public String getLockedDomainPrefix(String token) { byte[] sha = GenericDigestUtils.digest(token); return new String(Base32.encodeBase32(sha)); // a hash } }
public static byte[] digest(InputStream data) throws IOException { return digest(getDigest(type), data); }
public static byte[] digest(InputStream data) throws IOException { return digest(getDigest(type), data); }
public static String digestHex(InputStream data) throws IOException { return Hex.encodeHexString(digest(getDigest(type), data)); }
public static byte[] digest(InputStream data) throws IOException { return digest(getDigest(type), data); }
public static String digestHex(String data) { return Hex.encodeHexString(digest(getBytesUtf8(data))); }
public static String digestHex(String data) { return Hex.encodeHexString(digest(getBytesUtf8(data))); }
public static byte[] digest(String data) { return digest(getBytesUtf8(data)); }
public static byte[] digest(String data) { return digest(getBytesUtf8(data)); }
public static String digestHex(InputStream data) throws IOException { return Hex.encodeHexString(digest(getDigest(type), data)); }
public static String digestHex(String data) { return Hex.encodeHexString(digest(getBytesUtf8(data))); }
public static String digestHex(InputStream data) throws IOException { return Hex.encodeHexString(digest(getDigest(type), data)); }
public static byte[] digest(String data) { return digest(getBytesUtf8(data)); }
/** * Generates unique keys from a master key. * * @param label type of key to derive * @param masterKey master key * @param len length of key needed, less than 20 bytes. 20 bytes are * returned if len is 0. * * @return a derived key of the specified length */ private byte[] deriveKey(byte label, byte[] masterKey, int len) { byte[] base = Bytes.concat(new byte[] { label }, masterKey); byte[] hash = GenericDigestUtils.digest(base); if (len == 0) { return hash; } byte[] out = new byte[len]; System.arraycopy(hash, 0, out, 0, out.length); return out; }
@Test public void testBodySigning() throws Exception { FakeHttpServletRequest req = new FakeHttpServletRequest(); req.setContentType("text/plain"); String body = "BODY"; req.setPostData(CharsetUtil.getUtf8Bytes(body)); String hash = new String(Base64.encodeBase64(GenericDigestUtils.digest(CharsetUtil .getUtf8Bytes(body))), "UTF-8"); req.setParameter(OAuthConstants.OAUTH_BODY_HASH, hash); OAuthAuthenticationHandler.verifyBodyHash(req, hash); }
@Test public void testBodySigning() throws Exception { FakeHttpServletRequest req = new FakeHttpServletRequest(); req.setContentType("text/plain"); String body = "BODY"; req.setPostData(CharsetUtil.getUtf8Bytes(body)); String hash = new String(Base64.encodeBase64(GenericDigestUtils.digest(CharsetUtil .getUtf8Bytes(body))), "UTF-8"); req.setParameter(OAuthConstants.OAUTH_BODY_HASH, hash); OAuthAuthenticationHandler.verifyBodyHash(req, hash); }
@Test public void testFailBodySigningWithFormEncoded() throws Exception { FakeHttpServletRequest req = new FakeHttpServletRequest(); req.setContentType(OAuth.FORM_ENCODED); String body = "BODY"; req.setPostData(CharsetUtil.getUtf8Bytes(body)); String hash = new String(Base64.encodeBase64(GenericDigestUtils.digest(CharsetUtil .getUtf8Bytes(body))), "UTF-8"); req.setParameter(OAuthConstants.OAUTH_BODY_HASH, hash); try { OAuthAuthenticationHandler.verifyBodyHash(req, hash); fail("Body verification should fail"); } catch (AuthenticationHandler.InvalidAuthenticationException iae) { // Pass } }
@Test public void testFailBodySigning() throws Exception { FakeHttpServletRequest req = new FakeHttpServletRequest(); req.setContentType("text/plain"); String body = "BODY"; req.setPostData(CharsetUtil.getUtf8Bytes(body)); String hash = new String(Base64.encodeBase64(GenericDigestUtils.digest(CharsetUtil .getUtf8Bytes("NOTBODY"))), "UTF-8"); req.setParameter(OAuthConstants.OAUTH_BODY_HASH, hash); try { OAuthAuthenticationHandler.verifyBodyHash(req, hash); fail("Body verification should fail"); } catch (AuthenticationHandler.InvalidAuthenticationException iae) { // Pass } }
@Test public void testFailBodySigning() throws Exception { FakeHttpServletRequest req = new FakeHttpServletRequest(); req.setContentType("text/plain"); String body = "BODY"; req.setPostData(CharsetUtil.getUtf8Bytes(body)); String hash = new String(Base64.encodeBase64(GenericDigestUtils.digest(CharsetUtil .getUtf8Bytes("NOTBODY"))), "UTF-8"); req.setParameter(OAuthConstants.OAUTH_BODY_HASH, hash); try { OAuthAuthenticationHandler.verifyBodyHash(req, hash); fail("Body verification should fail"); } catch (AuthenticationHandler.InvalidAuthenticationException iae) { // Pass } }
@Test public void testFailBodySigningWithFormEncoded() throws Exception { FakeHttpServletRequest req = new FakeHttpServletRequest(); req.setContentType(OAuth.FORM_ENCODED); String body = "BODY"; req.setPostData(CharsetUtil.getUtf8Bytes(body)); String hash = new String(Base64.encodeBase64(GenericDigestUtils.digest(CharsetUtil .getUtf8Bytes(body))), "UTF-8"); req.setParameter(OAuthConstants.OAUTH_BODY_HASH, hash); try { OAuthAuthenticationHandler.verifyBodyHash(req, hash); fail("Body verification should fail"); } catch (AuthenticationHandler.InvalidAuthenticationException iae) { // Pass } }