org.springframework.security.oauth.provider.nonce

Interface OAuthNonceServices

All Known Implementing Classes:

ExpiringTimestampNonceServices, InMemoryNonceServices, NullNonceServices

public interface OAuthNonceServices

Author:

Ryan Heaton

Method Summary

Methods

Modifier and Type	Method and Description
void	validateNonce(ConsumerDetails consumerDetails, long timestamp, String nonce) Validate a nonce for a specific consumer timestamp.

Method Detail

validateNonce

void validateNonce(ConsumerDetails consumerDetails,
                 long timestamp,
                 String nonce)
                   throws org.springframework.security.core.AuthenticationException

Validate a nonce for a specific consumer timestamp. This is an opportunity to prevent replay attacks. Every nonce should be unique for each consumer timestamp. In other words, this method should throw a BadCredentialsException if the specified nonce was used by the consumer more than once with the specified timestamp.

Parameters:

consumerDetails - The consumer details.

timestamp - The timestamp.

nonce - The nonce.

Throws:

org.springframework.security.core.AuthenticationException - If the nonce failed to validate.