1 package org.eclipse.jetty.policy;
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18 import java.security.KeyStore;
19 import java.security.Principal;
20 import java.security.cert.Certificate;
21 import java.security.cert.X509Certificate;
22 import java.util.HashMap;
23 import java.util.Map;
24
25 public class PolicyContext
26 {
27 private Map<String, String> properties = new HashMap<String, String>();
28
29 private Principal[] principals;
30 private KeyStore keystore;
31
32 public void addProperty( String name, String value )
33 {
34 this.properties.put( name, value );
35 }
36
37 public void setProperties( Map<String,String> properties )
38 {
39 this.properties = properties;
40 }
41
42 public KeyStore getKeystore()
43 {
44 return keystore;
45 }
46
47 public void setKeystore( KeyStore keystore )
48 {
49 this.keystore = keystore;
50 }
51
52 public Principal[] getPrincipals()
53 {
54 return principals;
55 }
56
57 public void setPrincipals( Principal[] principals )
58 {
59 this.principals = principals;
60 }
61
62 public String evaluate(String s) throws PolicyException
63 {
64 s = processProtocols( s );
65
66 int i1=0;
67 int i2=0;
68
69 while (s!=null)
70 {
71 i1=s.indexOf("${",i2);
72 if (i1<0)
73 {
74 break;
75 }
76
77 i2=s.indexOf("}",i1+2);
78 if (i2<0)
79 {
80 break;
81 }
82
83 String property=getProperty(s.substring(i1+2,i2));
84
85 s=s.substring(0,i1)+property+s.substring(i2+1);
86 }
87
88 return s;
89 }
90
91 private String processProtocols( String s ) throws PolicyException
92 {
93 int i1=0;
94 int i2=0;
95
96 while (s!=null)
97 {
98 i1=s.indexOf("${{",i2);
99 if (i1<0)
100 {
101 break;
102 }
103
104 i2=s.indexOf("}}",i1+2);
105 if (i2<0)
106 {
107 break;
108 }
109
110 String property;
111 String target = s.substring(i1+3,i2);
112
113 if ( target.indexOf( ":" ) >= 0 )
114 {
115 String[] resolve = target.split( ":" );
116 property = resolve(resolve[0], resolve[1] );
117 }
118 else
119 {
120 property = resolve( target, null );
121 }
122 s=s.substring(0,i1)+property+s.substring(i2+2);
123 }
124
125 return s;
126 }
127
128
129 private String getProperty(String name)
130 {
131 if (properties.containsKey(name))
132 {
133 return properties.get(name);
134 }
135
136 return System.getProperty(name);
137 }
138
139 private String resolve( String protocol, String data ) throws PolicyException
140 {
141
142 if ( "self".equals( protocol ) ) {
143
144 if ( principals != null && principals.length != 0 )
145 {
146 StringBuilder sb = new StringBuilder();
147 for ( int i = 0; i < principals.length; ++i )
148 {
149 sb.append( principals[i].getClass().getName() );
150 sb.append( " \"" );
151 sb.append( principals[i].getName() );
152 sb.append( "\" " );
153 }
154 return sb.toString();
155 }
156 else
157 {
158 throw new PolicyException( "self can not be expanded, missing principals" );
159 }
160 }
161 if ( "alias".equals( protocol ) )
162 {
163 try
164 {
165 Certificate cert = keystore.getCertificate(data);
166
167 if ( cert instanceof X509Certificate )
168 {
169 Principal principal = ((X509Certificate) cert).getSubjectX500Principal();
170 StringBuilder sb = new StringBuilder();
171 sb.append( principal.getClass().getName() );
172 sb.append( " \"" );
173 sb.append( principal.getName() );
174 sb.append( "\" " );
175 return sb.toString();
176 }
177 else
178 {
179 throw new PolicyException( "alias can not be expanded, bad cert" );
180 }
181 }
182 catch ( Exception e )
183 {
184 throw new PolicyException( "alias can not be expanded: " + data );
185 }
186 }
187 throw new PolicyException( "unknown protocol: " + protocol );
188 }
189 }