From 8d5386be38db25a2a41c3bf6c876adee21ca26cc Mon Sep 17 00:00:00 2001
From: Roberto Sánchez <roberto.sanchez@curisit.net>
Date: Fri, 19 Sep 2014 08:26:02 +0000
Subject: [PATCH] #396 fix - Fixed more SonarQube issues
---
securis/src/main/java/net/curisit/securis/utils/TokenHelper.java | 211 ++++++++++++++++++++++++++--------------------------
1 files changed, 105 insertions(+), 106 deletions(-)
diff --git a/securis/src/main/java/net/curisit/securis/utils/TokenHelper.java b/securis/src/main/java/net/curisit/securis/utils/TokenHelper.java
index 9b3d041..dac3692 100644
--- a/securis/src/main/java/net/curisit/securis/utils/TokenHelper.java
+++ b/securis/src/main/java/net/curisit/securis/utils/TokenHelper.java
@@ -20,120 +20,119 @@
@Singleton
public class TokenHelper {
- private static final Logger LOG = LogManager.getLogger(TokenHelper.class);
+ private static final Logger LOG = LogManager.getLogger(TokenHelper.class);
- /**
- * Period before token expires, set in hours.
- */
- private static int VALID_TOKEN_PERIOD = 24;
- public static final String TOKEN_HEADER_PÀRAM = "X-SECURIS-TOKEN";
+ /**
+ * Period before token expires, set in hours.
+ */
+ private static int VALID_TOKEN_PERIOD = 24;
+ public static final String TOKEN_HEADER_PÀRAM = "X-SECURIS-TOKEN";
- @Inject
- public TokenHelper() {
- }
+ @Inject
+ public TokenHelper() {}
- private static byte[] seed = "S3Cur15S33dForT0k3nG3n3r@tion".getBytes();
+ private static byte[] seed = "S3Cur15S33dForT0k3nG3n3r@tion".getBytes();
- /**
- * Generate a token encoded in Base64 for user passed as parameter and taking the current moment as token timestamp
- *
- * @param user
- * @return
- */
- public String generateToken(String user) {
- try {
- Date date = new Date();
- String secret = generateSecret(user, date);
- StringBuffer sb = new StringBuffer();
- sb.append(secret);
- sb.append(' ');
- sb.append(user);
- sb.append(' ');
- sb.append(Utils.toIsoFormat(date));
- return Base64.encodeBytes(sb.toString().getBytes("utf-8"));
- } catch (NoSuchAlgorithmException e) {
- LOG.error("Error generating SHA-256 hash", e);
- } catch (UnsupportedEncodingException e) {
- LOG.error("Error generating SHA-256 hash", e);
- }
- return null;
+ /**
+ * Generate a token encoded in Base64 for user passed as parameter and
+ * taking the current moment as token timestamp
+ *
+ * @param user
+ * @return
+ */
+ public String generateToken(String user) {
+ try {
+ Date date = new Date();
+ String secret = generateSecret(user, date);
+ StringBuffer sb = new StringBuffer();
+ sb.append(secret);
+ sb.append(' ');
+ sb.append(user);
+ sb.append(' ');
+ sb.append(Utils.toIsoFormat(date));
+ return Base64.encodeBytes(sb.toString().getBytes("utf-8"));
+ } catch (NoSuchAlgorithmException e) {
+ LOG.error("Error generating SHA-256 hash", e);
+ } catch (UnsupportedEncodingException e) {
+ LOG.error("Error generating SHA-256 hash", e);
+ }
+ return null;
- }
+ }
- private String generateSecret(String user, Date date) throws UnsupportedEncodingException, NoSuchAlgorithmException {
- MessageDigest mDigest = MessageDigest.getInstance("SHA-256");
- mDigest.update(seed, 0, seed.length);
- byte[] userbytes = user.getBytes("utf-8");
- mDigest.update(userbytes, 0, userbytes.length);
- byte[] isodate = Utils.toIsoFormat(date).getBytes();
- mDigest.update(isodate, 0, isodate.length);
- BigInteger i = new BigInteger(1, mDigest.digest());
- String secret = String.format("%1$064x", i);
- return secret;
- }
+ private String generateSecret(String user, Date date) throws UnsupportedEncodingException, NoSuchAlgorithmException {
+ MessageDigest mDigest = MessageDigest.getInstance("SHA-256");
+ mDigest.update(seed, 0, seed.length);
+ byte[] userbytes = user.getBytes("utf-8");
+ mDigest.update(userbytes, 0, userbytes.length);
+ byte[] isodate = Utils.toIsoFormat(date).getBytes();
+ mDigest.update(isodate, 0, isodate.length);
+ BigInteger i = new BigInteger(1, mDigest.digest());
+ String secret = String.format("%1$064x", i);
+ return secret;
+ }
- /**
- * Check if passed token is still valid, It use to check if token is expired the attribute VALID_TOKEN_PERIOD (in hours)
- *
- * @param token
- * @return
- */
- public boolean isTokenValid(String token) {
- try {
- String tokenDecoded = new String(Base64.decode(token));
- String[] parts = StringUtils.split(tokenDecoded, ' ');
- if (parts == null || parts.length < 3)
- return false;
- String secret = parts[0];
- String user = parts[1];
- Date date = Utils.toDateFromIso(parts[2]);
- if (new Date().after(new Date(date.getTime() + VALID_TOKEN_PERIOD * 60 * 60 * 1000)))
- return false;
- String newSecret = generateSecret(user, date);
- return newSecret.equals(secret);
- } catch (IOException e) {
- LOG.error("Error decoding Base64 token", e);
- } catch (NoSuchAlgorithmException e) {
- LOG.error("Error generation secret to compare with", e);
- }
- return false;
- }
+ /**
+ * Check if passed token is still valid, It use to check if token is expired
+ * the attribute VALID_TOKEN_PERIOD (in hours)
+ *
+ * @param token
+ * @return
+ */
+ public boolean isTokenValid(String token) {
+ try {
+ String tokenDecoded = new String(Base64.decode(token));
+ String[] parts = StringUtils.split(tokenDecoded, ' ');
+ if (parts == null || parts.length < 3) {
+ return false;
+ }
+ String secret = parts[0];
+ String user = parts[1];
+ Date date = Utils.toDateFromIso(parts[2]);
+ if (new Date().after(new Date(date.getTime() + VALID_TOKEN_PERIOD * 60 * 60 * 1000))) {
+ return false;
+ }
+ String newSecret = generateSecret(user, date);
+ return newSecret.equals(secret);
+ } catch (IOException e) {
+ LOG.error("Error decoding Base64 token", e);
+ } catch (NoSuchAlgorithmException e) {
+ LOG.error("Error generation secret to compare with", e);
+ }
+ return false;
+ }
- public String extractUserFromToken(String token) {
- try {
- if (token == null)
- return null;
- String tokenDecoded = new String(Base64.decode(token));
- String[] parts = StringUtils.split(tokenDecoded, ' ');
- if (parts == null || parts.length < 3)
- return null;
- String user = parts[1];
- return user;
- } catch (IOException e) {
- LOG.error("Error decoding Base64 token", e);
- }
- return null;
- }
+ public String extractUserFromToken(String token) {
+ try {
+ if (token == null) {
+ return null;
+ }
+ String tokenDecoded = new String(Base64.decode(token));
+ String[] parts = StringUtils.split(tokenDecoded, ' ');
+ if (parts == null || parts.length < 3) {
+ return null;
+ }
+ String user = parts[1];
+ return user;
+ } catch (IOException e) {
+ LOG.error("Error decoding Base64 token", e);
+ }
+ return null;
+ }
- public Date extractDateCreationFromToken(String token) {
- try {
- String tokenDecoded = new String(Base64.decode(token));
- String[] parts = StringUtils.split(tokenDecoded, ' ');
- if (parts == null || parts.length < 3)
- return null;
- Date date = Utils.toDateFromIso(parts[2]);
- return date;
- } catch (IOException e) {
- LOG.error("Error decoding Base64 token", e);
- }
- return null;
- }
+ public Date extractDateCreationFromToken(String token) {
+ try {
+ String tokenDecoded = new String(Base64.decode(token));
+ String[] parts = StringUtils.split(tokenDecoded, ' ');
+ if (parts == null || parts.length < 3) {
+ return null;
+ }
+ Date date = Utils.toDateFromIso(parts[2]);
+ return date;
+ } catch (IOException e) {
+ LOG.error("Error decoding Base64 token", e);
+ }
+ return null;
+ }
- public static void main(String[] args) throws IOException {
- TokenHelper th = new TokenHelper();
- String token = th.generateToken("pepe");
- System.out.println("Token: " + token);
- System.out.println("Token: " + new String(Base64.decode(token)));
- System.out.println("Valid Token: " + th.isTokenValid(token));
- }
}
--
Gitblit v1.3.2