org.springframework.security.oauth.common.signature
Class HMAC_SHA1SignatureMethod

java.lang.Object
  extended by org.springframework.security.oauth.common.signature.HMAC_SHA1SignatureMethod
All Implemented Interfaces:
OAuthSignatureMethod

public class HMAC_SHA1SignatureMethod
extends Object
implements OAuthSignatureMethod

HMAC-SHA1 signature method.

Author:
Ryan Heaton

Field Summary
static String MAC_NAME
          The MAC name (for interfacing with javax.crypto.*).
static String SIGNATURE_NAME
          The name of this HMAC-SHA1 signature method ("HMAC-SHA1").
 
Constructor Summary
HMAC_SHA1SignatureMethod(SecretKey key)
          Construct a HMAC-SHA1 signature method with the given HMAC-SHA1 key.
 
Method Summary
 String getName()
          The name of this HMAC-SHA1 signature method ("HMAC-SHA1").
 SecretKey getSecretKey()
          The secret key.
 String sign(String signatureBaseString)
          Sign the signature base string.
 void verify(String signatureBaseString, String signature)
          Verify the signature of the given signature base string.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

SIGNATURE_NAME

public static final String SIGNATURE_NAME
The name of this HMAC-SHA1 signature method ("HMAC-SHA1").

See Also:
Constant Field Values

MAC_NAME

public static final String MAC_NAME
The MAC name (for interfacing with javax.crypto.*). "HmacSHA1".

See Also:
Constant Field Values
Constructor Detail

HMAC_SHA1SignatureMethod

public HMAC_SHA1SignatureMethod(SecretKey key)
Construct a HMAC-SHA1 signature method with the given HMAC-SHA1 key.

Parameters:
key - The key.
Method Detail

getName

public String getName()
The name of this HMAC-SHA1 signature method ("HMAC-SHA1").

Specified by:
getName in interface OAuthSignatureMethod
Returns:
The name of this HMAC-SHA1 signature method.

sign

public String sign(String signatureBaseString)
Sign the signature base string. The signature is the digest octet string, first base64-encoded per RFC2045, section 6.8, then URL-encoded per OAuth Parameter Encoding.

Specified by:
sign in interface OAuthSignatureMethod
Parameters:
signatureBaseString - The signature base string.
Returns:
The signature.

verify

public void verify(String signatureBaseString,
                   String signature)
            throws InvalidSignatureException
Verify the signature of the given signature base string. The signature is verified by generating a new request signature octet string, and comparing it to the signature provided by the Consumer, first URL-decoded per Parameter Encoding, then base64-decoded per RFC2045 section 6.8. The signature is generated using the request parameters as provided by the Consumer, and the Consumer Secret and Token Secret as stored by the Service Provider.

Specified by:
verify in interface OAuthSignatureMethod
Parameters:
signatureBaseString - The signature base string.
signature - The signature.
Throws:
InvalidSignatureException - If the signature is invalid for the specified base string.

getSecretKey

public SecretKey getSecretKey()
The secret key.

Returns:
The secret key.


Copyright © 2012. All Rights Reserved.