SimplePropertyFileUserVerifier.java

/*******************************************************************************
 * Copyright (c) 2008-2015 Chair for Applied Software Engineering,
 * Technische Universitaet Muenchen.
 * All rights reserved. This program and the accompanying materials
 * are made available under the terms of the Eclipse Public License v1.0
 * which accompanies this distribution, and is available at
 * http://www.eclipse.org/legal/epl-v10.html
 *
 * Contributors:
 * Otto von Wesendonk - initial API and implementation
 ******************************************************************************/
package org.eclipse.emf.emfstore.internal.server.accesscontrol.authentication.verifiers;

import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Properties;

import org.eclipse.emf.emfstore.internal.common.model.util.ModelUtil;
import org.eclipse.emf.emfstore.internal.server.exceptions.AccessControlException;
import org.eclipse.emf.emfstore.internal.server.exceptions.FatalESException;
import org.eclipse.emf.emfstore.server.model.ESOrgUnitProvider;

/**
 * This verifier can be used to store user and passwords in a property file. Entries in the property file look should
 * look like this: <b>user = password</b>
 *
 * @author wesendonk
 */
public class SimplePropertyFileUserVerifier extends UserVerifier {

	private final Properties passwordFile;

	private final Hash hash;

	private final String filePath;

	/**
	 * Hash algorithms supported by SPFV verifier.
	 *
	 * @author wesendon
	 */
	public enum Hash {
		/**
		 * NONE - no hash, MD5 - md5 hash, SHA1 - sha1 hash.
		 */
		NONE, MD5, SHA1
	}

	/**
	 * Default constructor. No hash will be used for passwords
	 *
	 * @param orgUnitProvider
	 *            provides access to users and groups
	 * @param propertyFilePath
	 *            path to file
	 * @throws FatalESException in case of failure
	 */
	public SimplePropertyFileUserVerifier(ESOrgUnitProvider orgUnitProvider, String propertyFilePath)
		throws FatalESException {
		this(orgUnitProvider, propertyFilePath, Hash.NONE);
	}

	/**
	 * Constructor with ability to select hash algorithm for password.
	 *
	 * @param orgUnitProvider
	 *            provides access to users and groups
	 * @param propertyFilePath
	 *            path to file
	 * @param hash
	 *            selected hash
	 * @throws FatalESException if hash is null
	 */
	public SimplePropertyFileUserVerifier(ESOrgUnitProvider orgUnitProvider, String propertyFilePath, Hash hash)
		throws FatalESException {
		super(orgUnitProvider);
		filePath = propertyFilePath;
		if (hash == null) {
			throw new FatalESException(Messages.SimplePropertyFileVerifier_HashMayNotBeNull);
		}
		this.hash = hash;

		passwordFile = new Properties();
		loadPasswordFile(propertyFilePath);
	}

	private void loadPasswordFile(String filePath) {
		final File propertyFile = new File(filePath);
		FileInputStream fis = null;
		try {
			fis = new FileInputStream(propertyFile);
			passwordFile.load(fis);
		} catch (final IOException e) {
			ModelUtil.logInfo(Messages.SimplePropertyFileVerifier_CouldNotLoadPasswordFile + filePath);
			// Run with empty password file
			// throw new AccessControlException("Couldn't load password file from path: "+filePath);
		} finally {
			if (fis != null) {
				try {
					fis.close();
				} catch (final IOException e) {
					ModelUtil.logInfo("Couldn't load password file from path: " + filePath); //$NON-NLS-1$
				}
			}
		}
	}

	/**
	 *
	 * {@inheritDoc}
	 *
	 * @see org.eclipse.emf.emfstore.internal.server.accesscontrol.authentication.verifiers.PasswordVerifier#verifyPassword(org.eclipse.emf.emfstore.internal.server.model.accesscontrol.ACUser,
	 *      java.lang.String, java.lang.String)
	 */
	@Override
	protected boolean verifyPassword(String username, String password)
		throws AccessControlException {
		loadPasswordFile(filePath);
		final String expectedPassword = passwordFile.getProperty(username);
		password = hashPassword(password);
		if (expectedPassword == null || !expectedPassword.equals(password)) {
			return false;
		}
		return true;
	}

	private String hashPassword(String password) {

		if (password == null || hash.equals(Hash.NONE)) {
			return password;
		}

		try {
			MessageDigest md = null;
			switch (hash) {
			case SHA1:
				md = MessageDigest.getInstance("SHA-1"); //$NON-NLS-1$
				break;
			case MD5:
				md = MessageDigest.getInstance("MD5"); //$NON-NLS-1$
				break;
			default:
			}
			if (md != null) {
				return new String(md.digest(password.getBytes()));
			}
		} catch (final NoSuchAlgorithmException e) {
		}

		return null;
	}

	/**
	 *
	 * {@inheritDoc}
	 * 
	 * @see org.eclipse.emf.emfstore.server.auth.ESUserVerifier#init(org.eclipse.emf.emfstore.server.model.ESOrgUnitProvider)
	 */
	public void init(ESOrgUnitProvider orgUnitProvider) {

	}
}