com.identityx.auth.impl.DigestResponseVerifier Maven / Gradle / Ivy
/*
* Copyright Daon.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.identityx.auth.impl;
import java.io.UnsupportedEncodingException;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.SimpleTimeZone;
import com.identityx.auth.def.IApiKey;
import com.identityx.auth.def.ITokenKey;
import com.identityx.auth.def.IResponse;
import com.identityx.auth.def.IResponseAuthenticator;
import com.identityx.auth.def.IResponseVerifier;
import com.identityx.auth.support.DigestVerificationFailedException;
public class DigestResponseVerifier implements IResponseVerifier {
@Override
public void verify(IResponse response, IResponseAuthenticator responseAuthenticator, IApiKey apiKey, String nonce) throws DigestVerificationFailedException {
if (!response.getHeaders().containsKey(DigestAuthenticator.DATE_HEADER) || !response.getHeaders().containsKey(AuthSettings.AUTHORIZATION_HEADER)) {
throw new DigestVerificationFailedException("The required headers were not present in the response message");
}
String date = response.getHeaders().getFirst(DigestAuthenticator.DATE_HEADER);
SimpleDateFormat timestampFormat = new SimpleDateFormat(DigestAuthenticator.TIMESTAMP_FORMAT);
timestampFormat.setTimeZone(new SimpleTimeZone(0, DigestAuthenticator.TIME_ZONE));
String authHeader = response.getHeaders().getFirst(AuthSettings.AUTHORIZATION_HEADER);
try {
String newAuthHeader = responseAuthenticator.buildAuthorizationHeader(response, (ITokenKey)apiKey, timestampFormat.parse(date), nonce);
boolean verified = authHeader.equals(newAuthHeader);
if (!verified) {
throw new DigestVerificationFailedException("Failed to verify the signature of the response object");
}
} catch (UnsupportedEncodingException | ParseException e) {
new DigestVerificationFailedException("An error has occurred while verifying the signature of the response object", e);
}
}
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy