001package co.codewizards.cloudstore.rest.server.service; 002 003import static java.util.Objects.*; 004 005import java.util.UUID; 006 007import javax.ws.rs.Consumes; 008import javax.ws.rs.GET; 009import javax.ws.rs.Path; 010import javax.ws.rs.PathParam; 011import javax.ws.rs.Produces; 012import javax.ws.rs.core.MediaType; 013 014import org.slf4j.Logger; 015import org.slf4j.LoggerFactory; 016//import co.codewizards.cloudstore.core.repo.local.LocalRepoRegistry; 017 018import co.codewizards.cloudstore.core.auth.AuthToken; 019import co.codewizards.cloudstore.core.auth.AuthTokenIO; 020import co.codewizards.cloudstore.core.auth.AuthTokenSigner; 021import co.codewizards.cloudstore.core.auth.EncryptedSignedAuthToken; 022import co.codewizards.cloudstore.core.auth.SignedAuthToken; 023import co.codewizards.cloudstore.core.auth.SignedAuthTokenEncrypter; 024import co.codewizards.cloudstore.core.auth.SignedAuthTokenIO; 025import co.codewizards.cloudstore.core.oio.File; 026import co.codewizards.cloudstore.core.repo.local.LocalRepoManager; 027import co.codewizards.cloudstore.core.repo.local.LocalRepoManagerFactory; 028import co.codewizards.cloudstore.core.repo.local.LocalRepoRegistryImpl; 029import co.codewizards.cloudstore.rest.server.auth.TransientRepoPassword; 030import co.codewizards.cloudstore.rest.server.auth.TransientRepoPasswordManager; 031 032@Path("_EncryptedSignedAuthToken/{repositoryName}") 033@Consumes(MediaType.APPLICATION_XML) 034@Produces(MediaType.APPLICATION_XML) 035public class EncryptedSignedAuthTokenService 036{ 037 private static final Logger logger = LoggerFactory.getLogger(EncryptedSignedAuthTokenService.class); 038 039 { 040 logger.debug("<init>: created new instance"); 041 } 042 043 private @PathParam("repositoryName") String repositoryName; 044 045 @GET 046 @Path("{clientRepositoryId}") 047 public EncryptedSignedAuthToken getEncryptedSignedAuthToken(@PathParam("clientRepositoryId") final UUID clientRepositoryId) 048 { 049 requireNonNull(repositoryName, "repositoryName"); 050 requireNonNull(clientRepositoryId, "clientRepositoryId"); 051 final File localRoot = LocalRepoRegistryImpl.getInstance().getLocalRootForRepositoryNameOrFail(repositoryName); 052 final LocalRepoManager localRepoManager = LocalRepoManagerFactory.Helper.getInstance().createLocalRepoManagerForExistingRepository(localRoot); 053 try { 054 final EncryptedSignedAuthToken result = getEncryptedSignedAuthToken( 055 localRepoManager.getRepositoryId(), clientRepositoryId, 056 localRepoManager.getPrivateKey(), localRepoManager.getRemoteRepositoryPublicKeyOrFail(clientRepositoryId)); 057 return result; 058 } finally { 059 localRepoManager.close(); 060 } 061 } 062 063 protected EncryptedSignedAuthToken getEncryptedSignedAuthToken( 064 final UUID serverRepositoryId, final UUID clientRepositoryId, final byte[] localRepoPrivateKey, final byte[] remoteRepoPublicKey) 065 { 066 final TransientRepoPassword transientRepoPassword = TransientRepoPasswordManager.getInstance().getCurrentAuthRepoPassword(serverRepositoryId, clientRepositoryId); 067 068 final AuthToken authToken = transientRepoPassword.getAuthToken(); 069 final byte[] authTokenData = new AuthTokenIO().serialise(authToken); 070 final SignedAuthToken signedAuthToken = new AuthTokenSigner(localRepoPrivateKey).sign(authTokenData); 071 072 final byte[] signedAuthTokenData = new SignedAuthTokenIO().serialise(signedAuthToken); 073 final EncryptedSignedAuthToken encryptedSignedAuthToken = 074 new SignedAuthTokenEncrypter(remoteRepoPublicKey).encrypt(signedAuthTokenData); 075 076 return encryptedSignedAuthToken; 077 } 078}