From 6d04b0ae0f4eeb9f0963b1595d0f2e7469fa5f3f Mon Sep 17 00:00:00 2001
From: Roberto Sánchez <roberto.sanchez@curisit.net>
Date: Thu, 26 Dec 2013 14:53:29 +0000
Subject: [PATCH] #333 feature - Added schema and JPA entities

---
 securis/src/main/java/net/curisit/securis/utils/TokenHelper.java |   33 ++++++++++++++++++++++++++++++---
 1 files changed, 30 insertions(+), 3 deletions(-)

diff --git a/securis/src/main/java/net/curisit/securis/utils/TokenHelper.java b/securis/src/main/java/net/curisit/securis/utils/TokenHelper.java
index aa1006a..a093e8e 100644
--- a/securis/src/main/java/net/curisit/securis/utils/TokenHelper.java
+++ b/securis/src/main/java/net/curisit/securis/utils/TokenHelper.java
@@ -22,6 +22,9 @@
 
 	private static final Logger log = LoggerFactory.getLogger(TokenHelper.class);
 
+	/**
+	 * Period before token expires, set in hours.
+	 */
 	private static int VALID_TOKEN_PERIOD = 24;
 
 	@Inject
@@ -30,6 +33,12 @@
 
 	private static byte[] seed = "S3Cur15S33dForT0k3nG3n3r@tion".getBytes();
 
+	/**
+	 * Generate a token encoded in Base64 for user passed as parameter and taking the current moment as token timestamp
+	 * 
+	 * @param user
+	 * @return
+	 */
 	public String generateToken(String user) {
 		try {
 			Date date = new Date();
@@ -50,7 +59,7 @@
 
 	}
 
-	public String generateSecret(String user, Date date) throws UnsupportedEncodingException, NoSuchAlgorithmException {
+	private String generateSecret(String user, Date date) throws UnsupportedEncodingException, NoSuchAlgorithmException {
 		MessageDigest mDigest = MessageDigest.getInstance("SHA-256");
 		mDigest.update(seed, 0, seed.length);
 		byte[] userbytes = user.getBytes("utf-8");
@@ -62,6 +71,12 @@
 		return secret;
 	}
 
+	/**
+	 * Check if passed token is still valid, It use to check if token is expired the attribute VALID_TOKEN_PERIOD (in hours)
+	 * 
+	 * @param token
+	 * @return
+	 */
 	public boolean validateToken(String token) {
 		try {
 			String tokenDecoded = new String(Base64.decode(token));
@@ -69,18 +84,30 @@
 			String secret = parts[0];
 			String user = parts[1];
 			Date date = Utils.toDateFromIso(parts[2]);
-			if (new Date(new Date().getTime() + 25 * 60 * 60 * 1000).after(new Date(date.getTime() + VALID_TOKEN_PERIOD * 60 * 60 * 1000)))
+			if (new Date().after(new Date(date.getTime() + VALID_TOKEN_PERIOD * 60 * 60 * 1000)))
 				return false;
 			String newSecret = generateSecret(user, date);
 			return newSecret.equals(secret);
 		} catch (IOException e) {
-			log.error("Error decoding Bse64 token", e);
+			log.error("Error decoding Base64 token", e);
 		} catch (NoSuchAlgorithmException e) {
 			log.error("Error generation secret to compare with", e);
 		}
 		return false;
 	}
 
+	public String extractUserFromToken(String token) {
+		try {
+			String tokenDecoded = new String(Base64.decode(token));
+			String[] parts = StringUtils.split(tokenDecoded, ' ');
+			String user = parts[1];
+			return user;
+		} catch (IOException e) {
+			log.error("Error decoding Base64 token", e);
+		}
+		return null;
+	}
+
 	public static void main(String[] args) throws IOException {
 		TokenHelper th = new TokenHelper();
 		String token = th.generateToken("pepe");

--
Gitblit v1.3.2