• Home
• org.apache.jackrabbit
• oak-core
• 1.6.10
• source code
• RandomAuthorizableNodeName.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

org.apache.jackrabbit.oak.security.user.RandomAuthorizableNodeName Maven / Gradle / Ivy

/*
 * Licensed to the Apache Software Foundation (ASF) under one or more
 * contributor license agreements.  See the NOTICE file distributed with
 * this work for additional information regarding copyright ownership.
 * The ASF licenses this file to You under the Apache License, Version 2.0
 * (the "License"); you may not use this file except in compliance with
 * the License.  You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.apache.jackrabbit.oak.security.user;

import java.security.SecureRandom;
import java.util.Map;
import java.util.Random;
import javax.annotation.Nonnull;

import org.apache.felix.scr.annotations.Activate;
import org.apache.felix.scr.annotations.Component;
import org.apache.felix.scr.annotations.ConfigurationPolicy;
import org.apache.felix.scr.annotations.Property;
import org.apache.felix.scr.annotations.Service;
import org.apache.jackrabbit.oak.commons.PropertiesUtil;
import org.apache.jackrabbit.oak.spi.security.user.AuthorizableNodeName;

/**
 * Implementation of the {@code AuthorizableNodeName} that generates a random
 * node name that doesn't reveal the ID of the authorizable.
 */
@Component(metatype = true, label = "Apache Jackrabbit Oak Random Authorizable Node Name", description = "Generates a random name for the authorizable node.", policy = ConfigurationPolicy.REQUIRE)
@Service(AuthorizableNodeName.class)
public class RandomAuthorizableNodeName implements AuthorizableNodeName {

    /**
     * Characters used to encode the random data. This matches the Base64URL
     * characters, which is both filename- and URL-safe.
     */
    private static final char[] VALID_CHARS;
    static {
        StringBuilder sb = new StringBuilder();
        char i;
        for (i = 'a'; i <= 'z'; i++) {
            sb.append(i);
        }
        for (i = 'A'; i <= 'Z'; i++) {
            sb.append(i);
        }
        for (i = '0'; i <= '9'; i++) {
            sb.append(i);
        }
        sb.append("-_");
        VALID_CHARS = sb.toString().toCharArray();
    }

    private static final String PARAM_LENGTH = "length";
    
    /**
     * 21 characters, each character with 6 bit of entropy (64 possible
     * characters), results in 126 bits of entropy. With regards to probability
     * of duplicates, this is even better than standard UUIDs, which have 122
     * bits of entropy and are 36 characters long.
     */
    public static final int DEFAULT_LENGTH = 21;

    @Property(name = PARAM_LENGTH, label = "Name Length", description = "Length of the generated node name.", intValue = DEFAULT_LENGTH)
    private int length = DEFAULT_LENGTH;

    @Nonnull
    @Override
    public String generateNodeName(@Nonnull String authorizableId) {
        Random random = new SecureRandom();
        char[] chars = new char[length];
        for (int i = 0; i < length; i++) {
            chars[i] = VALID_CHARS[random.nextInt(VALID_CHARS.length)];
        }
        return new String(chars);
    }

    @Activate
    private void activate(Map properties) {
        length = PropertiesUtil.toInteger(properties.get(PARAM_LENGTH), DEFAULT_LENGTH);
    }
}