SecureAccessTokenResolverFactory.java

package org.atricore.idbus.capabilities.atricoreid.connector.java;

import org.apache.commons.codec.binary.Base64;
import org.atricore.idbus.capabilities.atricoreid.common.AESTokenEncrypter;
import org.atricore.idbus.capabilities.atricoreid.common.HMACTokenSigner;

/**
 * Secure resolver factory, for now it fixes HMAC-SHA1 and AES for signing and encrypting
 *
 * @author <a href=mailto:sgonzalez@atricore.org>Sebastian Gonzalez Oyuela</a>
 */
public class SecureAccessTokenResolverFactory extends AccessTokenResolverFactory {

    public static final String SHARED_SECRECT_PROPERTY = "org.atricore.idbus.capabilities.atricoreid.key";

    public static final String SHARED_SECRECT_SIGN_PROPERTY = "org.atricore.idbus.capabilities.atricoreid.signKey";

    public static final String SHARED_SECRECT_ENC_PROPERTY = "org.atricore.idbus.capabilities.atricoreid.encryptKey";

    public static final String TOKEN_VALIDITY_INTERVAL_PROPERTY = "org.atricore.idbus.capabilities.atricoreid.accessTokenValidityInterval";

    public AccessTokenResolver doMakeResolver() {

        // Resolver
        SecureAccessTokenResolverImpl r = new SecureAccessTokenResolverImpl();
        String defaultKey = config.getProperty(SHARED_SECRECT_PROPERTY);
        String encKey = config.getProperty(SHARED_SECRECT_ENC_PROPERTY, defaultKey);
        String signKey = config.getProperty(SHARED_SECRECT_SIGN_PROPERTY, defaultKey);
        long tkValidityInterval = Long.parseLong(config.getProperty(TOKEN_VALIDITY_INTERVAL_PROPERTY, "0"));

        // HMAC Signer
        HMACTokenSigner signer = new HMACTokenSigner();
        signer.setKey(signKey);
        r.setTokenSigner(signer);

        // AES Encrypter
        AESTokenEncrypter encrypter = new AESTokenEncrypter();
        encrypter.setBase64key(encKey);
        r.setTokenEncrypter(encrypter);

        r.setTokenValidityInterval(tkValidityInterval);

        return r;

    }
}