org.springframework.security.oauth.common.signature

Class HMAC_SHA1SignatureMethod

java.lang.Object

org.springframework.security.oauth.common.signature.HMAC_SHA1SignatureMethod

All Implemented Interfaces:

OAuthSignatureMethod

public class HMAC_SHA1SignatureMethod
extends Object
implements OAuthSignatureMethod

HMAC-SHA1 signature method.

Author:

Ryan Heaton

Field Summary

Fields

Modifier and Type	Field and Description
static String	MAC_NAME The MAC name (for interfacing with javax.crypto.*).
static String	SIGNATURE_NAME The name of this HMAC-SHA1 signature method ("HMAC-SHA1").

Constructor Summary

Constructors

Constructor and Description
HMAC_SHA1SignatureMethod(SecretKey key) Construct a HMAC-SHA1 signature method with the given HMAC-SHA1 key.

Method Summary

Methods

Modifier and Type	Method and Description
String	getName() The name of this HMAC-SHA1 signature method ("HMAC-SHA1").
SecretKey	getSecretKey() The secret key.
String	sign(String signatureBaseString) Sign the signature base string.
void	verify(String signatureBaseString, String signature) Verify the signature of the given signature base string.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

SIGNATURE_NAME

public static final String SIGNATURE_NAME

The name of this HMAC-SHA1 signature method ("HMAC-SHA1").

See Also:

Constant Field Values

MAC_NAME

public static final String MAC_NAME

The MAC name (for interfacing with javax.crypto.*). "HmacSHA1".

See Also:

Constant Field Values

Constructor Detail

HMAC_SHA1SignatureMethod

public HMAC_SHA1SignatureMethod(SecretKey key)

Construct a HMAC-SHA1 signature method with the given HMAC-SHA1 key.

Parameters:

key - The key.

Method Detail

getName

public String getName()

The name of this HMAC-SHA1 signature method ("HMAC-SHA1").

Specified by:

getName in interface OAuthSignatureMethod

Returns:

The name of this HMAC-SHA1 signature method.

sign

public String sign(String signatureBaseString)

Sign the signature base string. The signature is the digest octet string, first base64-encoded per RFC2045, section 6.8, then URL-encoded per OAuth Parameter Encoding.

Specified by:

sign in interface OAuthSignatureMethod

Parameters:

signatureBaseString - The signature base string.

Returns:

The signature.

verify

public void verify(String signatureBaseString,
          String signature)
            throws InvalidSignatureException

Verify the signature of the given signature base string. The signature is verified by generating a new request signature octet string, and comparing it to the signature provided by the Consumer, first URL-decoded per Parameter Encoding, then base64-decoded per RFC2045 section 6.8. The signature is generated using the request parameters as provided by the Consumer, and the Consumer Secret and Token Secret as stored by the Service Provider.

Specified by:

verify in interface OAuthSignatureMethod

Parameters:

signatureBaseString - The signature base string.

signature - The signature.

Throws:

InvalidSignatureException - If the signature is invalid for the specified base string.

getSecretKey

public SecretKey getSecretKey()

The secret key.

Returns:

The secret key.