| Methods Summary |
|---|
| public java.lang.String | authenticatAccount(org.apache.lucene.gdata.data.GDataAccount account, java.lang.String requestIp)
try {
String passIp = requestIp.substring(0, requestIp.lastIndexOf('."));
String role = Integer.toString(account.getRolesAsInt());
return calculateAuthToken(passIp, role, account.getName());
} catch (Exception e) {
throw new AuthenticatorException("Can not authenticat account -- "
+ e.getMessage(), e);
}
|
| public boolean | authenticateToken(java.lang.String token, java.lang.String requestIp, org.apache.lucene.gdata.data.GDataAccount.AccountRole role, java.lang.String accountName)
if (LOG.isInfoEnabled())
LOG.info("authenticate Token " + token + " for requestIp: "
+ requestIp);
if (token == null || requestIp == null)
return false;
String passIp = requestIp.substring(0, requestIp.lastIndexOf('."));
String authString = null;
try {
authString = deCryptAuthToken(token);
} catch (Exception e) {
throw new AuthenticatorException("Can not decrypt token -- "
+ e.getMessage(), e);
}
if (authString == null)
return false;
try {
StringTokenizer tokenizer = new StringTokenizer(authString,
TOKEN_LIMITER);
if (!tokenizer.nextToken().equals(passIp))
return false;
String tempAccountName = tokenizer.nextToken();
int intRole = Integer.parseInt(tokenizer.nextToken());
/*
* Authentication goes either for a account role or a account. For
* entry manipulation the account name will be retrieved by the
* feedId otherwise it will be null If it is null the authentication
* goes against the account role
*/
if (tempAccountName == null
|| (!tempAccountName.equals(accountName) && !GDataAccount
.isInRole(intRole, role)))
return false;
long timeout = Long.parseLong(tokenizer.nextToken());
return (timeout + this.milisecondOffset) > System
.currentTimeMillis();
} catch (Exception e) {
LOG.error("Error occured while encrypting token " + e.getMessage(),
e);
return false;
}
|
| protected java.lang.String | calculateAuthToken(java.lang.String ipAddress, java.lang.String role, java.lang.String accountName)
StringBuilder builder = new StringBuilder();
builder.append(ipAddress).append(TOKEN_LIMITER);
builder.append(accountName).append(TOKEN_LIMITER);
builder.append(role).append(TOKEN_LIMITER);
builder.append(System.currentTimeMillis());
this.lock.lock();
try {
byte[] toencode = builder.toString().getBytes(ENCODING);
byte[] result = this.enCrypt.doFinal(toencode);
return this.encoder.encode(result);
} finally {
this.lock.unlock();
}
|
| private void | calculateTimeOffset()
this.milisecondOffset = this.minuteOffset * 60 * 1000;
|
| protected java.lang.String | deCryptAuthToken(java.lang.String authToken)
this.lock.lock();
try {
byte[] input = this.decoder.decodeBuffer(authToken);
byte[] result = this.deCrypt.doFinal(input);
return new String(result, ENCODING);
} finally {
this.lock.unlock();
}
|
| public void | destroy()
//
|
| public java.lang.String | getKey()
return this.key;
|
| public int | getLoginTimeout()
return this.minuteOffset;
|
| public void | initialize()
if (this.key == null)
throw new IllegalArgumentException("Auth key must not be null");
if (this.key.length() < 5 || this.key.length() > 16)
throw new IllegalArgumentException(
"Auth key length must be greater than 4 and less than 17");
try {
Provider sunJce = new com.sun.crypto.provider.SunJCE();
Security.addProvider(sunJce);
KeyGenerator kgen = KeyGenerator.getInstance(ALG);
kgen.init(448); // 448 Bit^M
byte[] raw = this.key.getBytes();
SecretKeySpec skeySpec = new SecretKeySpec(raw, ALG);
this.deCrypt = Cipher.getInstance(ALG);
this.enCrypt = Cipher.getInstance(ALG);
this.deCrypt.init(Cipher.DECRYPT_MODE, skeySpec);
this.enCrypt.init(Cipher.ENCRYPT_MODE, skeySpec);
} catch (Exception e) {
throw new AuthenticatorException(
"Can't initialize BlowfishAuthenticationController -- "
+ e.getMessage(), e);
}
calculateTimeOffset();
|
| public void | setKey(java.lang.String key)
this.key = key;
|
| public void | setLoginTimeout(int minuteOffset)
this.minuteOffset = minuteOffset;
calculateTimeOffset();
|
