Add Notice of aaf/cadi source moving to aaf/authz

[aaf/cadi.git] / core / src / main / java / org / onap / aaf / cadi / principal / X509Principal.java

/*******************************************************************************\r
 * ============LICENSE_START====================================================\r
 * * org.onap.aaf\r
 * * ===========================================================================\r
 * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.\r
 * * ===========================================================================\r
 * * Licensed under the Apache License, Version 2.0 (the "License");\r
 * * you may not use this file except in compliance with the License.\r
 * * You may obtain a copy of the License at\r
 * * \r
 *  *      http://www.apache.org/licenses/LICENSE-2.0\r
 * * \r
 *  * Unless required by applicable law or agreed to in writing, software\r
 * * distributed under the License is distributed on an "AS IS" BASIS,\r
 * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
 * * See the License for the specific language governing permissions and\r
 * * limitations under the License.\r
 * * ============LICENSE_END====================================================\r
 * *\r
 * * ECOMP is a trademark and service mark of AT&T Intellectual Property.\r
 * *\r
 ******************************************************************************/\r
package org.onap.aaf.cadi.principal;\r
\r
import java.io.IOException;\r
import java.security.cert.CertificateEncodingException;\r
import java.security.cert.X509Certificate;\r
import java.util.regex.Pattern;\r
\r
import org.onap.aaf.cadi.GetCred;\r
\r
public class X509Principal extends BearerPrincipal implements GetCred {\r
        private static final Pattern pattern = Pattern.compile("[a-zA-Z0-9]*\\@[a-zA-Z0-9.]*");\r
        private byte[] content;  \r
        private X509Certificate cert;\r
        private String name;\r
\r
        public X509Principal(String identity, X509Certificate cert, byte[] content) {\r
                name = identity;\r
                this.content = content;\r
                this.cert = cert;\r
        }\r
        \r
        public X509Principal(X509Certificate cert, byte[] content) throws IOException {\r
                this.content=content;\r
                this.cert = cert;\r
                String subj = cert.getSubjectDN().getName();\r
                int cn = subj.indexOf("OU=");\r
                if(cn>=0) {\r
                        cn+=3;\r
                        int space = subj.indexOf(',',cn);\r
                        if(space>=0) {\r
                                String id = subj.substring(cn, space);\r
                                if(pattern.matcher(id).matches()) {\r
                                        name = id;\r
                                }\r
                        }\r
                }\r
                if(name==null)\r
                        throw new IOException("X509 does not have Identity as CN");\r
                \r
        }\r
        \r
        \r
        public String getAsHeader() throws IOException {\r
                try {\r
                        if(content==null) \r
                                content=cert.getEncoded();\r
                } catch (CertificateEncodingException e) {\r
                        throw new IOException(e);\r
                }\r
                return "X509 " + content;\r
        }\r
        \r
        public String toString() {\r
                return "X509 Authentication for " + name;\r
        }\r
\r
\r
        public byte[] getCred() {\r
                try {\r
                        return content==null?(content=cert.getEncoded()):content;\r
                } catch (CertificateEncodingException e) {\r
                        return null;\r
                }\r
        }\r
\r
\r
        public String getName() {\r
                return name;\r
        }\r
}\r