Add Keys

pom.xml

@@ -136,6 +136,11 @@
             <artifactId>commons-lang3</artifactId>
             <version>3.12.0</version>
         </dependency>
+        <dependency>
+            <groupId>org.keycloak</groupId>
+            <artifactId>keycloak-core</artifactId>
+            <version>10.0.2</version>
+        </dependency>
 
         <!--Quarkus-->
         <dependency>

src/main/java/io/github/project/openubl/xsender/idm/ServerInfoRepresentation.java

@@ -0,0 +1,35 @@
+/*
+ * Copyright 2019 Project OpenUBL, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Eclipse Public License - v 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://www.eclipse.org/legal/epl-2.0/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package io.github.project.openubl.xsender.idm;
+
+import org.keycloak.representations.idm.ComponentTypeRepresentation;
+
+import java.util.List;
+import java.util.Map;
+
+public class ServerInfoRepresentation {
+
+    private Map<String, List<ComponentTypeRepresentation>> componentTypes;
+
+    public Map<String, List<ComponentTypeRepresentation>> getComponentTypes() {
+        return componentTypes;
+    }
+
+    public void setComponentTypes(Map<String, List<ComponentTypeRepresentation>> componentTypes) {
+        this.componentTypes = componentTypes;
+    }
+}

src/main/java/io/github/project/openubl/xsender/keys/AbstractRsaKeyProvider.java

@@ -0,0 +1,76 @@
+/*
+ * Copyright 2019 Project OpenUBL, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Eclipse Public License - v 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://www.eclipse.org/legal/epl-2.0/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package io.github.project.openubl.xsender.keys;
+
+import io.github.project.openubl.xsender.keys.component.ComponentModel;
+import org.keycloak.common.util.KeyUtils;
+import org.keycloak.crypto.*;
+
+import java.security.KeyPair;
+import java.security.cert.X509Certificate;
+import java.util.Collections;
+import java.util.List;
+
+public abstract class AbstractRsaKeyProvider implements KeyProvider {
+
+    private final KeyStatus status;
+
+    private final ComponentModel model;
+
+    private final KeyWrapper key;
+
+    private final String algorithm;
+
+    public AbstractRsaKeyProvider(String entityId, ComponentModel model) {
+        this.model = model;
+        this.status = KeyStatus.from(model.get(Attributes.ACTIVE_KEY, true), model.get(Attributes.ENABLED_KEY, true));
+        this.algorithm = model.get(Attributes.ALGORITHM_KEY, Algorithm.RS256);
+
+        if (model.hasNote(KeyWrapper.class.getName())) {
+            key = model.getNote(KeyWrapper.class.getName());
+        } else {
+            key = loadKey(entityId, model);
+            model.setNote(KeyWrapper.class.getName(), key);
+        }
+    }
+
+    protected abstract KeyWrapper loadKey(String entityId, ComponentModel model);
+
+    @Override
+    public List<KeyWrapper> getKeys() {
+        return Collections.singletonList(key);
+    }
+
+    protected KeyWrapper createKeyWrapper(KeyPair keyPair, X509Certificate certificate) {
+        KeyWrapper key = new KeyWrapper();
+
+        key.setProviderId(model.getId());
+        key.setProviderPriority(model.get("priority", 0L));
+
+        key.setKid(KeyUtils.createKeyId(keyPair.getPublic()));
+        key.setUse(KeyUse.SIG);
+        key.setType(KeyType.RSA);
+        key.setAlgorithm(algorithm);
+        key.setStatus(status);
+        key.setPrivateKey(keyPair.getPrivate());
+        key.setPublicKey(keyPair.getPublic());
+        key.setCertificate(certificate);
+
+        return key;
+    }
+
+}

src/main/java/io/github/project/openubl/xsender/keys/AbstractRsaKeyProviderFactory.java

@@ -0,0 +1,41 @@
+/*
+ * Copyright 2019 Project OpenUBL, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Eclipse Public License - v 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://www.eclipse.org/legal/epl-2.0/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package io.github.project.openubl.xsender.keys;
+
+import io.github.project.openubl.xsender.keys.component.ComponentModel;
+import io.github.project.openubl.xsender.keys.component.ComponentValidationException;
+import io.github.project.openubl.xsender.keys.provider.ConfigurationValidationHelper;
+import io.github.project.openubl.xsender.keys.provider.ProviderConfigurationBuilder;
+
+public abstract class AbstractRsaKeyProviderFactory implements KeyProviderFactory {
+
+    public static ProviderConfigurationBuilder configurationBuilder() {
+        return ProviderConfigurationBuilder.create()
+                .property(Attributes.PRIORITY_PROPERTY)
+                .property(Attributes.ENABLED_PROPERTY)
+                .property(Attributes.ACTIVE_PROPERTY)
+                .property(Attributes.RS_ALGORITHM_PROPERTY);
+    }
+
+    @Override
+    public void validateConfiguration(String entityId, ComponentModel model) throws ComponentValidationException {
+        ConfigurationValidationHelper.check(model)
+                .checkLong(Attributes.PRIORITY_PROPERTY, false)
+                .checkBoolean(Attributes.ENABLED_PROPERTY, false)
+                .checkBoolean(Attributes.ACTIVE_PROPERTY, false);
+    }
+}

src/main/java/io/github/project/openubl/xsender/keys/Attributes.java

@@ -0,0 +1,58 @@
+/*
+ * Copyright 2019 Project OpenUBL, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Eclipse Public License - v 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://www.eclipse.org/legal/epl-2.0/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package io.github.project.openubl.xsender.keys;
+
+import io.github.project.openubl.xsender.keys.provider.ProviderConfigProperty;
+import org.keycloak.crypto.Algorithm;
+
+public interface Attributes {
+
+    String PRIORITY_KEY = "priority";
+    ProviderConfigProperty PRIORITY_PROPERTY = new ProviderConfigProperty(PRIORITY_KEY, "Priority", "Priority for the provider", ProviderConfigProperty.STRING_TYPE, "0");
+
+    String ENABLED_KEY = "enabled";
+    ProviderConfigProperty ENABLED_PROPERTY = new ProviderConfigProperty(ENABLED_KEY, "Enabled", "Set if the keys are enabled", ProviderConfigProperty.BOOLEAN_TYPE, "true");
+
+    String ACTIVE_KEY = "active";
+    ProviderConfigProperty ACTIVE_PROPERTY = new ProviderConfigProperty(ACTIVE_KEY, "Active", "Set if the keys can be used for signing", ProviderConfigProperty.BOOLEAN_TYPE, "true");
+
+    String PRIVATE_KEY_KEY = "privateKey";
+    ProviderConfigProperty PRIVATE_KEY_PROPERTY = new ProviderConfigProperty(PRIVATE_KEY_KEY, "Private RSA Key", "Private RSA Key encoded in PEM format", ProviderConfigProperty.FILE_TYPE, null, true);
+
+    String CERTIFICATE_KEY = "certificate";
+    ProviderConfigProperty CERTIFICATE_PROPERTY = new ProviderConfigProperty(CERTIFICATE_KEY, "X509 Certificate", "X509 Certificate encoded in PEM format", ProviderConfigProperty.FILE_TYPE, null);
+
+    String KEY_SIZE_KEY = "keySize";
+    ProviderConfigProperty KEY_SIZE_PROPERTY = new ProviderConfigProperty(KEY_SIZE_KEY, "Key size", "Size for the generated keys", ProviderConfigProperty.LIST_TYPE, "2048", "1024", "2048", "4096");
+
+    String KID_KEY = "kid";
+
+    String SECRET_KEY = "secret";
+
+    String SECRET_SIZE_KEY = "secretSize";
+    ProviderConfigProperty SECRET_SIZE_PROPERTY = new ProviderConfigProperty(SECRET_SIZE_KEY, "Secret size", "Size in bytes for the generated secret", ProviderConfigProperty.LIST_TYPE, "32", "32", "64", "128", "256", "512");
+
+    String ALGORITHM_KEY = "algorithm";
+
+    ProviderConfigProperty RS_ALGORITHM_PROPERTY = new ProviderConfigProperty(ALGORITHM_KEY, "Algorithm", "Intended algorithm for the key", ProviderConfigProperty.LIST_TYPE,
+            Algorithm.RS256,
+            Algorithm.RS256, Algorithm.RS384, Algorithm.RS512, Algorithm.PS256, Algorithm.PS384, Algorithm.PS512);
+
+    ProviderConfigProperty HS_ALGORITHM_PROPERTY = new ProviderConfigProperty(ALGORITHM_KEY, "Algorithm", "Intended algorithm for the key", ProviderConfigProperty.LIST_TYPE,
+            Algorithm.HS256,
+            Algorithm.HS256, Algorithm.HS384, Algorithm.HS512);
+}

src/main/java/io/github/project/openubl/xsender/keys/ComponentProvider.java

@@ -0,0 +1,55 @@
+/*
+ * Copyright 2019 Project OpenUBL, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Eclipse Public License - v 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://www.eclipse.org/legal/epl-2.0/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package io.github.project.openubl.xsender.keys;
+
+import io.github.project.openubl.xsender.keys.component.ComponentModel;
+
+import java.util.List;
+
+public interface ComponentProvider {
+
+    /**
+     * Adds component model. Will call onCreate() method of ComponentFactory
+     *
+     * @param model
+     * @return
+     */
+    ComponentModel addComponentModel(String entityId, ComponentModel model);
+
+    /**
+     * Adds component model. Will NOT call onCreate() method of ComponentFactory
+     *
+     * @param model
+     * @return
+     */
+    ComponentModel importComponentModel(String entityId, ComponentModel model);
+
+    void updateComponent(String entityId, ComponentModel component);
+
+    void removeComponent(String entityId, ComponentModel component);
+
+    void removeComponents(String entityId, String parentId);
+
+    List<ComponentModel> getComponents(String entityId, String parentId, String providerType);
+
+    List<ComponentModel> getComponents(String entityId, String parentId);
+
+    List<ComponentModel> getComponents(String entityId);
+
+    ComponentModel getComponent(String entityId, String id);
+
+}