LinuxKeyRingAccessor.java
// Copyright (c) Microsoft Corporation. All rights reserved.
// Licensed under the MIT License.
package com.azure.identity.implementation;
import com.azure.core.util.logging.ClientLogger;
import com.microsoft.aad.msal4jextensions.persistence.linux.ISecurityLibrary;
import com.sun.jna.Pointer;
import com.sun.jna.Structure;
import java.nio.charset.StandardCharsets;
import java.util.Arrays;
import java.util.List;
/**
* This class exposes functions from Key Ring on Linux platform
* via JNA.
*/
public class LinuxKeyRingAccessor {
private final ClientLogger logger = new ClientLogger(LinuxKeyRingAccessor.class);
private String keyringSchemaName;
private String attributeKey1;
private String attributeValue1;
private String attributeKey2;
private String attributeValue2;
private Pointer libSecretSchema;
/**
* Creates an instance of the {@link LinuxKeyRingAccessor} with specified attributes and schema.
*
* @param keyringSchemaName the key ring schema to access.
* @param attributeKey1 the key value of the attribute to lookup
* @param attributeValue1 the value of the attribute to lookup
* @param attributeKey2 the key value of the attribute to lookup
* @param attributeValue2 the value of the attribute to lookup
*/
public LinuxKeyRingAccessor(String keyringSchemaName, String attributeKey1,
String attributeValue1, String attributeKey2, String attributeValue2) {
this.keyringSchemaName = keyringSchemaName;
this.attributeKey1 = attributeKey1;
this.attributeValue1 = attributeValue1;
this.attributeKey2 = attributeKey2;
this.attributeValue2 = attributeValue2;
}
private byte[] read(String attributeValue1, String attributeValue2) {
byte[] data = null;
Pointer[] error = new Pointer[1];
String secret = ISecurityLibrary.library.secret_password_lookup_sync(this.getLibSecretSchema(),
(Pointer) null, error, this.attributeKey1, attributeValue1, this.attributeKey2,
attributeValue2, (Pointer) null);
if (error[0] != Pointer.NULL) {
GError err = new GError(error[0]);
throw logger.logExceptionAsError(new RuntimeException("An error while reading secret from keyring, domain:"
+ err.domain + " code:" + err.code + " message:" + err.message));
} else {
if (secret != null && !secret.isEmpty()) {
data = secret.getBytes(StandardCharsets.UTF_8);
}
return data;
}
}
/**
* Read the value of the configured secret attributes.
* @return the byte array holding the secret.
*/
public byte[] read() {
return this.read(this.attributeValue1, this.attributeValue2);
}
private Pointer getLibSecretSchema() {
if (this.libSecretSchema == Pointer.NULL) {
this.libSecretSchema = ISecurityLibrary.library.secret_schema_new(this.keyringSchemaName,
0, this.attributeKey1, 0, this.attributeKey2, 0, (Pointer) null);
if (this.libSecretSchema == Pointer.NULL) {
throw logger.logExceptionAsError(
new RuntimeException("Failed to create libSecret schema " + this.keyringSchemaName));
}
}
return this.libSecretSchema;
}
static class GError extends Structure {
int domain;
int code;
String message;
GError(Pointer p) {
super(p);
this.read();
}
protected List<String> getFieldOrder() {
return Arrays.asList("domain", "code", "message");
}
}
}