001package co.codewizards.cloudstore.rest.server.service; 002 003import java.util.UUID; 004 005import javax.ws.rs.Consumes; 006import javax.ws.rs.GET; 007import javax.ws.rs.Path; 008import javax.ws.rs.PathParam; 009import javax.ws.rs.Produces; 010import javax.ws.rs.core.MediaType; 011 012import org.slf4j.Logger; 013import org.slf4j.LoggerFactory; 014//import co.codewizards.cloudstore.core.repo.local.LocalRepoRegistry; 015 016import co.codewizards.cloudstore.core.auth.AuthToken; 017import co.codewizards.cloudstore.core.auth.AuthTokenIO; 018import co.codewizards.cloudstore.core.auth.AuthTokenSigner; 019import co.codewizards.cloudstore.core.auth.EncryptedSignedAuthToken; 020import co.codewizards.cloudstore.core.auth.SignedAuthToken; 021import co.codewizards.cloudstore.core.auth.SignedAuthTokenEncrypter; 022import co.codewizards.cloudstore.core.auth.SignedAuthTokenIO; 023import co.codewizards.cloudstore.core.oio.File; 024import co.codewizards.cloudstore.core.repo.local.LocalRepoManager; 025import co.codewizards.cloudstore.core.repo.local.LocalRepoManagerFactory; 026import co.codewizards.cloudstore.core.repo.local.LocalRepoRegistryImpl; 027import co.codewizards.cloudstore.core.util.AssertUtil; 028import co.codewizards.cloudstore.rest.server.auth.TransientRepoPassword; 029import co.codewizards.cloudstore.rest.server.auth.TransientRepoPasswordManager; 030 031@Path("_EncryptedSignedAuthToken/{repositoryName}") 032@Consumes(MediaType.APPLICATION_XML) 033@Produces(MediaType.APPLICATION_XML) 034public class EncryptedSignedAuthTokenService 035{ 036 private static final Logger logger = LoggerFactory.getLogger(EncryptedSignedAuthTokenService.class); 037 038 { 039 logger.debug("<init>: created new instance"); 040 } 041 042 private @PathParam("repositoryName") String repositoryName; 043 044 @GET 045 @Path("{clientRepositoryId}") 046 public EncryptedSignedAuthToken getEncryptedSignedAuthToken(@PathParam("clientRepositoryId") final UUID clientRepositoryId) 047 { 048 AssertUtil.assertNotNull(repositoryName, "repositoryName"); 049 AssertUtil.assertNotNull(clientRepositoryId, "clientRepositoryId"); 050 final File localRoot = LocalRepoRegistryImpl.getInstance().getLocalRootForRepositoryNameOrFail(repositoryName); 051 final LocalRepoManager localRepoManager = LocalRepoManagerFactory.Helper.getInstance().createLocalRepoManagerForExistingRepository(localRoot); 052 try { 053 final EncryptedSignedAuthToken result = getEncryptedSignedAuthToken( 054 localRepoManager.getRepositoryId(), clientRepositoryId, 055 localRepoManager.getPrivateKey(), localRepoManager.getRemoteRepositoryPublicKeyOrFail(clientRepositoryId)); 056 return result; 057 } finally { 058 localRepoManager.close(); 059 } 060 } 061 062 protected EncryptedSignedAuthToken getEncryptedSignedAuthToken( 063 final UUID serverRepositoryId, final UUID clientRepositoryId, final byte[] localRepoPrivateKey, final byte[] remoteRepoPublicKey) 064 { 065 final TransientRepoPassword transientRepoPassword = TransientRepoPasswordManager.getInstance().getCurrentAuthRepoPassword(serverRepositoryId, clientRepositoryId); 066 067 final AuthToken authToken = transientRepoPassword.getAuthToken(); 068 final byte[] authTokenData = new AuthTokenIO().serialise(authToken); 069 final SignedAuthToken signedAuthToken = new AuthTokenSigner(localRepoPrivateKey).sign(authTokenData); 070 071 final byte[] signedAuthTokenData = new SignedAuthTokenIO().serialise(signedAuthToken); 072 final EncryptedSignedAuthToken encryptedSignedAuthToken = 073 new SignedAuthTokenEncrypter(remoteRepoPublicKey).encrypt(signedAuthTokenData); 074 075 return encryptedSignedAuthToken; 076 } 077}