View Javadoc

1   package com.atlassian.security.auth.trustedapps;
2   
3   import java.security.PublicKey;
4   
5   import javax.servlet.http.HttpServletRequest;
6   
7   /**
8    * very basic implementation
9    */
10  public class DefaultTrustedApplication implements TrustedApplication
11  {
12      protected final String id;
13      protected final PublicKey publicKey;
14      protected final long certificateTimeout;
15      protected final RequestValidator requestValidator;
16      protected final EncryptionProvider encryptionProvider;
17  
18      public DefaultTrustedApplication(EncryptionProvider encryptionProvider, PublicKey publicKey, String id, long certificateTimeout, RequestValidator requestValidator)
19      {
20          Null.not("encryptionProvider", encryptionProvider);
21          Null.not("publicKey", publicKey);
22          Null.not("id", id);
23          Null.not("requestValidator", requestValidator);
24  
25          this.encryptionProvider = encryptionProvider;
26          this.publicKey = publicKey;
27          this.id = id;
28          this.certificateTimeout = certificateTimeout;
29          this.requestValidator = requestValidator;
30      }
31  
32      public DefaultTrustedApplication(EncryptionProvider encryptionProvider, PublicKey key, String id, long certificateTimeout, URLMatcher urlMatcher, IPMatcher ipMatcher)
33      {
34          this(encryptionProvider , key, id, certificateTimeout, new DefaultRequestValidator(ipMatcher, urlMatcher));
35      }
36  
37      public DefaultTrustedApplication(PublicKey key, String id, long certificateTimeout, URLMatcher urlMatcher, IPMatcher ipMatcher)
38      {
39          this(new BouncyCastleEncryptionProvider(), key, id, certificateTimeout, urlMatcher, ipMatcher);
40      }
41  
42      public ApplicationCertificate decode(EncryptedCertificate encCert, HttpServletRequest request) throws InvalidCertificateException
43      {
44          ApplicationCertificate certificate = encryptionProvider.decodeEncryptedCertificate(encCert, publicKey, getID());
45  
46          checkCertificateExpiry(certificate);
47          checkRequest(request);
48  
49          return certificate;
50      }
51  
52      public String getID()
53      {
54          return id;
55      }
56  
57      public PublicKey getPublicKey()
58      {
59          return publicKey;
60      }
61  
62      private void checkCertificateExpiry(ApplicationCertificate certificate) throws InvalidCertificateException
63      {
64          if (certificate.getCreationTime().getTime() + certificateTimeout <= System.currentTimeMillis())
65          {
66              throw new CertificateTooOldException(certificate, certificateTimeout);
67          }
68      }
69      
70      private void checkRequest(HttpServletRequest request) throws InvalidCertificateException
71      {
72          try
73          {
74              requestValidator.validate(request);
75          }
76          catch (InvalidRequestException e)
77          {
78              throw new InvalidCertificateException(e);
79          }
80      }
81  }