+++ /dev/null
-/*******************************************************************************\r
- * ============LICENSE_START====================================================\r
- * * org.onap.aaf\r
- * * ===========================================================================\r
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.\r
- * * ===========================================================================\r
- * * Licensed under the Apache License, Version 2.0 (the "License");\r
- * * you may not use this file except in compliance with the License.\r
- * * You may obtain a copy of the License at\r
- * * \r
- * * http://www.apache.org/licenses/LICENSE-2.0\r
- * * \r
- * * Unless required by applicable law or agreed to in writing, software\r
- * * distributed under the License is distributed on an "AS IS" BASIS,\r
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
- * * See the License for the specific language governing permissions and\r
- * * limitations under the License.\r
- * * ============LICENSE_END====================================================\r
- * *\r
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.\r
- * *\r
- ******************************************************************************/\r
-package org.onap.aaf.cadi.principal;\r
-\r
-import java.io.IOException;\r
-import java.security.cert.CertificateEncodingException;\r
-import java.security.cert.X509Certificate;\r
-import java.util.regex.Pattern;\r
-\r
-import org.onap.aaf.cadi.GetCred;\r
-\r
-public class X509Principal extends BearerPrincipal implements GetCred {\r
- private static final Pattern pattern = Pattern.compile("[a-zA-Z0-9]*\\@[a-zA-Z0-9.]*");\r
- private byte[] content; \r
- private X509Certificate cert;\r
- private String name;\r
-\r
- public X509Principal(String identity, X509Certificate cert, byte[] content) {\r
- name = identity;\r
- this.content = content;\r
- this.cert = cert;\r
- }\r
- \r
- public X509Principal(X509Certificate cert, byte[] content) throws IOException {\r
- this.content=content;\r
- this.cert = cert;\r
- String subj = cert.getSubjectDN().getName();\r
- int cn = subj.indexOf("OU=");\r
- if(cn>=0) {\r
- cn+=3;\r
- int space = subj.indexOf(',',cn);\r
- if(space>=0) {\r
- String id = subj.substring(cn, space);\r
- if(pattern.matcher(id).matches()) {\r
- name = id;\r
- }\r
- }\r
- }\r
- if(name==null)\r
- throw new IOException("X509 does not have Identity as CN");\r
- \r
- }\r
- \r
- \r
- public String getAsHeader() throws IOException {\r
- try {\r
- if(content==null) \r
- content=cert.getEncoded();\r
- } catch (CertificateEncodingException e) {\r
- throw new IOException(e);\r
- }\r
- return "X509 " + content;\r
- }\r
- \r
- public String toString() {\r
- return "X509 Authentication for " + name;\r
- }\r
-\r
-\r
- public byte[] getCred() {\r
- try {\r
- return content==null?(content=cert.getEncoded()):content;\r
- } catch (CertificateEncodingException e) {\r
- return null;\r
- }\r
- }\r
-\r
-\r
- public String getName() {\r
- return name;\r
- }\r
-}\r
Code Review / aaf / cadi.git / blobdiff