Package net.solarnetwork.web.security

Class AuthenticationDataV2

java.lang.Object
net.solarnetwork.web.security.AuthenticationData
net.solarnetwork.web.security.AuthenticationDataV2
public class AuthenticationDataV2 extends AuthenticationData
Version 2 authentication token scheme based on HMAC-SHA256. Signing keys are treated valid for up to 7 days in the past from the time of the signature calculation in computeSignatureDigest(String).
Since:
1.11
Version:
2.0
Author:
matt

  • Field Details

    • TOKEN_COMPONENT_KEY_CREDENTIAL

      public static final String TOKEN_COMPONENT_KEY_CREDENTIAL
      The token component for the credential (token ID).
      See Also:

    • TOKEN_COMPONENT_KEY_SIGNED_HEADERS

      public static final String TOKEN_COMPONENT_KEY_SIGNED_HEADERS
      The token component for the signed headers list.
      See Also:

    • TOKEN_COMPONENT_KEY_SIGNATURE

      public static final String TOKEN_COMPONENT_KEY_SIGNATURE
      The token component for the signature.
      See Also:

  • Constructor Details

    • AuthenticationDataV2

      public AuthenticationDataV2(SecurityHttpServletRequestWrapper request, String headerValue) throws IOException
      Constructor.
      Parameters:
      request - the HTTP request
      headerValue - the Authorization HTTP header value
      Throws:
      IOException - if any IO error occurs

    • AuthenticationDataV2

      public AuthenticationDataV2(SecurityHttpServletRequestWrapper request, String headerValue, String explicitHost) throws IOException
      Constructor.
      Parameters:
      request - the HTTP request
      headerValue - the Authorization HTTP header value
      explicitHost - a fixed value to use instead of the Host HTTP header value, or null to use the header value; this can be useful when sitting behind a proxy
      Throws:
      IOException - if any IO error occurs
      Since:
      1.3

  • Method Details

    • computeSignatureDigest

      public String computeSignatureDigest(String secretKey)
      Description copied from class: AuthenticationData
      Compute the signature digest from the request data and a given secret key.
      Specified by:
      computeSignatureDigest in class AuthenticationData
      Parameters:
      secretKey - The secret key.
      Returns:
      The computed digest, as a Base64 encoded string.

    • computeSignatureDigest

      public String computeSignatureDigest(String secretKey, Instant signDate)
      Compute the signature digest, using a specific signing date.

      Generally the current date/time is used to sign the request, which is what the computeSignatureDigest(String) method uses. This method can be useful for testing purposes.

      Parameters:
      secretKey - the secret key
      signDate - the signature date
      Returns:
      the computed digest
      See Also:

    • getAuthTokenId

      public String getAuthTokenId()
      Description copied from class: AuthenticationData
      Get the authentication token ID.
      Specified by:
      getAuthTokenId in class AuthenticationData
      Returns:
      The authentication token ID.

    • getSignatureDigest

      public String getSignatureDigest()
      Description copied from class: AuthenticationData
      Get the signature digest as presented in the HTTP header value.
      Specified by:
      getSignatureDigest in class AuthenticationData
      Returns:
      The presented signature digest.

    • getSignatureData

      public String getSignatureData()
      Description copied from class: AuthenticationData
      Get the extracted signature data from this request.
      Specified by:
      getSignatureData in class AuthenticationData
      Returns:
      The raw signature data.

    • getSignedHeaderNames

      public Set<String> getSignedHeaderNames()
      Get the set of signed header names.
      Returns:
      The signed header names, or null.