Esempio n. 1
0
  public static RpslObject translateAuth(
      final RpslObject rpslObject, final AuthTranslator authTranslator) {
    if (!rpslObject.containsAttribute(AttributeType.AUTH)) { // IRT also has auth:
      return rpslObject;
    }

    final Map<RpslAttribute, RpslAttribute> replace = Maps.newHashMap();
    for (RpslAttribute authAttribute : rpslObject.findAttributes(AttributeType.AUTH)) {
      final Iterator<String> authIterator =
          SPACE_SPLITTER.split(authAttribute.getCleanValue()).iterator();
      final String authType = authIterator.next().toUpperCase();
      if (authIterator.hasNext()) {
        final String authToken = authIterator.next();
        final RpslAttribute result = authTranslator.translate(authType, authToken, authAttribute);
        if (result != null) {
          replace.put(authAttribute, result);
        }
      }
    }

    if (replace.isEmpty()) {
      return rpslObject;
    } else {
      return new RpslObjectBuilder(rpslObject).replaceAttributes(replace).get();
    }
  }
  @Override
  public List<RpslObject> authenticate(
      final PreparedUpdate update, final UpdateContext updateContext) {
    final RpslObject updatedObject = update.getUpdatedObject();
    final RpslAttribute typeAttribute = updatedObject.getTypeAttribute();
    final IpInterval addressPrefix = IpInterval.parse(typeAttribute.getCleanValue());

    final List<RpslObject> ipObjects = getIpObjects(addressPrefix);
    if (ipObjects.isEmpty()) {
      throw new AuthenticationFailedException(
          UpdateMessages.authenticationFailed(
              updatedObject, typeAttribute.getType(), Collections.<RpslObject>emptyList()),
          Collections.<RpslObject>emptyList());
    }

    final Set<RpslObject> allCandidates = Sets.newLinkedHashSet();
    final List<Message> authenticationMessages = Lists.newArrayList();

    for (final RpslObject ipObject : ipObjects) {
      if (ipObject.containsAttribute(AttributeType.MNT_ROUTES)) {
        final List<RpslObject> candidates =
            getCandidatesForMntRoutesAuthentication(ipObject, update);
        allCandidates.addAll(candidates);

        final List<RpslObject> authenticated =
            authenticationModule.authenticate(update, updateContext, candidates);
        if (authenticated.isEmpty()) {
          authenticationMessages.add(
              UpdateMessages.authenticationFailed(ipObject, AttributeType.MNT_ROUTES, candidates));
        } else {
          return authenticated;
        }
      }
    }

    if (!authenticationMessages.isEmpty()) {
      throw new AuthenticationFailedException(authenticationMessages, allCandidates);
    }

    for (final RpslObject ipObject : ipObjects) {
      final IpInterval ipInterval = IpInterval.parse(ipObject.getTypeAttribute().getCleanValue());
      if (!addressPrefix.equals(ipInterval)
          && ipObject.containsAttribute(AttributeType.MNT_LOWER)) {
        final List<RpslObject> candidates =
            objectDao.getByKeys(
                ObjectType.MNTNER, ipObject.getValuesForAttribute(AttributeType.MNT_LOWER));
        allCandidates.addAll(candidates);

        final List<RpslObject> authenticated =
            authenticationModule.authenticate(update, updateContext, candidates);
        if (authenticated.isEmpty()) {
          authenticationMessages.add(
              UpdateMessages.authenticationFailed(ipObject, AttributeType.MNT_LOWER, candidates));
        } else {
          return authenticated;
        }
      }
    }

    if (!authenticationMessages.isEmpty()) {
      throw new AuthenticationFailedException(authenticationMessages, allCandidates);
    }

    for (final RpslObject ipObject : ipObjects) {
      if (ipObject.containsAttribute(AttributeType.MNT_BY)) {
        final List<RpslObject> candidates =
            objectDao.getByKeys(
                ObjectType.MNTNER, ipObject.getValuesForAttribute(AttributeType.MNT_BY));
        allCandidates.addAll(candidates);

        final List<RpslObject> authenticated =
            authenticationModule.authenticate(update, updateContext, candidates);
        if (authenticated.isEmpty()) {
          authenticationMessages.add(
              UpdateMessages.authenticationFailed(ipObject, AttributeType.MNT_BY, candidates));
        } else {
          return authenticated;
        }
      }
    }

    if (!authenticationMessages.isEmpty()) {
      throw new AuthenticationFailedException(authenticationMessages, allCandidates);
    }

    throw new AuthenticationFailedException(
        UpdateMessages.authenticationFailed(
            updatedObject, typeAttribute.getType(), Collections.<RpslObject>emptyList()),
        allCandidates);
  }