Class ExpiringTimestampNonceServices

  extended by
All Implemented Interfaces:

public class ExpiringTimestampNonceServices
extends Object
implements OAuthNonceServices

Nonce services that only validates the timestamp of a consumer request. The nonce is not checked for replay attacks.

The timestamp is interpreted as the number of seconds from January 1, 1970 00:00:00 GMT. If the timestamp is older than the configured validity window, the nonce is not valid. The default validity window is 12 hours.

Ryan Heaton

Constructor Summary
Method Summary
 long getValidityWindowSeconds()
          Set the timestamp validity window (in seconds).
 void setValidityWindowSeconds(long validityWindowSeconds)
          The timestamp validity window (in seconds).
 void validateNonce(ConsumerDetails consumerDetails, long timestamp, String nonce)
          Validate a nonce for a specific consumer timestamp.
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail


public ExpiringTimestampNonceServices()
Method Detail


public void validateNonce(ConsumerDetails consumerDetails,
                          long timestamp,
                          String nonce)
Description copied from interface: OAuthNonceServices
Validate a nonce for a specific consumer timestamp. This is an opportunity to prevent replay attacks. Every nonce should be unique for each consumer timestamp. In other words, this method should throw a BadCredentialsException if the specified nonce was used by the consumer more than once with the specified timestamp.

Specified by:
validateNonce in interface OAuthNonceServices
consumerDetails - The consumer details.
timestamp - The timestamp.
nonce - The nonce.
Throws: - If the nonce failed to validate.


public long getValidityWindowSeconds()
Set the timestamp validity window (in seconds).

the timestamp validity window (in seconds).


public void setValidityWindowSeconds(long validityWindowSeconds)
The timestamp validity window (in seconds).

validityWindowSeconds - the timestamp validity window (in seconds).

Copyright © 2012. All Rights Reserved.