public void verifyScope(URI scope, String requestURI) throws InvalidDelegationTokenException { throw new InvalidDelegationTokenException("default: invalid scope"); } }
@Override public void verifyScope(final URI scope, final String requestURI) throws InvalidDelegationTokenException { if (!SSOCookieManager.SCOPE_URI.equals(scope)) { throw new InvalidDelegationTokenException("invalid scope: " + scope); } } }
public byte[] decode(final String value, final TokenEncoding tokenEncoding) throws InvalidDelegationTokenException { switch (tokenEncoding) { case BASE64: { return Base64.decode(value); } default: { throw new InvalidDelegationTokenException(String.format("Unsupported encoding '%s'", tokenEncoding)); } } }
private static void validateSignature(final String signatureString, final String text) throws InvalidDelegationTokenException { // validate signature try { final byte[] signature = Base64.decode(signatureString); RsaSignatureVerifier su = new RsaSignatureVerifier(); String signatureSplitter = FIELD_DELIM + DelegationToken.SIGNATURE_LABEL + "="; String[] cookieNSignature = text.split(signatureSplitter); log.debug("string to be verified" + cookieNSignature[0]); boolean valid = su.verify(new ByteArrayInputStream(cookieNSignature[0].getBytes()), signature); if (!valid) { log.error("invalid signature: " + new String(signature)); throw new InvalidDelegationTokenException("cannot verify signature"); } } catch (Exception ex) { log.debug("failed to verify DelegationToken signature", ex); throw new InvalidDelegationTokenException("cannot verify signature", ex); } }
private static DelegationToken parseEncoded(final URI encodedURI, final String requestURI, final ScopeValidator scopeValidator) throws InvalidDelegationTokenException { if (!StringUtil.hasLength(encodedURI.getScheme())) { throw new InvalidDelegationTokenException("Wrong format for encoded token."); } else { final TokenEncoding tokenEncoding = TokenEncoding.valueOf(encodedURI.getScheme().toUpperCase()); final byte[] decodedBytes = TOKEN_ENCODER_DECODER.decode(encodedURI.getSchemeSpecificPart(), tokenEncoding); final String decodedString = new String(decodedBytes); return parse(decodedString.split(FIELD_DELIM), decodedString, requestURI, scopeValidator); } }
throw new InvalidDelegationTokenException("Bad token." + value);
throw new InvalidDelegationTokenException("invalid numeric field", ex); } catch (URISyntaxException ex) { throw new InvalidDelegationTokenException("invalid scope URI", ex); throw new InvalidDelegationTokenException("missing signature"); throw new InvalidDelegationTokenException("missing expirytime"); throw new InvalidDelegationTokenException("expired");