public SecureKeyId secureKey(String keyName) { return new SecureKeyId(namespace, keyName); }
@Override public String getEntityName() { return getName(); }
public SecureKeyId(String namespace, String name) { super(namespace, EntityType.SECUREKEY); if (name == null) { throw new NullPointerException("Secure key cannot be null."); } if (!isValidSecureKey(name)) { throw new IllegalArgumentException(String.format("Improperly formatted secure key name '%s'." + " The name can contain lower case alphabets," + " numbers, _, and -", name)); } this.name = name; }
@SuppressWarnings("unused") public static SecureKeyId fromIdParts(Iterable<String> idString) { Iterator<String> iterator = idString.iterator(); return new SecureKeyId(next(iterator, "namespace"), nextAndEnd(iterator, "name")); }
/** * Creates a secure key * * @param secureKeyId {@link SecureKeyId} secure key name * @param keyCreateRequest {@link SecureKeyCreateRequest} * @throws IOException if a network error occurred * @throws UnauthenticatedException if the request is not authorized successfully in the gateway server * @throws SecureKeyAlreadyExistsException if the secure key already exists * @throws NamespaceNotFoundException if namespace is not found */ public void createKey(SecureKeyId secureKeyId, SecureKeyCreateRequest keyCreateRequest) throws IOException, UnauthenticatedException, AlreadyExistsException, NamespaceNotFoundException, UnauthorizedException { URL url = config.resolveNamespacedURLV3(secureKeyId.getParent(), getSecureKeyPath(secureKeyId)); HttpResponse response = restClient.execute(HttpMethod.PUT, url, GSON.toJson(keyCreateRequest), null, config.getAccessToken(), HttpURLConnection.HTTP_NOT_FOUND, HttpURLConnection.HTTP_CONFLICT); if (response.getResponseCode() == HttpURLConnection.HTTP_CONFLICT) { throw new SecureKeyAlreadyExistsException(secureKeyId); } if (response.getResponseCode() == HttpURLConnection.HTTP_NOT_FOUND) { throw new NamespaceNotFoundException(secureKeyId.getParent()); } }
public SecureKeyNotFoundException(SecureKeyId secureKeyId, Throwable t) { super(secureKeyId, secureKeyId.toString(), t); this.secureKeyId = secureKeyId; }
@SuppressWarnings("unused") public static SecureKeyId fromIdParts(Iterable<String> idString) { Iterator<String> iterator = idString.iterator(); return new SecureKeyId(next(iterator, "namespace"), nextAndEnd(iterator, "name")); }
/** * Get the metadata associated with the given secure key * * @param secureKeyId {@link SecureKeyId} secure key name * @return {@link SecureStoreMetadata} metadata associated with the key * @throws IOException if a network error occurred * @throws UnauthenticatedException if the request is not authorized successfully in the gateway server * @throws SecureKeyNotFoundException if secure key or the namespace is not found */ public SecureStoreMetadata getKeyMetadata(SecureKeyId secureKeyId) throws IOException, UnauthenticatedException, SecureKeyNotFoundException, UnauthorizedException { URL url = config.resolveNamespacedURLV3(secureKeyId.getParent(), String.format("%s/metadata", getSecureKeyPath(secureKeyId))); HttpResponse response = restClient.execute(HttpMethod.GET, url, config.getAccessToken(), HttpURLConnection.HTTP_NOT_FOUND); if (response.getResponseCode() == HttpURLConnection.HTTP_NOT_FOUND) { throw new SecureKeyNotFoundException(secureKeyId); } return GSON.fromJson(response.getResponseBodyAsString(), SecureStoreMetadata.class); }
public SecureKeyId secureKey(String keyName) { return new SecureKeyId(namespace, keyName); }
@Override public String getEntityName() { return getName(); }
/** * Delete the secure key * @param secureKeyId {@link SecureKeyId} secure key name * @throws IOException if a network error occurred * @throws UnauthenticatedException if the request is not authorized successfully in the gateway server * @throws SecureKeyNotFoundException if secure key or the namespace is not found */ public void deleteKey(SecureKeyId secureKeyId) throws IOException, UnauthenticatedException, SecureKeyNotFoundException, UnauthorizedException { URL url = config.resolveNamespacedURLV3(secureKeyId.getParent(), getSecureKeyPath(secureKeyId)); HttpResponse response = restClient.execute(HttpMethod.DELETE, url, config.getAccessToken(), HttpURLConnection.HTTP_NOT_FOUND); if (response.getResponseCode() == HttpURLConnection.HTTP_NOT_FOUND) { throw new SecureKeyNotFoundException(secureKeyId); } }
public SecureKeyId(String namespace, String name) { super(namespace, EntityType.SECUREKEY); if (name == null) { throw new NullPointerException("Secure key cannot be null."); } if (!isValidSecureKey(name)) { throw new IllegalArgumentException(String.format("Improperly formatted secure key name '%s'." + " The name can contain lower case alphabets," + " numbers, _, and -", name)); } this.name = name; }
@Override public void delete(String namespace, String name) throws Exception { validate(namespace); try { secretManager.delete(namespace, name); } catch (SecretNotFoundException e) { throw new SecureKeyNotFoundException(new SecureKeyId(namespace, name), e); } }
private static String getSecureKeyPath(SecureKeyId secureKeyId) { return String.format("%s/%s", SECURE_KEYS, secureKeyId.getName()); } }
/** * Fetch the data associated with the given secure key * * @param secureKeyId {@link SecureKeyId} secure key name * @return the secure data in a utf-8 encoded byte array * @throws IOException if a network error occurred * @throws UnauthenticatedException if the request is not authorized successfully in the gateway server * @throws SecureKeyNotFoundException if secure key or the namespace is not found */ public String getData(SecureKeyId secureKeyId) throws IOException, UnauthenticatedException, SecureKeyNotFoundException, UnauthorizedException { URL url = config.resolveNamespacedURLV3(secureKeyId.getParent(), getSecureKeyPath(secureKeyId)); HttpResponse response = restClient.execute(HttpMethod.GET, url, config.getAccessToken(), HttpURLConnection.HTTP_NOT_FOUND); if (response.getResponseCode() == HttpURLConnection.HTTP_NOT_FOUND) { throw new SecureKeyNotFoundException(secureKeyId); } return response.getResponseBodyAsString(); }
/** * Handles error based on response code. */ private void handleResponse(final HttpResponse response, String namespace, String name, String errorPrefix) throws Exception { int responseCode = response.getResponseCode(); switch (responseCode) { case HttpURLConnection.HTTP_OK: return; case HttpURLConnection.HTTP_NOT_FOUND: throw new SecureKeyNotFoundException(new SecureKeyId(namespace, name)); case HttpURLConnection.HTTP_CONFLICT: throw new SecureKeyAlreadyExistsException(new SecureKeyId(namespace, name)); case HttpURLConnection.HTTP_BAD_REQUEST: throw new IllegalArgumentException(errorPrefix + ". Reason: " + response.getResponseBodyAsString()); default: throw new IOException(errorPrefix + ". Reason: " + response.getResponseBodyAsString()); } }
/** * Returns the metadata for the element identified by the given name. * The name must be of the format namespace + NAME_SEPARATOR + key name. * @param keyName Name of the element * @return An object representing the metadata associated with the element * @throws NotFoundException If the key was not found in the store. * @throws IOException If there was a problem in getting the key from the store */ private SecureStoreMetadata getSecureStoreMetadata(String keyName) throws Exception { String[] namespaceAndName = keyName.split(NAME_SEPARATOR); Preconditions.checkArgument(namespaceAndName.length == 2); String namespace = namespaceAndName[0]; String name = namespaceAndName[1]; readLock.lock(); try { if (!keyStore.containsAlias(keyName)) { throw new NotFoundException(new SecureKeyId(namespace, name)); } Key key = keyStore.getKey(keyName, password); return deserialize(key.getEncoded()).getMetadata(); } catch (NoSuchAlgorithmException | UnrecoverableKeyException | KeyStoreException e) { throw new IOException("Unable to retrieve the metadata for " + name + " in namespace " + namespace, e); } finally { readLock.unlock(); } }
@Path("/{key-name}") @GET public void get(HttpRequest httpRequest, HttpResponder httpResponder, @PathParam("namespace-id") String namespace, @PathParam("key-name") String name) throws Exception { SecureKeyId secureKeyId = new SecureKeyId(namespace, name); httpResponder.sendByteArray(HttpResponseStatus.OK, secureStore.get(namespace, name).get(), new DefaultHttpHeaders().set(HttpHeaderNames.CONTENT_TYPE, "text/plain;charset=utf-8")); }
@Path("/{key-name}") @GET public void get(HttpRequest httpRequest, HttpResponder httpResponder, @PathParam("namespace-id") String namespace, @PathParam("key-name") String name) throws Exception { SecureKeyId secureKeyId = new SecureKeyId(namespace, name); httpResponder.sendByteArray(HttpResponseStatus.OK, secureStore.getSecureData(namespace, name).get(), new DefaultHttpHeaders().set(HttpHeaderNames.CONTENT_TYPE, "text/plain;charset=utf-8")); }
/** * Deletes the key if the user has ADMIN privileges to the key. * * @throws UnauthorizedException If the user does not have admin privileges required to delete the secure key. * @throws NamespaceNotFoundException If the specified namespace does not exist. * @throws NotFoundException If the key to be deleted is not found. * @throws IOException If there was a problem deleting it from the underlying provider. */ @Override public final void delete(String namespace, String name) throws Exception { Principal principal = authenticationContext.getPrincipal(); SecureKeyId secureKeyId = new SecureKeyId(namespace, name); authorizationEnforcer.enforce(secureKeyId, principal, Action.ADMIN); secureStoreService.delete(namespace, name); }