diff options
Diffstat (limited to 'cadi/core/src/main/java/org/onap/ccsdk/apps/cadi/principal/X509Principal.java')
-rw-r--r-- | cadi/core/src/main/java/org/onap/ccsdk/apps/cadi/principal/X509Principal.java | 112 |
1 files changed, 112 insertions, 0 deletions
diff --git a/cadi/core/src/main/java/org/onap/ccsdk/apps/cadi/principal/X509Principal.java b/cadi/core/src/main/java/org/onap/ccsdk/apps/cadi/principal/X509Principal.java new file mode 100644 index 00000000..245b27a9 --- /dev/null +++ b/cadi/core/src/main/java/org/onap/ccsdk/apps/cadi/principal/X509Principal.java @@ -0,0 +1,112 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.ccsdk + * =========================================================================== + * Copyright (c) 2023 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.ccsdk.apps.cadi.principal; + +import java.io.IOException; +import java.security.cert.CertificateEncodingException; +import java.security.cert.X509Certificate; +import java.util.regex.Pattern; + +import org.onap.ccsdk.apps.cadi.GetCred; +import org.onap.ccsdk.apps.cadi.taf.basic.BasicHttpTaf; + +public class X509Principal extends BearerPrincipal implements GetCred { + private static final Pattern pattern = Pattern.compile("[a-zA-Z0-9]*\\@[a-zA-Z0-9.]*"); + private final X509Certificate cert; + private final String name; + private byte[] content; + private BasicHttpTaf bht; + + public X509Principal(String identity, X509Certificate cert) { + name = identity; + content = null; + this.cert = cert; + } + + public X509Principal(String identity, X509Certificate cert, byte[] content, BasicHttpTaf bht) { + name = identity; + this.content = content; + this.cert = cert; + this.bht = bht; + } + + public X509Principal(X509Certificate cert, byte[] content, BasicHttpTaf bht) throws IOException { + this.content=content; + this.cert = cert; + String _name = null; + String subj = cert.getSubjectDN().getName(); + int cn = subj.indexOf("OU="); + if (cn>=0) { + cn+=3; + int space = subj.indexOf(',',cn); + if (space>=0) { + String id = subj.substring(cn, space); + if (pattern.matcher(id).matches()) { + _name = id; + } + } + } + if (_name==null) { + throw new IOException("X509 does not have Identity as CN"); + } + name = _name; + this.bht = bht; + } + + public String getAsHeader() throws IOException { + try { + if (content==null) { + content=cert.getEncoded(); + } + } catch (CertificateEncodingException e) { + throw new IOException(e); + } + return "X509 " + content; + } + + public String toString() { + return "X509 Authentication for " + name; + } + + + public byte[] getCred() { + try { + return content==null?(content=cert.getEncoded()):content; + } catch (CertificateEncodingException e) { + return null; + } + } + + public String getName() { + return name; + } + + @Override + public String tag() { + return "x509"; + } + + public BasicHttpTaf getBasicHttpTaf() { + return bht; + } + +} |