• Home
• org.neo4j
• neo4j-kernel
• 4.4.32
• source code
• AuthToken.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

org.neo4j.kernel.api.security.AuthToken Maven / Gradle / Ivy

/*
 * Copyright (c) "Neo4j"
 * Neo4j Sweden AB [http://neo4j.com]
 *
 * This file is part of Neo4j.
 *
 * Neo4j is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see .
 */
package org.neo4j.kernel.api.security;

import org.apache.commons.lang3.StringUtils;

import java.util.Arrays;
import java.util.Collections;
import java.util.Map;

import org.neo4j.kernel.api.security.exception.InvalidAuthTokenException;
import org.neo4j.string.UTF8;

import static java.lang.String.format;
import static org.neo4j.internal.helpers.collection.MapUtil.map;

public interface AuthToken
{
    String SCHEME_KEY = "scheme";
    String PRINCIPAL = "principal";
    String CREDENTIALS = "credentials";
    String REALM_KEY = "realm";
    String PARAMETERS = "parameters";
    String BASIC_SCHEME = "basic";
    String NATIVE_REALM = "native";

    static String safeCast( String key, Map authToken ) throws InvalidAuthTokenException
    {
        Object value = authToken.get( key );
        if ( value == null )
        {
            throw invalidToken( "missing key `" + key + "`" );
        }
        else if ( !(value instanceof String) )
        {
            throw invalidToken( "the value associated with the key `" + key + "` must be a String but was: "
                    + value.getClass().getSimpleName() );
        }
        return (String) value;
    }

    static byte[] safeCastCredentials( String key, Map authToken ) throws InvalidAuthTokenException
    {
        Object value = authToken.get( key );
        if ( value == null )
        {
            throw invalidToken( "missing key `" + key + "`" );
        }
        else if ( !(value instanceof byte[]) )
        {
            throw invalidToken( "the value associated with the key `" + key + "` must be a UTF-8 encoded string but was: "
                    + value.getClass().getSimpleName() );
        }
        return (byte[]) value;
    }

    @SuppressWarnings( "unchecked" )
    static Map safeCastMap( String key, Map authToken )
            throws InvalidAuthTokenException
    {
        Object value = authToken.get( key );
        if ( value == null )
        {
            return Collections.emptyMap();
        }
        else if ( value instanceof Map )
        {
            return (Map) value;
        }
        else
        {
            throw new InvalidAuthTokenException(
                    "The value associated with the key `" + key + "` must be a Map but was: " +
                    value.getClass().getSimpleName() );
        }
    }

    static boolean containsSensitiveInformation( String key )
    {
        return CREDENTIALS.equals( key );
    }

    static void clearCredentials( Map authToken )
    {
        Object credentials = authToken.get( CREDENTIALS );
        if ( credentials instanceof byte[] )
        {
            Arrays.fill( (byte[]) credentials, (byte) 0 );
        }
    }

    static InvalidAuthTokenException invalidToken( String explanation )
    {
        if ( StringUtils.isNotEmpty( explanation ) && !explanation.matches( "^[,.:;].*" ) )
        {
            explanation = ", " + explanation;
        }
        return new InvalidAuthTokenException( format( "Unsupported authentication token%s", explanation ) );
    }

    static Map newBasicAuthToken( String username, byte[] password )
    {
        return map( AuthToken.SCHEME_KEY, BASIC_SCHEME, AuthToken.PRINCIPAL, username, AuthToken.CREDENTIALS,
                password );
    }

    static Map newBasicAuthToken( String username, byte[] password, String realm )
    {
        return map( AuthToken.SCHEME_KEY, BASIC_SCHEME, AuthToken.PRINCIPAL, username, AuthToken.CREDENTIALS, password,
                AuthToken.REALM_KEY, realm );
    }

    static Map newCustomAuthToken( String principle, byte[] credentials, String realm, String scheme )
    {
        return map( AuthToken.SCHEME_KEY, scheme, AuthToken.PRINCIPAL, principle, AuthToken.CREDENTIALS, credentials,
                AuthToken.REALM_KEY, realm );
    }

    static Map newCustomAuthToken( String principle, byte[] credentials, String realm, String scheme,
            Map parameters )
    {
        return map( AuthToken.SCHEME_KEY, scheme, AuthToken.PRINCIPAL, principle, AuthToken.CREDENTIALS, credentials,
                AuthToken.REALM_KEY, realm, AuthToken.PARAMETERS, parameters );
    }

    // For testing purposes only
    static Map newBasicAuthToken( String username, String password )
    {
        return newBasicAuthToken( username, UTF8.encode( password ) );
    }

    // For testing purposes only
    static Map newBasicAuthToken( String username, String password, String realm )
    {
        return newBasicAuthToken( username, UTF8.encode( password ), realm );
    }

    // For testing purposes only
    static Map newCustomAuthToken( String principle, String credentials, String realm, String scheme )
    {
        return newCustomAuthToken( principle, UTF8.encode( credentials ), realm, scheme );
    }

    // For testing purposes only
    static Map newCustomAuthToken( String principle, String credentials, String realm, String scheme,
            Map parameters )
    {
        return newCustomAuthToken( principle, UTF8.encode( credentials ), realm, scheme, parameters );
    }

}