/* | |
* Licensed to the Apache Software Foundation (ASF) under one | |
* or more contributor license agreements. See the NOTICE file | |
* distributed with this work for additional information | |
* regarding copyright ownership. The ASF licenses this file | |
* to you under the Apache License, Version 2.0 (the | |
* "License"); you may not use this file except in compliance | |
* with the License. You may obtain a copy of the License at | |
* | |
* http://www.apache.org/licenses/LICENSE-2.0 | |
* | |
* Unless required by applicable law or agreed to in writing, | |
* software distributed under the License is distributed on an | |
* * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY | |
* KIND, either express or implied. See the License for the | |
* specific language governing permissions and limitations | |
* under the License. | |
*/ | |
package org.apache.synapse.securevault; | |
import org.apache.axiom.om.OMElement; | |
import org.apache.synapse.securevault.secret.SecretCallbackHandler; | |
import org.apache.synapse.securevault.secret.SecretCallbackHandlerFactory; | |
import org.w3c.dom.NamedNodeMap; | |
import org.w3c.dom.Node; | |
import javax.xml.XMLConstants; | |
import javax.xml.namespace.QName; | |
import java.util.ArrayList; | |
import java.util.Arrays; | |
import java.util.List; | |
import java.util.Properties; | |
/** | |
* Factory for creating <code>SecretResolver</code> instances | |
*/ | |
public class SecretResolverFactory { | |
/** | |
* Creates an <code>SecretResolver</code> instance from an XML | |
* | |
* @param configuration <code>SecretResolver</code> configuration as XML object | |
* @param isCapLetter whether the XML element begins with a cap letter | |
* @return an <code>SecretResolver</code> instance | |
*/ | |
public static SecretResolver create(OMElement configuration, boolean isCapLetter) { | |
SecretResolver secretResolver = new SecretResolver(); | |
QName pwProviderQName; | |
QName protectedTokensQName; | |
QName pwManagerQName; | |
QName parentQName = configuration.getQName(); | |
String nsURI = parentQName != null ? parentQName.getNamespaceURI() : | |
XMLConstants.NULL_NS_URI; | |
String nsPrefix = parentQName != null ? parentQName.getPrefix() : | |
XMLConstants.DEFAULT_NS_PREFIX; | |
if (!isCapLetter) { | |
pwManagerQName = new QName(nsURI, SecurityConstants.PASSWORD_MANAGER_SIMPLE, nsPrefix); | |
pwProviderQName = new QName(nsURI, SecurityConstants.PASSWORD_PROVIDER_SIMPLE, | |
nsPrefix); | |
protectedTokensQName = new QName(nsURI, SecurityConstants.PROTECTED_TOKENS_SIMPLE, | |
nsPrefix); | |
} else { | |
pwManagerQName = new QName(nsURI, SecurityConstants.PASSWORD_MANAGER_CAP, nsPrefix); | |
pwProviderQName = new QName(nsURI, SecurityConstants.PASSWORD_PROVIDER_CAP, nsPrefix); | |
protectedTokensQName = new QName(nsURI, SecurityConstants.PROTECTED_TOKENS_CAP, | |
nsPrefix); | |
} | |
OMElement child = configuration.getFirstChildWithName(pwManagerQName); | |
if (child == null) { | |
return secretResolver; | |
} | |
OMElement passwordProviderElement = child.getFirstChildWithName(pwProviderQName); | |
if (passwordProviderElement != null) { | |
initPasswordManager(secretResolver, passwordProviderElement.getText()); | |
if (secretResolver.isInitialized()) { | |
OMElement protectedTokensElement = | |
child.getFirstChildWithName(protectedTokensQName); | |
if (protectedTokensElement != null) { | |
String value = protectedTokensElement.getText(); | |
if (value != null && value.trim().length() > 0) { | |
List<String> protectedTokens = new ArrayList<String>(Arrays | |
.asList(value.split(","))); | |
for (String token : protectedTokens) { | |
secretResolver.addProtectedToken(token); | |
} | |
} | |
} | |
} | |
} | |
return secretResolver; | |
} | |
/** | |
* Creates an <code>SecretResolver</code> instance from a set of property | |
* | |
* @param properties configuration properties | |
* @param propertyPrefix prefix to identify suitable configuration properties | |
* @return an <code>SecretResolver</code> instance | |
*/ | |
public static SecretResolver create(Properties properties, String propertyPrefix) { | |
SecretResolver secretResolver = new SecretResolver(); | |
String prefix = propertyPrefix; | |
if (propertyPrefix != null && !"".equals(propertyPrefix) && !propertyPrefix.endsWith(".")) { | |
prefix += "."; | |
} | |
initPasswordManager(secretResolver, properties.getProperty(prefix + | |
SecurityConstants.PASSWORD_PROVIDER_SIMPLE)); | |
if (secretResolver.isInitialized()) { | |
String protectedTokens = properties.getProperty(prefix + | |
SecurityConstants.PROTECTED_TOKENS_SIMPLE); | |
if (protectedTokens != null && !"".equals(protectedTokens.trim())) { | |
ArrayList<String> tokens = new ArrayList<String>(Arrays | |
.asList(protectedTokens.split(","))); | |
for (String token : tokens) { | |
secretResolver.addProtectedToken(token); | |
} | |
} | |
} | |
return secretResolver; | |
} | |
/** | |
* Creates an <code>SecretResolver</code> instance from a set of DOM Node | |
* | |
* @param namedNodeMap DOM node set | |
* @return an <code>SecretResolver</code> instance | |
*/ | |
public static SecretResolver create(NamedNodeMap namedNodeMap) { | |
SecretResolver secretResolver = new SecretResolver(); | |
Node namedItem = namedNodeMap.getNamedItem(SecurityConstants.PASSWORD_PROVIDER_SIMPLE); | |
if (namedItem != null) { | |
String passwordProvider = namedItem.getNodeValue(); | |
if (passwordProvider != null && passwordProvider.trim().length() > 0) { | |
initPasswordManager(secretResolver, passwordProvider); | |
} | |
} | |
if (secretResolver.isInitialized()) { | |
Node protectedTokenAttr = namedNodeMap.getNamedItem( | |
SecurityConstants.PROTECTED_TOKENS_SIMPLE); | |
ArrayList<String> protectedTokenList; | |
if (protectedTokenAttr != null) { | |
String protectedTokens = protectedTokenAttr.getNodeValue(); | |
if (protectedTokens != null && protectedTokens.trim().length() > 0) { | |
protectedTokenList = new ArrayList<String>(Arrays.asList(protectedTokens | |
.split(","))); | |
for (String token : protectedTokenList) { | |
if (token != null && !"".equals(token)) { | |
secretResolver.addProtectedToken(token); | |
} | |
} | |
} | |
} | |
} | |
return secretResolver; | |
} | |
private static void initPasswordManager(SecretResolver secretResolver, String provider) { | |
SecretCallbackHandler callbackHandler = | |
SecretCallbackHandlerFactory.createSecretCallbackHandler(provider); | |
if (callbackHandler != null) { | |
secretResolver.init(callbackHandler); | |
} | |
} | |
} |