View Javadoc
1   /*
2    * Copyright (c) 2002-2021, City of Paris
3    * All rights reserved.
4    *
5    * Redistribution and use in source and binary forms, with or without
6    * modification, are permitted provided that the following conditions
7    * are met:
8    *
9    *  1. Redistributions of source code must retain the above copyright notice
10   *     and the following disclaimer.
11   *
12   *  2. Redistributions in binary form must reproduce the above copyright notice
13   *     and the following disclaimer in the documentation and/or other materials
14   *     provided with the distribution.
15   *
16   *  3. Neither the name of 'Mairie de Paris' nor 'Lutece' nor the names of its
17   *     contributors may be used to endorse or promote products derived from
18   *     this software without specific prior written permission.
19   *
20   * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
21   * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22   * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23   * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
24   * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
25   * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
26   * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27   * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28   * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29   * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
30   * POSSIBILITY OF SUCH DAMAGE.
31   *
32   * License 1.0
33   */
34  package fr.paris.lutece.util.signrequest.servlet;
35  
36  import fr.paris.lutece.util.signrequest.AbstractAuthenticator;
37  import fr.paris.lutece.util.signrequest.AbstractPrivateKeyAuthenticator;
38  import fr.paris.lutece.util.signrequest.security.Sha1HashService;
39  
40  import java.io.IOException;
41  
42  import java.util.ArrayList;
43  import java.util.List;
44  import java.util.StringTokenizer;
45  
46  import javax.servlet.Filter;
47  import javax.servlet.FilterChain;
48  import javax.servlet.FilterConfig;
49  import javax.servlet.ServletException;
50  import javax.servlet.ServletRequest;
51  import javax.servlet.ServletResponse;
52  import javax.servlet.http.HttpServletRequest;
53  import javax.servlet.http.HttpServletResponse;
54  
55  /**
56   * SimpleHash Sign Request Filter
57   */
58  public abstract class AbstractRequestFilter implements Filter
59  {
60      private static final String PARAMETER_PRIVATE_KEY = "privateKey";
61      private static final String PARAMETER_ELEMENTS_SIGNATURE = "elementsSignature";
62      private static final String PARAMETER_VALIDITY_PERIOD = "validityTimePeriod";
63      private AbstractAuthenticator _authenticator;
64  
65      /**
66       * The implementation should provide the authenticator to use
67       * 
68       * @return The authenticator to be used by the filter
69       */
70      protected abstract AbstractAuthenticator getAuthenticator( );
71  
72      /**
73       * {@inheritDoc }
74       */
75      @Override
76      public void init( FilterConfig filterConfig ) throws ServletException
77      {
78          _authenticator = getAuthenticator( );
79  
80          // Set the Hashing service
81          _authenticator.setHashService( new Sha1HashService( ) );
82  
83          if ( _authenticator instanceof AbstractPrivateKeyAuthenticator )
84          {
85              // Set the shared secret between client and server
86              String strPrivateKey = filterConfig.getInitParameter( PARAMETER_PRIVATE_KEY );
87              ( (AbstractPrivateKeyAuthenticator) _authenticator ).setPrivateKey( strPrivateKey );
88          }
89  
90          // Set the list of elements that compose the signature
91          String strElementsList = filterConfig.getInitParameter( PARAMETER_ELEMENTS_SIGNATURE );
92          StringTokenizer st = new StringTokenizer( strElementsList, "," );
93          List<String> listElements = new ArrayList<String>( );
94  
95          while ( st.hasMoreTokens( ) )
96          {
97              listElements.add( st.nextToken( ).trim( ) );
98          }
99  
100         _authenticator.setSignatureElements( listElements );
101 
102         // Sets The validity Time Period
103         String strValidityTimePeriod = filterConfig.getInitParameter( PARAMETER_VALIDITY_PERIOD );
104         _authenticator.setValidityTimePeriod( Long.parseLong( strValidityTimePeriod ) );
105     }
106 
107     /**
108      * {@inheritDoc }
109      */
110     @Override
111     public void doFilter( ServletRequest request, ServletResponse response, FilterChain chain ) throws IOException, ServletException
112     {
113         if ( _authenticator.isRequestAuthenticated( (HttpServletRequest) request ) )
114         {
115             chain.doFilter( request, response );
116         }
117         else
118         {
119             ( (HttpServletResponse) response ).setStatus( HttpServletResponse.SC_UNAUTHORIZED );
120         }
121     }
122 
123     /**
124      * {@inheritDoc }
125      */
126     @Override
127     public void destroy( )
128     {
129     }
130 }