org.jboss.as.security.vault.VaultTool.java Source code

Java tutorial

Introduction

Here is the source code for org.jboss.as.security.vault.VaultTool.java

Source

/*
 * JBoss, Home of Professional Open Source.
 * Copyright 2011, Red Hat, Inc., and individual contributors
 * as indicated by the @author tags. See the copyright.txt file in the
 * distribution for a full listing of individual contributors.
 *
 * This is free software; you can redistribute it and/or modify it
 * under the terms of the GNU Lesser General Public License as
 * published by the Free Software Foundation; either version 2.1 of
 * the License, or (at your option) any later version.
 *
 * This software is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this software; if not, write to the Free
 * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
 * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
 */
package org.jboss.as.security.vault;

import java.io.Console;
import java.util.InputMismatchException;
import java.util.Scanner;

import org.apache.commons.cli.CommandLine;
import org.apache.commons.cli.CommandLineParser;
import org.apache.commons.cli.HelpFormatter;
import org.apache.commons.cli.Option;
import org.apache.commons.cli.OptionGroup;
import org.apache.commons.cli.Options;
import org.apache.commons.cli.ParseException;
import org.apache.commons.cli.PosixParser;
import org.jboss.as.security.logging.SecurityLogger;

/**
 * Command Line Tool for the default implementation of the {@link org.jboss.security.vault.SecurityVault}
 *
 * @author Anil Saldhana
 * @author Peter Skopek
 */
public class VaultTool {

    public static final String KEYSTORE_PARAM = "keystore";
    public static final String KEYSTORE_PASSWORD_PARAM = "keystore-password";
    public static final String ENC_DIR_PARAM = "enc-dir";
    public static final String SALT_PARAM = "salt";
    public static final String ITERATION_PARAM = "iteration";
    public static final String ALIAS_PARAM = "alias";
    public static final String VAULT_BLOCK_PARAM = "vault-block";
    public static final String ATTRIBUTE_PARAM = "attribute";
    public static final String SEC_ATTR_VALUE_PARAM = "sec-attr";
    public static final String CHECK_SEC_ATTR_EXISTS_PARAM = "check-sec-attr";
    public static final String REMOVE_SEC_ATTR_PARAM = "remove-sec-attr";
    public static final String CREATE_KEYSTORE_PARAM = "create-keystore";
    public static final String HELP_PARAM = "help";

    private VaultInteractiveSession session = null;
    private VaultSession nonInteractiveSession = null;

    private Options options = null;
    private CommandLineParser parser = null;
    private CommandLine cmdLine = null;

    public void setSession(VaultInteractiveSession sess) {
        session = sess;
    }

    public VaultInteractiveSession getSession() {
        return session;
    }

    public static void main(String[] args) {

        VaultTool tool = null;

        if (args != null && args.length > 0) {
            int returnVal = 0;
            try {
                tool = new VaultTool(args);
                returnVal = tool.execute();
            } catch (Exception e) {
                System.err.println(SecurityLogger.ROOT_LOGGER.problemOcurred());
                e.printStackTrace(System.err);
                System.exit(1);
            }
            System.exit(returnVal);
        } else {
            tool = new VaultTool();

            System.out.println("**********************************");
            System.out.println("****  JBoss Vault  ***************");
            System.out.println("**********************************");

            Console console = System.console();

            if (console == null) {
                System.err.println(SecurityLogger.ROOT_LOGGER.noConsole());
                System.exit(1);
            }

            Scanner in = new Scanner(System.in);
            while (true) {
                System.out.println(SecurityLogger.ROOT_LOGGER.interactiveCommandString());
                try {
                    int choice = in.nextInt();
                    switch (choice) {
                    case 0:
                        System.out.println(SecurityLogger.ROOT_LOGGER.startingInteractiveSession());
                        VaultInteractiveSession vsession = new VaultInteractiveSession();
                        tool.setSession(vsession);
                        vsession.start();
                        break;
                    case 1:
                        System.out.println(SecurityLogger.ROOT_LOGGER.removingInteractiveSession());
                        tool.setSession(null);
                        break;
                    default:
                        in.close();
                        System.exit(0);
                    }
                } catch (InputMismatchException e) {
                    in.close();
                    System.exit(0);
                }
            }
        }
    }

    public VaultTool(String[] args) {
        initOptions();
        parser = new PosixParser();
        try {
            cmdLine = parser.parse(options, args, true);
        } catch (ParseException e) {
            System.out.println(SecurityLogger.ROOT_LOGGER.problemParsingCommandLineParameters());
            e.printStackTrace(System.err);
            System.exit(2);
        }
    }

    public VaultTool() {
    }

    /**
     * Build options for non-interactive VaultTool usage scenario.
     *
     * @return
     */
    private void initOptions() {
        options = new Options();
        options.addOption("k", KEYSTORE_PARAM, true, SecurityLogger.ROOT_LOGGER.cmdLineKeyStoreURL());
        options.addOption("p", KEYSTORE_PASSWORD_PARAM, true, SecurityLogger.ROOT_LOGGER.cmdLineKeyStorePassword());
        options.addOption("e", ENC_DIR_PARAM, true, SecurityLogger.ROOT_LOGGER.cmdLineEncryptionDirectory());
        options.addOption("s", SALT_PARAM, true, SecurityLogger.ROOT_LOGGER.cmdLineSalt());
        options.addOption("i", ITERATION_PARAM, true, SecurityLogger.ROOT_LOGGER.cmdLineIterationCount());
        options.addOption("v", ALIAS_PARAM, true, SecurityLogger.ROOT_LOGGER.cmdLineVaultKeyStoreAlias());
        options.addOption("b", VAULT_BLOCK_PARAM, true, SecurityLogger.ROOT_LOGGER.cmdLineVaultBlock());
        options.addOption("a", ATTRIBUTE_PARAM, true, SecurityLogger.ROOT_LOGGER.cmdLineAttributeName());
        options.addOption("t", CREATE_KEYSTORE_PARAM, false,
                SecurityLogger.ROOT_LOGGER.cmdLineAutomaticallyCreateKeystore());

        OptionGroup og = new OptionGroup();
        Option x = new Option("x", SEC_ATTR_VALUE_PARAM, true,
                SecurityLogger.ROOT_LOGGER.cmdLineSecuredAttribute());
        Option c = new Option("c", CHECK_SEC_ATTR_EXISTS_PARAM, false,
                SecurityLogger.ROOT_LOGGER.cmdLineCheckAttribute());
        Option r = new Option("r", REMOVE_SEC_ATTR_PARAM, false,
                SecurityLogger.ROOT_LOGGER.cmdLineRemoveSecuredAttribute());
        Option h = new Option("h", HELP_PARAM, false, SecurityLogger.ROOT_LOGGER.cmdLineHelp());
        og.addOption(x);
        og.addOption(c);
        og.addOption(r);
        og.addOption(h);
        og.setRequired(true);
        options.addOptionGroup(og);
    }

    private int execute() throws Exception {

        if (cmdLine.hasOption(HELP_PARAM)) {
            printUsage();
            return 100;
        }

        String keystoreURL = cmdLine.getOptionValue(KEYSTORE_PARAM, "vault.keystore");
        String keystorePassword = cmdLine.getOptionValue(KEYSTORE_PASSWORD_PARAM, "");
        String encryptionDirectory = cmdLine.getOptionValue(ENC_DIR_PARAM, "vault");
        String salt = cmdLine.getOptionValue(SALT_PARAM, "12345678");
        int iterationCount = Integer.parseInt(cmdLine.getOptionValue(ITERATION_PARAM, "23"));
        boolean createKeyStore = cmdLine.hasOption(CREATE_KEYSTORE_PARAM);

        nonInteractiveSession = new VaultSession(keystoreURL, keystorePassword, encryptionDirectory, salt,
                iterationCount, createKeyStore);

        nonInteractiveSession.startVaultSession(cmdLine.getOptionValue("alias", "vault"));

        String vaultBlock = cmdLine.getOptionValue(VAULT_BLOCK_PARAM, "vb");
        String attributeName = cmdLine.getOptionValue(ATTRIBUTE_PARAM, "password");

        if (cmdLine.hasOption(CHECK_SEC_ATTR_EXISTS_PARAM)) {
            // check password
            if (nonInteractiveSession.checkSecuredAttribute(vaultBlock, attributeName)) {
                System.out.println(SecurityLogger.ROOT_LOGGER.cmdLineSecuredAttributeAlreadyExists());
                return 0;
            } else {
                System.out.println(SecurityLogger.ROOT_LOGGER.cmdLineSecuredAttributeDoesNotExist());
                return 5;
            }
        }
        if (cmdLine.hasOption(REMOVE_SEC_ATTR_PARAM)) {
            // remove password
            if (nonInteractiveSession.removeSecuredAttribute(vaultBlock, attributeName)) {
                System.out.println(SecurityLogger.ROOT_LOGGER.messageAttributeRemovedSuccessfuly(
                        VaultSession.blockAttributeDisplayFormat(vaultBlock, attributeName)));
                return 0;
            } else {
                System.out.println(SecurityLogger.ROOT_LOGGER.messageAttributeNotRemoved(
                        VaultSession.blockAttributeDisplayFormat(vaultBlock, attributeName)));
                return 6;
            }
        } else if (cmdLine.hasOption(SEC_ATTR_VALUE_PARAM)) {
            // add password
            String password = cmdLine.getOptionValue(SEC_ATTR_VALUE_PARAM, "password");
            nonInteractiveSession.addSecuredAttributeWithDisplay(vaultBlock, attributeName, password.toCharArray());
            summary();
            return 0;
        } else {
            System.out.println(SecurityLogger.ROOT_LOGGER.actionNotSpecified());
            return -1;
        }
    }

    private void summary() {
        nonInteractiveSession.vaultConfigurationDisplay();
    }

    private void printUsage() {
        HelpFormatter help = new HelpFormatter();
        String suffix = (VaultTool.isWindows() ? ".bat" : ".sh");
        help.printHelp("vault" + suffix + " <empty> | ", options, true);
    }

    public static boolean isWindows() {
        String opsys = System.getProperty("os.name").toLowerCase();
        return (opsys.indexOf("win") >= 0);
    }
}