Skip to main content
aboutsummaryrefslogtreecommitdiffstats
path: root/plugins/org.eclipse.net4j.util/src/org/eclipse/net4j/util/security/ResponseNegotiator.java
blob: 692d1d599cc3f0d425574e506d6d6a3be2d736c3 (plain) (blame) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98

/*
 * Copyright (c) 2008, 2009, 2011, 2012, 2016 Eike Stepper (Loehne, Germany) and others.
 * All rights reserved. This program and the accompanying materials
 * are made available under the terms of the Eclipse Public License v1.0
 * which accompanies this distribution, and is available at
 * http://www.eclipse.org/legal/epl-v10.html
 *
 * Contributors:
 *    Eike Stepper - initial API and implementation
 */
package org.eclipse.net4j.util.security;

import java.nio.ByteBuffer;

/**
 * @author Eike Stepper
 */
public class ResponseNegotiator extends ChallengeResponseNegotiator
{
  private IPasswordCredentialsProvider credentialsProvider;

  public ResponseNegotiator()
  {
    super(false);
  }

  public IPasswordCredentialsProvider getCredentialsProvider()
  {
    return credentialsProvider;
  }

  public void setCredentialsProvider(IPasswordCredentialsProvider credentialsProvider)
  {
    this.credentialsProvider = credentialsProvider;
  }

  @Override
  protected void doBeforeActivate() throws Exception
  {
    super.doBeforeActivate();
    if (credentialsProvider == null)
    {
      throw new IllegalStateException("credentialsProvider == null"); //$NON-NLS-1$
    }
  }

  @Override
  protected void handleChallenge(INegotiationContext context, ByteBuffer challenge, ByteBuffer response)
  {
    // Get random token from challenge
    int size = challenge.getInt();
    byte[] randomToken = new byte[size];
    challenge.get(randomToken);

    // Get credentials and encrypt token
    IPasswordCredentials credentials = credentialsProvider.getCredentials();
    String userID = credentials.getUserID();
    context.setUserID(userID);

    // Set userID into response
    byte[] userIDBytes = userID.getBytes();
    response.putInt(userIDBytes.length);
    response.put(userIDBytes);

    // Set crypted token into response
    byte[] cryptedToken = encryptToken(credentials.getPassword(), randomToken);
    response.putInt(cryptedToken.length);
    response.put(cryptedToken);
  }

  /**
   * @since 2.0
   */
  @Override
  protected void handleAcknowledgement(INegotiationContext context, boolean success)
  {
    if (!success)
    {
      throw new NegotiationException("Negotiation failed"); //$NON-NLS-1$
    }
  }

  protected byte[] encryptToken(char[] password, byte[] token)
  {
    try
    {
      return SecurityUtil.encrypt(token, password, getEncryptionAlgorithmName(), getEncryptionSaltBytes(), getEncryptionIterationCount());
    }
    catch (RuntimeException ex)
    {
      throw ex;
    }
    catch (Exception ex)
    {
      throw new SecurityException(ex);
    }
  }
}

Back to the top