All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.identityx.auth.impl.DigestResponseVerifier Maven / Gradle / Ivy

/*
* Copyright Daon.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
*     http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

package com.identityx.auth.impl;

import java.io.UnsupportedEncodingException;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.SimpleTimeZone;

import com.identityx.auth.def.IApiKey;
import com.identityx.auth.def.ITokenKey;
import com.identityx.auth.def.IResponse;
import com.identityx.auth.def.IResponseAuthenticator;
import com.identityx.auth.def.IResponseVerifier;
import com.identityx.auth.support.DigestVerificationFailedException;

public class DigestResponseVerifier implements IResponseVerifier {

	@Override
	public void verify(IResponse response, IResponseAuthenticator responseAuthenticator, IApiKey apiKey, String nonce) throws DigestVerificationFailedException {

		if (!response.getHeaders().containsKey(DigestAuthenticator.DATE_HEADER) || !response.getHeaders().containsKey(AuthSettings.AUTHORIZATION_HEADER)) {
			throw new DigestVerificationFailedException("The required headers were not present in the response message");
		}
		
		String date = response.getHeaders().getFirst(DigestAuthenticator.DATE_HEADER);
    	SimpleDateFormat timestampFormat = new SimpleDateFormat(DigestAuthenticator.TIMESTAMP_FORMAT);
    	timestampFormat.setTimeZone(new SimpleTimeZone(0, DigestAuthenticator.TIME_ZONE));
		
		String authHeader = response.getHeaders().getFirst(AuthSettings.AUTHORIZATION_HEADER);
		
		try {
			String newAuthHeader = responseAuthenticator.buildAuthorizationHeader(response, (ITokenKey)apiKey, timestampFormat.parse(date), nonce);
			boolean verified = authHeader.equals(newAuthHeader);
			if (!verified) {
				throw new DigestVerificationFailedException("Failed to verify the signature of the response object");
			}
			
		} catch (UnsupportedEncodingException | ParseException e) {
			new DigestVerificationFailedException("An error has occurred while verifying the signature of the response object", e);
		}		

		
	}



}




© 2015 - 2025 Weber Informatics LLC | Privacy Policy