Java Code Examples for io.undertow.util.FlexBase64#encodeString()

The following examples show how to use io.undertow.util.FlexBase64#encodeString() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: GSSAPIAuthenticationMechanism.java    From quarkus-http with Apache License 2.0 5 votes vote down vote up
public ChallengeResult sendChallenge(final HttpServerExchange exchange, final SecurityContext securityContext) {
    NegotiationContext negContext = exchange.getAttachment(NegotiationContext.ATTACHMENT_KEY);

    String header = NEGOTIATION_PLAIN;

    if (negContext != null) {
        byte[] responseChallenge = negContext.useResponseToken();
        exchange.putAttachment(NegotiationContext.ATTACHMENT_KEY, null);
        if (responseChallenge != null) {
            header = NEGOTIATE_PREFIX + FlexBase64.encodeString(responseChallenge, false);
        }
    } else {
        Subject server = null;
        try {
            server = subjectFactory.getSubjectForHost(getHostName(exchange));
        } catch (GeneralSecurityException e) {
            // Deliberately ignore - no Subject so don't offer GSSAPI is our main concern here.
        }
        if (server == null) {
            return ChallengeResult.NOT_SENT;
        }
    }

    exchange.addResponseHeader(WWW_AUTHENTICATE, header);

    UndertowLogger.SECURITY_LOGGER.debugf("Sending GSSAPI challenge for %s", exchange);
    return new ChallengeResult(true, UNAUTHORIZED);
}
 
Example 2
Source File: SimpleNonceManager.java    From quarkus-http with Apache License 2.0 5 votes vote down vote up
public SimpleNonceManager(final String hashAlg) {
    // Verify it is a valid algorithm (at least for now)
    MessageDigest digest = getDigest(hashAlg);

    this.hashAlg = hashAlg;
    this.hashLength = digest.getDigestLength();

    // Create a new secret only valid within this NonceManager instance.
    Random rand = new SecureRandom();
    byte[] secretBytes = new byte[32];
    rand.nextBytes(secretBytes);
    secret = FlexBase64.encodeString(digest.digest(secretBytes), false);
}
 
Example 3
Source File: SimpleNonceManager.java    From quarkus-http with Apache License 2.0 5 votes vote down vote up
private String createNonce(final byte[] prefix, final byte[] timeStamp) {
    byte[] hashedPart = generateHash(prefix, timeStamp);
    byte[] complete = new byte[9 + timeStamp.length + hashedPart.length];
    System.arraycopy(prefix, 0, complete, 0, 8);
    complete[8] = (byte) timeStamp.length;
    System.arraycopy(timeStamp, 0, complete, 9, timeStamp.length);
    System.arraycopy(hashedPart, 0, complete, 9 + timeStamp.length, hashedPart.length);

    return FlexBase64.encodeString(complete, false);
}
 
Example 4
Source File: SslSessionIdAttribute.java    From quarkus-http with Apache License 2.0 5 votes vote down vote up
@Override
public String readAttribute(HttpServerExchange exchange) {
    SSLSessionInfo ssl = exchange.getSslSessionInfo();
    if(ssl == null || ssl.getSessionId() == null) {
        return null;
    }
    return FlexBase64.encodeString(ssl.getSessionId(), false);
}
 
Example 5
Source File: GSSAPIAuthenticationMechanism.java    From lams with GNU General Public License v2.0 5 votes vote down vote up
public ChallengeResult sendChallenge(final HttpServerExchange exchange, final SecurityContext securityContext) {
    NegotiationContext negContext = exchange.getAttachment(NegotiationContext.ATTACHMENT_KEY);

    String header = NEGOTIATION_PLAIN;

    if (negContext != null) {
        byte[] responseChallenge = negContext.useResponseToken();
        exchange.putAttachment(NegotiationContext.ATTACHMENT_KEY, null);
        if (responseChallenge != null) {
            header = NEGOTIATE_PREFIX + FlexBase64.encodeString(responseChallenge, false);
        }
    } else {
        Subject server = null;
        try {
            server = subjectFactory.getSubjectForHost(getHostName(exchange));
        } catch (GeneralSecurityException e) {
            // Deliberately ignore - no Subject so don't offer GSSAPI is our main concern here.
        }
        if (server == null) {
            return ChallengeResult.NOT_SENT;
        }
    }

    exchange.getResponseHeaders().add(WWW_AUTHENTICATE, header);

    UndertowLogger.SECURITY_LOGGER.debugf("Sending GSSAPI challenge for %s", exchange);
    return new ChallengeResult(true, UNAUTHORIZED);
}
 
Example 6
Source File: SimpleNonceManager.java    From lams with GNU General Public License v2.0 5 votes vote down vote up
public SimpleNonceManager(final String hashAlg) {
    // Verify it is a valid algorithm (at least for now)
    MessageDigest digest = getDigest(hashAlg);

    this.hashAlg = hashAlg;
    this.hashLength = digest.getDigestLength();

    // Create a new secret only valid within this NonceManager instance.
    Random rand = new SecureRandom();
    byte[] secretBytes = new byte[32];
    rand.nextBytes(secretBytes);
    secret = FlexBase64.encodeString(digest.digest(secretBytes), false);
}
 
Example 7
Source File: SimpleNonceManager.java    From lams with GNU General Public License v2.0 5 votes vote down vote up
private String createNonce(final byte[] prefix, final byte[] timeStamp) {
    byte[] hashedPart = generateHash(prefix, timeStamp);
    byte[] complete = new byte[9 + timeStamp.length + hashedPart.length];
    System.arraycopy(prefix, 0, complete, 0, 8);
    complete[8] = (byte) timeStamp.length;
    System.arraycopy(timeStamp, 0, complete, 9, timeStamp.length);
    System.arraycopy(hashedPart, 0, complete, 9 + timeStamp.length, hashedPart.length);

    return FlexBase64.encodeString(complete, false);
}
 
Example 8
Source File: SslSessionIdAttribute.java    From lams with GNU General Public License v2.0 5 votes vote down vote up
@Override
public String readAttribute(HttpServerExchange exchange) {
    SSLSessionInfo ssl = exchange.getConnection().getSslSessionInfo();
    if(ssl == null || ssl.getSessionId() == null) {
        return null;
    }
    return FlexBase64.encodeString(ssl.getSessionId(), false);
}
 
Example 9
Source File: WebSocket13ClientHandshake.java    From lams with GNU General Public License v2.0 5 votes vote down vote up
protected String createSecKey() {
    SecureRandom random = new SecureRandom();
    byte[] data = new byte[16];
    for (int i = 0; i < 4; ++i) {
        int val = random.nextInt();
        data[i * 4] = (byte) val;
        data[i * 4 + 1] = (byte) ((val >> 8) & 0xFF);
        data[i * 4 + 2] = (byte) ((val >> 16) & 0xFF);
        data[i * 4 + 3] = (byte) ((val >> 24) & 0xFF);
    }
    return FlexBase64.encodeString(data, false);
}
 
Example 10
Source File: WebSocket13ClientHandshake.java    From lams with GNU General Public License v2.0 5 votes vote down vote up
protected final String solve(final String nonceBase64) {
    try {
        final String concat = nonceBase64 + MAGIC_NUMBER;
        final MessageDigest digest = MessageDigest.getInstance("SHA1");

        digest.update(concat.getBytes(StandardCharsets.UTF_8));
        final byte[] bytes = digest.digest();
        return FlexBase64.encodeString(bytes, false);
    } catch (NoSuchAlgorithmException e) {
        throw new RuntimeException(e);
    }
}
 
Example 11
Source File: LightGSSAPIAuthenticationMechanism.java    From light-oauth2 with Apache License 2.0 5 votes vote down vote up
@Override
public ChallengeResult sendChallenge(final HttpServerExchange exchange, final SecurityContext securityContext) {
    NegotiationContext negContext = exchange.getAttachment(NegotiationContext.ATTACHMENT_KEY);

    String header = NEGOTIATION_PLAIN;

    if (negContext != null) {
        byte[] responseChallenge = negContext.useResponseToken();
        exchange.putAttachment(NegotiationContext.ATTACHMENT_KEY, null);
        if (responseChallenge != null) {
            header = NEGOTIATE_PREFIX + FlexBase64.encodeString(responseChallenge, false);
        }
    } else {
        Subject server = null;
        try {
            server = subjectFactory.getSubjectForHost(getHostName(exchange));
        } catch (GeneralSecurityException e) {
            // Deliberately ignore - no Subject so don't offer GSSAPI is our main concern here.
        }
        if (server == null) {
            return ChallengeResult.NOT_SENT;
        }
    }

    exchange.getResponseHeaders().add(WWW_AUTHENTICATE, header);

    if(logger.isDebugEnabled()) logger.debug("Sending GSSAPI challenge for %s", exchange);
    return new ChallengeResult(true, UNAUTHORIZED);
}