ConsoleKeyStorePasskeysReader xref

View Javadoc

1   /*
2    * Copyright 2007-2008 the original author or authors.
3    * 
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    * 
8    *      http://www.apache.org/licenses/LICENSE-2.0
9    * 
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  
17  package org.gwe.app.client.config;
18  
19  import java.io.File;
20  import java.io.FileNotFoundException;
21  import java.io.FileOutputStream;
22  import java.io.IOException;
23  import java.util.HashMap;
24  import java.util.List;
25  import java.util.Map;
26  
27  import org.gwe.app.client.GWEConsoleReader;
28  import org.gwe.app.client.ProgressTracker;
29  import org.gwe.utils.Encryptor;
30  import org.gwe.utils.IOUtils;
31  import org.gwe.utils.security.AccessControl;
32  import org.gwe.utils.security.AccountInfo;
33  import org.gwe.utils.security.KeyStore;
34  
35  /**
36   * @author Marco Ruiz
37   * @since Oct 13, 2008
38   */
39  public class ConsoleKeyStorePasskeysReader {
40  	
41  	private static final String GWE_AUTH_BIN = "gwe-auth.bin";
42  	private static final String GWE_AUTH_XML = "gwe-auth.xml";
43  	
44  	private ProgressTracker tracker = ProgressTracker.CONSOLE_TRACKER;
45  	private String authBin;
46  	private String authXml;
47  	private String encryptionToken;
48  	private boolean offerToOverride;
49  
50  	private GWEConsoleReader consoleReader;
51  	
52  	public ConsoleKeyStorePasskeysReader(InstallationFiles configFiles, String encryptionToken, boolean offerToOverride) throws IOException {
53  		this.authBin = configFiles.getConfigFilePath(GWE_AUTH_BIN);
54  		this.authXml = configFiles.getConfigFilePath(GWE_AUTH_XML);
55  	    this.encryptionToken = encryptionToken;
56  		this.consoleReader = new GWEConsoleReader(tracker);
57  		this.offerToOverride = offerToOverride;
58      }
59  	
60  	public KeyStore readKeyStore() throws FileNotFoundException {
61  		Map<String, String> accountsPasskeys = new HashMap<String, String>();
62  		
63  		// FIXME: This will invalidate the feature of providing an alternative auth configuration file through the "-conf" argument
64  		KeyStore encKS = getEncryptedKeyStore();
65  
66  		if (encKS == null) {
67  			tracker.trackProgress("No encrypted key store available! Generating a new one from scratch...");
68  		} else {
69  			accountsPasskeys = getPassKeys(encKS);
70  		}
71  		
72  		KeyStore keys = new KeysXMLConfigFile(authXml).getModel();
73  	    for (AccessControl ac : keys.getAccessControls()) 
74  	    	if (ac.getAccount().missingPasskey()) 
75  	    		loadPasskey(accountsPasskeys, ac);
76  
77  	    writeEncryptedKeyStore(keys);
78  	    tracker.trackProgress("");
79  		return keys;
80  	}
81  
82  	private Map<String, String> getPassKeys(KeyStore encKS) {
83  	    Map<String, String> accountsPasskeys = new HashMap<String, String>();
84  	    for (AccessControl ac : encKS.getAccessControls())
85          	for (String id : ac.getAccountIds())
86              	accountsPasskeys.put(id, ac.getAccount().getPasskey());
87  	    
88  	    return accountsPasskeys;
89      }
90  	
91  	private void loadPasskey(Map<String, String> accountsPasskeys, AccessControl ac) {
92  	    AccountInfo account = ac.getAccount();
93  		List<String> ids = ac.getAccountIds();
94  		for (String id : ids) {
95  	    	String passKey = accountsPasskeys.get(id);
96  	    	if (passKey != null) {
97  	    		account.setPasskey(passKey);
98  	    		break;
99  	    	}
100 	    }
101 
102 	    String id = ids.get(0);
103 	    if (!account.missingPasskey()) {
104 	        if (offerToOverride && consoleReader.readBoolean("Override pass key for [" + ids.get(0) + "]?"))
105 	        	readPasskey(account, id);
106 	    } else {
107 	    	readPasskey(account, id);
108 	    }
109     }
110 
111 	private void readPasskey(AccountInfo account, String id) {
112 	    try {
113 	        account.setPasskey(consoleReader.readPasskey("pass key for [" + id + "] : " , true));
114 	    } catch (IOException e) {
115 	    	tracker.trackProgress("Could not read the new pass key for [" + id + "]!");
116 	    }
117     }
118 
119 	private KeyStore getEncryptedKeyStore() {
120 	    long serKSTime = getFileTime(authBin);
121 		
122 		if (serKSTime != 0) {
123 			boolean outdated = serKSTime < getFileTime(authXml);
124 			if (outdated) {
125 				tracker.trackProgress("Outdated encrypted key store found!");
126 				if (consoleReader.readBoolean("Use it as a starting point to build an updated one?"))
127 					return readEncryptedKeyStore();
128 			} else
129 				return readEncryptedKeyStore();
130 		}
131 
132 		return null;
133 	}
134 
135 	private long getFileTime(String confFileName) {
136 	    return new File(confFileName).lastModified();
137     }
138 
139 	private KeyStore readEncryptedKeyStore() {
140 	    KeyStore result = tryToReadEncryptedKeyStore();
141 	    while (result == null) {
142 	    	tracker.trackProgress("Could not read encrypted key store!");
143 	    	if (consoleReader.readBoolean("Try with a different key token?")) {
144 		    	encryptionToken = null;
145 	    		result = tryToReadEncryptedKeyStore();
146 	    	} else {
147 	    		return null;
148 	    	}
149 	    }
150 	    return result;
151     }
152 
153 	private KeyStore tryToReadEncryptedKeyStore() {
154 		if (encryptionToken == null) {
155 			try {
156 				encryptionToken = consoleReader.readPasskey("Key store encryption token: ", false);
157             } catch (IOException e) {
158             	tracker.trackProgress("Could not read encryption token: " + e);
159             	return null;
160             }
161 		}
162 		
163         try {
164     		byte[] encryptedEncodedKS = IOUtils.readFile(authBin);
165     		byte[] content = new Encryptor(encryptionToken).decrypt(encryptedEncodedKS);
166 			return IOUtils.deserializeObject(content);
167         } catch (Exception e) {
168         	tracker.trackProgress("Cannot read encrypted keystore: " + e);
169         	return null;
170         }
171     }
172 
173 	private void writeEncryptedKeyStore(KeyStore keys) {
174         try {
175         	byte[] serKS = IOUtils.serializeObject(keys);
176     		byte[] content = new Encryptor(encryptionToken).encrypt(serKS);
177     		FileOutputStream fos = new FileOutputStream(authBin, false);
178 			fos.write(content);
179 			fos.close();
180         } catch (Exception e) {
181         	tracker.trackProgress("Cannot write encrypted key store: " + e);
182         }
183     }
184 
185 	public static void main(String[] args) throws Exception {
186 		new ConsoleKeyStorePasskeysReader(new InstallationFiles("/Users/admin/work/eclipse-ws/gwe-core/user"), "grid wizard enterprise", false).readKeyStore();
187 	}
188 }
189