResource; +import org.simantics.utils.bytes.Base64; + +public final class UserAuthenticators { + + private static class Digest implements UserAuthenticator { + private final String userName; + private final String localDigest; + private final String remoteDigest; + + Digest(String userName, String localDigest, String remoteDigest) { + this.userName = userName; + this.localDigest = localDigest; + this.remoteDigest = remoteDigest; + } + + @Override + public Resource getUser(RequestProcessor processor) throws InvalidUserException, InvalidAuthenticationException { + + try { + + Resource user = processor.syncRequest(new Read() { + + @Override + public Resource perform(final ReadGraph graph) throws DatabaseException { + + Resource userLibrary = graph.getResource("http://Users"); + Resource consistsOf = graph.getResource(Layer0.URIs.ConsistsOf); + Resource hasName = graph.getResource(Layer0.URIs.HasLabel); + Resource hasPasswordHash = graph.getResource(UserResource.URIs.HasPasswordHash); + + for(Resource r : graph.getObjects(userLibrary, consistsOf)) { + + try { + + String name = graph.getRelatedValue(r, hasName, Bindings.STRING); + + if(name.equals(userName)) { + + String graphDigest = graph.getRelatedValue(r, hasPasswordHash, Bindings.getBinding(String.class)); + + if(graphDigest.equals(localDigest)) return r; + else throw new InvalidAuthenticationException("Password was not valid for user '" + userName + "'"); + + } + } catch(BindingConstructionException e) { + throw new DatabaseException(e); + } + + } + + throw new InvalidUserException("User '" + userName + "' was not found."); + + } + + }); + + return user; + + } catch (InvalidAuthenticationException e) { + + throw e; + + } catch (InvalidUserException e) { + + throw e; + + } catch (DatabaseException e) { + + throw new InvalidAuthenticationException("Authentication failed, see cause for details.", e); + + } + + } + + @Override + public String userName() { + return userName; + } + + @Override + public String remoteDigest() { + return remoteDigest; + } + } + + public static UserAuthenticator byNameAndPassword(String userName, String password) { + try { + MessageDigest digest = MessageDigest.getInstance("SHA-512"); + String localDigest = Base64.encode(digest.digest(password.getBytes("US-ASCII"))).replace("\n", "").replace("\r", ""); + String reversePassword = new StringBuilder(password).reverse().toString(); + String remoteDigest = Base64.encode(digest.digest(reversePassword.getBytes("US-ASCII"))).replace("\n", "").replace("\r", ""); + + return new Digest(userName, localDigest, remoteDigest); + } catch (NoSuchAlgorithmException e) { + throw new RuntimeException(e); + } catch (UnsupportedEncodingException e) { + throw new Error( "The JVM is required to support UTF-8 and US-ASCII encodings."); + } + } + +}