java source code of AuthToken

opensoc-streaming-master
- OpenSOC-MessageParsers
  - src
    - main
      - resources
        patterns
        asa
        fireeye
        sourcefire
      - java
        com
        opensoc
        parsing
        AbstractParserBolt.java
        parsers
        BasicIseParser.java
        OpenSOCMatch.java
        GrokSourcefireParser.java
        BasicBroParser.java
        OpenSOCGrok.java
        BasicLancopeParser.java
        OpenSOCConverter.java
        ParserUtils.java
        OpenSOCGarbage.java
        BasicSourcefireParser.java
        GrokAsaParser.java
        BasicFireEyeParser.java
        JSONCleaner.java
        BasicPaloAltoFirewallParser.java
        PcapParser.java
        GrokUtils.java
        BasicLogstashParser.java
        AbstractParser.java
        PcapParserBolt.java
        TelemetryParserBolt.java
        filters
        BroMessageFilter.java
        GenericMessageFilter.java
    - test
      - resources
        effective_tld_names.dat
        SourceFireTest.log
        TestSchemas
        SourcefireSchema.json
        LancopeSchema.json
        IseSchema.json
        PcapSchema.json
        BroSchema.json
        FireEyeParserTest.log
        PaloAltoFirewallParserTest.log
        config
        BroParserTest.config
        BasicIseParserTest.config
        GrokAsaParserTest.config
        BasicFireEyeParserTest.config
        BasicLancopeParserTest.config
        BasicSourcefireParserTest.config
        BasicPaloAltoFirewallParserTest.config
        LancopeParserTest.log
        BroParserTest.log
        GrokParserTest.log
      - java
        com
        opensoc
        parsing
        test
        BasicSourcefireParserTest.java
        GrokAsaParserTest.java
        BroParserTest.java
        BasicLancopeParserTest.java
        BasicFireEyeParserTest.java
        BasicIseParserTest.java
        BasicPaloAltoFirewallParserTest.java
        BasicBroParserTest.java
  - pom.xml
  - pom.xml.versionsBackup
  - readme.md
- OpenSOC-EnrichmentAdapters
  - src
    - main
      - resources
        hbase-site.xml
      - java
        com
        opensoc
        enrichment
        common
        AbstractEnrichmentBolt.java
        GenericEnrichmentBolt.java
        adapters
        geo
        GeoMysqlAdapter.java
        AbstractGeoAdapter.java
        cif
        AbstractCIFAdapter.java
        CIFHbaseAdapter.java
        whois
        AbstractWhoisAdapter.java
        WhoisHBaseAdapter.java
        threat
        AbstractThreatAdapter.java
        ThreatHbaseAdapter.java
        host
        HostFromPropertiesFileAdapter.java
        AbstractHostAdapter.java
    - test
      - resources
        TestSchemas
        WhoisHbaseSchema.json
        GeoMySqlSchema.json
        CIFHbaseSchema.json
        CIFHbaseAdapterTest.properties
        WhoisHbaseAdapterTest.properties
        GeoMysqlAdapterTest.properties
      - java
        com
        opensoc
        enrichment
        adapters
        geo
        GeoMysqlAdapterTest.java
        cif
        CIFHbaseAdapterTest.java
        whois
        WhoisHBaseAdapterTest.java
  - pom.xml
  - pom.xml.versionsBackup
  - readme.md
- OpenSOC-Alerts
  - src
    - main
      - resources
        hbase-site.xml
      - java
        com
        opensoc
        alerts
        TelemetryAlertsBolt.java
        adapters
        AllAlertAdapter.java
        CIFAlertsAdapter.java
        AbstractAlertAdapter.java
        KeywordsAlertAdapter.java
        RangeChecker.java
        ThreatAlertsAdapter.java
        HbaseWhiteAndBlacklistAdapter.java
        AbstractAlertBolt.java
        tagging
        TelemetryTaggerBolt.java
        AbstractTaggerBolt.java
        adapters
        StaticAllTagger.java
        TaggerAdapter.java
        RegexTagger.java
        AbstractTaggerAdapter.java
    - test
      - resources
        TestSchemas
        AllAlertAdapterSchema.json
        config
        AllAlertAdapterTest.config
        AllAlertAdapterTest.properties
      - java
        com
        opensoc
        alerts
        adapters
        AllAlertAdapterTest.java
  - pom.xml
  - pom.xml.versionsBackup
  - readme.md
- OpenSOC-PlatformScripts
  - WhoisEnrichment
    - Whois_CSV_to_JSON.py
- OpenSOC-DataServices
  - src
    - main
      - resources
        config-definition-hbase.xml
        hbase-site.xml
        log4j.xml
        hbase-config-default.properties
        webroot
        withsocket3.jsp
        login_old.jsp
        withsocket2.jsp
        include.jsp
        WEB-INF
        shiro.ini
        login.jsp
        withsocket.jsp
        logged_in.jsp
        login_failed.jsp
      - java
        com
        opensoc
        pcapservice
        PcapHelper.java
        PcapGetterHBaseImpl.java
        HBaseConfigConstants.java
        CellTimestampComparator.java
        RestTestingUtil.java
        ConfigurationUtil.java
        HBaseConfigurationUtil.java
        PcapsResponse.java
        IPcapGetter.java
        PcapScannerHBaseImpl.java
        rest
        PcapService.java
        JettyServiceRunner.java
        IPcapScanner.java
        PcapReceiverImplRestEasy.java
        alerts
        server
        AlertsProcessingServer.java
        AlertsFilterCacheEntry.java
        AlertsSearcher.java
        AlertsCacheReaper.java
        services
        alerts
        ElasticSearch_KafkaAlertsService.java
        Solr_KafkaAlertsService.java
        dataservices
        websocket
        KafkaMessageSenderSocket.java
        KafkaWebSocketCreator.java
        KafkaMessageSenderServlet.java
        kafkaclient
        KafkaConsumer.java
        poll
        PollingKafkaConsumer.java
        PollingKafkaClient.java
        KafkaClient.java
        common
        OpenSOCService.java
        Main.java
        auth
        AuthToken.java
        CustomDomainADRealm.java
        AuthTokenFilter.java
        RestSecurityInterceptor.java
        servlet
        LogoutServlet.java
        LoginServlet.java
        rest
        Index.java
        RestServices.java
        modules
        guice
        RestEasyModule.java
        AlertsServerModule.java
        DefaultServletModule.java
        ServiceModule.java
        DefaultShiroWebModule.java
    - test
      - java
        com
        opensoc
        pcapservice
        CellTimestampComparatorTest.java
  - pom.xml
  - README.md
  - conf
    - config.properties
- pom.xml
- LICENSE
- OpenSOC-Topologies
  - src
    - main
      - resources
        TopologyConfigs_old
        lancope.conf
        effective_tld_names.dat
        OpenSOC_Configs
        topologies
        bro
        topology.conf
        metrics.conf
        topology_identifier.conf
        alerts.xml
        features_enabled.conf
        asa
        topology.conf
        metrics.conf
        topology_identifier.conf
        features_enabled.conf
        fireeye
        topology.conf
        metrics.conf
        topology_identifier.conf
        features_enabled.conf
        lancope
        topology.conf
        metrics.conf
        topology_identifier.conf
        alerts.xml
        features_enabled.conf
        pcap
        topology.conf
        metrics.conf
        topology_identifier.conf
        features_enabled.conf
        sourcefire
        topology.conf
        metrics.conf
        topology_identifier.conf
        alerts.xml
        features_enabled.conf
        ise
        topology.conf
        metrics.conf
        topology_identifier.conf
        alerts.xml
        features_enabled.conf
        environment_identifier.conf
        paloalto
        topology.conf
        metrics.conf
        topology_identifier.conf
        features_enabled.conf
        etc
        hbase-site.xml
        whitelists
        known_hosts.conf
        env
        environment_common.conf
        mysql_connection.conf
        es_connection.conf
        hdfs_connection.conf
        hbase-site.xml
        SampleInput
        SourcefireExampleOutput
        AsaOutput
        LancopeExampleOutput
        FireeyeExampleOutput
        PCAPExampleOutput
        PaloaltoOutput
      - java
        com
        opensoc
        topology
        Lancope.java
        Asa.java
        Pcap.java
        Sourcefire.java
        runner
        ISERunner.java
        SourcefireRunner.java
        AsaRunner.java
        FireEyeRunner.java
        PaloAltoFirewallRunner.java
        PcapRunner.java
        BroRunner.java
        TopologyRunner.java
        LancopeRunner.java
        Ise.java
        FireEye.java
        PaloAltoFirewall.java
        Bro.java
        test
        spouts
        GenericInternalTestSpout.java
        PcapSimulatorSpout.java
        bolts
        PrintingBolt.java
        filereaders
        FileReader.java
  - pom.xml
  - pom.xml.versionsBackup
  - readme.md
- pom.xml.versionsBackup
- OpenSOC-Pcap_Service
  - src
    - main
      - resources
        log4j.properties
        config-definition-hbase.xml
        hbase-site.xml
        hbase-config-default.properties
      - java
        com
        opensoc
        pcapservice
        PcapHelper.java
        PcapGetterHBaseImpl.java
        HBaseConfigConstants.java
        CellTimestampComparator.java
        RestTestingUtil.java
        ConfigurationUtil.java
        HBaseConfigurationUtil.java
        PcapsResponse.java
        IPcapGetter.java
        PcapScannerHBaseImpl.java
        rest
        PcapService.java
        JettyServiceRunner.java
        IPcapScanner.java
        PcapReceiverImplRestEasy.java
        org
        apache
        hadoop
        hbase
        regionserver
        compactions
        OnlyDeleteExpiredFilesCompactionPolicy.java
    - test
      - resources
        test-tcp-packet.pcap
        hbase-config.properties
      - java
        com
        opensoc
        pcapservice
        HBaseIntegrationTest.java
        PcapScannerHBaseImplTest.java
        HBaseConfigurationUtilTest.java
        PcapHelperTest.java
        CellTimestampComparatorTest.java
        PcapGetterHBaseImplTest.java
        ConfigurationUtilTest.java
  - pom.xml
  - README.txt
  - pom.xml.versionsBackup
- OpenSOC-FlumeConfigs
  - SampleFlumeConf.rtf
- .travis.yml
- readme.md
- OpenSOC-Common
  - src
    - main
      - java
        com
        opensoc
        configuration
        ConfigurationManager.java
        alerts
        interfaces
        TaggerAdapter.java
        AlertsInterface.java
        AlertsAdapter.java
        pcap
        PacketInfo.java
        PcapMerger.java
        Constants.java
        IEEE_802_1Q.java
        PcapByteInputStream.java
        PcapUtils.java
        OpenSocEthernetDecoder.java
        PcapByteOutputStream.java
        PcapPacketComparator.java
        PcapParser.java
        index
        interfaces
        IndexAdapter.java
        hbase
        TupleTableConfig.java
        HBaseStreamPartitioner.java
        HTableConnector.java
        HBaseBolt.java
        helpers
        services
        PcapServiceCli.java
        topology
        ErrorGenerator.java
        SettingsLoader.java
        Cli.java
        test
        AbstractSchemaTest.java
        AbstractConfigTest.java
        AbstractTestContext.java
        tldextractor
        test
        BasicTldExtractorTest.java
        BasicTldExtractor.java
        enrichment
        interfaces
        EnrichmentAdapter.java
        ise
        parser
        ISEParser.java
        Token.java
        ISEParserConstants.java
        TokenMgrError.java
        ISEParser.jj
        JavaCharStream.java
        ISEParserTokenManager.java
        ParseException.java
        dataloads
        interfaces
        ThreatIntelSource.java
        json
        serialization
        JSONKafkaSerializer.java
        JSONEncoderHelper.java
        JSONKryoSerializer.java
        JSONDecoderHelper.java
        metrics
        NullReporter.java
        MyMetricReporter.java
        MetricReporter.java
        parser
        interfaces
        MessageParser.java
        MessageFilter.java
    - test
      - resources
        effective_tld_names.dat
        config
        BasicTldExtractorTest.config
  - pom.xml
  - pom.xml.versionsBackup
  - .gitignore
- OpenSOC-DataLoads
  - src
    - main
      - resources
        hbase-site.xml
      - java
        com
        opensoc
        dataloads
        cif
        HBaseTableLoad.java
        ThreatIntelLoader.java
  - pom.xml
  - pom.xml.versionsBackup
  - README.md
  - dependency-reduced-pom.xml
- .gitignore
- OpenSOC-Indexing
  - src
    - main
      - java
        com
        opensoc
        indexing
        TelemetryIndexingBolt.java
        AbstractIndexingBolt.java
        adapters
        ESBaseBulkAdapter.java
        SolrAdapter.java
        AbstractIndexAdapter.java
        ESBulkRotatingAdapter.java
        ESTimedRotatingAdapter.java
  - pom.xml
  - pom.xml.versionsBackup
  - readme.md

package com.opensoc.dataservices.auth;

import java.io.FileInputStream;
import java.security.KeyStore;
import java.util.Properties;

import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;

import org.apache.commons.cli.CommandLine;
import org.apache.commons.cli.CommandLineParser;
import org.apache.commons.cli.GnuParser;
import org.apache.commons.cli.Options;
import org.apache.commons.codec.binary.Base64;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

public class AuthToken {

	private static final Logger logger = LoggerFactory.getLogger( AuthToken.class );
	
	public static String generateToken( final Properties configProps ) throws Exception
	{
		
		KeyStore ks = KeyStore.getInstance("JCEKS");
		String keystoreFile = configProps.getProperty( "keystoreFile" );
		logger.info( "keystoreFile: " + keystoreFile );
		
		String keystorePassword = configProps.getProperty( "keystorePassword" );
		logger.info( "keystorePassword: " + keystorePassword );
		
		String keystoreAlias = configProps.getProperty( "authTokenAlias" );
		logger.info( "keystoreAlias: " + keystoreAlias );
		
		FileInputStream fis = null;
		try {
			fis = new FileInputStream( keystoreFile );
			ks.load(fis, keystorePassword.toCharArray() );
		}
		catch( Exception e )
		{
			logger.error( "Error opening keyfile:", e );
			throw e;
		}
		finally {
			fis.close();
		}
		
		KeyStore.ProtectionParameter protParam =
		        new KeyStore.PasswordProtection(keystorePassword.toCharArray());
		KeyStore.SecretKeyEntry  secretKeyEntry = (KeyStore.SecretKeyEntry)ks.getEntry(keystoreAlias, protParam);
		
		SecretKey key = secretKeyEntry.getSecretKey();

		
		Cipher cipher = Cipher.getInstance("AES");
		cipher.init(Cipher.ENCRYPT_MODE, key);		
		String tokenString = "OpenSOC_AuthToken:" + System.currentTimeMillis();
		
		byte[] encryptedData = cipher.doFinal(tokenString.getBytes());	
		
		String base64Token = new String( Base64.encodeBase64(encryptedData) );
		
		// System.out.println( "base64Token: " + base64Token );
		
		return base64Token;
		
	}
	
	public static boolean validateToken( final Properties configProps, String authToken ) throws Exception
	{
		KeyStore ks = KeyStore.getInstance("JCEKS");
		String keystoreFile = configProps.getProperty( "keystoreFile" );
		String keystorePassword = configProps.getProperty( "keystorePassword" );
		String keystoreAlias = configProps.getProperty( "authTokenAlias" );
		long tokenMaxAgeInMilliseconds = Long.parseLong( configProps.getProperty( "authTokenMaxAge", "600000" ));
		
		FileInputStream fis = null;
		try {
			fis = new FileInputStream( keystoreFile );
			ks.load(fis, keystorePassword.toCharArray() );
		}
		finally {
			if( fis != null) {
				fis.close();
			}
		}
		
		KeyStore.ProtectionParameter protParam =
		        new KeyStore.PasswordProtection(keystorePassword.toCharArray());
		KeyStore.SecretKeyEntry  secretKeyEntry = (KeyStore.SecretKeyEntry)ks.getEntry(keystoreAlias, protParam);
		
		SecretKey key = secretKeyEntry.getSecretKey();
		
		Cipher cipher = Cipher.getInstance("AES");
		cipher.init(Cipher.DECRYPT_MODE, key);		
		
		byte[] encryptedBytes = Base64.decodeBase64(authToken);
		
		byte[] unencryptedBytes = cipher.doFinal(encryptedBytes);
		String clearTextToken = new String( unencryptedBytes );
		
		System.out.println( "clearTextToken: " + clearTextToken );
		String[] tokenParts = clearTextToken.split( ":" );
		
		if( tokenParts[0].equals( "OpenSOC_AuthToken" ))
		{
			long now = System.currentTimeMillis();
			long tokenTime = Long.parseLong(tokenParts[1]);
			
			if( now > (tokenTime + tokenMaxAgeInMilliseconds ))
			{
				return false;
			}
			else
			{
				return true;
			}
		}
		else
		{
			return false;
		}
		
	}
	
	public static void main( String[] args ) throws Exception
	{
		
    	Options options = new Options();
    	
    	options.addOption( "keystoreFile", true, "Keystore File" );
    	options.addOption( "keystorePassword", true, "Keystore Password" );
    	options.addOption( "authTokenAlias", true, "");
    	
    	CommandLineParser parser = new GnuParser();
    	CommandLine cmd = parser.parse( options, args);
		
		
		try
		{
			KeyStore ks = KeyStore.getInstance("JCEKS");

			String keystorePassword = cmd.getOptionValue("keystorePassword");
			String keystoreFile = cmd.getOptionValue("keystoreFile");
			String authTokenAlias = cmd.getOptionValue("authTokenAlias");

			ks.load(null, keystorePassword.toCharArray());

			
			// generate a key and store it in the keystore...
			KeyGenerator keyGen = KeyGenerator.getInstance("AES");
			SecretKey key = keyGen.generateKey();
			
			KeyStore.ProtectionParameter protParam =
			        new KeyStore.PasswordProtection(keystorePassword.toCharArray());
			
			
			KeyStore.SecretKeyEntry skEntry =
			        new KeyStore.SecretKeyEntry(key);
			
			ks.setEntry(authTokenAlias, skEntry, protParam);
			
			java.io.FileOutputStream fos = null;
		    try {
		        
		    	fos = new java.io.FileOutputStream(keystoreFile);
		        ks.store(fos, keystorePassword.toCharArray());
		    } 
		    finally {
		        
		    	if (fos != null) {
		            fos.close();
		        }
		    }
			
		    
		    System.out.println( "done" );
		    
		}
		catch( Exception e )
		{
			e.printStackTrace();
		}
	}
}