1 /*******************************************************************************
\r
2 * ============LICENSE_START====================================================
\r
4 * * ===========================================================================
\r
5 * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
\r
6 * * ===========================================================================
\r
7 * * Licensed under the Apache License, Version 2.0 (the "License");
\r
8 * * you may not use this file except in compliance with the License.
\r
9 * * You may obtain a copy of the License at
\r
11 * * http://www.apache.org/licenses/LICENSE-2.0
\r
13 * * Unless required by applicable law or agreed to in writing, software
\r
14 * * distributed under the License is distributed on an "AS IS" BASIS,
\r
15 * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
\r
16 * * See the License for the specific language governing permissions and
\r
17 * * limitations under the License.
\r
18 * * ============LICENSE_END====================================================
\r
20 * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
\r
22 ******************************************************************************/
\r
23 package com.att.cadi.principal;
\r
25 import java.io.IOException;
\r
26 import java.security.cert.CertificateEncodingException;
\r
27 import java.security.cert.X509Certificate;
\r
28 import java.util.regex.Pattern;
\r
30 import com.att.cadi.GetCred;
\r
32 public class X509Principal extends BearerPrincipal implements GetCred {
\r
33 private static final Pattern pattern = Pattern.compile("[a-zA-Z0-9]*\\@[a-zA-Z0-9.]*");
\r
34 private byte[] content;
\r
35 private X509Certificate cert;
\r
36 private String name;
\r
38 public X509Principal(String identity, X509Certificate cert, byte[] content) {
\r
40 this.content = content;
\r
44 public X509Principal(X509Certificate cert, byte[] content) throws IOException {
\r
45 this.content=content;
\r
47 String subj = cert.getSubjectDN().getName();
\r
48 int cn = subj.indexOf("OU=");
\r
51 int space = subj.indexOf(',',cn);
\r
53 String id = subj.substring(cn, space);
\r
54 if(pattern.matcher(id).matches()) {
\r
60 throw new IOException("X509 does not have Identity as CN");
\r
65 public String getAsHeader() throws IOException {
\r
68 content=cert.getEncoded();
\r
69 } catch (CertificateEncodingException e) {
\r
70 throw new IOException(e);
\r
72 return "X509 " + content;
\r
75 public String toString() {
\r
76 return "X509 Authentication for " + name;
\r
80 public byte[] getCred() {
\r
82 return content==null?(content=cert.getEncoded()):content;
\r
83 } catch (CertificateEncodingException e) {
\r
89 public String getName() {
\r