1 package com.atlassian.security.auth.trustedapps;
2
3 import java.math.BigInteger;
4 import java.security.PublicKey;
5
6 import javax.servlet.http.HttpServletRequest;
7
8
9
10
11 public class DefaultTrustedApplication implements TrustedApplication
12 {
13 private final String name;
14
15 static ApplicationCertificate checkCertificateExpiry(final ApplicationCertificate certificate, final long certificateTimeout)
16 throws InvalidCertificateException
17 {
18 if (certificateTimeout != 0L)
19 {
20
21 final BigInteger created = BigInteger.valueOf(certificate.getCreationTime().getTime());
22 final BigInteger ttl = BigInteger.valueOf(certificateTimeout);
23 final BigInteger now = BigInteger.valueOf(System.currentTimeMillis());
24
25 if (created.add(ttl).compareTo(now) < 0)
26 {
27 throw new CertificateTooOldException(certificate, certificateTimeout);
28 }
29 }
30 return certificate;
31 }
32
33 protected final String id;
34 protected final PublicKey publicKey;
35 protected final RequestConditions requestConditions;
36 protected final RequestValidator requestValidator;
37 protected final EncryptionProvider encryptionProvider;
38
39 public DefaultTrustedApplication(final EncryptionProvider encryptionProvider,
40 final PublicKey publicKey,
41 final String id,
42 final String name, final RequestConditions requestConditions)
43 {
44 Null.not("encryptionProvider", encryptionProvider);
45 Null.not("publicKey", publicKey);
46 Null.not("id", id);
47 Null.not("requestConditions", requestConditions);
48
49 this.encryptionProvider = encryptionProvider;
50 this.publicKey = publicKey;
51 this.id = id;
52 this.name = name;
53 this.requestConditions = requestConditions;
54 this.requestValidator = new DefaultRequestValidator(requestConditions.getIPMatcher(), requestConditions.getURLMatcher());
55 }
56
57 public DefaultTrustedApplication(final EncryptionProvider encryptionProvider,
58 final PublicKey publicKey,
59 final String id,
60 final RequestConditions requestConditions)
61 {
62 this(encryptionProvider, publicKey, id, null, requestConditions);
63 }
64
65 public DefaultTrustedApplication(
66 final PublicKey publicKey,
67 final String id,
68 final RequestConditions requestConditions)
69 {
70 this(new BouncyCastleEncryptionProvider(), publicKey, id, null, requestConditions);
71 }
72
73 public DefaultTrustedApplication(final PublicKey publicKey,
74 final String id,
75 final String name,
76 final RequestConditions requestConditions)
77 {
78 this(new BouncyCastleEncryptionProvider(), publicKey, id, name, requestConditions);
79 }
80
81 public ApplicationCertificate decode(final EncryptedCertificate encCert,
82 final HttpServletRequest request)
83 throws InvalidCertificateException
84 {
85 final ApplicationCertificate certificate = encryptionProvider.decodeEncryptedCertificate(encCert, publicKey, getID());
86
87 checkCertificateExpiry(certificate, requestConditions.getCertificateTimeout());
88 checkRequest(request);
89
90 return certificate;
91 }
92
93 public RequestConditions getRequestConditions()
94 {
95 return requestConditions;
96 }
97
98 public String getName()
99 {
100 return name;
101 }
102
103 public String getID()
104 {
105 return id;
106 }
107
108 public PublicKey getPublicKey()
109 {
110 return publicKey;
111 }
112
113 protected void checkRequest(final HttpServletRequest request) throws InvalidCertificateException
114 {
115 try
116 {
117 requestValidator.validate(request);
118 }
119 catch (final InvalidRequestException e)
120 {
121 throw new InvalidCertificateException(e);
122 }
123 }
124 }