/*
* JBoss, Home of Professional Open Source.
* Copyright 2016 Red Hat, Inc., and individual contributors
* as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.wildfly.extension.elytron;
import static org.wildfly.extension.elytron._private.ElytronSubsystemMessages.ROOT_LOGGER;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import javax.naming.directory.Attributes;
import javax.naming.ldap.LdapName;
import org.jboss.msc.inject.Injector;
import org.jboss.msc.service.Service;
import org.jboss.msc.service.StartContext;
import org.jboss.msc.service.StartException;
import org.jboss.msc.service.StopContext;
import org.jboss.msc.value.InjectedValue;
import org.wildfly.extension.elytron.capabilities._private.DirContextSupplier;
import org.wildfly.security.keystore.LdapKeyStore;
import org.wildfly.security.keystore.UnmodifiableKeyStore;
/**
* A {@link Service} responsible for a single {@link LdapKeyStore} instance.
*
* @author <a href="mailto:[email protected]">Jan Kalina</a>
*/
class LdapKeyStoreService implements ModifiableKeyStoreService {
private final InjectedValue<DirContextSupplier> dirContextSupplierInjector = new InjectedValue<>();
private final String searchPath;
private final String filterAlias;
private final String filterCertificate;
private final String filterIterate;
private final LdapName createPath;
private final String createRdn;
private final Attributes createAttributes;
private final String aliasAttribute;
private final String certificateAttribute;
private final String certificateType;
private final String certificateChainAttribute;
private final String certificateChainEncoding;
private final String keyAttribute;
private final String keyType;
private volatile KeyStore modifiableKeyStore = null;
private volatile KeyStore unmodifiableKeyStore = null;
LdapKeyStoreService(String searchPath, String filterAlias, String filterCertificate,
String filterIterate, LdapName createPath, String createRdn, Attributes createAttributes,
String aliasAttribute, String certificateAttribute, String certificateType,
String certificateChainAttribute, String certificateChainEncoding,
String keyAttribute, String keyType) {
this.searchPath = searchPath;
this.filterAlias = filterAlias;
this.filterCertificate = filterCertificate;
this.filterIterate = filterIterate;
this.createPath = createPath;
this.createRdn = createRdn;
this.createAttributes = createAttributes;
this.aliasAttribute = aliasAttribute;
this.certificateAttribute = certificateAttribute;
this.certificateType = certificateType;
this.certificateChainAttribute = certificateChainAttribute;
this.certificateChainEncoding = certificateChainEncoding;
this.keyAttribute = keyAttribute;
this.keyType = keyType;
}
Injector<DirContextSupplier> getDirContextSupplierInjector() {
return dirContextSupplierInjector;
}
/*
* Service Lifecycle Related Methods
*/
@Override
public void start(StartContext startContext) throws StartException {
try {
LdapKeyStore.Builder builder = LdapKeyStore.builder()
.setDirContextSupplier(dirContextSupplierInjector.getValue())
.setSearchPath(searchPath);
if (filterAlias != null) builder.setFilterAlias(filterAlias);
if (filterCertificate != null) builder.setFilterCertificate(filterCertificate);
if (filterIterate != null) builder.setFilterIterate(filterIterate);
if (createPath != null) builder.setCreatePath(createPath);
if (createRdn != null) builder.setCreateRdn(createRdn);
if (createAttributes != null) builder.setCreateAttributes(createAttributes);
if (aliasAttribute != null) builder.setAliasAttribute(aliasAttribute);
if (certificateAttribute != null) builder.setCertificateAttribute(certificateAttribute);
if (certificateType != null) builder.setCertificateType(certificateType);
if (certificateChainAttribute != null) builder.setCertificateChainAttribute(certificateChainAttribute);
if (certificateChainEncoding != null) builder.setCertificateChainEncoding(certificateChainEncoding);
if (keyAttribute != null) builder.setKeyAttribute(keyAttribute);
if (keyType != null) builder.setKeyType(keyType);
KeyStore keyStore = builder.build();
keyStore.load(null); // initialize
this.modifiableKeyStore = keyStore;
this.unmodifiableKeyStore = UnmodifiableKeyStore.unmodifiableKeyStore(keyStore);
} catch (GeneralSecurityException | IOException e) {
throw ROOT_LOGGER.unableToStartService(e);
}
}
@Override
public void stop(StopContext stopContext) {
this.modifiableKeyStore = null;
this.unmodifiableKeyStore = null;
}
@Override
public KeyStore getValue() throws IllegalStateException, IllegalArgumentException {
return unmodifiableKeyStore;
}
public KeyStore getModifiableValue() {
return modifiableKeyStore;
}
}
