Package net.solarnetwork.web.security

Class AuthenticationData

java.lang.Object
net.solarnetwork.web.security.AuthenticationData
Direct Known Subclasses:
AuthenticationDataV1, AuthenticationDataV2
public abstract class AuthenticationData extends Object
Abstract base class for parsing and exposing the authentication data included in a HTTP authentication header.
Since:
1.11
Version:
2.1
Author:
matt

  • Field Details

    • AUTH_TOKEN_ID_LENGTH

      public static final int AUTH_TOKEN_ID_LENGTH
      The fixed length of a SolarNetwork authentication token ID.
      See Also:

  • Constructor Details

    • AuthenticationData

      public AuthenticationData(AuthenticationScheme scheme, SecurityHttpServletRequestWrapper request, String headerValue)
      Constructor.
      Parameters:
      scheme - The scheme associated with the data.
      request - The request.
      headerValue - The authentication HTTP header value.
      Throws:
      org.springframework.security.authentication.BadCredentialsException - if the request date is not available or no data is associated with the authentication header

  • Method Details

    • validateContentDigest

      public static void validateContentDigest(SecurityHttpServletRequestWrapper request) throws IOException
      Validate a digest header value presented in a request against the request body content.
      Parameters:
      request - The request.
      Throws:
      IOException - If an IO error occurs.
      org.springframework.security.authentication.BadCredentialsException - If a digest does not match.

    • nullSafeHeaderValue

      public static String nullSafeHeaderValue(javax.servlet.http.HttpServletRequest request, String headerName)
      Get a string value of a specific HTTP header, returning an empty string if not available.
      Parameters:
      request - The request.
      headerName - The name of the HTTP header to get.
      Returns:
      The header value, or an empty string if not found.

    • httpDate

      public static String httpDate(Date date)
      Get a HTTP formatted date.
      Parameters:
      date - The date to format.
      Returns:
      The formatted date.

    • getDate

      public Instant getDate()
      Get the date associated with the request.
      Returns:
      The date.

    • getDateSkew

      public long getDateSkew()
      Get the date skew (in milliseconds) associated with the request (from the system date).
      Returns:
      The date skew.

    • getScheme

      public AuthenticationScheme getScheme()
      The scheme of the authentication data.
      Returns:
      The scheme.

    • isDateValid

      public boolean isDateValid(long maxDateSkew)
      Test if the date skew is less than a maximum date skew.
      Parameters:
      maxDateSkew - The maximum allowed date skew.
      Returns:
      true if the date skew is within the allowed skew

    • computeMACDigest

      protected final byte[] computeMACDigest(String secretKey, String macAlgorithm)
      Compute a Base64 MAC digest from the signature data.
      Parameters:
      secretKey - the secret key
      macAlgorithm - the MAC algorithm to use
      Returns:
      The base64 encoded digest.
      Throws:
      SecurityException - if any error occurs

    • computeSignatureDigest

      public abstract String computeSignatureDigest(String secretKey)
      Compute the signature digest from the request data and a given secret key.
      Parameters:
      secretKey - The secret key.
      Returns:
      The computed digest, as a Base64 encoded string.

    • getAuthTokenId

      public abstract String getAuthTokenId()
      Get the authentication token ID.
      Returns:
      The authentication token ID.

    • getSignatureDigest

      public abstract String getSignatureDigest()
      Get the signature digest as presented in the HTTP header value.
      Returns:
      The presented signature digest.

    • getSignatureData

      public abstract String getSignatureData()
      Get the extracted signature data from this request.
      Returns:
      The raw signature data.