From a7f4def785c9e169ebcb4785d7561505e47f3fc0 Mon Sep 17 00:00:00 2001 From: Sai Gandham Date: Mon, 2 Jul 2018 22:37:37 -0500 Subject: Moving Shiro modules to cadi repo Issue-ID: AAF-380 Change-Id: If1029a16958335277ff38cdbe5662b0a14ea439f Signed-off-by: Sai Gandham --- .../onap/aaf/cadi/shiro/AAFAuthenticationInfo.java | 90 ++++++++++++++++++++++ 1 file changed, 90 insertions(+) create mode 100644 shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFAuthenticationInfo.java (limited to 'shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFAuthenticationInfo.java') diff --git a/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFAuthenticationInfo.java b/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFAuthenticationInfo.java new file mode 100644 index 0000000..a1d304b --- /dev/null +++ b/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFAuthenticationInfo.java @@ -0,0 +1,90 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ +package org.onap.aaf.cadi.shiro; + +import java.nio.ByteBuffer; +import java.security.NoSuchAlgorithmException; +import java.security.SecureRandom; + +import org.apache.shiro.authc.AuthenticationInfo; +import org.apache.shiro.authc.AuthenticationToken; +import org.apache.shiro.authc.UsernamePasswordToken; +import org.apache.shiro.subject.PrincipalCollection; +import org.onap.aaf.cadi.Access; +import org.onap.aaf.cadi.Hash; +import org.onap.aaf.cadi.Access.Level; + +public class AAFAuthenticationInfo implements AuthenticationInfo { + private static final long serialVersionUID = -1502704556864321020L; + // We assume that Shiro is doing Memory Only, and this salt is not needed cross process + private final static int salt = new SecureRandom().nextInt(); + + private final AAFPrincipalCollection apc; + private final byte[] hash; + private Access access; + + public AAFAuthenticationInfo(Access access, String username, String password) { + this.access = access; + apc = new AAFPrincipalCollection(username); + hash = getSaltedCred(password); + } + @Override + public byte[] getCredentials() { + access.log(Level.DEBUG, "AAFAuthenticationInfo.getCredentials"); + return hash; + } + + @Override + public PrincipalCollection getPrincipals() { + access.log(Level.DEBUG, "AAFAuthenticationInfo.getPrincipals"); + return apc; + } + + public boolean matches(AuthenticationToken atoken) { + if(atoken instanceof UsernamePasswordToken) { + UsernamePasswordToken upt = (UsernamePasswordToken)atoken; + if(apc.getPrimaryPrincipal().getName().equals(upt.getPrincipal())) { + byte[] newhash = getSaltedCred(new String(upt.getPassword())); + if(newhash.length==hash.length) { + for(int i=0;i