001    /**
002     * Licensed to the Apache Software Foundation (ASF) under one or more
003     * contributor license agreements.  See the NOTICE file distributed with
004     * this work for additional information regarding copyright ownership.
005     * The ASF licenses this file to You under the Apache License, Version 2.0
006     * (the "License"); you may not use this file except in compliance with
007     * the License.  You may obtain a copy of the License at
008     *
009     *      http://www.apache.org/licenses/LICENSE-2.0
010     *
011     * Unless required by applicable law or agreed to in writing, software
012     * distributed under the License is distributed on an "AS IS" BASIS,
013     * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014     * See the License for the specific language governing permissions and
015     * limitations under the License.
016     */
017    package org.apache.camel.component.shiro.security;
018    
019    import java.io.ByteArrayOutputStream;
020    import java.io.ObjectOutput;
021    import java.io.ObjectOutputStream;
022    
023    import org.apache.camel.Exchange;
024    import org.apache.camel.Processor;
025    import org.apache.shiro.crypto.AesCipherService;
026    import org.apache.shiro.crypto.CipherService;
027    import org.apache.shiro.util.ByteSource;
028    
029    public class ShiroSecurityTokenInjector implements Processor {
030        private final byte[] bits128 = {
031            (byte) 0x08, (byte) 0x09, (byte) 0x0A, (byte) 0x0B,
032            (byte) 0x0C, (byte) 0x0D, (byte) 0x0E, (byte) 0x0F,
033            (byte) 0x10, (byte) 0x11, (byte) 0x12, (byte) 0x13,
034            (byte) 0x14, (byte) 0x15, (byte) 0x16, (byte) 0x17};
035        private byte[] passPhrase;
036        private ShiroSecurityToken securityToken;
037        private CipherService cipherService;
038        
039        public ShiroSecurityTokenInjector() {
040            this.passPhrase = bits128;
041    
042            // Set up AES encryption based cipher service, by default
043            cipherService = new AesCipherService();
044        }
045    
046        public ShiroSecurityTokenInjector(ShiroSecurityToken securityToken, byte[] passPhrase) {
047            this();
048            this.setSecurityToken(securityToken);
049            this.setPassPhrase(passPhrase);
050        }
051    
052        public ShiroSecurityTokenInjector(ShiroSecurityToken securityToken, byte[] passPhrase, CipherService cipherService) {
053            this(securityToken, passPhrase);
054            this.cipherService = cipherService;
055        }
056    
057        public ByteSource encrypt() throws Exception {
058            ByteArrayOutputStream stream = new  ByteArrayOutputStream();
059            ObjectOutput serialStream = new ObjectOutputStream(stream);
060            serialStream.writeObject(securityToken);
061            ByteSource byteSource = cipherService.encrypt(stream.toByteArray(), passPhrase);
062            serialStream.close();
063            stream.close();
064            
065            return byteSource;
066        }
067    
068        public void process(Exchange exchange) throws Exception {
069            exchange.getIn().setHeader("SHIRO_SECURITY_TOKEN", encrypt());
070        }
071    
072        public byte[] getPassPhrase() {
073            return passPhrase;
074        }
075    
076        public void setPassPhrase(byte[] passPhrase) {
077            this.passPhrase = passPhrase;
078        }
079    
080        public void setSecurityToken(ShiroSecurityToken securityToken) {
081            this.securityToken = securityToken;
082        }
083    
084        public ShiroSecurityToken getSecurityToken() {
085            return securityToken;
086        }
087    
088        public CipherService getCipherService() {
089            return cipherService;
090        }
091    
092        public void setCipherService(CipherService cipherService) {
093            this.cipherService = cipherService;
094        }
095        
096    }