--- /dev/null
+/*******************************************************************************\r
+ * ============LICENSE_START====================================================\r
+ * * org.onap.aai\r
+ * * ===========================================================================\r
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.\r
+ * * Copyright © 2017 Amdocs\r
+ * * ===========================================================================\r
+ * * Licensed under the Apache License, Version 2.0 (the "License");\r
+ * * you may not use this file except in compliance with the License.\r
+ * * You may obtain a copy of the License at\r
+ * * \r
+ * * http://www.apache.org/licenses/LICENSE-2.0\r
+ * * \r
+ * * Unless required by applicable law or agreed to in writing, software\r
+ * * distributed under the License is distributed on an "AS IS" BASIS,\r
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
+ * * See the License for the specific language governing permissions and\r
+ * * limitations under the License.\r
+ * * ============LICENSE_END====================================================\r
+ * *\r
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.\r
+ * *\r
+ ******************************************************************************/\r
+package com.att.cadi.principal;\r
+\r
+import java.io.IOException;\r
+import java.security.cert.CertificateEncodingException;\r
+import java.security.cert.X509Certificate;\r
+import java.util.regex.Pattern;\r
+\r
+import com.att.cadi.GetCred;\r
+\r
+public class X509Principal extends BearerPrincipal implements GetCred {\r
+ private static final Pattern pattern = Pattern.compile("[a-zA-Z0-9]*\\@[a-zA-Z0-9.]*");\r
+ private byte[] content; \r
+ private X509Certificate cert;\r
+ private String name;\r
+\r
+ public X509Principal(String identity, X509Certificate cert, byte[] content) {\r
+ name = identity;\r
+ this.content = content;\r
+ this.cert = cert;\r
+ }\r
+ \r
+ public X509Principal(X509Certificate cert, byte[] content) throws IOException {\r
+ this.content=content;\r
+ this.cert = cert;\r
+ String subj = cert.getSubjectDN().getName();\r
+ int cn = subj.indexOf("OU=");\r
+ if(cn>=0) {\r
+ cn+=3;\r
+ int space = subj.indexOf(',',cn);\r
+ if(space>=0) {\r
+ String id = subj.substring(cn, space);\r
+ if(pattern.matcher(id).matches()) {\r
+ name = id;\r
+ }\r
+ }\r
+ }\r
+ if(name==null)\r
+ throw new IOException("X509 does not have Identity as CN");\r
+ \r
+ }\r
+ \r
+ \r
+ public String getAsHeader() throws IOException {\r
+ try {\r
+ if(content==null) \r
+ content=cert.getEncoded();\r
+ } catch (CertificateEncodingException e) {\r
+ throw new IOException(e);\r
+ }\r
+ return "X509 " + content;\r
+ }\r
+ \r
+ public String toString() {\r
+ return "X509 Authentication for " + name;\r
+ }\r
+\r
+\r
+ public byte[] getCred() {\r
+ try {\r
+ return content==null?(content=cert.getEncoded()):content;\r
+ } catch (CertificateEncodingException e) {\r
+ return null;\r
+ }\r
+ }\r
+\r
+\r
+ public String getName() {\r
+ return name;\r
+ }\r
+}\r
Code Review / aaf / cadi.git / blobdiff