@Override public UserSession startSession(Credentials credentials) throws JasDBStorageException { User user = userManager.authenticate(credentials); String sessionId = UUID.randomUUID().toString(); String token = UUID.randomUUID().toString(); CryptoEngine userEncryptionEngine = CryptoFactory.getEngine(user.getEncryptionEngine()); String encryptedContentKey = user.getEncryptedContentKey(); String contentKey = userEncryptionEngine.decrypt(user.getPasswordSalt(), credentials.getPassword(), encryptedContentKey); encryptedContentKey = userEncryptionEngine.encrypt(user.getPasswordSalt(), token, contentKey); UserSession session = new UserSessionImpl(sessionId, token, encryptedContentKey, user); userManager.authorize(session, "/", AccessMode.CONNECT); secureUserSessionMap.put(sessionId, new SecureUserSession(session)); return session; }
private void createMandatoryAdminUser() throws JasDBStorageException { CryptoEngine cryptoEngine = CryptoFactory.getEngine(); String salt = cryptoEngine.generateSalt(); String contentKey = cryptoEngine.generateSalt(); String encryptedContentKey = cryptoEngine.encrypt(salt, "", contentKey); User user = new UserMeta("admin", "localhost", encryptedContentKey, salt, cryptoEngine.hash(salt, ""), cryptoEngine.getDescriptor()); userMetadataProvider.addUser(user); Grant grant = new GrantMeta("admin", AccessMode.ADMIN); GrantObjectMeta grantsMeta = new GrantObjectMeta(Constants.OBJECT_SEPARATOR, grant); String unencryptedGrants = SimpleEntity.toJson(GrantObjectMeta.toEntity(grantsMeta)); String encryptedGrants = cryptoEngine.encrypt(salt, contentKey, unencryptedGrants); EncryptedGrants grants = new EncryptedGrants(grantsMeta.getObjectName(), encryptedGrants, salt, cryptoEngine.getDescriptor()); grantMetadataProvider.persistGrant(grants); }
@Override public User addUser(String userName, String allowedHost, String contentKey, String password) throws JasDBStorageException { if(!userMetadataProvider.hasUser(userName)) { CryptoEngine cryptoEngine = CryptoFactory.getEngine(); String salt = cryptoEngine.generateSalt(); String encryptedContentKey = cryptoEngine.encrypt(salt, password, contentKey); String passwordHash = cryptoEngine.hash(salt, password); User user = new UserMeta(userName, allowedHost, encryptedContentKey, salt, passwordHash, cryptoEngine.getDescriptor()); userMetadataProvider.addUser(user); return user; } else { return userMetadataProvider.getUser(userName); } } }
private EncryptedGrants encryptGrants(GrantObject grantObject, UserSession userSession) throws JasDBStorageException { CryptoEngine cryptoEngine = CryptoFactory.getEngine(); String contentKey = CryptoFactory.getEngine().decrypt(userSession.getUser().getPasswordSalt(), userSession.getAccessToken(), userSession.getEncryptedContentKey()); String salt = cryptoEngine.generateSalt(); String unencryptedData = SimpleEntity.toJson(GrantObjectMeta.toEntity(grantObject)); String encryptedData = cryptoEngine.encrypt(salt, contentKey, unencryptedData); return new EncryptedGrants(grantObject.getObjectName(), encryptedData, salt, cryptoEngine.getDescriptor()); }