Merge branch 'master' of https://github.com/Evolveum/midpoint

Evolveum · Mar 13, 2017 · 41727d9 · 41727d9
2 parents 0657b9e + 88df388
commit 41727d9
Show file tree

Hide file tree

Showing 85 changed files with 2,612 additions and 1,007 deletions.
diff --git a/...i/src/main/java/com/evolveum/midpoint/web/security/MidPointGuiAuthorizationEvaluator.java b/...i/src/main/java/com/evolveum/midpoint/web/security/MidPointGuiAuthorizationEvaluator.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2010-2016 Evolveum
+ * Copyright (c) 2010-2017 Evolveum
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -77,7 +77,7 @@ public void setupPreAuthenticatedSecurityContext(Authentication authentication)
     }
 
     @Override
-    public void setupPreAuthenticatedSecurityContext(PrismObject<UserType> user) {
+    public void setupPreAuthenticatedSecurityContext(PrismObject<UserType> user) throws SchemaException {
 		securityEnforcer.setupPreAuthenticatedSecurityContext(user);
 	}
 
@@ -203,7 +203,7 @@ public <T extends ObjectType, O extends ObjectType> ObjectFilter preProcessObjec
 	}
 
 	@Override
-	public <T> T runAs(Producer<T> producer, PrismObject<UserType> user) {
+	public <T> T runAs(Producer<T> producer, PrismObject<UserType> user) throws SchemaException {
 		return securityEnforcer.runAs(producer, user);
 	}
 

diff --git a/.../main/java/com/evolveum/midpoint/common/refinery/LayerRefinedAttributeDefinitionImpl.java b/.../main/java/com/evolveum/midpoint/common/refinery/LayerRefinedAttributeDefinitionImpl.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2010-2016 Evolveum
+ * Copyright (c) 2010-2017 Evolveum
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -588,6 +588,11 @@ public boolean isHeterogeneousListItem() {
 		return refinedAttributeDefinition.isHeterogeneousListItem();
 	}
 
+	@Override
+	public void debugDumpShortToString(StringBuilder sb) {
+		refinedAttributeDefinition.debugDumpShortToString(sb);
+	}
+
 	//endregion
 
 }
diff --git a/infra/prism/src/main/java/com/evolveum/midpoint/prism/ItemDefinition.java b/infra/prism/src/main/java/com/evolveum/midpoint/prism/ItemDefinition.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2010-2016 Evolveum
+ * Copyright (c) 2010-2017 Evolveum
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -143,4 +143,9 @@ public interface ItemDefinition<I extends Item> extends Definition {
 	@Override
 	void revive(PrismContext prismContext);
 
+	/**
+	 * Used in debugDumping items. Does not need to have name in it as item already has it. Does not need
+	 * to have class as that is just too much info that is almost anytime pretty obvious anyway.
+	 */
+	void debugDumpShortToString(StringBuilder sb);
 }
diff --git a/infra/prism/src/main/java/com/evolveum/midpoint/prism/ItemDefinitionImpl.java b/infra/prism/src/main/java/com/evolveum/midpoint/prism/ItemDefinitionImpl.java
@@ -430,7 +430,8 @@ public String toString() {
 	 * Used in debugDumping items. Does not need to have name in it as item already has it. Does not need
 	 * to have class as that is just too much info that is almost anytime pretty obvious anyway.
 	 */
-	void debugDumpShortToString(StringBuilder sb) {
+	@Override
+	public void debugDumpShortToString(StringBuilder sb) {
 		sb.append(PrettyPrinter.prettyPrint(getTypeName()));
         debugMultiplicity(sb);
         debugFlags(sb);

diff --git a/infra/prism/src/main/java/com/evolveum/midpoint/prism/PrismConstants.java b/infra/prism/src/main/java/com/evolveum/midpoint/prism/PrismConstants.java
@@ -48,6 +48,10 @@ public class PrismConstants {
 
 	public static final String NS_MATCHING_RULE = NS_PREFIX + "matching-rule-3";
 	public static final String PREFIX_NS_MATCHING = "mr";
+
+	public static final String NS_PREFIX_CRYPTO = NS_PREFIX + "crypto/";
+	public static final String NS_PREFIX_CRYPTO_ALGORITHM = NS_PREFIX_CRYPTO + "algorithm/";
+	public static final String NS_CRYPTO_ALGORITHM_PBKD = NS_PREFIX_CRYPTO_ALGORITHM + "pbkd-3";
 
 	// Annotations
 

diff --git a/infra/prism/src/main/java/com/evolveum/midpoint/prism/PrismProperty.java b/infra/prism/src/main/java/com/evolveum/midpoint/prism/PrismProperty.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2010-2016 Evolveum
+ * Copyright (c) 2010-2017 Evolveum
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -565,7 +565,7 @@ public String debugDump(int indent) {
 
         if (def != null && DebugUtil.isDetailedDebugDump()) {
             sb.append(" def(");
-			((PrismPropertyDefinitionImpl) def).debugDumpShortToString(sb);
+            def.debugDumpShortToString(sb);
 //            if (def.isIndexed() != null) {
 //                sb.append(def.isIndexed() ? ",i+" : ",i-");
 //            }

diff --git a/infra/prism/src/main/java/com/evolveum/midpoint/prism/crypto/BaseProtector.java b/infra/prism/src/main/java/com/evolveum/midpoint/prism/crypto/BaseProtector.java
@@ -42,7 +42,7 @@ public <T> void decrypt(ProtectedData<T> protectedData) throws EncryptionExcepti
     protected abstract <T> byte[] decryptBytes(ProtectedData<T> protectedData) throws SchemaException, EncryptionException;
 
     @Override
-    public String decryptString(ProtectedStringType protectedString) throws EncryptionException {
+    public String decryptString(ProtectedData<String> protectedString) throws EncryptionException {
         try {
             if (!protectedString.isEncrypted()) {
                 return protectedString.getClearValue();
@@ -68,5 +68,5 @@ public boolean isEncrypted(ProtectedStringType ps) {
         Validate.notNull(ps, "Protected string must not be null.");
         return ps.isEncrypted();
     }
-
+    
 }
diff --git a/infra/prism/src/main/java/com/evolveum/midpoint/prism/crypto/ProtectedData.java b/infra/prism/src/main/java/com/evolveum/midpoint/prism/crypto/ProtectedData.java
@@ -1,5 +1,5 @@
 /**
- * Copyright (c) 2014 Evolveum
+ * Copyright (c) 2014-2017 Evolveum
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,6 +16,7 @@
 package com.evolveum.midpoint.prism.crypto;
 
 import com.evolveum.prism.xml.ns._public.types_3.EncryptedDataType;
+import com.evolveum.prism.xml.ns._public.types_3.HashedDataType;
 
 /**
  * @author Radovan Semancik
@@ -27,6 +28,10 @@ public interface ProtectedData<T> {
 
 	abstract void setClearBytes(byte[] bytes);
 
+	abstract T getClearValue();
+
+	abstract void setClearValue(T data);
+
 	abstract void destroyCleartext();
 
 	EncryptedDataType getEncryptedDataType();
@@ -35,4 +40,11 @@ public interface ProtectedData<T> {
 
 	boolean isEncrypted();
 
+	HashedDataType getHashedDataType();
+
+	void setHashedData(HashedDataType hashedDataType);
+
+	boolean isHashed();
+
+	boolean canSupportType(Class<?> type);
 }
diff --git a/infra/prism/src/main/java/com/evolveum/midpoint/prism/crypto/Protector.java b/infra/prism/src/main/java/com/evolveum/midpoint/prism/crypto/Protector.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2010-2013 Evolveum
+ * Copyright (c) 2010-2017 Evolveum
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -50,20 +50,7 @@ public interface Protector {
 	 *             if protectedString argument is null or EncryptedData in
 	 *             protectedString argument is null
 	 */
-	String decryptString(ProtectedStringType protectedString) throws EncryptionException;
-
-//	/**
-//	 * 
-//	 * @param protectedString
-//	 * @return decrypted DOM {@link Element}
-//	 * @throws EncryptionException
-//	 *             this is thrown probably in case JRE/JDK doesn't have JCE
-//	 *             installed
-//	 * @throws IllegalArgumentException
-//	 *             if protectedString argument is null or EncryptedData in
-//	 *             protectedString argument is null
-//	 */
-//	Element decrypt(ProtectedStringType protectedString) throws EncryptionException;
+	String decryptString(ProtectedData<String> protectedString) throws EncryptionException;
 
 	/**
 	 *
@@ -76,29 +63,15 @@ public interface Protector {
 	 */
 	ProtectedStringType encryptString(String text) throws EncryptionException;
 
-//	/**
-//	 * 
-//	 * @param plain
-//	 * @return {@link ProtectedStringType} with encrypted element inside it. If
-//	 *         input argument is null, method returns null.
-//	 * @throws EncryptionException
-//	 *             this is thrown probably in case JRE/JDK doesn't have JCE
-//	 *             installed
-//	 */
-//	ProtectedStringType encrypt(Element plain) throws EncryptionException;
-//
-//	/**
-//	 * Encrypts the ProtectedStringType "in place".
-//	 * @param ps
-//	 * @throws EncryptionException 
-//	 */
-//	void encrypt(ProtectedStringType ps) throws EncryptionException;
-//
 	/**
 	 * Returns true if protected string contains encrypted data that seems valid.
+	 * DEPRECATED. Use ProtectedStringType.isEncrypted() instead
 	 */
+	@Deprecated
 	boolean isEncrypted(ProtectedStringType ps);
-
-	boolean compare(ProtectedStringType a, ProtectedStringType b) throws EncryptionException;
+
+	<T> void hash(ProtectedData<T> protectedData) throws EncryptionException, SchemaException;
+
+	boolean compare(ProtectedStringType a, ProtectedStringType b) throws EncryptionException, SchemaException;
 
 }