Module aeonics.core
Package aeonics.manager

Class Security

  • All Implemented Interfaces:
    Exportable, Snapshotable
    public abstract class Security
extends Manager.Type
    Manages the global security settings in the system and defines the common behavior of the different security requirements.

    • Constructor Detail

      • Security

        public Security()

    • Method Detail

      • manager

        public final java.lang.Class<? extends Manager.Type> manager()
        Hardcoded manager type
        Specified by:
        manager in class Manager.Type
        Returns:
        the type of manager

      • randomHash

        public abstract java.lang.String randomHash()
        Produces a random meaningless and opaque hash. The goal of this function is to serve as source of entropy to generate cryptographycally-sufficient long random string values.

        This is a good candidate to generate a Token.

        Returns:
        a random hash in hex format

      • hash

        public abstract java.lang.String hash​(java.io.InputStream value)
        Produces a strong cryptographic hash of the target input data. The hash is not salted. The underlying implementation is not enforced but the algorithm shall remain consistent to ensure backward compatibility over time.
        Parameters:
        value - the input stream to hash
        Returns:
        the hashed value in hex format

      • hash

        public java.lang.String hash​(java.lang.String value)
        Produces a strong cryptographic hash of the input value. The hash is not salted. Always prefer the hash(String, String) version. The underlying implementation is not enforced but the algorithm shall remain consistent to ensure backward compatibility over time.
        Parameters:
        value - the input text to hash
        Returns:
        the hashed value in hex format

      • hash

        public java.lang.String hash​(byte[] value)
        Produces a strong cryptographic hash of the input value. The hash is not salted. Always prefer the hash(String, String) version. The underlying implementation is not enforced but the algorithm shall remain consistent to ensure backward compatibility over time.
        Parameters:
        value - the input text to hash
        Returns:
        the hashed value in hex format

      • hash

        public java.lang.String hash​(java.lang.String value,
                             java.lang.String salt)
        Produces a strong cryptographic hash of the input value. The underlying implementation is not enforced but the algorithm shall remain consistent to ensure backward compatibility over time.
        Parameters:
        value - the input text to hash
        salt - the salt value (may be null but it is not recommended)
        Returns:
        the hashed value in hex format

      • hash

        public abstract java.lang.String hash​(byte[] value,
                                      byte[] salt)
        Produces a strong cryptographic hash of the input value. The underlying implementation is not enforced but the algorithm shall remain consistent to ensure backward compatibility over time.
        Parameters:
        value - the input text to hash
        salt - the salt value (may be null but it is not recommended)
        Returns:
        the hashed value in hex format

      • encrypt

        public java.lang.String encrypt​(java.lang.String value,
                                java.lang.String key)
        Encrypts the given value with a strong symmetric key encryption method. Use decrypt(String, String) to recover the original value. The underlying implementation is not enforced but the algorithm shall remain consistent to ensure backward compatibility over time.
        Parameters:
        value - the input text to encrypt
        key - the symmetric key
        Returns:
        the encrypted value in base64 format
        Throws:
        java.lang.SecurityException - if any error happens during encryption. For security purpose, the cause of the exception is discarded.

      • encrypt

        public abstract java.lang.String encrypt​(byte[] value,
                                         byte[] key)
        Encrypts the given value with a strong symmetric key encryption method. Use decrypt(String, byte[]) to recover the original value. The underlying implementation is not enforced but the algorithm shall remain consistent to ensure backward compatibility over time.
        Parameters:
        value - the input to encrypt
        key - the symmetric key
        Returns:
        the encrypted value in base64 format
        Throws:
        java.lang.SecurityException - if any error happens during encryption. For security purpose, the cause of the exception is discarded.

      • decrypt

        public java.lang.String decrypt​(java.lang.String value,
                                java.lang.String key)
        Decrypts the given value to recover the original text that was encrypted with encrypt(String, String). The underlying implementation is not enforced but the algorithm shall remain consistent to ensure backward compatibility over time.
        Parameters:
        value - the encrypted text to decrypt in base64 format
        key - the symmetric key
        Returns:
        the original text
        Throws:
        java.lang.SecurityException - if any error happens during decryption, including a key mismatch. For security purpose, the cause of the exception is discarded.

      • decrypt

        public abstract byte[] decrypt​(java.lang.String value,
                               byte[] key)
        Decrypts the given value to recover the original value that was encrypted with encrypt(String, String). The underlying implementation is not enforced but the algorithm shall remain consistent to ensure backward compatibility over time.
        Parameters:
        value - the encrypted value to decrypt in base64 format
        key - the symmetric key
        Returns:
        the original value
        Throws:
        java.lang.SecurityException - if any error happens during decryption, including a key mismatch. For security purpose, the cause of the exception is discarded.

      • providers

        public java.util.List<Provider.Type> providers​(java.lang.String user)
        Returns the list of Provider that may be able to authenticate the specified user.

        This method is used to allow the user to choose an authentication provider.

        It is not guaranteed that all returned providers can successfully authenticate the user, this is more of an indication as per Provider.Type.supports(String).

        Parameters:
        user - the user login
        Returns:
        the list of providers that can support authenticating the provided user

      • authenticate

        public User.Type authenticate​(Provider.Type provider,
                              Data context)
        Authenticate a user based on opaque authentication credentials. This is the prefered way to authenticate users.

        This method calls Provider.Type.authenticate(Data) on the selected provider.

        This method has the ability to intercept the authentication request and perform auditing, filtering or any other type of logic.

        Parameters:
        provider - the target identity provider
        context - the authentication context that shall be used by the provider to authenticate the user
        Returns:
        the authenticated user instance or User.ANONYMOUS if no user matches

      • granted

        public boolean granted​(User.Type user,
                       java.lang.String scope,
                       Data context)
        Checks if the user is granted usage of the specified scope with the given context. The final decision is 
        !isExplicitlyDenied(user, scope, context) && isExplicitlyAllowed(user, scope, context)
        The User.SYSTEM is always granted without checking.

        The scope and context are not defined and can be anything, the behavior will depend on applicable Policy

        In general, for the internal routing mechanics, the scope will be "topic" and the context will contain a Message entity.

        Parameters:
        user - the user, must not be null
        scope - the scope of interest, must not be null
        context - the context data to check against rules and policies, may be null
        Returns:
        true if the user is allowed given the scope and context

      • isExplicitlyDenied

        public boolean isExplicitlyDenied​(User.Type user,
                                  java.lang.String scope,
                                  Data context)
        Evaluates if the user is explicitly denied access. An explicit deny (return true) is different from a non-explicit deny (return false) in that the former says "I am strictly against it" and the latter is more "I do not have any objections".

        The scope and context are not defined and can be anything, the behavior will depend on applicable Policy

        In general, the scope will be "topic" and the context will contain a Message entity.

        Parameters:
        user - the user, must not be null
        scope - the scope of interest, must not be null
        context - the context data to check against rules and policies, may be null
        Returns:
        true if the user is explicitly denied given the scope and context

      • isExplicitlyAllowed

        public boolean isExplicitlyAllowed​(User.Type user,
                                   java.lang.String scope,
                                   Data context)
        Evaluates if the user is explicitly allowed access. An explicit allow (return true) is different from a non-explicit allow (return false) in that the former says "Yes you can" and the latter is more "I don't know".

        The scope and context are not defined and can be anything, the behavior will depend on applicable Policy

        In general, the scope will be "topic" and the context will contain a Message entity.

        Parameters:
        user - the user, must not be null
        scope - the scope of interest, must not be null
        context - the context data to check against rules and policies, may be null
        Returns:
        true if the user is explicitly allowed given the scope and context

      • generateToken

        public abstract Token generateToken​(User.Type user,
                                    long validity,
                                    boolean exclusive,
                                    java.lang.String... scopes)
        Generates a Token for the provided user.
        Parameters:
        user - the target user, must not be null and must not be User.SYSTEM or User.ANONYMOUS
        validity - the validity time in millisecond. A value <= 0 means valid forever.
        exclusive - whether or not other tokens for the same user should be revoked (regardless of the scopes)
        scopes - the list of scopes, must not be null or empty
        Returns:
        a token that can be used to uniquely identify the provided user, or null if the token could not be generated

      • authenticate

        public abstract Token authenticate​(java.lang.String token,
                                   boolean reset)
        Retreives a token instance based on a an opaque token value.
        Parameters:
        token - the token value, must not be null
        reset - whether or not to reset the optional time-based validity of this for this token
        Returns:
        the matching token instance or null if no token matches

      • revokeToken

        public abstract void revokeToken​(Token token)
        Revokes the provided token If the provided token is null, this method returns without doing anything.
        Parameters:
        token - the token to revoke

      • clearTokens

        public abstract void clearTokens​(User.Type user)
        Revokes all tokens for the provided user
        Parameters:
        user - the target user, must not be null and must not be User.SYSTEM or User.ANONYMOUS