From 874e409072b2a650b5beaf5480aca0349b012360 Mon Sep 17 00:00:00 2001 From: Robert von Burg Date: Thu, 9 Jul 2020 10:25:03 +0200 Subject: [PATCH] [Major] Added getting of handlers and parameters for Privilege --- .../handler/DefaultEncryptionHandler.java | 30 +++++++++------ .../handler/DefaultPrivilegeHandler.java | 27 +++++++++++++ .../privilege/handler/EncryptionHandler.java | 7 ++++ .../privilege/handler/PersistenceHandler.java | 33 +++++++++------- .../privilege/handler/PrivilegeHandler.java | 28 ++++++++++++++ .../handler/SingleSignOnHandler.java | 7 ++++ .../handler/UserChallengeHandler.java | 11 ++++++ .../handler/XmlPersistenceHandler.java | 38 ++++++++++--------- .../privilege/test/model/DummySsoHandler.java | 9 ++++- 9 files changed, 148 insertions(+), 42 deletions(-) diff --git a/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/DefaultEncryptionHandler.java b/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/DefaultEncryptionHandler.java index 92c212f3e..638e747bf 100644 --- a/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/DefaultEncryptionHandler.java +++ b/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/DefaultEncryptionHandler.java @@ -15,7 +15,9 @@ */ package li.strolch.privilege.handler; +import static java.lang.String.valueOf; import static li.strolch.privilege.base.PrivilegeConstants.*; +import static li.strolch.privilege.helper.XmlConstants.*; import javax.crypto.SecretKey; import javax.crypto.SecretKeyFactory; @@ -78,6 +80,12 @@ public class DefaultEncryptionHandler implements EncryptionHandler { * The length of the secure key for the hashing */ private int keyLength; + private Map parameterMap; + + @Override + public Map getParameterMap() { + return this.parameterMap; + } @Override public Crypt newCryptInstance() { @@ -147,17 +155,18 @@ public class DefaultEncryptionHandler implements EncryptionHandler { @Override public void initialize(Map parameterMap) { + this.parameterMap = parameterMap; this.secureRandom = new SecureRandom(); // get hash algorithm parameters - this.algorithm = parameterMap.getOrDefault(XmlConstants.XML_PARAM_HASH_ALGORITHM, DEFAULT_ALGORITHM); + this.algorithm = parameterMap.getOrDefault(XML_PARAM_HASH_ALGORITHM, DEFAULT_ALGORITHM); this.nonSaltAlgorithm = parameterMap - .getOrDefault(XmlConstants.XML_PARAM_HASH_ALGORITHM_NON_SALT, DEFAULT_ALGORITHM_NON_SALT); - this.iterations = Integer.parseInt( - parameterMap.getOrDefault(XmlConstants.XML_PARAM_HASH_ITERATIONS, String.valueOf(DEFAULT_ITERATIONS))); - this.keyLength = Integer.parseInt( - parameterMap.getOrDefault(XmlConstants.XML_PARAM_HASH_KEY_LENGTH, String.valueOf(DEFAULT_KEY_LENGTH))); + .getOrDefault(XML_PARAM_HASH_ALGORITHM_NON_SALT, DEFAULT_ALGORITHM_NON_SALT); + this.iterations = Integer + .parseInt(parameterMap.getOrDefault(XML_PARAM_HASH_ITERATIONS, valueOf(DEFAULT_ITERATIONS))); + this.keyLength = Integer + .parseInt(parameterMap.getOrDefault(XML_PARAM_HASH_KEY_LENGTH, valueOf(DEFAULT_KEY_LENGTH))); // test non-salt hash algorithm try { @@ -166,9 +175,8 @@ public class DefaultEncryptionHandler implements EncryptionHandler { .format("Using non-salt hashing algorithm {0}", this.nonSaltAlgorithm)); //$NON-NLS-1$ } catch (Exception e) { String msg = "[{0}] Defined parameter {1} is invalid because of underlying exception: {2}"; //$NON-NLS-1$ - msg = MessageFormat - .format(msg, EncryptionHandler.class.getName(), XmlConstants.XML_PARAM_HASH_ALGORITHM_NON_SALT, - e.getLocalizedMessage()); + msg = MessageFormat.format(msg, EncryptionHandler.class.getName(), XML_PARAM_HASH_ALGORITHM_NON_SALT, + e.getLocalizedMessage()); throw new PrivilegeException(msg, e); } @@ -179,8 +187,8 @@ public class DefaultEncryptionHandler implements EncryptionHandler { .info(MessageFormat.format("Using hashing algorithm {0}", this.algorithm)); //$NON-NLS-1$ } catch (Exception e) { String msg = "[{0}] Defined parameter {1} is invalid because of underlying exception: {2}"; //$NON-NLS-1$ - msg = MessageFormat.format(msg, EncryptionHandler.class.getName(), XmlConstants.XML_PARAM_HASH_ALGORITHM, - e.getLocalizedMessage()); + msg = MessageFormat + .format(msg, EncryptionHandler.class.getName(), XML_PARAM_HASH_ALGORITHM, e.getLocalizedMessage()); throw new PrivilegeException(msg, e); } } diff --git a/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/DefaultPrivilegeHandler.java b/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/DefaultPrivilegeHandler.java index 21b2e8b5f..226d628a6 100644 --- a/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/DefaultPrivilegeHandler.java +++ b/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/DefaultPrivilegeHandler.java @@ -131,6 +131,28 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler { protected PrivilegeConflictResolution privilegeConflictResolution; private String identifier; + private Map parameterMap; + + @Override + public SingleSignOnHandler getSsoHandler() { + return this.ssoHandler; + } + + @Override + public UserChallengeHandler getUserChallengeHandler() { + return this.userChallengeHandler; + } + + @Override + public PersistenceHandler getPersistenceHandler() { + return this.persistenceHandler; + } + + @Override + public Map getParameterMap() { + return this.parameterMap; + } + @Override public boolean isRefreshAllowed() { return this.allowSessionRefresh; @@ -1812,6 +1834,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler { loadSessions(); + this.parameterMap = parameterMap; this.initialized = true; } @@ -1908,6 +1931,10 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler { // build our identifier byte[] encrypt = AesCryptoHelper.encrypt(this.secretKey, "PrivilegeHandler".getBytes()); this.identifier = Base64.getEncoder().encodeToString(encrypt); + + // remove secrets + parameterMap.remove(PARAM_SECRET_KEY); + parameterMap.remove(PARAM_SECRET_SALT); } private void validatePrivilegeConflicts() { diff --git a/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/EncryptionHandler.java b/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/EncryptionHandler.java index f4693c070..25458f8c1 100644 --- a/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/EncryptionHandler.java +++ b/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/EncryptionHandler.java @@ -117,4 +117,11 @@ public interface EncryptionHandler { * a map containing configuration properties */ void initialize(Map parameterMap); + + /** + * Returns the configuration for this {@link EncryptionHandler} + * + * @return the configuration as a Map + */ + Map getParameterMap(); } diff --git a/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/PersistenceHandler.java b/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/PersistenceHandler.java index 2b9e0bedf..6ae88ce01 100644 --- a/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/PersistenceHandler.java +++ b/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/PersistenceHandler.java @@ -45,14 +45,14 @@ public interface PersistenceHandler { * * @return all currently known {@link User}s */ - public List getAllUsers(); + List getAllUsers(); /** * Returns all currently known {@link Role}s * * @return all currently known {@link Role}s */ - public List getAllRoles(); + List getAllRoles(); /** * Returns a {@link User} object from the underlying database @@ -62,7 +62,7 @@ public interface PersistenceHandler { * * @return the {@link User} object, or null if it was not found */ - public User getUser(String username); + User getUser(String username); /** * Returns a {@link Role} object from the underlying database @@ -72,7 +72,7 @@ public interface PersistenceHandler { * * @return the {@link Role} object, or null if it was not found */ - public Role getRole(String roleName); + Role getRole(String roleName); /** * Removes a {@link User} with the given name and returns the removed object if it existed @@ -82,7 +82,7 @@ public interface PersistenceHandler { * * @return the {@link User} removed, or null if it did not exist */ - public User removeUser(String username); + User removeUser(String username); /** * Removes a {@link Role} with the given name and returns the removed object if it existed @@ -92,7 +92,7 @@ public interface PersistenceHandler { * * @return the {@link Role} removed, or null if it did not exist */ - public Role removeRole(String roleName); + Role removeRole(String roleName); /** * Adds a {@link User} object to the underlying database @@ -100,7 +100,7 @@ public interface PersistenceHandler { * @param user * the {@link User} object to add */ - public void addUser(User user); + void addUser(User user); /** * Replaces the existing {@link User} object in the underlying database @@ -108,7 +108,7 @@ public interface PersistenceHandler { * @param user * the {@link User} object to add */ - public void replaceUser(User user); + void replaceUser(User user); /** * Adds a {@link Role} object to the underlying database @@ -116,7 +116,7 @@ public interface PersistenceHandler { * @param role * the {@link User} object to add */ - public void addRole(Role role); + void addRole(Role role); /** * Replaces the {@link Role} object in the underlying database @@ -124,21 +124,21 @@ public interface PersistenceHandler { * @param role * the {@link User} object to add */ - public void replaceRole(Role role); + void replaceRole(Role role); /** * Informs this {@link PersistenceHandler} to persist any changes which need to be saved * * @return true if changes were persisted successfully, false if nothing needed to be persisted */ - public boolean persist(); + boolean persist(); /** * Informs this {@link PersistenceHandler} to reload the data from the backend * * @return true if the reload was successful, false if something went wrong */ - public boolean reload(); + boolean reload(); /** * Initialize the concrete {@link PersistenceHandler}. The passed parameter map contains any configuration the @@ -147,5 +147,12 @@ public interface PersistenceHandler { * @param parameterMap * a map containing configuration properties */ - public void initialize(Map parameterMap); + void initialize(Map parameterMap); + + /** + * Returns the configuration for this {@link PersistenceHandler} + * + * @return the configuration as a Map + */ + Map getParameterMap(); } diff --git a/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/PrivilegeHandler.java b/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/PrivilegeHandler.java index 441e9b29b..c61b56bf6 100644 --- a/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/PrivilegeHandler.java +++ b/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/PrivilegeHandler.java @@ -881,10 +881,38 @@ public interface PrivilegeHandler { */ PrivilegeContext openSystemUserContext(String systemUsername) throws PrivilegeException; + /** + * Returns the configuration for this {@link PrivilegeHandler} + * + * @return the configuration as a Map + */ + Map getParameterMap(); + /** * Returns the {@link EncryptionHandler} instance * * @return the {@link EncryptionHandler} instance */ EncryptionHandler getEncryptionHandler() throws PrivilegeException; + + /** + * Returns the {@link PersistenceHandler} + * + * @return the {@link PersistenceHandler} + */ + PersistenceHandler getPersistenceHandler(); + + /** + * Returns the {@link SingleSignOnHandler} + * + * @return the {@link SingleSignOnHandler} + */ + SingleSignOnHandler getSsoHandler(); + + /** + * Returns the {@link UserChallengeHandler} + * + * @return the {@link UserChallengeHandler} + */ + UserChallengeHandler getUserChallengeHandler(); } diff --git a/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/SingleSignOnHandler.java b/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/SingleSignOnHandler.java index 9f55914ce..68ce7a905 100644 --- a/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/SingleSignOnHandler.java +++ b/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/SingleSignOnHandler.java @@ -28,4 +28,11 @@ public interface SingleSignOnHandler { * if the SSO can not be performed with the given data */ User authenticateSingleSignOn(Object data) throws PrivilegeException; + + /** + * Returns the configuration for this {@link SingleSignOnHandler} + * + * @return the configuration as a Map + */ + Map getParameterMap(); } diff --git a/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/UserChallengeHandler.java b/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/UserChallengeHandler.java index ada81e091..9bff12cd9 100644 --- a/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/UserChallengeHandler.java +++ b/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/UserChallengeHandler.java @@ -16,6 +16,16 @@ public abstract class UserChallengeHandler { protected static final Logger logger = LoggerFactory.getLogger(ConsoleUserChallengeHandler.class); protected Map challenges; + private Map parameterMap; + + /** + * Returns the configuration for this {@link UserChallengeHandler} + * + * @return the configuration as a Map + */ + public Map getParameterMap() { + return this.parameterMap; + } /** * Initialize the concrete {@link UserChallengeHandler}. The passed parameter map contains any configuration the @@ -25,6 +35,7 @@ public abstract class UserChallengeHandler { * a map containing configuration properties */ public void initialize(Map parameterMap) { + this.parameterMap = parameterMap; this.challenges = new HashMap<>(); } diff --git a/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/XmlPersistenceHandler.java b/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/XmlPersistenceHandler.java index e78b59b26..75337d4a5 100644 --- a/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/XmlPersistenceHandler.java +++ b/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/XmlPersistenceHandler.java @@ -15,6 +15,7 @@ */ package li.strolch.privilege.handler; +import static li.strolch.privilege.helper.XmlConstants.*; import static li.strolch.utils.helper.StringHelper.formatNanoDuration; import java.io.File; @@ -57,6 +58,11 @@ public class XmlPersistenceHandler implements PersistenceHandler { private File usersPath; private File rolesPath; + @Override + public Map getParameterMap() { + return this.parameterMap; + } + @Override public List getAllUsers() { synchronized (this.userMap) { @@ -139,33 +145,31 @@ public class XmlPersistenceHandler implements PersistenceHandler { */ @Override public void initialize(Map paramsMap) { - - // copy parameter map this.parameterMap = Collections.unmodifiableMap(new HashMap<>(paramsMap)); // get and validate base bath - String basePath = this.parameterMap.get(XmlConstants.XML_PARAM_BASE_PATH); + String basePath = this.parameterMap.get(XML_PARAM_BASE_PATH); File basePathF = new File(basePath); if (!basePathF.exists() && !basePathF.isDirectory()) { String msg = "[{0}] Defined parameter {1} does not point to a valid path at {2}"; //$NON-NLS-1$ - msg = MessageFormat.format(msg, PersistenceHandler.class.getName(), XmlConstants.XML_PARAM_BASE_PATH, - basePathF.getAbsolutePath()); + msg = MessageFormat + .format(msg, PersistenceHandler.class.getName(), XML_PARAM_BASE_PATH, basePathF.getAbsolutePath()); throw new PrivilegeException(msg); } // get users file name - String usersFileName = this.parameterMap.get(XmlConstants.XML_PARAM_USERS_FILE); + String usersFileName = this.parameterMap.get(XML_PARAM_USERS_FILE); if (StringHelper.isEmpty(usersFileName)) { String msg = "[{0}] Defined parameter {1} is not valid as it is empty!"; //$NON-NLS-1$ - msg = MessageFormat.format(msg, PersistenceHandler.class.getName(), XmlConstants.XML_PARAM_USERS_FILE); + msg = MessageFormat.format(msg, PersistenceHandler.class.getName(), XML_PARAM_USERS_FILE); throw new PrivilegeException(msg); } // get roles file name - String rolesFileName = this.parameterMap.get(XmlConstants.XML_PARAM_ROLES_FILE); + String rolesFileName = this.parameterMap.get(XML_PARAM_ROLES_FILE); if (StringHelper.isEmpty(rolesFileName)) { String msg = "[{0}] Defined parameter {1} is not valid as it is empty!"; //$NON-NLS-1$ - msg = MessageFormat.format(msg, PersistenceHandler.class.getName(), XmlConstants.XML_PARAM_ROLES_FILE); + msg = MessageFormat.format(msg, PersistenceHandler.class.getName(), XML_PARAM_ROLES_FILE); throw new PrivilegeException(msg); } @@ -174,8 +178,8 @@ public class XmlPersistenceHandler implements PersistenceHandler { File usersPath = new File(usersPathS); if (!usersPath.exists()) { String msg = "[{0}] Defined parameter {1} is invalid as users file does not exist at path {2}"; //$NON-NLS-1$ - msg = MessageFormat.format(msg, PersistenceHandler.class.getName(), XmlConstants.XML_PARAM_USERS_FILE, - usersPath.getAbsolutePath()); + msg = MessageFormat + .format(msg, PersistenceHandler.class.getName(), XML_PARAM_USERS_FILE, usersPath.getAbsolutePath()); throw new PrivilegeException(msg); } @@ -184,8 +188,8 @@ public class XmlPersistenceHandler implements PersistenceHandler { File rolesPath = new File(rolesPathS); if (!rolesPath.exists()) { String msg = "[{0}] Defined parameter {1} is invalid as roles file does not exist at path {2}"; //$NON-NLS-1$ - msg = MessageFormat.format(msg, PersistenceHandler.class.getName(), XmlConstants.XML_PARAM_ROLES_FILE, - rolesPath.getAbsolutePath()); + msg = MessageFormat + .format(msg, PersistenceHandler.class.getName(), XML_PARAM_ROLES_FILE, rolesPath.getAbsolutePath()); throw new PrivilegeException(msg); } @@ -262,18 +266,18 @@ public class XmlPersistenceHandler implements PersistenceHandler { long start = System.nanoTime(); // get users file name - String usersFileName = this.parameterMap.get(XmlConstants.XML_PARAM_USERS_FILE); + String usersFileName = this.parameterMap.get(XML_PARAM_USERS_FILE); if (usersFileName == null || usersFileName.isEmpty()) { String msg = "[{0}] Defined parameter {1} is invalid"; //$NON-NLS-1$ - msg = MessageFormat.format(msg, PersistenceHandler.class.getName(), XmlConstants.XML_PARAM_USERS_FILE); + msg = MessageFormat.format(msg, PersistenceHandler.class.getName(), XML_PARAM_USERS_FILE); throw new PrivilegeException(msg); } // get roles file name - String rolesFileName = this.parameterMap.get(XmlConstants.XML_PARAM_ROLES_FILE); + String rolesFileName = this.parameterMap.get(XML_PARAM_ROLES_FILE); if (rolesFileName == null || rolesFileName.isEmpty()) { String msg = "[{0}] Defined parameter {1} is invalid"; //$NON-NLS-1$ - msg = MessageFormat.format(msg, PersistenceHandler.class.getName(), XmlConstants.XML_PARAM_ROLES_FILE); + msg = MessageFormat.format(msg, PersistenceHandler.class.getName(), XML_PARAM_ROLES_FILE); throw new PrivilegeException(msg); } diff --git a/li.strolch.privilege/src/test/java/li/strolch/privilege/test/model/DummySsoHandler.java b/li.strolch.privilege/src/test/java/li/strolch/privilege/test/model/DummySsoHandler.java index 5823bcabf..04339433f 100644 --- a/li.strolch.privilege/src/test/java/li/strolch/privilege/test/model/DummySsoHandler.java +++ b/li.strolch.privilege/src/test/java/li/strolch/privilege/test/model/DummySsoHandler.java @@ -10,9 +10,16 @@ import li.strolch.privilege.model.internal.User; public class DummySsoHandler implements SingleSignOnHandler { + private Map parameterMap; + + @Override + public Map getParameterMap() { + return this.parameterMap; + } + @Override public void initialize(Map parameterMap) { - // do nothing + this.parameterMap = parameterMap; } @Override