001/* 002 * (C) Copyright 2006-2011 Nuxeo SA (http://nuxeo.com/) and others. 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 * 016 * Contributors: 017 * slacoin 018 */ 019package org.nuxeo.ecm.automation.client.jaxrs.spi.auth; 020 021import java.security.MessageDigest; 022import java.security.NoSuchAlgorithmException; 023import java.security.SecureRandom; 024import java.util.Date; 025import java.util.HashMap; 026import java.util.Map; 027import java.util.Random; 028 029import javax.ws.rs.core.MultivaluedMap; 030 031import org.apache.commons.codec.binary.Base64; 032import org.nuxeo.ecm.automation.client.jaxrs.spi.Connector; 033import org.nuxeo.ecm.automation.client.jaxrs.spi.Request; 034import org.nuxeo.ecm.automation.client.jaxrs.spi.RequestInterceptor; 035 036import com.sun.jersey.api.client.ClientHandlerException; 037import com.sun.jersey.api.client.ClientRequest; 038import com.sun.jersey.api.client.ClientResponse; 039 040/** 041 * @author matic 042 */ 043public class PortalSSOAuthInterceptor extends RequestInterceptor { 044 045 protected static final Random RANDOM = new SecureRandom(); 046 047 protected final String secret; 048 049 protected final String username; 050 051 public PortalSSOAuthInterceptor(String secretKey, String userName) { 052 this.secret = secretKey; 053 this.username = userName; 054 } 055 056 @Override 057 public void processRequest(Request request, Connector connector) { 058 request.putAll(computeHeaders()); 059 } 060 061 protected Map<String, String> computeHeaders() { 062 // compute token 063 long ts = new Date().getTime(); 064 long random = RANDOM.nextInt(); 065 066 String clearToken = String.format("%d:%d:%s:%s", ts, random, secret, username); 067 068 byte[] hashedToken; 069 070 try { 071 hashedToken = MessageDigest.getInstance("MD5").digest(clearToken.getBytes()); 072 } catch (NoSuchAlgorithmException e) { 073 throw new RuntimeException("Cannot compute token", e); 074 } 075 076 String base64HashedToken = Base64.encodeBase64String(hashedToken); 077 Map<String, String> headers = new HashMap<String, String>(); 078 headers.put("NX_TS", String.valueOf(ts)); 079 headers.put("NX_RD", String.valueOf(random)); 080 headers.put("NX_TOKEN", base64HashedToken); 081 headers.put("NX_USER", username); 082 return headers; 083 } 084 085 @Override 086 public ClientResponse handle(ClientRequest cr) throws ClientHandlerException { 087 Map<String, String> computedHeaders = computeHeaders(); 088 MultivaluedMap<String, Object> headers = cr.getHeaders(); 089 for (Map.Entry<String, String> entry : computedHeaders.entrySet()) { 090 headers.add(entry.getKey(), entry.getValue()); 091 } 092 return getNext().handle(cr); 093 } 094}