This is an automated email from the ASF dual-hosted git repository. krisden pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/knox.git
commit 9cdf531fb3d7259e8d16d27bb2ed7cdf1de6e4df Author: Kevin Risden <kris...@apache.org> AuthorDate: Tue Feb 19 15:17:35 2019 -0500 KNOX-1787 - Create PasswordUtils class in gateway-util-common Signed-off-by: Kevin Risden <kris...@apache.org> --- .../security/impl/DefaultAliasService.java | 19 +-------- .../services/security/impl/RemoteAliasService.java | 3 +- .../apache/knox/gateway/util/PasswordUtils.java | 48 ++++++++++++++++++++++ .../knox/gateway/util/PasswordUtilsTest.java | 33 +++++++++++++++ 4 files changed, 85 insertions(+), 18 deletions(-) diff --git a/gateway-server/src/main/java/org/apache/knox/gateway/services/security/impl/DefaultAliasService.java b/gateway-server/src/main/java/org/apache/knox/gateway/services/security/impl/DefaultAliasService.java index 2cafd3f..bddfb88 100644 --- a/gateway-server/src/main/java/org/apache/knox/gateway/services/security/impl/DefaultAliasService.java +++ b/gateway-server/src/main/java/org/apache/knox/gateway/services/security/impl/DefaultAliasService.java @@ -19,7 +19,6 @@ package org.apache.knox.gateway.services.security.impl; import java.security.KeyStore; import java.security.KeyStoreException; -import java.security.SecureRandom; import java.security.cert.Certificate; import java.util.ArrayList; import java.util.Enumeration; @@ -35,18 +34,13 @@ import org.apache.knox.gateway.services.security.AliasServiceException; import org.apache.knox.gateway.services.security.KeystoreService; import org.apache.knox.gateway.services.security.KeystoreServiceException; import org.apache.knox.gateway.services.security.MasterService; +import org.apache.knox.gateway.util.PasswordUtils; public class DefaultAliasService implements AliasService { private static final GatewayMessages LOG = MessagesFactory.get( GatewayMessages.class ); private static final String GATEWAY_IDENTITY_PASSPHRASE = "gateway-identity-passphrase"; - protected static char[] chars = { 'a', 'b', 'c', 'd', 'e', 'f', 'g', - 'h', 'j', 'k', 'm', 'n', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', - 'x', 'y', 'z', 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'J', 'K', - 'M', 'N', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', - '2', '3', '4', '5', '6', '7', '8', '9',}; - private KeystoreService keystoreService; private MasterService masterService; @@ -97,15 +91,6 @@ public class DefaultAliasService implements AliasService { return credential; } - protected static String generatePassword(int length) { - StringBuilder sb = new StringBuilder(); - SecureRandom r = new SecureRandom(); - for (int i = 0; i < length; i++) { - sb.append(chars[r.nextInt(chars.length)]); - } - return sb.toString(); - } - public void setKeystoreService(KeystoreService ks) { this.keystoreService = ks; } @@ -124,7 +109,7 @@ public class DefaultAliasService implements AliasService { LOG.failedToGenerateAliasForCluster(clusterName, e); throw new AliasServiceException(e); } - String passwordString = generatePassword(16); + String passwordString = PasswordUtils.generatePassword(16); addAliasForCluster(clusterName, alias, passwordString); } diff --git a/gateway-server/src/main/java/org/apache/knox/gateway/services/security/impl/RemoteAliasService.java b/gateway-server/src/main/java/org/apache/knox/gateway/services/security/impl/RemoteAliasService.java index aca172b..4cd2160 100644 --- a/gateway-server/src/main/java/org/apache/knox/gateway/services/security/impl/RemoteAliasService.java +++ b/gateway-server/src/main/java/org/apache/knox/gateway/services/security/impl/RemoteAliasService.java @@ -31,6 +31,7 @@ import org.apache.knox.gateway.services.security.AliasService; import org.apache.knox.gateway.services.security.AliasServiceException; import org.apache.knox.gateway.services.security.EncryptionResult; import org.apache.knox.gateway.services.security.MasterService; +import org.apache.knox.gateway.util.PasswordUtils; import org.apache.zookeeper.ZooDefs; import java.nio.charset.StandardCharsets; @@ -366,7 +367,7 @@ public class RemoteAliasService implements AliasService { /* convert all alias names to lower case since JDK expects the same behaviour */ final String alias = givenAlias.toLowerCase(Locale.ROOT); /* auto-generated password */ - final String passwordString = DefaultAliasService.generatePassword(16); + final String passwordString = PasswordUtils.generatePassword(16); addAliasForCluster(clusterName, alias, passwordString); } diff --git a/gateway-util-common/src/main/java/org/apache/knox/gateway/util/PasswordUtils.java b/gateway-util-common/src/main/java/org/apache/knox/gateway/util/PasswordUtils.java new file mode 100644 index 0000000..55f3f2d --- /dev/null +++ b/gateway-util-common/src/main/java/org/apache/knox/gateway/util/PasswordUtils.java @@ -0,0 +1,48 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.knox.gateway.util; + +import java.security.NoSuchAlgorithmException; +import java.security.SecureRandom; + +public class PasswordUtils { + private static final SecureRandom SECURE_RANDOM = getSecureRandom(); + private static final char[] ALPHANUMERIC_CHARS = { 'a', 'b', 'c', 'd', 'e', 'f', 'g', + 'h', 'j', 'k', 'm', 'n', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', + 'x', 'y', 'z', 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'J', 'K', + 'M', 'N', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', + '2', '3', '4', '5', '6', '7', '8', '9',}; + + private PasswordUtils() {} + + private static SecureRandom getSecureRandom() { + try { + return SecureRandom.getInstanceStrong(); + } catch (NoSuchAlgorithmException e) { + throw new IllegalStateException(e); + } + } + + public static synchronized String generatePassword(int length) { + StringBuilder sb = new StringBuilder(); + for (int i = 0; i < length; i++) { + sb.append(ALPHANUMERIC_CHARS[SECURE_RANDOM.nextInt(ALPHANUMERIC_CHARS.length)]); + } + return sb.toString(); + } +} diff --git a/gateway-util-common/src/test/java/org/apache/knox/gateway/util/PasswordUtilsTest.java b/gateway-util-common/src/test/java/org/apache/knox/gateway/util/PasswordUtilsTest.java new file mode 100644 index 0000000..c2d9882 --- /dev/null +++ b/gateway-util-common/src/test/java/org/apache/knox/gateway/util/PasswordUtilsTest.java @@ -0,0 +1,33 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.knox.gateway.util; + +import org.junit.Test; + +import java.util.Random; + +import static org.junit.Assert.assertEquals; + +public class PasswordUtilsTest { + @Test + public void testGeneratePassword() { + int len = new Random().nextInt(20); + String randomPassword = PasswordUtils.generatePassword(len); + assertEquals(len, randomPassword.length()); + } +}