@Override protected String loadPrincipal(Credentials credentials) { // For simplicity, only support one hard-coded API key if ("fred-api-key".equals(credentials.getApiKey())) { return "fred"; } return null; }
public Credentials build() { return new Credentials(version, apiKey, signature, path, timestamp, method, content); }
/** * Create a signature given the set of request credentials and a secret key. * * @param credentials the credentials specified on the request * @param secretKey the secret key that will be used to generate the signature * @return the signature */ private String createSignature(Credentials credentials, String secretKey) { return new SignatureGenerator().generate( secretKey, credentials.getMethod(), credentials.getTimestamp(), credentials.getPath(), credentials.getContent()); }
public P provide() { final ContainerRequest request = getRequestProvider().get(); final UriInfo uriInfo = request.getUriInfo(); final URI requestUri = uriInfo.getRequestUri(); final MultivaluedMap<? super String, ? extends String> queryParameters = uriInfo .getQueryParameters(); final List<? extends String> apiKeys = queryParameters.get("apiKey"); if (apiKeys == null || apiKeys.isEmpty()) { throw new BadRequestException("apiKey is required"); } final CredentialsBuilder builder = builder(); builder.withApiKey(!apiKeys.isEmpty() ? apiKeys.get(0) : null); builder.withSignature(request.getHeaderString("X-Auth-Signature")); builder.withTimestamp(request.getHeaderString("X-Auth-Timestamp")); builder.withVersion( Version.fromValue(request.getHeaderString("X-Auth-Version"))); builder.withMethod(request.getMethod()); builder.withPath(requestUri.getPath() + "?" + requestUri.getQuery()); final P retval = getAuthenticator().authenticate(builder.build()); if (retval == null) { throw new NotAuthorizedException(status(UNAUTHORIZED).build()); } return retval; }
/** * Validate the signature on the request by generating a new signature here and making sure * they match. The only way for them to match is if both signature are generated using the * same secret key. If they match, this means that the requester has a valid secret key and * can be a trusted source. * * @param credentials the credentials specified on the request * @param secretKey the secret key that will be used to generate the signature * @return true if the signature is valid */ private boolean validateSignature(Credentials credentials, String secretKey) { String clientSignature = credentials.getSignature(); String serverSignature = createSignature(credentials, secretKey); return MessageDigest.isEqual(clientSignature.getBytes(), serverSignature.getBytes()); }
final CredentialsBuilder builder = Credentials.builder(); builder.withApiKey(!apiKeys.isEmpty() ? apiKeys.get(0) : null); builder.withSignature(request.getHeaderString(DEFAULT_SIGNATURE_HTTP_HEADER));
/** * Validate the signature on the request by generating a new signature here and making sure * they match. The only way for them to match is if both signature are generated using the * same secret key. If they match, this means that the requester has a valid secret key and * can be a trusted source. * * @param credentials the credentials specified on the request * @param secretKey the secret key that will be used to generate the signature * @return true if the signature is valid */ private boolean validateSignature(Credentials credentials, String secretKey) { String clientSignature = credentials.getSignature(); String serverSignature = createSignature(credentials, secretKey); return MessageDigest.isEqual(clientSignature.getBytes(), serverSignature.getBytes()); }
final CredentialsBuilder builder = Credentials.builder(); builder.withApiKey(!apiKeys.isEmpty() ? apiKeys.get(0) : null); builder.withSignature(request.getHeaderString(DEFAULT_SIGNATURE_HTTP_HEADER));
/** * Create a signature given the set of request credentials and a secret key. * * @param credentials the credentials specified on the request * @param secretKey the secret key that will be used to generate the signature * @return the signature */ private String createSignature(Credentials credentials, String secretKey) { return new SignatureGenerator().generate( secretKey, credentials.getMethod(), credentials.getTimestamp(), credentials.getPath(), credentials.getContent()); }
/** * If the Principal for this Credentials is already cached, return it. Otherwise call {@link #loadPrincipal} and cache the results. */ @Override protected final Principal getPrincipal(final Credentials credentials) { try { Optional<Principal> principalOptional = cache.get(credentials.getApiKey(), new Callable<Optional<Principal>>() { public Optional<Principal> call() throws Exception { return Optional.fromNullable(loadPrincipal(credentials)); } }); return principalOptional.orNull(); } catch (ExecutionException e) { LOG.warn("Exception when loading the cache for credentials with API key " + credentials.getApiKey()); return null; } }
public Credentials build() { return new Credentials(version, apiKey, signature, path, timestamp, method, content); }
public Credentials decode(HttpRequestContext request) { return Credentials.builder() .withApiKey(getApiKey(request)) .withSignature(getSignature(request)) .withPath(getPath(request)) .withTimestamp(getTimestamp(request)) .withContent(getContent(request)) .withMethod(getMethod(request)) .withVersion(Version.V1) .build(); }
/** * If the Principal for this Credentials is already cached, return it. Otherwise call {@link #loadPrincipal} and cache the results. */ @Override protected final Principal getPrincipal(final Credentials credentials) { try { Optional<Principal> principalOptional = cache.get(credentials.getApiKey(), new Callable<Optional<Principal>>() { public Optional<Principal> call() throws Exception { return Optional.fromNullable(loadPrincipal(credentials)); } }); return principalOptional.orNull(); } catch (ExecutionException e) { LOG.warn("Exception when loading the cache for credentials with API key " + credentials.getApiKey()); return null; } }
public Credentials decode(HttpRequestContext request) { return Credentials.builder() .withApiKey(getApiKey(request)) .withSignature(getSignature(request)) .withPath(getPath(request)) .withTimestamp(getTimestamp(request)) .withContent(getContent(request)) .withMethod(getMethod(request)) .withVersion(Version.V1) .build(); }
public Credentials decode(HttpRequestContext request) { return Credentials.builder() .withApiKey(getApiKey(request)) .withSignature(getSignature(request)) .withPath(getPath(request)) .withTimestamp(getTimestamp(request)) .withContent(getContent(request)) .withMethod(getMethod(request)) .withVersion(Version.V1) .build(); }