001package org.apache.archiva.redback.keys; 002 003/* 004 * Copyright 2001-2006 The Apache Software Foundation. 005 * 006 * Licensed under the Apache License, Version 2.0 (the "License"); 007 * you may not use this file except in compliance with the License. 008 * You may obtain a copy of the License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software 013 * distributed under the License is distributed on an "AS IS" BASIS, 014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 015 * See the License for the specific language governing permissions and 016 * limitations under the License. 017 */ 018 019import org.slf4j.Logger; 020import org.slf4j.LoggerFactory; 021 022import java.security.SecureRandom; 023import java.util.*; 024 025/** 026 * AbstractKeyManager 027 * 028 * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a> 029 * 030 */ 031public abstract class AbstractKeyManager 032 implements KeyManager 033{ 034 protected Logger log = LoggerFactory.getLogger( getClass() ); 035 036 private static final int KEY_LENGTH = 16; 037 038 private static final boolean SECURE = true; 039 040 private boolean randomMode = SECURE; 041 042 private SecureRandom secureRandom; 043 044 private Random random; 045 046 /** 047 * Generate a UUID using <a href="http://www.ietf.org/rfc/rfc4122.txt">RFC 4122</a> UUID generation of a 048 * type 4 or randomly generated UUID. 049 * 050 * @return the 32 character long UUID string. 051 * @throws KeyManagerException 052 */ 053 protected String generateUUID() 054 throws KeyManagerException 055 { 056 return UUID.randomUUID().toString(); 057 } 058 059 /** 060 * Tests the key to see if it is expired or not. 061 * 062 * If the key is expired, a call to {@link #deleteKey(AuthenticationKey)} is issued, 063 * and a {@link KeyNotFoundException} is thrown. 064 * 065 * @param authkey the key to test. 066 * @throws KeyNotFoundException if the key is expired. 067 * @throws KeyManagerException if there was a problem removing the key. 068 */ 069 protected void assertNotExpired( AuthenticationKey authkey ) 070 throws KeyNotFoundException, KeyManagerException 071 { 072 if ( authkey.getDateExpires() == null ) 073 { 074 // No expiration means a permanent entry. 075 return; 076 } 077 078 // Test for expiration. 079 Calendar now = getNowGMT(); 080 Calendar expiration = getNowGMT(); 081 expiration.setTime( authkey.getDateExpires() ); 082 083 if ( now.after( expiration ) ) 084 { 085 deleteKey( authkey ); 086 throw new KeyNotFoundException( "Key [" + authkey.getKey() + "] has expired." ); 087 } 088 } 089 090 protected Calendar getNowGMT() 091 { 092 return Calendar.getInstance( TimeZone.getTimeZone( "GMT" ) ); 093 } 094 095 public void setRandomMode( boolean randomMode ) 096 { 097 this.randomMode = randomMode; 098 } 099 100 public boolean isRandomMode() 101 { 102 return randomMode; 103 } 104 105 public void removeExpiredKeys() 106 throws KeyManagerException 107 { 108 List<AuthenticationKey> allKeys = getAllKeys(); 109 110 Calendar now = getNowGMT(); 111 Calendar expiration = getNowGMT(); 112 113 log.info( "Removing expired keys." ); 114 for ( AuthenticationKey authkey : allKeys ) 115 { 116 if ( authkey.getDateExpires() != null ) 117 { 118 expiration.setTime( authkey.getDateExpires() ); 119 120 if ( now.after( expiration ) ) 121 { 122 deleteKey( authkey ); 123 } 124 } 125 } 126 log.info( "Expired keys removed." ); 127 } 128}