/** * Generates a signature for the given token value, using the currently active secret key. * @param identifier Verified identity for which a token should be generated. * @return A token containing the verified identify and a digest of its contents. */ public AccessToken signIdentifier(AccessTokenIdentifier identifier) { try { KeyManager.DigestId digest = keyManager.generateMAC(identifierCodec.encode(identifier)); return new AccessToken(identifier, digest.getId(), digest.getDigest()); } catch (IOException ioe) { throw Throwables.propagate(ioe); } catch (InvalidKeyException ike) { throw new IllegalStateException("Invalid key configured for KeyManager.", ike); } }
@Override public final DigestId generateMAC(byte[] message) throws InvalidKeyException { KeyIdentifier signingKey = currentKey; byte[] digest = generateMAC(signingKey.getKey(), message); return new DigestId(signingKey.getKeyId(), digest); }