Classes in this File | Line Coverage | Branch Coverage | Complexity | ||||
AuthorizedLetterboxService |
|
| 3.25;3.25 |
1 | /* | |
2 | * Copyright (c) 2009, Swiss Federal Department of Defence Civil Protection and Sport | |
3 | * (http://www.vbs.admin.ch) | |
4 | * Copyright (c) 2009, Ergon Informatik AG (http://www.ergon.ch) | |
5 | * All rights reserved. | |
6 | * | |
7 | * Licensed under the Open Permis License which accompanies this distribution, | |
8 | * and is available at http://www.openpermis.org/BSDlicenceKent.txt | |
9 | */ | |
10 | package org.openpermis.examples.simple; | |
11 | ||
12 | import java.net.URI; | |
13 | import java.net.URISyntaxException; | |
14 | import java.util.ArrayList; | |
15 | import java.util.List; | |
16 | ||
17 | import org.openpermis.AuthorizationService; | |
18 | import org.openpermis.AuthorizationServiceException; | |
19 | import org.openpermis.Subject; | |
20 | import org.openpermis.policy.AccessDecision; | |
21 | ||
22 | ||
23 | /** | |
24 | * An implementation of the letterbox service that controls access with the help of | |
25 | * a PERMIS authorization service. It serves as a policy enforcement point for the | |
26 | * HelloWorld application. | |
27 | * @since 0.1.0 | |
28 | */ | |
29 | public class AuthorizedLetterboxService | |
30 | implements LetterboxService | |
31 | { | |
32 | ||
33 | //---- Static | |
34 | ||
35 | /** | |
36 | * @since 0.1.0 | |
37 | */ | |
38 | 1 | protected static final URI LETTERBOX_URI = URI.create("cn=letterbox,o=post,c=ch"); |
39 | ||
40 | //---- State | |
41 | ||
42 | /** | |
43 | * The injected authorization service. | |
44 | */ | |
45 | private final AuthorizationService authorizationService; | |
46 | ||
47 | /** | |
48 | * The actual service implementation to which we forward authorized requests. | |
49 | */ | |
50 | private final LetterboxService delegate; | |
51 | ||
52 | //---- Constructors | |
53 | ||
54 | /** | |
55 | * Creates an authorized letterbox service that uses the specified authorization service for | |
56 | * making access decisions. | |
57 | * @param authorizationService a {@link AuthorizationService}. | |
58 | * @param delegate the real service implementation to which authorized requests are forwarded. | |
59 | * @since 0.1.0 | |
60 | */ | |
61 | public AuthorizedLetterboxService ( | |
62 | AuthorizationService authorizationService, | |
63 | LetterboxService delegate | |
64 | 3 | ) { |
65 | 3 | this.authorizationService = authorizationService; |
66 | 3 | this.delegate = delegate; |
67 | 3 | } |
68 | ||
69 | //---- Methods | |
70 | ||
71 | /** | |
72 | * Checks if principal is allowed to execute action. | |
73 | * @param principal the principal which want to execute the action. | |
74 | * @param action the action to execute. | |
75 | * @throws LetterboxException indicates a negative authorization decision. | |
76 | * @since 0.4.0 | |
77 | */ | |
78 | private void isAuthorized (String principal, String action) throws LetterboxException { | |
79 | // Find out who wants to access the service and which roles he has. | |
80 | // In an authenticated application you would get a java.net.Principal from an | |
81 | // authentication service and determine an identity from its name. | |
82 | // In a stateful application you would cache the retrieved subject in the current | |
83 | // session context to avoid repeated role lookups. | |
84 | final URI identity; | |
85 | try { | |
86 | 3 | identity = new URI(principal); |
87 | 0 | } catch (URISyntaxException e) { |
88 | 0 | throw new LetterboxException("Invalid principal " + principal, e); |
89 | 3 | } |
90 | ||
91 | final Subject subject; | |
92 | try { | |
93 | 3 | subject = this.authorizationService.retrieveSubject(identity); |
94 | 0 | } catch (AuthorizationServiceException e) { |
95 | 0 | throw new LetterboxException("Cannot retrieve subject for " + principal, e); |
96 | 3 | } |
97 | ||
98 | // Identify the resource to protect. This could be a service URL. | |
99 | 3 | final URI resource = LETTERBOX_URI; |
100 | ||
101 | // Arguments. | |
102 | 3 | final List<Object> arguments = new ArrayList<Object>(); |
103 | ||
104 | try { | |
105 | // Ask the authorization service for an access decision. | |
106 | 3 | final AccessDecision decision = this.authorizationService.getAccessDecision( |
107 | subject, resource, action, arguments | |
108 | ); | |
109 | ||
110 | 3 | if (decision.isAccessGranted()) { |
111 | // We are authorized to proceed, but may still have to check obligations in the | |
112 | // future. | |
113 | 2 | return; |
114 | } | |
115 | ||
116 | // The decision is negative. We must inform the caller that he is not authorized. | |
117 | 1 | throw new LetterboxException( |
118 | "Access denied for principal " + principal + " and action " + action | |
119 | ); | |
120 | ||
121 | 0 | } catch (AuthorizationServiceException e) { |
122 | 0 | throw new LetterboxException("Cannot get access decision for " + principal, e); |
123 | } | |
124 | } | |
125 | ||
126 | //---- LetterboxService | |
127 | ||
128 | /** | |
129 | * @since 0.4.0 | |
130 | */ | |
131 | public List<String> collectLetters (String principal) throws LetterboxException { | |
132 | 1 | isAuthorized(principal, "collectLetters"); |
133 | 1 | return this.delegate.collectLetters(principal); |
134 | } | |
135 | ||
136 | /** | |
137 | * @since 0.4.0 | |
138 | */ | |
139 | public void insertLetter (String principal, String letter) throws LetterboxException { | |
140 | 2 | isAuthorized(principal, "insertLetter"); |
141 | 1 | this.delegate.insertLetter(principal, letter); |
142 | 1 | } |
143 | ||
144 | } |