public static RpslObject translateAuth( final RpslObject rpslObject, final AuthTranslator authTranslator) { if (!rpslObject.containsAttribute(AttributeType.AUTH)) { // IRT also has auth: return rpslObject; } final Map<RpslAttribute, RpslAttribute> replace = Maps.newHashMap(); for (RpslAttribute authAttribute : rpslObject.findAttributes(AttributeType.AUTH)) { final Iterator<String> authIterator = SPACE_SPLITTER.split(authAttribute.getCleanValue()).iterator(); final String authType = authIterator.next().toUpperCase(); if (authIterator.hasNext()) { final String authToken = authIterator.next(); final RpslAttribute result = authTranslator.translate(authType, authToken, authAttribute); if (result != null) { replace.put(authAttribute, result); } } } if (replace.isEmpty()) { return rpslObject; } else { return new RpslObjectBuilder(rpslObject).replaceAttributes(replace).get(); } }
@Override public List<RpslObject> authenticate( final PreparedUpdate update, final UpdateContext updateContext) { final RpslObject updatedObject = update.getUpdatedObject(); final RpslAttribute typeAttribute = updatedObject.getTypeAttribute(); final IpInterval addressPrefix = IpInterval.parse(typeAttribute.getCleanValue()); final List<RpslObject> ipObjects = getIpObjects(addressPrefix); if (ipObjects.isEmpty()) { throw new AuthenticationFailedException( UpdateMessages.authenticationFailed( updatedObject, typeAttribute.getType(), Collections.<RpslObject>emptyList()), Collections.<RpslObject>emptyList()); } final Set<RpslObject> allCandidates = Sets.newLinkedHashSet(); final List<Message> authenticationMessages = Lists.newArrayList(); for (final RpslObject ipObject : ipObjects) { if (ipObject.containsAttribute(AttributeType.MNT_ROUTES)) { final List<RpslObject> candidates = getCandidatesForMntRoutesAuthentication(ipObject, update); allCandidates.addAll(candidates); final List<RpslObject> authenticated = authenticationModule.authenticate(update, updateContext, candidates); if (authenticated.isEmpty()) { authenticationMessages.add( UpdateMessages.authenticationFailed(ipObject, AttributeType.MNT_ROUTES, candidates)); } else { return authenticated; } } } if (!authenticationMessages.isEmpty()) { throw new AuthenticationFailedException(authenticationMessages, allCandidates); } for (final RpslObject ipObject : ipObjects) { final IpInterval ipInterval = IpInterval.parse(ipObject.getTypeAttribute().getCleanValue()); if (!addressPrefix.equals(ipInterval) && ipObject.containsAttribute(AttributeType.MNT_LOWER)) { final List<RpslObject> candidates = objectDao.getByKeys( ObjectType.MNTNER, ipObject.getValuesForAttribute(AttributeType.MNT_LOWER)); allCandidates.addAll(candidates); final List<RpslObject> authenticated = authenticationModule.authenticate(update, updateContext, candidates); if (authenticated.isEmpty()) { authenticationMessages.add( UpdateMessages.authenticationFailed(ipObject, AttributeType.MNT_LOWER, candidates)); } else { return authenticated; } } } if (!authenticationMessages.isEmpty()) { throw new AuthenticationFailedException(authenticationMessages, allCandidates); } for (final RpslObject ipObject : ipObjects) { if (ipObject.containsAttribute(AttributeType.MNT_BY)) { final List<RpslObject> candidates = objectDao.getByKeys( ObjectType.MNTNER, ipObject.getValuesForAttribute(AttributeType.MNT_BY)); allCandidates.addAll(candidates); final List<RpslObject> authenticated = authenticationModule.authenticate(update, updateContext, candidates); if (authenticated.isEmpty()) { authenticationMessages.add( UpdateMessages.authenticationFailed(ipObject, AttributeType.MNT_BY, candidates)); } else { return authenticated; } } } if (!authenticationMessages.isEmpty()) { throw new AuthenticationFailedException(authenticationMessages, allCandidates); } throw new AuthenticationFailedException( UpdateMessages.authenticationFailed( updatedObject, typeAttribute.getType(), Collections.<RpslObject>emptyList()), allCandidates); }