diff --git a/src/main/java/org/gagauz/tapestry/security/AuthenticationService.java b/src/main/java/org/gagauz/tapestry/security/AuthenticationService.java index 947dc62..44a972b 100644 --- a/src/main/java/org/gagauz/tapestry/security/AuthenticationService.java +++ b/src/main/java/org/gagauz/tapestry/security/AuthenticationService.java @@ -1,19 +1,18 @@ package org.gagauz.tapestry.security; -import java.util.List; - import org.apache.tapestry5.ioc.annotations.Inject; import org.apache.tapestry5.services.ApplicationStateManager; import org.apache.tapestry5.services.Request; import org.apache.tapestry5.services.Session; -import org.gagauz.tapestry.security.api.Credentials; -import org.gagauz.tapestry.security.api.LoginHandler; -import org.gagauz.tapestry.security.api.LogoutHandler; +import org.gagauz.tapestry.security.api.AuthenticationHandler; +import org.gagauz.tapestry.security.api.LoginDetails; import org.gagauz.tapestry.security.api.User; import org.gagauz.tapestry.security.api.UserProvider; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import java.util.List; + public class AuthenticationService { private static final Logger log = LoggerFactory.getLogger(AuthenticationService.class); @@ -25,25 +24,19 @@ public class AuthenticationService { private ApplicationStateManager applicationStateManager; @Inject - private List loginHandlers; - - @Inject - private List logoutHandlers; + private List handlers; @Inject private Request request; - public User login(Credentials credentials) { + public User login(LoginDetails credentials) { User newUser = userProvider.findByCredentials(credentials); - - LoginResult result = null; - if (null != newUser) { User oldUser = applicationStateManager.getIfExists(newUser.getClass()); Class clz = newUser.getClass(); applicationStateManager.set(clz, newUser); } - for (LoginHandler handler : loginHandlers) { + for (AuthenticationHandler handler : handlers) { handler.handleLogin(newUser, credentials); } @@ -54,7 +47,7 @@ public void logout() { User user = applicationStateManager.getIfExists(User.class); - for (LogoutHandler handler : logoutHandlers) { + for (AuthenticationHandler handler : handlers) { handler.handleLogout(user); } diff --git a/src/main/java/org/gagauz/tapestry/security/LoginFailedResult.java b/src/main/java/org/gagauz/tapestry/security/LoginFailedResult.java deleted file mode 100644 index 13d5725..0000000 --- a/src/main/java/org/gagauz/tapestry/security/LoginFailedResult.java +++ /dev/null @@ -1,14 +0,0 @@ -package org.gagauz.tapestry.security; - -import org.gagauz.tapestry.security.api.Credentials; - -// TODO: Auto-generated Javadoc -/** - * The Class LoginFailedResult. - */ -public class LoginFailedResult { - - public LoginFailedResult(Credentials credentials) { - // TODO Auto-generated constructor stub - } -} diff --git a/src/main/java/org/gagauz/tapestry/security/LoginResult.java b/src/main/java/org/gagauz/tapestry/security/LoginResult.java deleted file mode 100644 index dfe78aa..0000000 --- a/src/main/java/org/gagauz/tapestry/security/LoginResult.java +++ /dev/null @@ -1,69 +0,0 @@ -package org.gagauz.tapestry.security; - -import org.gagauz.tapestry.security.api.User; - -// TODO: Auto-generated Javadoc -/** - * The Class LoginResult. - */ -public abstract class LoginResult { - - /** The user. */ - private User user; - - /** The old user. */ - private User oldUser; - - /** - * Instantiates a new login result. - * - * @param user the user - */ - public LoginResult(User user) { - this.user = user; - } - - /** - * Checks if is success. - * - * @return true, if is success - */ - public abstract boolean isSuccess(); - - /** - * Gets the user. - * - * @return the user - */ - public User getUser() { - return user; - } - - /** - * Gets the user. - * - * @param user the user - * @return the user - */ - public void getUser(User user) { - this.user = user; - } - - /** - * Gets the old user. - * - * @return the old user - */ - public User getOldUser() { - return oldUser; - } - - /** - * Sets the old user. - * - * @param oldUser the new old user - */ - public void setOldUser(User oldUser) { - this.oldUser = oldUser; - } -} diff --git a/src/main/java/org/gagauz/tapestry/security/LoginSuccessResult.java b/src/main/java/org/gagauz/tapestry/security/LoginSuccessResult.java deleted file mode 100644 index 3bce721..0000000 --- a/src/main/java/org/gagauz/tapestry/security/LoginSuccessResult.java +++ /dev/null @@ -1,27 +0,0 @@ -package org.gagauz.tapestry.security; - -import org.gagauz.tapestry.security.api.User; - -// TODO: Auto-generated Javadoc -/** - * The Class LoginSuccessResult. - */ -public class LoginSuccessResult extends LoginResult { - - /** - * Instantiates a new login success result. - * - * @param user the user - */ - public LoginSuccessResult(User user) { - super(user); - } - - /* (non-Javadoc) - * @see org.gagauz.tapestry.security.LoginResult#isSuccess() - */ - @Override - public boolean isSuccess() { - return true; - } -} \ No newline at end of file diff --git a/src/main/java/org/gagauz/tapestry/security/SecurityEncryptor.java b/src/main/java/org/gagauz/tapestry/security/SecurityEncryptor.java deleted file mode 100644 index 4fc241a..0000000 --- a/src/main/java/org/gagauz/tapestry/security/SecurityEncryptor.java +++ /dev/null @@ -1,127 +0,0 @@ -package org.gagauz.tapestry.security; - -import org.apache.commons.codec.binary.Base64; - -import javax.crypto.Cipher; -import javax.crypto.SecretKey; -import javax.crypto.SecretKeyFactory; -import javax.crypto.spec.PBEKeySpec; -import javax.crypto.spec.SecretKeySpec; - -import java.security.spec.KeySpec; -import java.util.ArrayList; -import java.util.Collection; - -// TODO: Auto-generated Javadoc -/** - * The Class SecurityEncryptor. - */ -public class SecurityEncryptor { - - /** The Constant JOIN_STR. */ - private static final String JOIN_STR = "\0"; - - /** The Constant ALGORITHM. */ - private static final String ALGORITHM = "AES"; - - /** The encrypt. */ - private final Cipher encrypt; - - /** The decrypt. */ - private final Cipher decrypt; - - /** The Constant CH. */ - private static final String CH = "latin1"; - - /** - * Instantiates a new security encryptor. - * - * @param passphrase the passphrase - */ - public SecurityEncryptor(String passphrase) { - try { - SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1"); - KeySpec spec = new PBEKeySpec(passphrase.toCharArray(), "sdfadsfds".getBytes(CH), 65536, 128); - SecretKey tmp = factory.generateSecret(spec); - SecretKey key = new SecretKeySpec(tmp.getEncoded(), ALGORITHM); - encrypt = Cipher.getInstance(ALGORITHM); - encrypt.init(Cipher.ENCRYPT_MODE, key); - - decrypt = Cipher.getInstance(ALGORITHM); - decrypt.init(Cipher.DECRYPT_MODE, key); - } catch (Exception e) { - throw new RuntimeException(e); - } - } - - /** - * Encrypt. - * - * @param valueToEnc the value to enc - * @return the string - */ - public String encrypt(String valueToEnc) { - try { - byte[] encValue = encrypt.doFinal(valueToEnc.getBytes(CH)); - System.out.println(Base64.encodeBase64String(encValue)); - return Base64.encodeBase64String(encValue); - } catch (Exception e) { - throw new RuntimeException(e); - } - } - - /** - * Decrypt. - * - * @param encryptedValue the encrypted value - * @return the string - */ - public String decrypt(String encryptedValue) { - try { - byte[] decordedValue = Base64.decodeBase64(encryptedValue.getBytes(CH)); - byte[] decValue = decrypt.doFinal(decordedValue); - return new String(decValue); - } catch (Exception e) { - throw new RuntimeException(e); - } - } - - /** - * Encrypt array. - * - * @param strings the strings - * @return the string - */ - public String encryptArray(Collection strings) { - return encryptArray(new ArrayList(strings).toArray(new String[strings.size()])); - } - - /** - * Encrypt array. - * - * @param strings the strings - * @return the string - */ - public String encryptArray(String... strings) { - if (strings.length == 0) { - return encrypt(""); - } - StringBuilder sb = new StringBuilder(strings[0]); - for (int i = 1; i < strings.length; i++) { - sb.append(JOIN_STR).append(strings[i]); - } - return encrypt(sb.toString()); - } - - /** - * Decrypt array. - * - * @param string the string - * @return the string[] - */ - public String[] decryptArray(String string) { - string = decrypt(string); - return string.split(JOIN_STR); - } - -} diff --git a/src/main/java/org/gagauz/tapestry/security/api/AccessAttribute.java b/src/main/java/org/gagauz/tapestry/security/api/AccessAttribute.java index 40a30a4..d3009dc 100644 --- a/src/main/java/org/gagauz/tapestry/security/api/AccessAttribute.java +++ b/src/main/java/org/gagauz/tapestry/security/api/AccessAttribute.java @@ -1,5 +1,6 @@ package org.gagauz.tapestry.security.api; public interface AccessAttribute { - + public static final AccessAttribute EMPTY_ATTRIBUTE = new AccessAttribute() { + }; } diff --git a/src/main/java/org/gagauz/tapestry/security/api/AuthenticationHandler.java b/src/main/java/org/gagauz/tapestry/security/api/AuthenticationHandler.java new file mode 100644 index 0000000..d6e8eff --- /dev/null +++ b/src/main/java/org/gagauz/tapestry/security/api/AuthenticationHandler.java @@ -0,0 +1,7 @@ +package org.gagauz.tapestry.security.api; + +public interface AuthenticationHandler { + void handleLogin(User newUser, T credentials); + + void handleLogout(User user); +} diff --git a/src/main/java/org/gagauz/tapestry/security/api/Credentials.java b/src/main/java/org/gagauz/tapestry/security/api/Credentials.java deleted file mode 100644 index e627eeb..0000000 --- a/src/main/java/org/gagauz/tapestry/security/api/Credentials.java +++ /dev/null @@ -1,8 +0,0 @@ -package org.gagauz.tapestry.security.api; - -/** - * The Interface Credentials. - */ -public interface Credentials { - -} diff --git a/src/main/java/org/gagauz/tapestry/security/api/LoginDetails.java b/src/main/java/org/gagauz/tapestry/security/api/LoginDetails.java new file mode 100644 index 0000000..c8417e8 --- /dev/null +++ b/src/main/java/org/gagauz/tapestry/security/api/LoginDetails.java @@ -0,0 +1,5 @@ +package org.gagauz.tapestry.security.api; + +public interface LoginDetails { + +} diff --git a/src/main/java/org/gagauz/tapestry/security/api/LoginHandler.java b/src/main/java/org/gagauz/tapestry/security/api/LoginHandler.java deleted file mode 100644 index dc5d85e..0000000 --- a/src/main/java/org/gagauz/tapestry/security/api/LoginHandler.java +++ /dev/null @@ -1,5 +0,0 @@ -package org.gagauz.tapestry.security.api; - -public interface LoginHandler { - void handleLogin(User newUser, Credentials credentials); -} diff --git a/src/main/java/org/gagauz/tapestry/security/api/LogoutHandler.java b/src/main/java/org/gagauz/tapestry/security/api/LogoutHandler.java deleted file mode 100644 index 58f6e06..0000000 --- a/src/main/java/org/gagauz/tapestry/security/api/LogoutHandler.java +++ /dev/null @@ -1,5 +0,0 @@ -package org.gagauz.tapestry.security.api; - -public interface LogoutHandler { - void handleLogout(User user); -} diff --git a/src/main/java/org/gagauz/tapestry/security/api/UserProvider.java b/src/main/java/org/gagauz/tapestry/security/api/UserProvider.java index 1f274ca..c7bbaaf 100644 --- a/src/main/java/org/gagauz/tapestry/security/api/UserProvider.java +++ b/src/main/java/org/gagauz/tapestry/security/api/UserProvider.java @@ -1,6 +1,5 @@ package org.gagauz.tapestry.security.api; -public interface UserProvider { - - T findByCredentials(Credentials credentials); +public interface UserProvider { + User findByCredentials(T credentials); } diff --git a/src/main/java/org/gagauz/tapestry/security/components/IfAuthorized.java b/src/main/java/org/gagauz/tapestry/security/components/IfAuthorized.java index b2b466d..938e5eb 100644 --- a/src/main/java/org/gagauz/tapestry/security/components/IfAuthorized.java +++ b/src/main/java/org/gagauz/tapestry/security/components/IfAuthorized.java @@ -7,10 +7,6 @@ import org.gagauz.tapestry.security.api.AccessAttribute; import org.gagauz.tapestry.security.api.AccessAttributeChecker; -// TODO: Auto-generated Javadoc -/** - * The Class IfAuthorized. - */ public class IfAuthorized extends AbstractConditional { /** The roles. */ @@ -22,8 +18,11 @@ public class IfAuthorized extends AbstractConditional { @Override protected boolean test() { + AccessAttribute accessAttribute = null == attribute + ? AccessAttribute.EMPTY_ATTRIBUTE + : attribute; try { - accessAttributeChecker.check(attribute); + accessAttributeChecker.check(accessAttribute); } catch (AccessDeniedException e) { return false; }