ro.pippo.session.EncryptedSessionDataTranscoder Maven / Gradle / Ivy
/*
* Copyright (C) 2016 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package ro.pippo.session;
import ro.pippo.core.PippoRuntimeException;
import ro.pippo.core.util.CryptoUtils;
/**
* @author Herman Barrantes
*/
public class EncryptedSessionDataTranscoder implements SessionDataTranscoder {
private static final String CHECKSUM_KEY = "_cs";
private final String secretKey;
private final String hmacSHA1Key;
private final Encryptor encryptor;
private final SessionDataTranscoder transcoder;
private EncryptedSessionDataTranscoder(String secretKey, String hmacSHA1Key, SessionDataTranscoder transcoder, Encryptor encryptor) {
this.secretKey = secretKey;
this.hmacSHA1Key = hmacSHA1Key;
this.transcoder = transcoder;
this.encryptor = encryptor;
}
@Override
public String encode(SessionData sessionData) {
try {
String checksum = checksumSessionData(sessionData);
sessionData.put(CHECKSUM_KEY, checksum);
String data = transcoder.encode(sessionData);
return encryptor.encrypt(data, secretKey);
} catch (Exception ex) {
throw new PippoRuntimeException(ex);
}
}
@Override
public SessionData decode(String data) {
try {
data = encryptor.decrypt(data, secretKey);
SessionData sessionData = transcoder.decode(data);
return isValidSessionData(sessionData) ? sessionData : null;
} catch (Exception ex) {
throw new PippoRuntimeException(ex);
}
}
protected String checksumSessionData(SessionData sessionData) {
String data = transcoder.encode(sessionData);
return CryptoUtils.getHmacSHA1(data, hmacSHA1Key);
}
protected boolean isValidSessionData(SessionData sessionData) {
String checksum = sessionData.get(CHECKSUM_KEY);
sessionData.remove(CHECKSUM_KEY);
return checksum.equals(checksumSessionData(sessionData));
}
public static class Builder {
private String secretKey;
private String hmacSHA1Key;
private Encryptor encryptor;
private SessionDataTranscoder transcoder;
public Builder secretKey(String secretKey) {
this.secretKey = secretKey;
return this;
}
public Builder hmacSHA1Key(String hmacSHA1Key) {
this.hmacSHA1Key = hmacSHA1Key;
return this;
}
public Builder encryptor(Encryptor encryptor) {
this.encryptor = encryptor;
return this;
}
public Builder transcoder(SessionDataTranscoder transcoder) {
this.transcoder = transcoder;
return this;
}
public EncryptedSessionDataTranscoder build() {
if (secretKey == null) {
throw new PippoRuntimeException("secretKey is required");
}
if (hmacSHA1Key == null) {
hmacSHA1Key = secretKey;
}
if (encryptor == null) {
encryptor = new DefaultEncryptor();
}
if (transcoder == null) {
transcoder = new SerializationSessionDataTranscoder();
}
return new EncryptedSessionDataTranscoder(secretKey, hmacSHA1Key, transcoder, encryptor);
}
}
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy