Source code

001/*
002 *  Licensed to the Apache Software Foundation (ASF) under one
003 *  or more contributor license agreements.  See the NOTICE file
004 *  distributed with this work for additional information
005 *  regarding copyright ownership.  The ASF licenses this file
006 *  to you under the Apache License, Version 2.0 (the
007 *  "License"); you may not use this file except in compliance
008 *  with the License.  You may obtain a copy of the License at
009 *
010 *    http://www.apache.org/licenses/LICENSE-2.0
011 *
012 *  Unless required by applicable law or agreed to in writing,
013 *  software distributed under the License is distributed on an
014 *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
015 *  KIND, either express or implied.  See the License for the
016 *  specific language governing permissions and limitations
017 *  under the License.
018 *
019 */
020package org.apache.directory.kerberos.credentials.cache;
021
022
023import java.text.ParseException;
024
025import org.apache.directory.kerberos.client.AbstractTicket;
026import org.apache.directory.kerberos.client.TgTicket;
027import org.apache.directory.shared.kerberos.KerberosTime;
028import org.apache.directory.shared.kerberos.codec.types.PrincipalNameType;
029import org.apache.directory.shared.kerberos.components.AuthorizationData;
030import org.apache.directory.shared.kerberos.components.EncKdcRepPart;
031import org.apache.directory.shared.kerberos.components.EncryptionKey;
032import org.apache.directory.shared.kerberos.components.HostAddresses;
033import org.apache.directory.shared.kerberos.components.PrincipalName;
034import org.apache.directory.shared.kerberos.flags.TicketFlags;
035import org.apache.directory.shared.kerberos.messages.Ticket;
036
037
038/**
039 * Looks like KrbCredInfo can be used here, however it's not enough for this
040 * 
041 * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
042 */
043public class Credentials
044{
045
046    private PrincipalName clientName;
047    private String clientRealm;
048    private PrincipalName serverName;
049    private String serverRealm;
050    private EncryptionKey key;
051    private KerberosTime authTime;
052    private KerberosTime startTime;
053    private KerberosTime endTime;
054    private KerberosTime renewTill;
055    private HostAddresses clientAddresses;
056    private AuthorizationData authzData;
057    private boolean isEncInSKey;
058    private TicketFlags flags;
059    private Ticket ticket;
060    private Ticket secondTicket;
061
062
063    public Credentials(
064        PrincipalName cname,
065        PrincipalName sname,
066        EncryptionKey ekey,
067        KerberosTime authtime,
068        KerberosTime starttime,
069        KerberosTime endtime,
070        KerberosTime renewTill,
071        boolean isEncInSKey,
072        TicketFlags flags,
073        HostAddresses caddr,
074        AuthorizationData authData,
075        Ticket ticket,
076        Ticket secondTicket )
077    {
078        this.clientName = ( PrincipalName ) cname;
079
080        if ( cname.getRealm() != null )
081        {
082            clientRealm = cname.getRealm();
083        }
084
085        this.serverName = ( PrincipalName ) sname;
086
087        if ( sname.getRealm() != null )
088        {
089            serverRealm = sname.getRealm();
090        }
091
092        this.key = ekey;
093
094        this.authTime = authtime;
095        this.startTime = starttime;
096        this.endTime = endtime;
097        this.renewTill = renewTill;
098        this.clientAddresses = caddr;
099        this.authzData = authData;
100        this.isEncInSKey = isEncInSKey;
101        this.flags = flags;
102        this.ticket = ticket;
103        this.secondTicket = secondTicket;
104    }
105
106
107    public Credentials( TgTicket tgt )
108    {
109        PrincipalName clientPrincipal = null;
110        try
111        {
112            clientPrincipal = new PrincipalName( tgt.getClientName(),
113                PrincipalNameType.KRB_NT_PRINCIPAL );
114        }
115        catch ( ParseException e )
116        {
117            throw new RuntimeException( "Invalid tgt with bad client name" );
118        }
119
120        clientPrincipal.setRealm( tgt.getRealm() );
121
122        init( tgt, clientPrincipal );
123    }
124
125
126    public Credentials( AbstractTicket tkt, PrincipalName clientPrincipal )
127    {
128        init( tkt, clientPrincipal );
129    }
130
131
132    private void init( AbstractTicket tkt, PrincipalName clientPrincipal )
133    {
134        EncKdcRepPart kdcRepPart = tkt.getEncKdcRepPart();
135
136        this.serverName = kdcRepPart.getSName();
137        this.serverRealm = kdcRepPart.getSRealm();
138        this.serverName.setRealm( serverRealm );
139
140        this.clientName = clientPrincipal;
141
142        this.key = kdcRepPart.getKey();
143        this.authTime = kdcRepPart.getAuthTime();
144        this.startTime = kdcRepPart.getStartTime();
145        this.endTime = kdcRepPart.getEndTime();
146
147        this.renewTill = kdcRepPart.getRenewTill();
148
149        this.flags = kdcRepPart.getFlags();
150        this.clientAddresses = kdcRepPart.getClientAddresses();
151
152        this.ticket = tkt.getTicket();
153
154        this.isEncInSKey = false;
155
156        this.secondTicket = null;
157    }
158
159
160    public PrincipalName getServicePrincipal()
161    {
162        return serverName;
163    }
164
165
166    public KerberosTime getAuthTime()
167    {
168        return authTime;
169    }
170
171
172    public KerberosTime getEndTime()
173    {
174        return endTime;
175    }
176
177
178    public TicketFlags getTicketFlags()
179    {
180        return flags;
181    }
182
183
184    public int getEType()
185    {
186        return key.getKeyType().getValue();
187    }
188
189
190    public PrincipalName getClientName()
191    {
192        return clientName;
193    }
194
195
196    public PrincipalName getServerName()
197    {
198        return serverName;
199    }
200
201
202    public String getClientRealm()
203    {
204        return clientRealm;
205    }
206
207
208    public EncryptionKey getKey()
209    {
210        return key;
211    }
212
213
214    public KerberosTime getStartTime()
215    {
216        return startTime;
217    }
218
219
220    public KerberosTime getRenewTill()
221    {
222        return renewTill;
223    }
224
225
226    public HostAddresses getClientAddresses()
227    {
228        return clientAddresses;
229    }
230
231
232    public AuthorizationData getAuthzData()
233    {
234        return authzData;
235    }
236
237
238    public boolean isEncInSKey()
239    {
240        return isEncInSKey;
241    }
242
243
244    public TicketFlags getFlags()
245    {
246        return flags;
247    }
248
249
250    public Ticket getTicket()
251    {
252        return ticket;
253    }
254
255
256    public Ticket getSecondTicket()
257    {
258        return secondTicket;
259    }
260}