private int verify(String clientId, char[] clientSecret) { ClientManager clients = (ClientManager) context.getAttributes().get( ClientManager.class.getName()); Client client = clients.findById(clientId); if (client == null) { return RESULT_UNKNOWN; } char[] s = client.getClientSecret(); if (!SecretVerifier.compare(s, clientSecret)) { return RESULT_INVALID; } return RESULT_VALID; }
/** * Verifies that the proposed secret is correct for the specified request. * By default, it compares the inputSecret of the request's authentication * response with the one obtain by the {@link ChallengeResponse#getSecret()} * method and sets the {@link org.restlet.security.User} instance of the * request's {@link ClientInfo} if successful. * * @param request * The request to inspect. * @param response * The response to inspect. * @return Result of the verification based on the RESULT_* constants. */ public int verify(Request request, Response response) { int result = RESULT_VALID; if (request.getChallengeResponse() == null) { result = RESULT_MISSING; } else { String identifier = getIdentifier(request, response); char[] secret = getSecret(request, response); result = verify(identifier, secret); if (result == RESULT_VALID) { request.getClientInfo().setUser( createUser(identifier, request, response)); } } return result; }
data.put("error_description", "ID is invalid."); } else { boolean result = SecretVerifier.compare(password.toCharArray(), sampleUser.getPassword()); if (result) {
resultRepresentation.setError("Authentication failed.", "ID is invalid."); } else { boolean result = SecretVerifier.compare(password.toCharArray(), sampleUser.getPassword()); if (result) {