• Home
• com.identityx.auth
• daon-http-digest-auth
• 4.2.1.0
• source code
• BasicIdxRequestAuthenticator.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.identityx.auth.impl.BasicIdxRequestAuthenticator Maven / Gradle / Ivy

/*
* Copyright Daon.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
*     http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

package com.identityx.auth.impl;

import java.io.UnsupportedEncodingException;
import java.net.URI;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.SimpleTimeZone;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

import com.identityx.auth.def.IApiKey;
import com.identityx.auth.def.IRequest;
import com.identityx.auth.def.IRequestAuthenticator;
import com.identityx.auth.impl.keys.ADCredentialsKey;
import com.identityx.auth.support.RequestAuthenticationException;
import com.identityx.auth.util.Base64;

public class BasicIdxRequestAuthenticator implements IRequestAuthenticator {
    private static final Log log = LogFactory.getLog(BasicIdxRequestAuthenticator.class);

    public static final String DATE_HEADER = "X-Date";
    //public static final String DATE_HEADER = "Auth-Date";
    //public static final String NONCE_HEADER = "X-Nonce";
    public static final String AUTHENTICATION_SCHEME = "Basic_IDX";

    public String getAuthenticationScheme() {
		return AUTHENTICATION_SCHEME;
	}

	public static final String TIMESTAMP_FORMAT = "yyyyMMdd'T'HHmmss'Z'";
    public static final String TIME_ZONE = "UTC";

	@Override
	public void authenticate(IRequest request, IApiKey apiKey)
			throws RequestAuthenticationException, UnsupportedEncodingException {
		
    	if (request == null) throw new IllegalArgumentException("The parameter request cannot be null");
    	if (apiKey == null || !(apiKey instanceof ADCredentialsKey)) throw new IllegalArgumentException("The parameter apiKey cannot be null");
    	    	
        Date date = new Date();

        SimpleDateFormat timestampFormat = new SimpleDateFormat(TIMESTAMP_FORMAT);
        timestampFormat.setTimeZone(new SimpleTimeZone(0, TIME_ZONE));
        String timestamp = timestampFormat.format(date);

        request.getHeaders().set(DATE_HEADER, timestamp);

        String authorizationHeader = apiKey.getId() + ":" + ((ADCredentialsKey)apiKey).getSecret();
        byte[] valueBytes;
        try {
            valueBytes = authorizationHeader.getBytes("UTF-8");
        } catch (UnsupportedEncodingException e) {
            throw new RequestAuthenticationException("Unable to acquire UTF-8 bytes!");
        }
        authorizationHeader = Base64.encodeBase64String(valueBytes);
        request.getHeaders().set(AuthSettings.AUTHORIZATION_HEADER, getAuthenticationScheme() + " " + authorizationHeader);
        
        URI uri = request.getResourceUrl();
        if (AuthSettings.IDX_ORIGIN_HEADER != null && !AuthSettings.IDX_ORIGIN_HEADER.isEmpty()) {
        	request.getHeaders().set(AuthSettings.IDX_ORIGIN_HEADER, uri.toString());
        }

	}
	
    @Override
    public void authenticate(IRequest request, IApiKey apiKey, final String nonce) throws RequestAuthenticationException, UnsupportedEncodingException {
    	// ignore the nonce for now
    	authenticate(request, apiKey);
    }

}