1 package org.eclipse.jetty.policy;
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18 import java.io.File;
19 import java.security.KeyStore;
20 import java.security.Principal;
21 import java.security.cert.Certificate;
22 import java.security.cert.X509Certificate;
23 import java.util.HashMap;
24 import java.util.Map;
25
26 public class PolicyContext
27 {
28 private Map<String, String> properties = new HashMap<String, String>();
29
30 private Principal[] principals;
31 private KeyStore keystore;
32
33 public PolicyContext()
34 {
35
36 properties.put( "/", File.separator );
37 }
38
39 public void addProperty( String name, String value )
40 {
41 this.properties.put( name, value );
42 }
43
44 public void setProperties( Map<String,String> properties )
45 {
46 this.properties.putAll( properties );
47 }
48
49 public KeyStore getKeystore()
50 {
51 return keystore;
52 }
53
54 public void setKeystore( KeyStore keystore )
55 {
56 this.keystore = keystore;
57 }
58
59 public Principal[] getPrincipals()
60 {
61 return principals;
62 }
63
64 public void setPrincipals( Principal[] principals )
65 {
66 this.principals = principals;
67 }
68
69 public String evaluate(String s) throws PolicyException
70 {
71 s = processProtocols( s );
72
73 int i1=0;
74 int i2=0;
75
76 while (s!=null)
77 {
78
79
80 i1=s.indexOf("${");
81
82 if (i1<0)
83 {
84 break;
85 }
86
87 i2=s.indexOf("}",i1+2);
88
89 if (i2<0)
90 {
91 break;
92 }
93
94 String property=getProperty(s.substring(i1+2,i2));
95
96 s=s.substring(0,i1)+property+s.substring(i2+1);
97
98
99 }
100
101 return s;
102 }
103
104 private String processProtocols( String s ) throws PolicyException
105 {
106 int i1=0;
107 int i2=0;
108
109 while (s!=null)
110 {
111 i1=s.indexOf("${{");
112 if (i1<0)
113 {
114 break;
115 }
116
117 i2=s.indexOf("}}",i1+2);
118 if (i2<0)
119 {
120 break;
121 }
122
123 String property;
124 String target = s.substring(i1+3,i2);
125
126 if ( target.indexOf( ":" ) >= 0 )
127 {
128 String[] resolve = target.split( ":" );
129 property = resolve(resolve[0], resolve[1] );
130 }
131 else
132 {
133 property = resolve( target, null );
134 }
135 s=s.substring(0,i1)+property+s.substring(i2+2);
136 }
137
138 return s;
139 }
140
141
142 private String getProperty(String name)
143 {
144 if (properties.containsKey(name))
145 {
146 return properties.get(name);
147 }
148
149 return System.getProperty(name);
150 }
151
152 private String resolve( String protocol, String data ) throws PolicyException
153 {
154
155 if ( "self".equals( protocol ) ) {
156
157 if ( principals != null && principals.length != 0 )
158 {
159 StringBuilder sb = new StringBuilder();
160 for ( int i = 0; i < principals.length; ++i )
161 {
162 sb.append( principals[i].getClass().getName() );
163 sb.append( " \"" );
164 sb.append( principals[i].getName() );
165 sb.append( "\" " );
166 }
167 return sb.toString();
168 }
169 else
170 {
171 throw new PolicyException( "self can not be expanded, missing principals" );
172 }
173 }
174 if ( "alias".equals( protocol ) )
175 {
176 try
177 {
178 Certificate cert = keystore.getCertificate(data);
179
180 if ( cert instanceof X509Certificate )
181 {
182 Principal principal = ((X509Certificate) cert).getSubjectX500Principal();
183 StringBuilder sb = new StringBuilder();
184 sb.append( principal.getClass().getName() );
185 sb.append( " \"" );
186 sb.append( principal.getName() );
187 sb.append( "\" " );
188 return sb.toString();
189 }
190 else
191 {
192 throw new PolicyException( "alias can not be expanded, bad cert" );
193 }
194 }
195 catch ( Exception e )
196 {
197 throw new PolicyException( "alias can not be expanded: " + data );
198 }
199 }
200 throw new PolicyException( "unknown protocol: " + protocol );
201 }
202 }