[1303] | 1 | package org.expeditee.auth.account;
|
---|
| 2 |
|
---|
| 3 | import java.io.IOException;
|
---|
| 4 | import java.security.InvalidKeyException;
|
---|
| 5 | import java.security.KeyFactory;
|
---|
| 6 | import java.security.KeyStoreException;
|
---|
| 7 | import java.security.NoSuchAlgorithmException;
|
---|
| 8 | import java.security.PrivateKey;
|
---|
| 9 | import java.security.cert.CertificateException;
|
---|
| 10 | import java.security.spec.InvalidKeySpecException;
|
---|
| 11 | import java.security.spec.PKCS8EncodedKeySpec;
|
---|
| 12 | import java.sql.SQLException;
|
---|
| 13 | import java.text.ParseException;
|
---|
| 14 | import java.util.ArrayList;
|
---|
| 15 | import java.util.Base64;
|
---|
| 16 | import java.util.Collection;
|
---|
| 17 | import java.util.List;
|
---|
| 18 | import java.util.Map;
|
---|
| 19 |
|
---|
| 20 | import javax.crypto.BadPaddingException;
|
---|
| 21 | import javax.crypto.IllegalBlockSizeException;
|
---|
| 22 | import javax.crypto.NoSuchPaddingException;
|
---|
| 23 | import javax.crypto.SecretKey;
|
---|
| 24 |
|
---|
| 25 | import org.expeditee.auth.Actions;
|
---|
| 26 | import org.expeditee.auth.AuthenticatorBrowser;
|
---|
[1363] | 27 | import org.expeditee.auth.mail.gui.MailBay;
|
---|
[1303] | 28 | import org.expeditee.auth.tags.AuthenticationTag;
|
---|
[1389] | 29 | import org.expeditee.encryption.CryptographyConstants;
|
---|
[1303] | 30 | import org.expeditee.gui.Browser;
|
---|
| 31 | import org.expeditee.gui.DisplayController;
|
---|
| 32 | import org.expeditee.gui.Frame;
|
---|
| 33 | import org.expeditee.gui.FrameIO;
|
---|
| 34 | import org.expeditee.gui.MessageBay;
|
---|
| 35 | import org.expeditee.items.Item;
|
---|
| 36 | import org.expeditee.items.Text;
|
---|
| 37 | import org.expeditee.settings.Settings;
|
---|
| 38 | import org.expeditee.settings.UserSettings;
|
---|
| 39 | import org.expeditee.settings.identity.secrets.KeyList;
|
---|
| 40 |
|
---|
| 41 | public class Authenticate implements CryptographyConstants {
|
---|
| 42 |
|
---|
[1363] | 43 | /**
|
---|
| 44 | * Given a username and password, potentially login.
|
---|
| 45 | * @param userdata
|
---|
| 46 | * @return AuthenticationResult.SuccessLogin if login works, AuthenticationResult.ErrorLoginNobody or AuthenticationResult.ErrorLoginUsernamePasswordCombo otherwise.
|
---|
| 47 | */
|
---|
[1303] | 48 | public static AuthenticationResult login(Map<AuthenticationTag, String> userdata) {
|
---|
| 49 | String username = userdata.get(AuthenticationTag.Username);
|
---|
| 50 | String password = userdata.get(AuthenticationTag.Password);
|
---|
| 51 |
|
---|
| 52 | if (username.equals(AuthenticatorBrowser.USER_NOBODY)) {
|
---|
| 53 | return AuthenticationResult.ErrorLoginNobody;
|
---|
| 54 | }
|
---|
| 55 |
|
---|
| 56 | SecretKey personalKey = null;
|
---|
| 57 | try {
|
---|
| 58 | personalKey = AuthenticatorBrowser.getInstance().getSecretKey(username, password);
|
---|
| 59 | } catch (Exception e) {
|
---|
| 60 | return AuthenticationResult.ErrorLoginUsernamePasswordCombo;
|
---|
| 61 | }
|
---|
| 62 |
|
---|
[1316] | 63 | if (personalKey == null) {
|
---|
| 64 | return AuthenticationResult.ErrorLoginUsernamePasswordCombo;
|
---|
| 65 | }
|
---|
| 66 |
|
---|
[1303] | 67 | UserSettings.UserName.set(username);
|
---|
| 68 | if (!username.equals(AuthenticatorBrowser.ADMINACCOUNT)) {
|
---|
| 69 | // Set the personal key to bootstrap the encrypted frame loading.
|
---|
| 70 | Text personalKeyText = KeyList.PersonalKey.generateText();
|
---|
| 71 | personalKeyText.setData(Base64.getEncoder().encodeToString(personalKey.getEncoded()));
|
---|
| 72 | KeyList.PersonalKey.setSetting(personalKeyText);
|
---|
| 73 |
|
---|
| 74 | // Load in and cache the profile frame using the personal key fetched from keystore.
|
---|
| 75 | FrameIO.ClearCache();
|
---|
| 76 | Frame oneFrame = FrameIO.LoadProfile(username);
|
---|
| 77 | for (int i = 1; i <= FrameIO.getLastNumber(oneFrame.getFramesetName()); i++) {
|
---|
| 78 | Frame f = FrameIO.LoadFrame(oneFrame.getFramesetName() + i);
|
---|
[1324] | 79 | if (f != null) {
|
---|
| 80 | List<String> data = f.getData();
|
---|
| 81 | if(data != null && data.contains("MultiuserCredentials")) {
|
---|
| 82 | AuthenticatorBrowser.CREDENTIALS_FRAME = f.getNumber();
|
---|
[1363] | 83 | } else if (data != null && data.contains("PasswordColleagues")) {
|
---|
| 84 | AuthenticatorBrowser.PASSWORD_RECOVERY_FRAME = f.getNumber();
|
---|
| 85 | } else if (data != null && data.contains("SecretsFrame")) {
|
---|
| 86 | AuthenticatorBrowser.SECRETS_FRAME = f.getNumber();
|
---|
[1324] | 87 | }
|
---|
[1363] | 88 | }
|
---|
[1303] | 89 | }
|
---|
| 90 |
|
---|
| 91 | // Update were we get our frames.
|
---|
| 92 | UserSettings.setupDefaultFolders();
|
---|
[1314] | 93 | MessageBay.clear();
|
---|
[1303] | 94 | MessageBay.updateFramesetLocation();
|
---|
| 95 | MailBay.disconnect();
|
---|
| 96 |
|
---|
| 97 | // Parse the users profile to refresh settings.
|
---|
| 98 | Text settingsLink = new Text("settings");
|
---|
| 99 | settingsLink.setLink(oneFrame.getFramesetName() + "2");
|
---|
| 100 | Settings.parseSettings(settingsLink);
|
---|
| 101 |
|
---|
| 102 | // At this point we at least login, but maybe with problems.
|
---|
| 103 | AuthenticationResult res = AuthenticationResult.SuccessLogin;
|
---|
| 104 |
|
---|
| 105 | // Check mail and update last read files.
|
---|
| 106 | MailBay.clear();
|
---|
| 107 | try {
|
---|
| 108 | Text keyItem = KeyList.PrivateKey.get();
|
---|
| 109 | if (keyItem.getData() != null) {
|
---|
| 110 | // Check mail.
|
---|
| 111 | String keyEncoded = keyItem.getData().get(0);
|
---|
| 112 | byte[] keyBytes = Base64.getDecoder().decode(keyEncoded);
|
---|
| 113 | PrivateKey key = KeyFactory.getInstance(AsymmetricAlgorithm).generatePrivate(new PKCS8EncodedKeySpec(keyBytes));
|
---|
[1363] | 114 | org.expeditee.auth.mail.Mail.checkMail(key);
|
---|
[1303] | 115 | } else {
|
---|
| 116 | res.additionalInfo.add("No private key present: your communication with other Expeditee users will be limited until this is resolved.");
|
---|
| 117 | }
|
---|
| 118 | } catch (KeyStoreException | NoSuchAlgorithmException | CertificateException | ClassNotFoundException
|
---|
| 119 | | SQLException | ParseException | IOException | InvalidKeyException | NoSuchPaddingException |
|
---|
| 120 | IllegalBlockSizeException | BadPaddingException e) {
|
---|
| 121 | res.additionalInfo.add("An error occured while attempting to load in mail sent to you by other Expeditee users. See the exception for more information.");
|
---|
| 122 | e.printStackTrace();
|
---|
| 123 | } catch (InvalidKeySpecException e) {
|
---|
| 124 | res.additionalInfo.add("Stored data cannot be used to create a private key. See exception for more information.");
|
---|
| 125 | e.printStackTrace();
|
---|
| 126 | }
|
---|
| 127 |
|
---|
[1334] | 128 | Collection<Item> usernameFields = Actions.getByData(FrameIO.LoadFrame("multiuser1"), "txtUsername");
|
---|
[1303] | 129 | usernameFields.forEach(usernameField -> usernameField.setText(username));
|
---|
| 130 |
|
---|
| 131 | Frame requestedFrame = FrameIO.LoadFrame(Browser.getStartFrame());
|
---|
| 132 | Frame homeFrame = FrameIO.LoadFrame("home1");
|
---|
| 133 | Frame choice = requestedFrame != null ? requestedFrame : homeFrame != null ? homeFrame : oneFrame;
|
---|
| 134 | DisplayController.setCurrentFrame(choice, true);
|
---|
| 135 | }
|
---|
| 136 |
|
---|
| 137 | return AuthenticationResult.SuccessLogin;
|
---|
| 138 | }
|
---|
| 139 |
|
---|
[1363] | 140 | /**
|
---|
| 141 | * Logs out the current authenticated user.
|
---|
| 142 | * @return AuthenticationResult.SuccessLogout to signal the logout has occured.
|
---|
| 143 | */
|
---|
[1303] | 144 | public static AuthenticationResult logout() {
|
---|
| 145 | // Set user to nobody.
|
---|
| 146 | UserSettings.UserName.set(AuthenticatorBrowser.USER_NOBODY);
|
---|
| 147 |
|
---|
| 148 | // Update were we get our frames.
|
---|
| 149 | UserSettings.setupDefaultFolders();
|
---|
| 150 | MessageBay.updateFramesetLocation();
|
---|
| 151 | MailBay.disconnect();
|
---|
| 152 |
|
---|
| 153 | // Reset all of the settings.
|
---|
| 154 | Settings.resetAllSettings();
|
---|
| 155 |
|
---|
| 156 | // Display login frame
|
---|
| 157 | Frame auth1 = FrameIO.LoadFrame("authentication1");
|
---|
| 158 | DisplayController.setCurrentFrame(auth1, true);
|
---|
| 159 |
|
---|
| 160 | return AuthenticationResult.SuccessLogout;
|
---|
| 161 | }
|
---|
[1320] | 162 |
|
---|
[1303] | 163 | public enum AuthenticationResult {
|
---|
| 164 |
|
---|
| 165 | SuccessLogin, SuccessLogout, ErrorLoginNobody, ErrorLoginUsernamePasswordCombo;
|
---|
| 166 |
|
---|
| 167 | private List<String> additionalInfo = new ArrayList<String>();
|
---|
| 168 |
|
---|
| 169 | public String toString() {
|
---|
| 170 | switch (this) {
|
---|
| 171 | case SuccessLogin:
|
---|
| 172 | StringBuilder sb = new StringBuilder();
|
---|
| 173 | sb.append("Logged in as: " + UserSettings.UserName.get());
|
---|
| 174 | if (additionalInfo.isEmpty()) {
|
---|
| 175 | return sb.toString();
|
---|
| 176 | } else {
|
---|
| 177 | String nl = System.getProperty("line.separator");
|
---|
| 178 | sb.append("However: " + nl);
|
---|
| 179 | for (String info: additionalInfo) {
|
---|
| 180 | sb.append(info + nl);
|
---|
| 181 | }
|
---|
| 182 | return sb.toString();
|
---|
| 183 | }
|
---|
| 184 | case SuccessLogout:
|
---|
| 185 | return "You are now logged out of Expeditee.";
|
---|
| 186 | case ErrorLoginNobody:
|
---|
| 187 | return "You cannot log into Expeditee as the user \'nobody\'";
|
---|
| 188 | case ErrorLoginUsernamePasswordCombo:
|
---|
| 189 | return "The username + password combination was incorrect.";
|
---|
| 190 | }
|
---|
| 191 |
|
---|
[1401] | 192 | String message = "Was the list of possible enum results updated without nessasary changes to the toString() function?";
|
---|
[1303] | 193 | throw new IllegalArgumentException(message);
|
---|
| 194 | }
|
---|
| 195 | }
|
---|
| 196 | }
|
---|