All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.openid4java.consumer.AbstractNonceVerifier Maven / Gradle / Ivy

The newest version!
/*
 * Copyright 2006-2008 Sxip Identity Corporation
 */

package org.openid4java.consumer;

import org.openid4java.util.InternetDateFormat;

import java.util.Date;
import java.text.ParseException;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/**
 * @author Marius Scurtescu, Johnny Bufu
 */
public abstract class AbstractNonceVerifier implements NonceVerifier
{
    private static Log _log = LogFactory.getLog(AbstractNonceVerifier.class);
    private static final boolean DEBUG = _log.isDebugEnabled();

    protected static InternetDateFormat _dateFormat = new InternetDateFormat();

    protected int _maxAgeSeconds;

    /**
     * @param maxAge maximum token age in seconds
     */
    protected AbstractNonceVerifier(int maxAge)
    {
        _maxAgeSeconds = maxAge;
    }

    public int getMaxAge()
    {
        return _maxAgeSeconds;
    }

    public void setMaxAge(int ageSeconds)
    {
        _maxAgeSeconds = ageSeconds;  
    }

    /**
     * Checks if nonce date is valid and if it is in the max age boundary. Other checks are delegated to {@link #seen(java.util.Date, String, String)}
     */
    public synchronized int seen(String opUrl, String nonce)
    {
        if (DEBUG) _log.debug("Verifying nonce: " + nonce);

        Date now = new Date();

        try
        {
            Date nonceDate = _dateFormat.parse(nonce);

            if (isTooOld(now, nonceDate))
            {
                _log.warn("Nonce is too old: " + nonce);
                return TOO_OLD;
            }

            return seen(now, opUrl, nonce);
        }
        catch (ParseException e)
        {
            _log.error("Error verifying the nonce: " + nonce, e);
            return INVALID_TIMESTAMP;
        }
    }

    /**
     * Subclasses should implement this method and check if the nonce was seen before.
     * The nonce timestamp was verified at this point, it is valid and it is in the max age boudary.
     *
     * @param now The timestamp used to check the max age boudary.
     */
    protected abstract int seen(Date now, String opUrl, String nonce);

    protected boolean isTooOld(Date now, Date nonce)
    {
        long age = now.getTime() - nonce.getTime();

        return age > _maxAgeSeconds * 1000;
    }
}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy