Source code

001/*
002 * (C) Copyright 2006-2011 Nuxeo SA (http://nuxeo.com/) and others.
003 *
004 * Licensed under the Apache License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 *     http://www.apache.org/licenses/LICENSE-2.0
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 *
016 * Contributors:
017 *     slacoin
018 */
019package org.nuxeo.ecm.automation.client.jaxrs.spi.auth;
020
021import java.security.MessageDigest;
022import java.security.NoSuchAlgorithmException;
023import java.security.SecureRandom;
024import java.util.Date;
025import java.util.HashMap;
026import java.util.Map;
027import java.util.Random;
028
029import javax.ws.rs.core.MultivaluedMap;
030
031import org.apache.commons.codec.binary.Base64;
032import org.nuxeo.ecm.automation.client.jaxrs.spi.Connector;
033import org.nuxeo.ecm.automation.client.jaxrs.spi.Request;
034import org.nuxeo.ecm.automation.client.jaxrs.spi.RequestInterceptor;
035
036import com.sun.jersey.api.client.ClientHandlerException;
037import com.sun.jersey.api.client.ClientRequest;
038import com.sun.jersey.api.client.ClientResponse;
039
040/**
041 * @author matic
042 */
043public class PortalSSOAuthInterceptor extends RequestInterceptor {
044
045    protected static final Random RANDOM = new SecureRandom();
046
047    protected final String secret;
048
049    protected final String username;
050
051    public PortalSSOAuthInterceptor(String secretKey, String userName) {
052        this.secret = secretKey;
053        this.username = userName;
054    }
055
056    @Override
057    public void processRequest(Request request, Connector connector) {
058        request.putAll(computeHeaders());
059    }
060
061    protected Map<String, String> computeHeaders() {
062        // compute token
063        long ts = new Date().getTime();
064        long random = RANDOM.nextInt();
065
066        String clearToken = String.format("%d:%d:%s:%s", ts, random, secret, username);
067
068        byte[] hashedToken;
069
070        try {
071            hashedToken = MessageDigest.getInstance("MD5").digest(clearToken.getBytes());
072        } catch (NoSuchAlgorithmException e) {
073            throw new RuntimeException("Cannot compute token", e);
074        }
075
076        String base64HashedToken = Base64.encodeBase64String(hashedToken);
077        Map<String, String> headers = new HashMap<String, String>();
078        headers.put("NX_TS", String.valueOf(ts));
079        headers.put("NX_RD", String.valueOf(random));
080        headers.put("NX_TOKEN", base64HashedToken);
081        headers.put("NX_USER", username);
082        return headers;
083    }
084
085    @Override
086    public ClientResponse handle(ClientRequest cr) throws ClientHandlerException {
087        Map<String, String> computedHeaders = computeHeaders();
088        MultivaluedMap<String, Object> headers = cr.getHeaders();
089        for (Map.Entry<String, String> entry : computedHeaders.entrySet()) {
090            headers.add(entry.getKey(), entry.getValue());
091        }
092        return getNext().handle(cr);
093    }
094}