org.apache.synapse.securevault.SecretResolverFactory Maven / Gradle / Ivy
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.apache.synapse.securevault;
import org.apache.axiom.om.OMElement;
import org.apache.synapse.securevault.secret.SecretCallbackHandler;
import org.apache.synapse.securevault.secret.SecretCallbackHandlerFactory;
import org.w3c.dom.NamedNodeMap;
import org.w3c.dom.Node;
import javax.xml.XMLConstants;
import javax.xml.namespace.QName;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import java.util.Properties;
/**
* Factory for creating SecretResolver instances
*/
public class SecretResolverFactory {
/**
* Creates an SecretResolver instance from an XML
*
* @param configuration SecretResolver configuration as XML object
* @param isCapLetter whether the XML element begins with a cap letter
* @return an SecretResolver instance
*/
public static SecretResolver create(OMElement configuration, boolean isCapLetter) {
SecretResolver secretResolver = new SecretResolver();
QName pwProviderQName;
QName protectedTokensQName;
QName pwManagerQName;
QName parentQName = configuration.getQName();
String nsURI = parentQName != null ? parentQName.getNamespaceURI() :
XMLConstants.NULL_NS_URI;
String nsPrefix = parentQName != null ? parentQName.getPrefix() :
XMLConstants.DEFAULT_NS_PREFIX;
if (!isCapLetter) {
pwManagerQName = new QName(nsURI, SecurityConstants.PASSWORD_MANAGER_SIMPLE, nsPrefix);
pwProviderQName = new QName(nsURI, SecurityConstants.PASSWORD_PROVIDER_SIMPLE,
nsPrefix);
protectedTokensQName = new QName(nsURI, SecurityConstants.PROTECTED_TOKENS_SIMPLE,
nsPrefix);
} else {
pwManagerQName = new QName(nsURI, SecurityConstants.PASSWORD_MANAGER_CAP, nsPrefix);
pwProviderQName = new QName(nsURI, SecurityConstants.PASSWORD_PROVIDER_CAP, nsPrefix);
protectedTokensQName = new QName(nsURI, SecurityConstants.PROTECTED_TOKENS_CAP,
nsPrefix);
}
OMElement child = configuration.getFirstChildWithName(pwManagerQName);
if (child == null) {
return secretResolver;
}
OMElement passwordProviderElement = child.getFirstChildWithName(pwProviderQName);
if (passwordProviderElement != null) {
initPasswordManager(secretResolver, passwordProviderElement.getText());
if (secretResolver.isInitialized()) {
OMElement protectedTokensElement =
child.getFirstChildWithName(protectedTokensQName);
if (protectedTokensElement != null) {
String value = protectedTokensElement.getText();
if (value != null && value.trim().length() > 0) {
List protectedTokens = new ArrayList(Arrays
.asList(value.split(",")));
for (String token : protectedTokens) {
secretResolver.addProtectedToken(token);
}
}
}
}
}
return secretResolver;
}
/**
* Creates an SecretResolver instance from a set of property
*
* @param properties configuration properties
* @param propertyPrefix prefix to identify suitable configuration properties
* @return an SecretResolver instance
*/
public static SecretResolver create(Properties properties, String propertyPrefix) {
SecretResolver secretResolver = new SecretResolver();
String prefix = propertyPrefix;
if (propertyPrefix != null && !"".equals(propertyPrefix) && !propertyPrefix.endsWith(".")) {
prefix += ".";
}
initPasswordManager(secretResolver, properties.getProperty(prefix +
SecurityConstants.PASSWORD_PROVIDER_SIMPLE));
if (secretResolver.isInitialized()) {
String protectedTokens = properties.getProperty(prefix +
SecurityConstants.PROTECTED_TOKENS_SIMPLE);
if (protectedTokens != null && !"".equals(protectedTokens.trim())) {
ArrayList tokens = new ArrayList(Arrays
.asList(protectedTokens.split(",")));
for (String token : tokens) {
secretResolver.addProtectedToken(token);
}
}
}
return secretResolver;
}
/**
* Creates an SecretResolver instance from a set of DOM Node
*
* @param namedNodeMap DOM node set
* @return an SecretResolver instance
*/
public static SecretResolver create(NamedNodeMap namedNodeMap) {
SecretResolver secretResolver = new SecretResolver();
Node namedItem = namedNodeMap.getNamedItem(SecurityConstants.PASSWORD_PROVIDER_SIMPLE);
if (namedItem != null) {
String passwordProvider = namedItem.getNodeValue();
if (passwordProvider != null && passwordProvider.trim().length() > 0) {
initPasswordManager(secretResolver, passwordProvider);
}
}
if (secretResolver.isInitialized()) {
Node protectedTokenAttr = namedNodeMap.getNamedItem(
SecurityConstants.PROTECTED_TOKENS_SIMPLE);
ArrayList protectedTokenList;
if (protectedTokenAttr != null) {
String protectedTokens = protectedTokenAttr.getNodeValue();
if (protectedTokens != null && protectedTokens.trim().length() > 0) {
protectedTokenList = new ArrayList(Arrays.asList(protectedTokens
.split(",")));
for (String token : protectedTokenList) {
if (token != null && !"".equals(token)) {
secretResolver.addProtectedToken(token);
}
}
}
}
}
return secretResolver;
}
private static void initPasswordManager(SecretResolver secretResolver, String provider) {
SecretCallbackHandler callbackHandler =
SecretCallbackHandlerFactory.createSecretCallbackHandler(provider);
if (callbackHandler != null) {
secretResolver.init(callbackHandler);
}
}
}