org.openid4java.consumer.AbstractNonceVerifier Maven / Gradle / Ivy
The newest version!
/*
* Copyright 2006-2008 Sxip Identity Corporation
*/
package org.openid4java.consumer;
import org.openid4java.util.InternetDateFormat;
import java.util.Date;
import java.text.ParseException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
/**
* @author Marius Scurtescu, Johnny Bufu
*/
public abstract class AbstractNonceVerifier implements NonceVerifier
{
private static Log _log = LogFactory.getLog(AbstractNonceVerifier.class);
private static final boolean DEBUG = _log.isDebugEnabled();
protected static InternetDateFormat _dateFormat = new InternetDateFormat();
protected int _maxAgeSeconds;
/**
* @param maxAge maximum token age in seconds
*/
protected AbstractNonceVerifier(int maxAge)
{
_maxAgeSeconds = maxAge;
}
public int getMaxAge()
{
return _maxAgeSeconds;
}
public void setMaxAge(int ageSeconds)
{
_maxAgeSeconds = ageSeconds;
}
/**
* Checks if nonce date is valid and if it is in the max age boundary. Other checks are delegated to {@link #seen(java.util.Date, String, String)}
*/
public synchronized int seen(String opUrl, String nonce)
{
if (DEBUG) _log.debug("Verifying nonce: " + nonce);
Date now = new Date();
try
{
Date nonceDate = _dateFormat.parse(nonce);
if (isTooOld(now, nonceDate))
{
_log.warn("Nonce is too old: " + nonce);
return TOO_OLD;
}
return seen(now, opUrl, nonce);
}
catch (ParseException e)
{
_log.error("Error verifying the nonce: " + nonce, e);
return INVALID_TIMESTAMP;
}
}
/**
* Subclasses should implement this method and check if the nonce was seen before.
* The nonce timestamp was verified at this point, it is valid and it is in the max age boudary.
*
* @param now The timestamp used to check the max age boudary.
*/
protected abstract int seen(Date now, String opUrl, String nonce);
protected boolean isTooOld(Date now, Date nonce)
{
long age = now.getTime() - nonce.getTime();
return age > _maxAgeSeconds * 1000;
}
}
© 2015 - 2024 Weber Informatics LLC | Privacy Policy