Пример #1
0
 private void processCredentialElement(
     OMElement bamServerConfig, BAMServerProfile bamServerProfile) throws CryptoException {
   OMElement credentialElement =
       bamServerConfig.getFirstChildWithName(
           new QName(BPELConstants.BAM_SERVER_PROFILE_NS, "Credential"));
   if (credentialElement != null) {
     OMAttribute userNameAttr = credentialElement.getAttribute(new QName("userName"));
     OMAttribute passwordAttr = credentialElement.getAttribute(new QName("password"));
     // OMAttribute secureAttr = credentialElement.getAttribute(new QName("secure"));
     if (userNameAttr != null
         && passwordAttr != null
         && /*secureAttr != null &&*/ !userNameAttr.getAttributeValue().equals("")
         && !passwordAttr.getAttributeValue().equals("")
     /*&& !secureAttr.getAttributeValue().equals("")*/ ) {
       bamServerProfile.setUserName(userNameAttr.getAttributeValue());
       bamServerProfile.setPassword(
           new String(
               CryptoUtil.getDefaultCryptoUtil()
                   .base64DecodeAndDecrypt(passwordAttr.getAttributeValue())));
     } else {
       String errMsg = "Username or Password not found for BAM server profile: " + profileLocation;
       handleError(errMsg);
     }
   } else {
     String errMsg = "Credentials not found for BAM server profile: " + profileLocation;
     handleError(errMsg);
   }
 }
  /**
   * This method generates the keypair and stores it in the keystore
   *
   * @param keyStore A keystore instance
   * @return Generated public key for the tenant
   * @throws KeyStoreMgtException Error when generating key pair
   */
  private X509Certificate generateKeyPair(KeyStore keyStore) throws KeyStoreMgtException {
    try {
      CryptoUtil.getDefaultCryptoUtil();
      // generate key pair
      KeyPairGenerator keyPairGenerator = null;
      keyPairGenerator = KeyPairGenerator.getInstance("RSA");
      keyPairGenerator.initialize(1024);
      KeyPair keyPair = keyPairGenerator.generateKeyPair();

      // Common Name and alias for the generated certificate
      String commonName = "CN=" + tenantDomain + ", OU=None, O=None L=None, C=None";

      // generate certificates
      X509V3CertificateGenerator v3CertGen = new X509V3CertificateGenerator();
      v3CertGen.setSerialNumber(BigInteger.valueOf(new SecureRandom().nextInt()));
      v3CertGen.setIssuerDN(new X509Principal(commonName));
      v3CertGen.setNotBefore(new Date(System.currentTimeMillis() - 1000L * 60 * 60 * 24 * 30));
      v3CertGen.setNotAfter(
          new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 * 365 * 10)));
      v3CertGen.setSubjectDN(new X509Principal(commonName));
      v3CertGen.setPublicKey(keyPair.getPublic());
      v3CertGen.setSignatureAlgorithm("MD5WithRSAEncryption");
      X509Certificate PKCertificate = v3CertGen.generateX509Certificate(keyPair.getPrivate());

      // add private key to KS
      keyStore.setKeyEntry(
          tenantDomain,
          keyPair.getPrivate(),
          password.toCharArray(),
          new java.security.cert.Certificate[] {PKCertificate});
      return PKCertificate;
    } catch (Exception ex) {
      String msg = "Error while generating the certificate for tenant :" + tenantDomain + ".";
      log.error(msg, ex);
      throw new KeyStoreMgtException(msg, ex);
    }
  }
Пример #3
0
  /**
   * method to persist credentials of a jira account
   *
   * @param registry Registry
   * @param accountInfo AccountInfo
   * @throws IssueTrackerException thrown id unable to store resources in the registry
   */
  public static void persistCredentials(Registry registry, AccountInfo accountInfo)
      throws IssueTrackerException {

    Resource resource = null;

    String path = IssueTrackerConstants.ISSUE_TRACKERS_RESOURCE_PATH + accountInfo.getKey();

    try {
      // if the collection does not exist create one
      if (!registry.resourceExists(IssueTrackerConstants.ISSUE_TRACKERS_RESOURCE_PATH)) {
        Collection collection = registry.newCollection();
        registry.put(IssueTrackerConstants.ISSUE_TRACKERS_RESOURCE_PATH, collection);
      }

      // get registry resource
      if (registry.resourceExists(path)) {
        resource = registry.get(path);
      } else {
        resource = registry.newResource();
      }
    } catch (RegistryException e) {
      ExceptionHandler.handleException("Error accessing registry", e, log);
    }

    // get credentials from account info
    GenericCredentials credentials;
    credentials = accountInfo.getCredentials();

    // set properties of the registry resources
    if (resource != null) {
      resource.addProperty(IssueTrackerConstants.ACCOUNT_KEY, accountInfo.getKey());
      resource.addProperty(IssueTrackerConstants.ISSUE_TRACKER_URL, credentials.getUrl());
      resource.addProperty(IssueTrackerConstants.ACCOUNT_LOGIN_USERNAME, credentials.getUsername());
      resource.addProperty(IssueTrackerConstants.ACCOUNT_EMAIL, accountInfo.getEmail());
      resource.addProperty(IssueTrackerConstants.ACCOUNT_UID, accountInfo.getUid());
      resource.addProperty(
          IssueTrackerConstants.HAS_SUPPORT_ACCOUNT,
          String.valueOf(accountInfo.isHasSupportAccount()));

      // set properties related with automatic reporting
      if (accountInfo.isAutoReportingEnable()) {

        AutoReportingSettings settings = accountInfo.getAutoReportingSettings();
        resource.addProperty(
            IssueTrackerConstants.AUTO_REPORTING, IssueTrackerConstants.IS_AUTO_REPORTING_ENABLED);
        resource.addProperty(
            IssueTrackerConstants.AUTO_REPORTING_PROJECT, settings.getProjectName());
        resource.addProperty(IssueTrackerConstants.AUTO_REPORTING_PRIORITY, settings.getPriority());
        resource.addProperty(
            IssueTrackerConstants.AUTO_REPORTING_ISSUE_TYPE, settings.getIssueType());

      } else {
        resource.addProperty(
            IssueTrackerConstants.AUTO_REPORTING, IssueTrackerConstants.IS_AUTO_REPORTING_DISABLED);
      }

      // encrypt and store password
      String password = credentials.getPassword();

      if (null != password && !"".equals(password)) {
        byte[] bytes = (password).getBytes();

        try {
          String base64String = CryptoUtil.getDefaultCryptoUtil().encryptAndBase64Encode(bytes);
          resource.addProperty(
              IssueTrackerConstants.ACCOUNT_PASSWORD_HIDDEN_PROPERTY, base64String);
        } catch (org.wso2.carbon.core.util.CryptoException e) {
          ExceptionHandler.handleException("Error accessing registry", e, log);
        }
      }
    }

    // put resource to registry
    try {
      registry.put(path, resource);
    } catch (RegistryException e) {
      ExceptionHandler.handleException("Error while persisting accountInfo", e, log);
    }
  }
Пример #4
0
  /**
   * method to get stored accounts from registry
   *
   * @param registry Registry
   * @return list of AccountInfo
   * @throws IssueTrackerException thrown if unable to obtain resources from registry
   */
  public static List<AccountInfo> getAccounts(Registry registry) throws IssueTrackerException {

    List<AccountInfo> accounts = new ArrayList<AccountInfo>();
    try {

      // check whether resources exist at the registry path
      if (registry.resourceExists(IssueTrackerConstants.ISSUE_TRACKERS_RESOURCE_PATH)) {

        // get the collection
        Collection collection =
            (Collection) registry.get(IssueTrackerConstants.ISSUE_TRACKERS_RESOURCE_PATH);

        if (null != collection) {

          // get paths of resources in the collection
          String[] paths = collection.getChildren();

          // for each resource construct the corresponding AccountInfo instance and add it to the
          // list
          for (String path : paths) {

            AccountInfo accountInfo = new AccountInfo();
            GenericCredentials credentials = new GenericCredentials();

            if (registry.resourceExists(path)) {
              Resource resource = registry.get(path);

              List<String> accountPropertySet =
                  resource.getPropertyValues(IssueTrackerConstants.ACCOUNT_KEY);
              accountInfo.setKey(accountPropertySet.get(accountPropertySet.size() - 1));

              List<String> urlPropertySet =
                  resource.getPropertyValues(IssueTrackerConstants.ISSUE_TRACKER_URL);
              String url = urlPropertySet.get(urlPropertySet.size() - 1);

              List<String> usernamePropertySet =
                  resource.getPropertyValues(IssueTrackerConstants.ACCOUNT_LOGIN_USERNAME);
              String username = usernamePropertySet.get(usernamePropertySet.size() - 1);

              List<String> emailPropertySet =
                  resource.getPropertyValues(IssueTrackerConstants.ACCOUNT_EMAIL);
              String email = emailPropertySet.get(emailPropertySet.size() - 1);

              List<String> uidPropertySet =
                  resource.getPropertyValues(IssueTrackerConstants.ACCOUNT_UID);
              String uid = uidPropertySet.get(uidPropertySet.size() - 1);

              List<String> hasSupportPropertySet =
                  resource.getPropertyValues(IssueTrackerConstants.HAS_SUPPORT_ACCOUNT);
              String hasSupport = hasSupportPropertySet.get(usernamePropertySet.size() - 1);

              List<String> passwordPropertySet;

              passwordPropertySet =
                  resource.getPropertyValues(
                      IssueTrackerConstants.ACCOUNT_PASSWORD_HIDDEN_PROPERTY);

              // for users with older accounts hidden password property does not exist. for them,
              // have to get the older property
              // until the account is edited.
              if (null == passwordPropertySet) {
                passwordPropertySet =
                    resource.getPropertyValues(IssueTrackerConstants.ACCOUNT_PASSWORD);
              }

              String password = "";
              if (null != passwordPropertySet) {

                String encryptedPassword = passwordPropertySet.get(passwordPropertySet.size() - 1);

                password =
                    new String(
                        CryptoUtil.getDefaultCryptoUtil()
                            .base64DecodeAndDecrypt(encryptedPassword));
              }
              String isAutoReportingEnabled =
                  resource.getProperty(IssueTrackerConstants.AUTO_REPORTING);

              if (null != isAutoReportingEnabled
                  && IssueTrackerConstants.IS_AUTO_REPORTING_ENABLED.equals(
                      isAutoReportingEnabled)) {
                accountInfo.setAutoReportingEnable(true);

                AutoReportingSettings settings = new AutoReportingSettings();
                String projectName =
                    resource.getProperty(IssueTrackerConstants.AUTO_REPORTING_PROJECT);
                settings.setProjectName(projectName);
                String priority =
                    resource.getProperty(IssueTrackerConstants.AUTO_REPORTING_PRIORITY);
                settings.setPriority(priority);
                String type = resource.getProperty(IssueTrackerConstants.AUTO_REPORTING_ISSUE_TYPE);
                settings.setIssueType(type);
                accountInfo.setAutoReportingSettings(settings);
              } else {
                accountInfo.setAutoReportingEnable(false);
              }

              if (!"".equals(url) && !"".equals(username) && !"".equals(password)) {
                credentials.setUrl(url);
                credentials.setUsername(username);
                credentials.setPassword(password);
                accountInfo.setCredentials(credentials);
                accountInfo.setEmail(email);
                accountInfo.setUid(uid);
                accountInfo.setHasSupportAccount(Boolean.getBoolean(hasSupport));
                accounts.add(accountInfo);
              }
            }
          }
        }
      }
    } catch (RegistryException e) {
      ExceptionHandler.handleException("Error getting resources from registry", e, log);
    } catch (CryptoException e) {
      ExceptionHandler.handleException("Error decrypting password", e, log);
    }

    return accounts;
  }