OUserSymmetricKeyConfig.java example

Explorer
orientdb-master
/*
 *
 *  *  Copyright 2016 OrientDB LTD
 *  *
 *  *  Licensed under the Apache License, Version 2.0 (the "License");
 *  *  you may not use this file except in compliance with the License.
 *  *  You may obtain a copy of the License at
 *  *
 *  *       http://www.apache.org/licenses/LICENSE-2.0
 *  *
 *  *  Unless required by applicable law or agreed to in writing, software
 *  *  distributed under the License is distributed on an "AS IS" BASIS,
 *  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 *  *  See the License for the specific language governing permissions and
 *  *  limitations under the License.
 *  *
 *  * For more information: http://www.orientdb.com
 *
 */
package com.orientechnologies.orient.core.security.symmetrickey;

import com.orientechnologies.common.log.OLogManager;
import com.orientechnologies.orient.core.db.record.OIdentifiable;
import com.orientechnologies.orient.core.metadata.security.OUser;
import com.orientechnologies.orient.core.record.impl.ODocument;
import com.orientechnologies.orient.core.security.symmetrickey.OSymmetricKeyConfig;
import com.orientechnologies.orient.core.exception.OSecurityException;

import java.util.Map;

/**
 * Implements the OSymmetricKeyConfig interface for OUser records.
 * The constructor looks for a "properties" field on the OUser document.
 * The "properties" field should be a JSON document containing the OSymmetricKey-specific fields.
 * 
 * @author S. Colin Leister
 * 
 */
public class OUserSymmetricKeyConfig implements OSymmetricKeyConfig {
  private String keyString;
  private String keyFile;
  private String keyAlgorithm;
  private String keystoreFile;
  private String keystorePassword;
  private String keystoreKeyAlias;
  private String keystoreKeyPassword;

  // OSymmetricKeyConfig
  public String getKeyString() { return keyString; }
  public String getKeyFile() { return keyFile; }
  public String getKeyAlgorithm() { return keyAlgorithm; }
  public String getKeystoreFile() { return keystoreFile; }
  public String getKeystorePassword() { return keystorePassword; }
  public String getKeystoreKeyAlias() { return keystoreKeyAlias; }
  public String getKeystoreKeyPassword() { return keystoreKeyPassword; }
  // OSymmetricKeyConfig
  public boolean usesKeyString() { return keyString != null && !keyString.isEmpty() && keyAlgorithm != null && !keyAlgorithm.isEmpty(); }
  public boolean usesKeyFile() { return keyFile != null && !keyFile.isEmpty() && keyAlgorithm != null && !keyAlgorithm.isEmpty(); }
  public boolean usesKeystore() { return keystoreFile != null && !keystoreFile.isEmpty() && keystoreKeyAlias != null && !keystoreKeyAlias.isEmpty(); }
  //////////

  public OUserSymmetricKeyConfig(final OUser user) {
    if(user == null) throw new OSecurityException("OUserSymmetricKeyConfig() OUser is null");

    OIdentifiable id = user.getIdentity();
    	  	 
    if(!(id instanceof ODocument)) throw new OSecurityException("OUserSymmetricKeyConfig() Identity is not an ODocument");
    
    ODocument doc = (ODocument)id;
   	  	   
    ODocument props = doc.field("properties");

    if(props == null) throw new OSecurityException("OUserSymmetricKeyConfig() OUser properties is null");

    this.keyString = props.field("key");
    
    // "keyString" has priority over "keyFile" and "keystore".
    if(this.keyString != null) {
    	// If "key" is used, "keyAlgorithm" is also required.
    	this.keyAlgorithm = props.field("keyAlgorithm");

    	if(this.keyAlgorithm == null) throw new OSecurityException("OUserSymmetricKeyConfig() keyAlgorithm is required with key");
    }
    else {
      this.keyFile = props.field("keyFile");
      
      // "keyFile" has priority over "keyStore".      
      
      if(this.keyFile != null) {
        // If "keyFile" is used, "keyAlgorithm" is also required.
        this.keyAlgorithm = props.field("keyAlgorithm");

        if(this.keyAlgorithm == null) throw new OSecurityException("OUserSymmetricKeyConfig() keyAlgorithm is required with keyFile");
      }
      else {
        Map<String, Object> ksMap = props.field("keyStore");
        
        ODocument ksDoc = new ODocument().fromMap(ksMap);
        
        if(ksDoc == null) throw new OSecurityException("OUserSymmetricKeyConfig() key, keyFile, and keyStore cannot all be null");

        this.keystoreFile = ksDoc.field("file");
        this.keystorePassword = ksDoc.field("passsword");
        this.keystoreKeyAlias = ksDoc.field("keyAlias");
        this.keystoreKeyPassword = ksDoc.field("keyPassword");
        
        if(this.keystoreFile == null) throw new OSecurityException("OUserSymmetricKeyConfig() keyStore.file is required");
        if(this.keystoreKeyAlias == null) throw new OSecurityException("OUserSymmetricKeyConfig() keyStore.keyAlias is required");
      }
    }
  }
}