SimplePERMISAuthzTokenRepository | Line # 73 | 36 | 11 | 76.7% |
0.76666665
|
(1) | |||
Result | |||
0.48333332
|
issrg.test.ds.TestDS.testIssuing issrg.test.ds.TestDS.testIssuing | 1 PASS | |
1 | /* | |
2 | * Copyright (c) 2006, University of Kent | |
3 | * All rights reserved. | |
4 | * | |
5 | * Redistribution and use in source and binary forms, with or without | |
6 | * modification, are permitted provided that the following conditions are met: | |
7 | * | |
8 | * Redistributions of source code must retain the above copyright notice, this | |
9 | * list of conditions and the following disclaimer. | |
10 | * | |
11 | * Redistributions in binary form must reproduce the above copyright notice, | |
12 | * this list of conditions and the following disclaimer in the documentation | |
13 | * and/or other materials provided with the distribution. | |
14 | * | |
15 | * 1. Neither the name of the University of Kent nor the names of its | |
16 | * contributors may be used to endorse or promote products derived from this | |
17 | * software without specific prior written permission. | |
18 | * | |
19 | * 2. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS | |
20 | * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, | |
21 | * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | |
22 | * PURPOSE ARE DISCLAIMED. | |
23 | * | |
24 | * 3. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE | |
25 | * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR | |
26 | * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF | |
27 | * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS | |
28 | * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN | |
29 | * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | |
30 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE | |
31 | * POSSIBILITY OF SUCH DAMAGE. | |
32 | * | |
33 | * 4. YOU AGREE THAT THE EXCLUSIONS IN PARAGRAPHS 2 AND 3 ABOVE ARE REASONABLE | |
34 | * IN THE CIRCUMSTANCES. IN PARTICULAR, YOU ACKNOWLEDGE (1) THAT THIS | |
35 | * SOFTWARE HAS BEEN MADE AVAILABLE TO YOU FREE OF CHARGE, (2) THAT THIS | |
36 | * SOFTWARE IS NOT "PRODUCT" QUALITY, BUT HAS BEEN PRODUCED BY A RESEARCH | |
37 | * GROUP WHO DESIRE TO MAKE THIS SOFTWARE FREELY AVAILABLE TO PEOPLE WHO WISH | |
38 | * TO USE IT, AND (3) THAT BECAUSE THIS SOFTWARE IS NOT OF "PRODUCT" QUALITY | |
39 | * IT IS INEVITABLE THAT THERE WILL BE BUGS AND ERRORS, AND POSSIBLY MORE | |
40 | * SERIOUS FAULTS, IN THIS SOFTWARE. | |
41 | * | |
42 | * 5. This license is governed, except to the extent that local laws | |
43 | * necessarily apply, by the laws of England and Wales. | |
44 | * | |
45 | * Author : Gansen Zhao <gz7@kent.ac.uk> and Romain Laborde <rl59@kent.ac.uk> | |
46 | * | |
47 | */ | |
48 | ||
49 | package issrg.simplePERMIS; | |
50 | ||
51 | import issrg.pba.AuthzTokenParser; | |
52 | import issrg.pba.repository.AuthzTokenRepository; | |
53 | import issrg.pba.repository.*; | |
54 | import issrg.pba.ParsedToken; | |
55 | import issrg.utils.repository.*; | |
56 | import issrg.utils.repository.AttributeRepository; | |
57 | import issrg.utils.repository.MultiRepository; | |
58 | import issrg.utils.repository.RepositoryException; | |
59 | import issrg.pba.PbaException; | |
60 | import javax.naming.NamingException; | |
61 | ||
62 | import org.apache.log4j.*;// added for logging | |
63 | /** | |
64 | * | |
65 | * This class implements the AuthTokenRepository interface. When contructing an instance, | |
66 | * the underlying AttributeRepository shall be specified, and the associated | |
67 | * AuthTokenParser. The associated AuthTokenParser will be used to parse the | |
68 | * tokens stored on the specified repository. | |
69 | * | |
70 | * @author Gansen | |
71 | * | |
72 | */ | |
73 | public class SimplePERMISAuthzTokenRepository implements AuthzTokenRepository{ | |
74 | ||
75 | Logger logger = Logger.getLogger(SimplePERMISAuthzTokenRepository.class); | |
76 | /** | |
77 | * The parser that will be used for parsing the authorisation attributes | |
78 | */ | |
79 | private AuthzTokenParser tokenParser=null; | |
80 | ||
81 | /** | |
82 | * the source repository that keeps attributes, including the authorisaiton attribute. | |
83 | */ | |
84 | private MultiRepository attributeRepository=null; | |
85 | ||
86 | /** | |
87 | * The name of the attribute that will serve as authorisaiton attribute. | |
88 | * modif by romain 07/03/2006 | |
89 | */ | |
90 | //private String AttributeName="attributeCertificateAttribute;binary"; | |
91 | private String AttributeName=issrg.pba.rbac.CustomisePERMIS.getAttributeCertificateAttribute(); | |
92 | ||
93 | ||
94 | /** | |
95 | * Constructor of the SimpleSAMAutoRokenRepository. <br> | |
96 | * | |
97 | * It creates a new instance of SimpleSAMAuthTokenRepository, and specify | |
98 | * the name of the attribute. This constructor will automatically create a | |
99 | * internal repository. <br> | |
100 | * | |
101 | * @param AttributeName The name of the attribute that is considered | |
102 | * as the authorisation token. The AttributeName will be used by the | |
103 | * SimpleSAMAuthTokenRepository object to retrieve the token from | |
104 | * the repository that keeps all related attributes and tokens. <br> | |
105 | * | |
106 | * @param repository The repository that keeps all tokens <br> | |
107 | * | |
108 | * @param parser The parser that will be used to parse the tokens stored | |
109 | * on the repository. | |
110 | * | |
111 | */ | |
112 | 699 | public SimplePERMISAuthzTokenRepository(String AttributeName, AttributeRepository repository, AuthzTokenParser parser) { |
113 | 699 | if (AttributeName!=null) this.AttributeName=AttributeName; |
114 | 699 | this.tokenParser = parser; |
115 | 699 | this.attributeRepository = repository==null? null: repository instanceof MultiRepository? (MultiRepository)repository: new MultiRepository(repository); |
116 | } | |
117 | ||
118 | /** | |
119 | * Constructor of the SimpleSAMTokenRepository. It takes as input the | |
120 | * repository that keeps all tokens, and the token parser. | |
121 | * <p> | |
122 | * This constructor will assume that the authorisation token is named as "simpleSAM-Attribute". | |
123 | * This may be in conflit with some attributes kept by the source repository that are also | |
124 | * named as "simpleSAM-Attribute". Further, the source repository must make sure that the authorisation | |
125 | * token is named as "simpleSAM-Attribute" for the SimpleSAMAuthTokenRepository to be able | |
126 | * to find it. | |
127 | * | |
128 | * @param repository The source repository that keeps the authorisation tokens. | |
129 | * @param parser The parser that is used to parse the authorisation token retrieved from the repository. | |
130 | * | |
131 | */ | |
132 | 698 | public SimplePERMISAuthzTokenRepository(AttributeRepository repository, AuthzTokenParser parser){ |
133 | 698 | this(null, repository, parser); |
134 | } | |
135 | ||
136 | /** | |
137 | * @return the attribute name. | |
138 | * | |
139 | */ | |
140 | 0 | public String getAttributeName(){return this.AttributeName;} |
141 | ||
142 | /** | |
143 | * @return the object token parser. | |
144 | * | |
145 | */ | |
146 | 0 | public AuthzTokenParser getAuthTokenParser(){return tokenParser;} |
147 | ||
148 | /** | |
149 | * This function retrieves the authorisation token for the specified subject. | |
150 | * @param subject The subject specifies whose attributes are needed. | |
151 | * @return The authorisation tokens of the specified subject; never null, but the Attribute may have no values. | |
152 | */ | |
153 | 2224 | public javax.naming.directory.Attribute getAuthTokens(TokenLocator subject) throws issrg.pba.PbaException{ |
154 | ||
155 | 0 | if (subject==null) throw new PbaException("Cannot retrieve Auth Tokens: holder TokenLocator is null"); |
156 | 0 | if (attributeRepository==null) throw new PbaException("Cannot retrieve Auth Tokens: Attribute Repository was not specified"); |
157 | 0 | if (AttributeName==null) throw new PbaException("Cannot retrieve Auth Tokens: attribute name in the Attribute Repository was not specified"); |
158 | ||
159 | 2224 | try{ |
160 | 2224 | logger.debug("get authz tokens from "+attributeRepository.getClass().getName()); |
161 | 2224 | return attributeRepository.getAttribute(subject, AttributeName); |
162 | }catch(RepositoryException re){ | |
163 | 0 | throw new PbaException("Failed to get Authorisation Tokens from a repository: "+re.getMessage()); |
164 | } | |
165 | } | |
166 | ||
167 | /** | |
168 | * This function returned the parsed authorisation tokens of the specified subject. | |
169 | * @param subject The subject specifies whose attributes are needed. | |
170 | * @return Authorisation tokens of the specified subjects in the parsed form. | |
171 | */ | |
172 | 2224 | public ParsedToken[] getParsedAuthTokens(TokenLocator subject) throws issrg.pba.PbaException{ |
173 | 2224 | logger.debug("get parsed authz tokens"); |
174 | 2224 | ParsedToken[] retToken=null; |
175 | 2224 | Object objCurrent=null; |
176 | ||
177 | //Gansen 18/11/2005 | |
178 | ||
179 | ||
180 | 2224 | javax.naming.directory.Attribute authTokens; |
181 | //System.err.println("*** getting Authz Tokens for "+subject.getEntry().getEntryName().getName()); //************** | |
182 | ||
183 | 2224 | authTokens=this.getAuthTokens(subject); |
184 | 2224 | if (authTokens == null) { |
185 | 355 | logger.debug("error: this shouldn't happen - getAuthTokens never returns null"); |
186 | 355 | return null; // this shouldn't happen - getAuthTokens never returns null |
187 | } | |
188 | 1869 | retToken=new ParsedToken[authTokens.size()]; |
189 | //System.err.println("got "+retToken.length); //************* | |
190 | ||
191 | 4107 | for(int i =0; i<authTokens.size();i++){ |
192 | 2238 | try{ |
193 | 2238 | objCurrent=authTokens.get(i); |
194 | }catch(NamingException e){ | |
195 | 0 | objCurrent=null; |
196 | } | |
197 | ||
198 | 2238 | try{ |
199 | 2238 | if (objCurrent instanceof ParsedToken) retToken[i]=(ParsedToken)objCurrent; |
200 | 1756 | else retToken[i]=tokenParser.decode(objCurrent); |
201 | //System.err.println("token["+i+"]="+retToken[i]); //************** | |
202 | }catch(PbaException e) | |
203 | { | |
204 | //System.err.println("token["+i+"] couldn't be parsed: "); //**************** | |
205 | //e.printStackTrace(); | |
206 | 0 | retToken[i]=null; |
207 | } | |
208 | ||
209 | } | |
210 | ||
211 | ||
212 | 1869 | return retToken; |
213 | } | |
214 | } |
|