StephanRichter/LightOidc
1
0
Fork 0
Code Issues Pull Requests Actions Projects Releases Wiki Activity

implemented EncryptedKeyStore

Browse Source 
for this to work, the KeyStorage interface had to be extended

Signed-off-by: Stephan Richter <s.richter@srsoftware.de>
This commit is contained in:
Stephan Richter
2024-09-29 00:16:56 +02:00
parent 32f773c184
commit 9ea6148583
10 changed files with 141 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
de.srsoftware.oidc.app/src/main/java/de/srsoftware/oidc/app/Application.java
View File

@@ -19,6 +19,7 @@ import de.srsoftware.oidc.api.*;
import de.srsoftware.oidc.api.data.User;
import de.srsoftware.oidc.backend.*;
import de.srsoftware.oidc.datastore.encrypted.EncryptedClientService;
import de.srsoftware.oidc.datastore.encrypted.EncryptedKeyStore;
import de.srsoftware.oidc.datastore.encrypted.EncryptedMailConfig;
import de.srsoftware.oidc.datastore.encrypted.EncryptedUserService;
import de.srsoftware.oidc.datastore.file.FileStoreProvider;
@@ -153,12 +154,21 @@ public class Application {
private static KeyStorage setupKeyStore(Configuration config, Path defaultConfigDir) throws SQLException {
var keyStorageLocation = new File(config.getOrDefault("key_storage", defaultConfigDir.resolve("keys")));
KeyStorage keyStore = null;
if ((keyStorageLocation.exists() && keyStorageLocation.isDirectory()) || !keyStorageLocation.getName().contains(".")) {
return new PlaintextKeyStore(keyStorageLocation.toPath());
keyStore = new PlaintextKeyStore(keyStorageLocation.toPath());
} else { // SQLite
var conn = connectionProvider.get(keyStorageLocation);
return new SqliteKeyStore(conn);
keyStore = new SqliteKeyStore(conn);
}
Optional<String> encryptionKey = config.get(ENCRYPTION_KEY);
if (encryptionKey.isPresent()){
var salt = config.getOrDefault(SALT,uuid());
keyStore = new EncryptedKeyStore(encryptionKey.get(),salt,keyStore);
}
return keyStore;
}
private static Map<String, Object> map(String[] args) {