[1227] | 1 | package gov.va.med.edp.springframework.security.userdetails.vistalink;
|
---|
| 2 |
|
---|
| 3 | import gov.va.med.crypto.VistaKernelHash;
|
---|
| 4 | import gov.va.med.crypto.VistaKernelHashCountLimitExceededException;
|
---|
| 5 | import gov.va.med.vistalink.adapter.cci.VistaLinkConnectionSpecImpl;
|
---|
| 6 | import org.w3c.dom.CDATASection;
|
---|
| 7 | import org.w3c.dom.Document;
|
---|
| 8 | import org.w3c.dom.Element;
|
---|
| 9 | import org.w3c.dom.Node;
|
---|
| 10 | import org.slf4j.Logger;
|
---|
| 11 | import org.slf4j.LoggerFactory;
|
---|
| 12 |
|
---|
| 13 | import java.util.ArrayList;
|
---|
| 14 |
|
---|
| 15 | class VistaLinkAccessVerifyConnectionSpec extends VistaLinkConnectionSpecImpl {
|
---|
| 16 |
|
---|
| 17 | private static final String TYPE_AV = "av";
|
---|
| 18 | private static final String ELEMENT_AV = "AccessVerify";
|
---|
| 19 | private static final String ATTRIBUTE_AVCODE = "avCode";
|
---|
| 20 | private String accessCode;
|
---|
| 21 | private String verifyCode;
|
---|
| 22 | private String clientIp;
|
---|
| 23 | private String avCode;
|
---|
| 24 |
|
---|
| 25 | private static Logger logger =
|
---|
| 26 | LoggerFactory.getLogger(VistaLinkAccessVerifyConnectionSpec.class);
|
---|
| 27 |
|
---|
| 28 | /**
|
---|
| 29 | * Main constructor for this connection spec.
|
---|
| 30 | *
|
---|
| 31 | * @param division station # (external format) of the division to log the user in against
|
---|
| 32 | * @param accessCode user access code
|
---|
| 33 | * @param verifyCode user verify code
|
---|
| 34 | */
|
---|
| 35 | public VistaLinkAccessVerifyConnectionSpec(
|
---|
| 36 | String division,
|
---|
| 37 | String accessCode,
|
---|
| 38 | String verifyCode,
|
---|
| 39 | String clientIp) {
|
---|
| 40 |
|
---|
| 41 | super(division);
|
---|
| 42 | this.accessCode = accessCode;
|
---|
| 43 | this.verifyCode = verifyCode;
|
---|
| 44 | this.clientIp = clientIp;
|
---|
| 45 | this.avCode = "";
|
---|
| 46 | try {
|
---|
| 47 | this.avCode =
|
---|
| 48 | VistaKernelHash.encrypt(
|
---|
| 49 | accessCode + ";" + verifyCode + ";" + clientIp,
|
---|
| 50 | true);
|
---|
| 51 | } catch (VistaKernelHashCountLimitExceededException e) {
|
---|
| 52 | logger.error("Could not encrypt access/verify code", e);
|
---|
| 53 | }
|
---|
| 54 | }
|
---|
| 55 |
|
---|
| 56 | public ArrayList getProprietarySecurityInfo() {
|
---|
| 57 | ArrayList values = new ArrayList();
|
---|
| 58 | values.add(this.avCode);
|
---|
| 59 | return values;
|
---|
| 60 | }
|
---|
| 61 |
|
---|
| 62 | public void setAuthenticationNodes(
|
---|
| 63 | Document requestDoc,
|
---|
| 64 | Node securityNode) {
|
---|
| 65 |
|
---|
| 66 | if (logger.isDebugEnabled()) {
|
---|
| 67 | logger.debug("setAuthenticationNodes -> Re Auth type is 'av'");
|
---|
| 68 | }
|
---|
| 69 |
|
---|
| 70 | //AC/OAK OIFO - Next line commented out and replaced by following line as required for upgrading to VL 1.5 dev17:
|
---|
| 71 | // setSecurityDivision(securityNode, this.getDivision());
|
---|
| 72 | setSecurityDivisionAttr(securityNode);
|
---|
| 73 | //AC/OAK OIFO - Next line commented out and replaced by following line as required for upgrading to VL 1.5 dev17:
|
---|
| 74 | // setSecurityType(securityNode, TYPE_AV);
|
---|
| 75 | setSecurityTypeAttr(securityNode);
|
---|
| 76 |
|
---|
| 77 | Element elemAV = requestDoc.createElement(ELEMENT_AV);
|
---|
| 78 |
|
---|
| 79 | /* add CDATA section for encoded AV code */
|
---|
| 80 | CDATASection cdata = requestDoc.createCDATASection(this.avCode);
|
---|
| 81 | Node currentAvCdataNode = elemAV.getFirstChild();
|
---|
| 82 | if (currentAvCdataNode != null) {
|
---|
| 83 | elemAV.removeChild(currentAvCdataNode);
|
---|
| 84 | }
|
---|
| 85 | elemAV.appendChild(cdata);
|
---|
| 86 |
|
---|
| 87 | securityNode.appendChild(elemAV);
|
---|
| 88 |
|
---|
| 89 | }
|
---|
| 90 |
|
---|
| 91 | /**
|
---|
| 92 | * checks equality with any object
|
---|
| 93 | */
|
---|
| 94 | public boolean isConnSpecEqual(Object obj) {
|
---|
| 95 | return equals(obj);
|
---|
| 96 | }
|
---|
| 97 |
|
---|
| 98 | /**
|
---|
| 99 | * @return whether the object is equal
|
---|
| 100 | */
|
---|
| 101 | public boolean equals(Object obj) {
|
---|
| 102 | if (obj instanceof VistaLinkAccessVerifyConnectionSpec) {
|
---|
| 103 | VistaLinkAccessVerifyConnectionSpec connSpec =
|
---|
| 104 | (VistaLinkAccessVerifyConnectionSpec) obj;
|
---|
| 105 | if ((connSpec.getDivision().equals(this.getDivision()))
|
---|
| 106 | && (connSpec.getAccessCode().equals(this.getAccessCode()))
|
---|
| 107 | && (connSpec.getVerifyCode().equals(this.getVerifyCode()))
|
---|
| 108 | && (connSpec.getClientIp().equals(this.getClientIp()))) {
|
---|
| 109 | return true;
|
---|
| 110 | }
|
---|
| 111 | }
|
---|
| 112 | return false;
|
---|
| 113 | }
|
---|
| 114 |
|
---|
| 115 | /**
|
---|
| 116 | * @return the hashCode
|
---|
| 117 | */
|
---|
| 118 | public int hashCode() {
|
---|
| 119 | // algorithm taken from "Effective Java" item #8.
|
---|
| 120 | int HASHCODE_SEED = 17;
|
---|
| 121 | int returnVal = HASHCODE_SEED;
|
---|
| 122 |
|
---|
| 123 | // division contribution to hashcode
|
---|
| 124 | int divisionHashCode = this.getDivision().hashCode();
|
---|
| 125 | returnVal = 37 * returnVal + divisionHashCode;
|
---|
| 126 | // Access code contribution to hashcode
|
---|
| 127 | int accessHashCode = this.getAccessCode().hashCode();
|
---|
| 128 | returnVal = 37 * returnVal + accessHashCode;
|
---|
| 129 | // Verify code contribution to hashcode
|
---|
| 130 | int verifyHashCode = this.getVerifyCode().hashCode();
|
---|
| 131 | returnVal = 37 * returnVal + verifyHashCode;
|
---|
| 132 | // Client IP contribution to hashcode
|
---|
| 133 | int clientIPHashCode = this.getClientIp().hashCode();
|
---|
| 134 | returnVal = 37 * returnVal + clientIPHashCode;
|
---|
| 135 | return returnVal;
|
---|
| 136 | }
|
---|
| 137 |
|
---|
| 138 | /**
|
---|
| 139 | * @return the client ip address
|
---|
| 140 | */
|
---|
| 141 | public String getClientIp() {
|
---|
| 142 | return this.clientIp;
|
---|
| 143 | }
|
---|
| 144 |
|
---|
| 145 | /**
|
---|
| 146 | * @return the internal access code
|
---|
| 147 | */
|
---|
| 148 | public String getAccessCode() {
|
---|
| 149 | return accessCode;
|
---|
| 150 | }
|
---|
| 151 |
|
---|
| 152 | /**
|
---|
| 153 | * @return the internal verify code
|
---|
| 154 | */
|
---|
| 155 | public String getVerifyCode() {
|
---|
| 156 | return verifyCode;
|
---|
| 157 | }
|
---|
| 158 |
|
---|
| 159 | /**
|
---|
| 160 | * returns the security type.
|
---|
| 161 | */
|
---|
| 162 | public String getSecurityType() {
|
---|
| 163 | return TYPE_AV;
|
---|
| 164 | }
|
---|
| 165 | }
|
---|