*** empty log message ***
[java-idp.git] / src / edu / internet2 / middleware / shibboleth / common / AttributeQueryHandle.java
1 package edu.internet2.middleware.shibboleth.common;
2
3 import java.util.StringTokenizer;
4
5 import javax.crypto.Cipher;
6 import javax.crypto.SecretKey;
7 import org.doomdark.uuid.UUID;
8 import org.doomdark.uuid.UUIDGenerator;
9
10 /**
11  * A Shibboleth Attribute Query Handle.
12  * 
13  * @author Walter Hoehn wassa@columbia.edu
14  *
15  */
16
17 public class AttributeQueryHandle {
18
19         private String principal;
20         private long creationTime;
21         private long expirationTime;
22         private byte[] cipherTextHandle;
23         private String handleID;
24
25         /**
26          * Unmarshalls an <code>AttributeQueryHandle</code> based on the results of the serialize() method
27          * of an existing <code>AttributeQueryHandle</code>.  Requires a key identical to the one used
28          * in the creation of the original <code>AttributeQueryHandle</code>.
29          * 
30          */
31
32         public AttributeQueryHandle(byte[] handle, SecretKey key)
33                 throws HandleException {
34
35                 try {
36                         Cipher cipher = Cipher.getInstance("DESede/ECB/PKCS5Padding");
37                         cipher.init(Cipher.DECRYPT_MODE, key);
38                         StringTokenizer tokenizer =
39                                 new StringTokenizer(
40                                         new String(cipher.doFinal(Base64.decode(handle)), "UTF-8"),
41                                         "||",
42                                         false);
43                         principal =
44                                 new String(
45                                         Base64.decode(tokenizer.nextToken().getBytes("ASCII")),
46                                         "UTF-8");
47                         expirationTime = new Long(tokenizer.nextToken()).longValue();
48                         handleID = tokenizer.nextToken();
49                 } catch (Exception e) {
50                         throw new HandleException("Error unmarshalling handle: " + e);
51                 }
52
53         }
54
55         /**
56          * Creates a new <code>AttributeQueryHandle</code>
57          * @param principal <code>String</code> representation of user that the handle should reference
58          * @param validityPeriod Time in milliseconds for which the handle should be valid
59          * @param hsLocation URL of the Handle Service used to generate the AQH
60          * @param key Symmetric key used to encrypt the AQH upon serialization
61          * 
62          */
63
64         public AttributeQueryHandle(
65                 String principal,
66                 SecretKey key,
67                 long validityPeriod,
68                 String hsLocation)
69                 throws HandleException {
70
71                 this.principal = principal;
72                 this.creationTime = System.currentTimeMillis();
73                 this.expirationTime = creationTime + validityPeriod;
74
75                 try {
76                         //create a unique id based on the url of the HS and the current time
77                         UUIDGenerator uuidGen = UUIDGenerator.getInstance();
78                         UUID nameSpaceUUID = new UUID(UUID.NAMESPACE_URL);
79                         handleID =
80                                 uuidGen.generateNameBasedUUID(nameSpaceUUID, hsLocation)
81                                         + ":"
82                                         + uuidGen.generateTimeBasedUUID();
83
84                         Cipher cipher = Cipher.getInstance("DESede/ECB/PKCS5Padding");
85                         cipher.init(Cipher.ENCRYPT_MODE, key);
86                         cipherTextHandle =
87                                 cipher.doFinal(
88                                         (
89                                                 new String(
90                                                         Base64.encode(principal.getBytes("UTF-8")),
91                                                         "ASCII")
92                                                         + "||"
93                                                         + expirationTime
94                                                         + "||"
95                                                         + handleID).getBytes(
96                                                 "UTF-8"));
97
98                 } catch (Exception e) {
99                         throw new HandleException("Error creating handle: " + e);
100
101                 }
102
103         }
104
105         /**
106          * Returns a <code>String</code> representation of the user that the handle references.
107          */
108
109         public String getPrincipal() {
110                 return principal;
111         }
112
113         /**
114          * Returns bytes of ciphertext representing the <code>AttributeQueryHandle</code> instance.
115          */
116
117         public byte[] serialize() {
118
119                 return Base64.encode(cipherTextHandle);
120         }
121
122         /**
123          * Boolean result indicates whether the validity of this <code>AttributeQueryHandle</code> 
124          * has lapsed.
125          */
126
127         public boolean isExpired() {
128
129                 if (System.currentTimeMillis() >= expirationTime) {
130                         return true;
131                 } else {
132                         return false;
133                 }
134
135         }
136
137         /**
138          * Returns a <code>String</code> representation of the unique identifier for this handle.
139          */
140
141         public String getHandleID() {
142                 return handleID;
143         }
144
145 }