metron-streaming/Metron-DataServices/src/main/java/org/apache/metron/dataservices/auth/AuthToken.java - metron - Git at Google

 /**
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements.  See the NOTICE file
  * distributed with this work for additional information
  * regarding copyright ownership.  The ASF licenses this file
  * to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance
  * with the License.  You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package org.apache.metron.dataservices.auth;

 import java.io.FileInputStream;
 import java.security.KeyStore;
 import java.util.Properties;

 import javax.crypto.Cipher;
 import javax.crypto.KeyGenerator;
 import javax.crypto.SecretKey;

 import org.apache.commons.cli.CommandLine;
 import org.apache.commons.cli.CommandLineParser;
 import org.apache.commons.cli.GnuParser;
 import org.apache.commons.cli.Options;
 import org.apache.commons.codec.binary.Base64;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

 public class AuthToken {

 	private static final Logger logger = LoggerFactory.getLogger( AuthToken.class );

 	public static String generateToken( final Properties configProps ) throws Exception
 	{

 		KeyStore ks = KeyStore.getInstance("JCEKS");
 		String keystoreFile = configProps.getProperty( "keystoreFile" );
 		logger.info( "keystoreFile: " + keystoreFile );

 		String keystorePassword = configProps.getProperty( "keystorePassword" );
 		logger.info( "keystorePassword: " + keystorePassword );

 		String keystoreAlias = configProps.getProperty( "authTokenAlias" );
 		logger.info( "keystoreAlias: " + keystoreAlias );

 		FileInputStream fis = null;
 		try {
 			fis = new FileInputStream( keystoreFile );
 			ks.load(fis, keystorePassword.toCharArray() );
 		}
 		catch( Exception e )
 		{
 			logger.error( "Error opening keyfile:", e );
 			throw e;
 		}
 		finally {
 			fis.close();
 		}

 		KeyStore.ProtectionParameter protParam =
 		        new KeyStore.PasswordProtection(keystorePassword.toCharArray());
 		KeyStore.SecretKeyEntry  secretKeyEntry = (KeyStore.SecretKeyEntry)ks.getEntry(keystoreAlias, protParam);

 		SecretKey key = secretKeyEntry.getSecretKey();


 		Cipher cipher = Cipher.getInstance("AES");
 		cipher.init(Cipher.ENCRYPT_MODE, key);
 		String tokenString = "Metron_AuthToken:" + System.currentTimeMillis();

 		byte[] encryptedData = cipher.doFinal(tokenString.getBytes());

 		String base64Token = new String( Base64.encodeBase64(encryptedData) );

 		// System.out.println( "base64Token: " + base64Token );

 		return base64Token;

 	}

 	public static boolean validateToken( final Properties configProps, String authToken ) throws Exception
 	{
 		KeyStore ks = KeyStore.getInstance("JCEKS");
 		String keystoreFile = configProps.getProperty( "keystoreFile" );
 		String keystorePassword = configProps.getProperty( "keystorePassword" );
 		String keystoreAlias = configProps.getProperty( "authTokenAlias" );
 		long tokenMaxAgeInMilliseconds = Long.parseLong( configProps.getProperty( "authTokenMaxAge", "600000" ));

 		FileInputStream fis = null;
 		try {
 			fis = new FileInputStream( keystoreFile );
 			ks.load(fis, keystorePassword.toCharArray() );
 		}
 		finally {
 			if( fis != null) {
 				fis.close();
 			}
 		}

 		KeyStore.ProtectionParameter protParam =
 		        new KeyStore.PasswordProtection(keystorePassword.toCharArray());
 		KeyStore.SecretKeyEntry  secretKeyEntry = (KeyStore.SecretKeyEntry)ks.getEntry(keystoreAlias, protParam);

 		SecretKey key = secretKeyEntry.getSecretKey();

 		Cipher cipher = Cipher.getInstance("AES");
 		cipher.init(Cipher.DECRYPT_MODE, key);

 		byte[] encryptedBytes = Base64.decodeBase64(authToken);

 		byte[] unencryptedBytes = cipher.doFinal(encryptedBytes);
 		String clearTextToken = new String( unencryptedBytes );

 		System.out.println( "clearTextToken: " + clearTextToken );
 		String[] tokenParts = clearTextToken.split( ":" );

 		if( tokenParts[0].equals( "Metron_AuthToken" ))
 		{
 			long now = System.currentTimeMillis();
 			long tokenTime = Long.parseLong(tokenParts[1]);

 			if( now > (tokenTime + tokenMaxAgeInMilliseconds ))
 			{
 				return false;
 			}
 			else
 			{
 				return true;
 			}
 		}
 		else
 		{
 			return false;
 		}

 	}

 	public static void main( String[] args ) throws Exception
 	{

     	Options options = new Options();

     	options.addOption( "keystoreFile", true, "Keystore File" );
     	options.addOption( "keystorePassword", true, "Keystore Password" );
     	options.addOption( "authTokenAlias", true, "");

     	CommandLineParser parser = new GnuParser();
     	CommandLine cmd = parser.parse( options, args);


 		try
 		{
 			KeyStore ks = KeyStore.getInstance("JCEKS");

 			String keystorePassword = cmd.getOptionValue("keystorePassword");
 			String keystoreFile = cmd.getOptionValue("keystoreFile");
 			String authTokenAlias = cmd.getOptionValue("authTokenAlias");

 			ks.load(null, keystorePassword.toCharArray());


 			// generate a key and store it in the keystore...
 			KeyGenerator keyGen = KeyGenerator.getInstance("AES");
 			SecretKey key = keyGen.generateKey();

 			KeyStore.ProtectionParameter protParam =
 			        new KeyStore.PasswordProtection(keystorePassword.toCharArray());


 			KeyStore.SecretKeyEntry skEntry =
 			        new KeyStore.SecretKeyEntry(key);

 			ks.setEntry(authTokenAlias, skEntry, protParam);

 			java.io.FileOutputStream fos = null;
 		    try {

 		    	fos = new java.io.FileOutputStream(keystoreFile);
 		        ks.store(fos, keystorePassword.toCharArray());
 		    }
 		    finally {

 		    	if (fos != null) {
 		            fos.close();
 		        }
 		    }


 		    System.out.println( "done" );

 		}
 		catch( Exception e )
 		{
 			e.printStackTrace();
 		}
 	}
 }
	/**
	* Licensed to the Apache Software Foundation (ASF) under one
	* or more contributor license agreements. See the NOTICE file
	* distributed with this work for additional information
	* regarding copyright ownership. The ASF licenses this file
	* to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance
	* with the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/
	package org.apache.metron.dataservices.auth;

	import java.io.FileInputStream;
	import java.security.KeyStore;
	import java.util.Properties;

	import javax.crypto.Cipher;
	import javax.crypto.KeyGenerator;
	import javax.crypto.SecretKey;

	import org.apache.commons.cli.CommandLine;
	import org.apache.commons.cli.CommandLineParser;
	import org.apache.commons.cli.GnuParser;
	import org.apache.commons.cli.Options;
	import org.apache.commons.codec.binary.Base64;
	import org.slf4j.Logger;
	import org.slf4j.LoggerFactory;

	public class AuthToken {

	private static final Logger logger = LoggerFactory.getLogger( AuthToken.class );

	public static String generateToken( final Properties configProps ) throws Exception
	{

	KeyStore ks = KeyStore.getInstance("JCEKS");
	String keystoreFile = configProps.getProperty( "keystoreFile" );
	logger.info( "keystoreFile: " + keystoreFile );

	String keystorePassword = configProps.getProperty( "keystorePassword" );
	logger.info( "keystorePassword: " + keystorePassword );

	String keystoreAlias = configProps.getProperty( "authTokenAlias" );
	logger.info( "keystoreAlias: " + keystoreAlias );

	FileInputStream fis = null;
	try {
	fis = new FileInputStream( keystoreFile );
	ks.load(fis, keystorePassword.toCharArray() );
	}
	catch( Exception e )
	{
	logger.error( "Error opening keyfile:", e );
	throw e;
	}
	finally {
	fis.close();
	}

	KeyStore.ProtectionParameter protParam =
	new KeyStore.PasswordProtection(keystorePassword.toCharArray());
	KeyStore.SecretKeyEntry secretKeyEntry = (KeyStore.SecretKeyEntry)ks.getEntry(keystoreAlias, protParam);

	SecretKey key = secretKeyEntry.getSecretKey();


	Cipher cipher = Cipher.getInstance("AES");
	cipher.init(Cipher.ENCRYPT_MODE, key);
	String tokenString = "Metron_AuthToken:" + System.currentTimeMillis();

	byte[] encryptedData = cipher.doFinal(tokenString.getBytes());

	String base64Token = new String( Base64.encodeBase64(encryptedData) );

	// System.out.println( "base64Token: " + base64Token );

	return base64Token;

	}

	public static boolean validateToken( final Properties configProps, String authToken ) throws Exception
	{
	KeyStore ks = KeyStore.getInstance("JCEKS");
	String keystoreFile = configProps.getProperty( "keystoreFile" );
	String keystorePassword = configProps.getProperty( "keystorePassword" );
	String keystoreAlias = configProps.getProperty( "authTokenAlias" );
	long tokenMaxAgeInMilliseconds = Long.parseLong( configProps.getProperty( "authTokenMaxAge", "600000" ));

	FileInputStream fis = null;
	try {
	fis = new FileInputStream( keystoreFile );
	ks.load(fis, keystorePassword.toCharArray() );
	}
	finally {
	if( fis != null) {
	fis.close();
	}
	}

	KeyStore.ProtectionParameter protParam =
	new KeyStore.PasswordProtection(keystorePassword.toCharArray());
	KeyStore.SecretKeyEntry secretKeyEntry = (KeyStore.SecretKeyEntry)ks.getEntry(keystoreAlias, protParam);

	SecretKey key = secretKeyEntry.getSecretKey();

	Cipher cipher = Cipher.getInstance("AES");
	cipher.init(Cipher.DECRYPT_MODE, key);

	byte[] encryptedBytes = Base64.decodeBase64(authToken);

	byte[] unencryptedBytes = cipher.doFinal(encryptedBytes);
	String clearTextToken = new String( unencryptedBytes );

	System.out.println( "clearTextToken: " + clearTextToken );
	String[] tokenParts = clearTextToken.split( ":" );

	if( tokenParts[0].equals( "Metron_AuthToken" ))
	{
	long now = System.currentTimeMillis();
	long tokenTime = Long.parseLong(tokenParts[1]);

	if( now > (tokenTime + tokenMaxAgeInMilliseconds ))
	{
	return false;
	}
	else
	{
	return true;
	}
	}
	else
	{
	return false;
	}

	}

	public static void main( String[] args ) throws Exception
	{

	Options options = new Options();

	options.addOption( "keystoreFile", true, "Keystore File" );
	options.addOption( "keystorePassword", true, "Keystore Password" );
	options.addOption( "authTokenAlias", true, "");

	CommandLineParser parser = new GnuParser();
	CommandLine cmd = parser.parse( options, args);


	try
	{
	KeyStore ks = KeyStore.getInstance("JCEKS");

	String keystorePassword = cmd.getOptionValue("keystorePassword");
	String keystoreFile = cmd.getOptionValue("keystoreFile");
	String authTokenAlias = cmd.getOptionValue("authTokenAlias");

	ks.load(null, keystorePassword.toCharArray());


	// generate a key and store it in the keystore...
	KeyGenerator keyGen = KeyGenerator.getInstance("AES");
	SecretKey key = keyGen.generateKey();

	KeyStore.ProtectionParameter protParam =
	new KeyStore.PasswordProtection(keystorePassword.toCharArray());


	KeyStore.SecretKeyEntry skEntry =
	new KeyStore.SecretKeyEntry(key);

	ks.setEntry(authTokenAlias, skEntry, protParam);

	java.io.FileOutputStream fos = null;
	try {

	fos = new java.io.FileOutputStream(keystoreFile);
	ks.store(fos, keystorePassword.toCharArray());
	}
	finally {

	if (fos != null) {
	fos.close();
	}
	}


	System.out.println( "done" );

	}
	catch( Exception e )
	{
	e.printStackTrace();
	}
	}
	}