2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
22 package org.onap.aaf.cadi.principal;
24 import java.io.IOException;
25 import java.security.cert.CertificateEncodingException;
26 import java.security.cert.X509Certificate;
27 import java.util.regex.Pattern;
29 import org.onap.aaf.cadi.CadiException;
30 import org.onap.aaf.cadi.GetCred;
32 public class X509Principal extends BearerPrincipal implements GetCred {
33 private static final Pattern pattern = Pattern.compile("[a-zA-Z0-9]*\\@[a-zA-Z0-9.]*");
34 private final X509Certificate cert;
35 private final String name;
36 private TagLookup tagLookup;
37 private byte[] content;
39 public X509Principal(String identity, X509Certificate cert) {
46 public X509Principal(String identity, X509Certificate cert, byte[] content) {
48 this.content = content;
53 public X509Principal(X509Certificate cert, byte[] content) throws IOException {
57 String subj = cert.getSubjectDN().getName();
58 int cn = subj.indexOf("OU=");
61 int space = subj.indexOf(',',cn);
63 String id = subj.substring(cn, space);
64 if(pattern.matcher(id).matches()) {
70 throw new IOException("X509 does not have Identity as CN");
76 public String getAsHeader() throws IOException {
79 content=cert.getEncoded();
81 } catch (CertificateEncodingException e) {
82 throw new IOException(e);
84 return "X509 " + content;
87 public String toString() {
88 return "X509 Authentication for " + name;
92 public byte[] getCred() {
94 return content==null?(content=cert.getEncoded()):content;
95 } catch (CertificateEncodingException e) {
100 public String getName() {
105 public String tag() {