Coverage Report - org.mule.module.pgp.filters.PGPSecurityFilter
 
Classes in this File Line Coverage Branch Coverage Complexity
PGPSecurityFilter
0%
0/63
0%
0/14
0
 
 1  
 /*
 2  
  * $Id: PGPSecurityFilter.java 20310 2010-11-24 10:40:35Z esteban.robles $
 3  
  * --------------------------------------------------------------------------------------
 4  
  * Copyright (c) MuleSoft, Inc.  All rights reserved.  http://www.mulesoft.com
 5  
  *
 6  
  * The software in this package is published under the terms of the CPAL v1.0
 7  
  * license, a copy of which has been included with this distribution in the
 8  
  * LICENSE.txt file.
 9  
  */
 10  
 
 11  
 package org.mule.module.pgp.filters;
 12  
 
 13  
 import org.mule.api.EncryptionStrategy;
 14  
 import org.mule.api.MuleEvent;
 15  
 import org.mule.api.MuleMessage;
 16  
 import org.mule.api.lifecycle.InitialisationException;
 17  
 import org.mule.api.security.Authentication;
 18  
 import org.mule.api.security.SecurityContext;
 19  
 import org.mule.api.security.UnauthorisedException;
 20  
 import org.mule.api.security.UnknownAuthenticationTypeException;
 21  
 import org.mule.config.i18n.CoreMessages;
 22  
 import org.mule.module.pgp.LiteralMessage;
 23  
 import org.mule.module.pgp.Message;
 24  
 import org.mule.module.pgp.MessageFactory;
 25  
 import org.mule.module.pgp.PGPAuthentication;
 26  
 import org.mule.module.pgp.PGPCryptInfo;
 27  
 import org.mule.module.pgp.PGPKeyRing;
 28  
 import org.mule.module.pgp.SignedMessage;
 29  
 import org.mule.module.pgp.i18n.PGPMessages;
 30  
 import org.mule.security.AbstractEndpointSecurityFilter;
 31  
 
 32  
 import org.apache.commons.logging.Log;
 33  
 import org.apache.commons.logging.LogFactory;
 34  
 import org.bouncycastle.openpgp.PGPPublicKey;
 35  
 
 36  0
 public class PGPSecurityFilter extends AbstractEndpointSecurityFilter
 37  
 {
 38  
     /**
 39  
      * logger used by this class
 40  
      */
 41  0
     protected static final Log logger = LogFactory.getLog(PGPSecurityFilter.class);
 42  
 
 43  
     private EncryptionStrategy strategy;
 44  
 
 45  
     private String strategyName;
 46  
 
 47  
     private boolean signRequired;
 48  
 
 49  
     private PGPKeyRing keyManager;
 50  
 
 51  
     @Override
 52  
     protected void authenticateInbound(MuleEvent event)
 53  
         throws SecurityException, UnauthorisedException, UnknownAuthenticationTypeException
 54  
     {
 55  0
         MuleMessage message = event.getMessage();
 56  
 
 57  0
         String userId = (String)getCredentialsAccessor().getCredentials(event);
 58  
 
 59  0
         byte[] creds = null;
 60  
         try
 61  
         {
 62  0
             creds = message.getPayloadAsBytes();
 63  0
             creds = strategy.decrypt(creds, null);
 64  
         }
 65  0
         catch (Exception e1)
 66  
         {
 67  0
             throw new UnauthorisedException(CoreMessages.failedToReadPayload(), event, e1);
 68  0
         }
 69  
 
 70  
         Authentication authentication;
 71  
         try
 72  
         {
 73  0
             authentication = new PGPAuthentication(userId, decodeMsgRaw(creds));
 74  
         }
 75  0
         catch (Exception e1)
 76  
         {
 77  0
             throw new UnauthorisedException(CoreMessages.failedToReadPayload(), event, e1);
 78  0
         }
 79  
 
 80  
         final Authentication authResult;
 81  
         try
 82  
         {
 83  0
             authResult = getSecurityManager().authenticate(authentication);
 84  
         }
 85  0
         catch (Exception e)
 86  
         {
 87  
             // Authentication failed
 88  0
             if (logger.isDebugEnabled())
 89  
             {
 90  0
                 logger.debug("Authentication request for user: " + userId + " failed: " + e.toString());
 91  
             }
 92  
 
 93  0
             throw new UnauthorisedException(CoreMessages.authFailedForUser(userId), event, e);
 94  0
         }
 95  
 
 96  
         // Authentication success
 97  0
         if (logger.isDebugEnabled())
 98  
         {
 99  0
             logger.debug("Authentication success: " + authResult.toString());
 100  
         }
 101  
 
 102  0
         SecurityContext context = getSecurityManager().createSecurityContext(authResult);
 103  0
         event.getSession().setSecurityContext(context);
 104  
 
 105  
         try
 106  
         {
 107  0
             updatePayload(message, getUnencryptedMessageWithoutSignature((PGPAuthentication)authResult), event);
 108  
 //            TODO RequestContext.rewriteEvent(new DefaultMuleMessage(
 109  
 //                getUnencryptedMessageWithoutSignature((PGPAuthentication)authResult)));
 110  
         }
 111  0
         catch (Exception e2)
 112  
         {
 113  0
             throw new UnauthorisedException(event, context, event.getEndpoint(), this);
 114  0
         }
 115  0
     }
 116  
 
 117  
     private Message decodeMsgRaw(byte[] raw) throws Exception
 118  
     {
 119  0
         return MessageFactory.getMessage(raw);
 120  
     }
 121  
 
 122  
     private String getUnencryptedMessageWithoutSignature(PGPAuthentication auth) throws Exception
 123  
     {
 124  0
         Message msg = (Message)auth.getCredentials();
 125  
 
 126  0
         if (msg instanceof SignedMessage)
 127  
         {
 128  0
             msg = ((SignedMessage)msg).getContents();
 129  
         }
 130  
 
 131  0
         if (msg instanceof LiteralMessage)
 132  
         {
 133  0
             return ((LiteralMessage)msg).getTextData();
 134  
         }
 135  
         else
 136  
         {
 137  0
             throw new Exception("Wrong data");
 138  
         }
 139  
     }
 140  
 
 141  
     @Override
 142  
     protected void authenticateOutbound(MuleEvent event) throws SecurityException, UnauthorisedException
 143  
     {
 144  0
         logger.debug("authenticateOutbound:" + event.getId());
 145  
 
 146  0
         if (!isAuthenticate())
 147  
         {
 148  0
             return;
 149  
         }
 150  
 
 151  0
         MuleMessage message = event.getMessage();
 152  
 
 153  0
         PGPPublicKey userKeyBundle = keyManager.getPublicKey((String)getCredentialsAccessor().getCredentials(
 154  
             event));
 155  
 
 156  0
         final PGPCryptInfo cryptInfo = new PGPCryptInfo(userKeyBundle, signRequired);
 157  
 
 158  
         try
 159  
         {
 160  0
             updatePayload(event.getMessage(), strategy.encrypt(message.getPayloadAsBytes(), cryptInfo), event);
 161  
         }
 162  0
         catch (Exception e1)
 163  
         {
 164  0
             throw new UnauthorisedException(CoreMessages.failedToReadPayload(), event, e1);
 165  0
         }
 166  0
     }
 167  
 
 168  
     @Override
 169  
     protected void doInitialise() throws InitialisationException
 170  
     {
 171  0
         if (strategyName != null)
 172  
         {
 173  0
             strategy = endpoint.getMuleContext().getSecurityManager().getEncryptionStrategy(strategyName);
 174  
         }
 175  
 
 176  0
         if (strategy == null)
 177  
         {
 178  0
             throw new InitialisationException(PGPMessages.encryptionStrategyNotSet(), this);
 179  
         }
 180  0
     }
 181  
 
 182  
     public EncryptionStrategy getStrategy()
 183  
     {
 184  0
         return strategy;
 185  
     }
 186  
 
 187  
     public void setStrategy(EncryptionStrategy strategy)
 188  
     {
 189  0
         this.strategy = strategy;
 190  0
     }
 191  
 
 192  
     public void setStrategyName(String name)
 193  
     {
 194  0
         strategyName = name;
 195  0
     }
 196  
 
 197  
     public boolean isSignRequired()
 198  
     {
 199  0
         return signRequired;
 200  
     }
 201  
 
 202  
     public void setSignRequired(boolean signRequired)
 203  
     {
 204  0
         this.signRequired = signRequired;
 205  0
     }
 206  
 
 207  
     public PGPKeyRing getKeyManager()
 208  
     {
 209  0
         return keyManager;
 210  
     }
 211  
 
 212  
     public void setKeyManager(PGPKeyRing keyManager)
 213  
     {
 214  0
         this.keyManager = keyManager;
 215  0
     }
 216  
 }