Examples of Nonce

Examples of com.bradmcevoy.http.http11.auth.Nonce

39
40
41
42
43
44
45
46
47
48
    }

    public String createNonce( Resource resource, Request request ) {
        UUID id = UUID.randomUUID();
        Date now = new Date();
        Nonce n = new Nonce( id, now );
        memcache.put( n.getValue(), n, Expiration.byDeltaSeconds(nonceValiditySeconds));
        log.info( "created nonce: " + n.getValue() );
        return n.getValue().toString();
    }
View Full Code Here

Examples of com.bradmcevoy.http.http11.auth.Nonce

54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
            value = UUID.fromString( nonce );
        } catch( Exception e ) {
            log.info( "couldnt parse nonce" );
            return NonceValidity.INVALID;
        }
        Nonce n = (Nonce)memcache.get(value);
        if( n == null ) {
            log.info( "not found in cache" );
            return NonceValidity.INVALID;
        } else {
            if( isExpired( n.getIssued() ) ) {
                log.info( "nonce has expired; that is unusual as it should have been evicted from the cache already." );
                return NonceValidity.EXPIRED;
            } else {
                if( nc == null ) {
                    log.info( "nonce ok" );
                    return NonceValidity.OK;
                } else {
                    if( enableNonceCountChecking && nc <= n.getNonceCount() ) {
                        log.warning( "nonce-count was not greater then previous, possible replay attack. new: " + nc + " old:" + n.getNonceCount() );
                        return NonceValidity.INVALID;
                    } else {
                        log.info( "nonce and nonce-count ok" );
                        Nonce newNonce = n.increaseNonceCount( nc );
                        memcache.put( newNonce.getValue(), newNonce, Expiration.byDeltaSeconds(nonceValiditySeconds));
                        return NonceValidity.OK;
                    }
                }
            }
        }
View Full Code Here

Examples of com.google.nigori.common.Nonce

54
55
56
57
58
59
60
61
62
63
64
65
  }

  @Test
  public void clearOldNonces() throws UserNotFoundException {
    database.clearOldNonces();
    Nonce oldNonce = new LyingNonce(0);
    Nonce freshNonce = new Nonce();
    database.addUser(publicKey, publicHash);
    User user = database.getUser(publicHash);
    try {
      assertTrue(database.checkAndAddNonce(oldNonce, publicHash));
      assertTrue(database.checkAndAddNonce(freshNonce, publicHash));
View Full Code Here

Examples of com.google.nigori.common.Nonce

81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
    byte[] publicHash = auth.getPublicKey().toByteArray();
    List<byte[]> byteSig = Util.splitBytes(auth.getSig().toByteArray());
    byte[] dsaR = byteSig.get(0);
    byte[] dsaS = byteSig.get(1);
    Nonce nonce = new Nonce(auth.getNonce().toByteArray());
    String serverName = auth.getServerName();
    try {
      byte[] publicKey = database.getPublicKey(publicHash);

      DSASignature sig =
          new DSASignature(dsaR, dsaS, Util.joinBytes(toBytes(serverName), nonce.nt(), nonce.nr(), toBytes(command), Util.joinBytes(payload)));
      try {
        DSAVerify v = new DSAVerify(publicKey);

        if (v.verify(sig)) {
          boolean validNonce = database.checkAndAddNonce(nonce, publicHash);
View Full Code Here

Examples of com.google.nigori.common.Nonce

100
101
102
103
104
105
106
107
    assertFalse(database.haveUser(publicHash));
  }

  @Test
  public void newNoncePasses() {
    Nonce nonce = new Nonce();
    assertTrue(database.checkAndAddNonce(nonce, publicHash));
  }
View Full Code Here

Examples of com.google.nigori.common.Nonce

106
107
108
109
110
111
112
113
114
    assertTrue(database.checkAndAddNonce(nonce, publicHash));
  }

  @Test
  public void repeatedNonceFails() {
    Nonce nonce = new Nonce();
    assertTrue(database.checkAndAddNonce(nonce, publicHash));
    assertFalse(database.checkAndAddNonce(nonce, publicHash));
  }
View Full Code Here

Examples of com.google.nigori.common.Nonce

215
216
217
218
219
220
221
222
223
224
225
226
227
228
  @Override
  public void clearOldNonces() {
    for (Set<Nonce> nonceSet : nonces.values()){
      Iterator<Nonce> nonceIterator = nonceSet.iterator();
      Nonce nonce;
      while (nonceIterator.hasNext()){
        nonce = nonceIterator.next();
        if (!nonce.isRecent()){
          nonceIterator.remove();
        }
      }
    }
  }
View Full Code Here

Examples of com.nimbusds.openid.connect.sdk.Nonce

163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
    IDTokenClaimsSet idTokenClaimsSet = new IDTokenClaimsSet(issuer, subject, audList, expirationTime, issueTime);

    Date authenticationTime = DateUtils.fromSecondsSinceEpoch(300000l);
    idTokenClaimsSet.setAuthenticationTime(authenticationTime);

    Nonce nonce = new Nonce();
    idTokenClaimsSet.setNonce(nonce);

    AccessTokenHash accessTokenHash = new AccessTokenHash("123");
    idTokenClaimsSet.setAccessTokenHash(accessTokenHash);

    CodeHash codeHash = new CodeHash("456");
    idTokenClaimsSet.setCodeHash(codeHash);

    ACR acr = new ACR("1");
    idTokenClaimsSet.setACR(acr);

    List<AMR> amrList = new LinkedList<>();
    amrList.add(new AMR("A"));
    idTokenClaimsSet.setAMR(amrList);

    AuthorizedParty authorizedParty = new AuthorizedParty("azp");
    idTokenClaimsSet.setAuthorizedParty(authorizedParty);

    // Mandatory claims
    assertEquals("iss", idTokenClaimsSet.getIssuer().getValue());
    assertEquals("sub", idTokenClaimsSet.getSubject().getValue());
    assertEquals("aud", idTokenClaimsSet.getAudience().get(0).getValue());
    assertEquals(100000l, idTokenClaimsSet.getExpirationTime().getTime() / 1000);
    assertEquals(200000l, idTokenClaimsSet.getIssueTime().getTime() / 1000);

    // Optional claims
    assertEquals(300000l, idTokenClaimsSet.getAuthenticationTime().getTime() / 1000);
    assertEquals(nonce.getValue(), idTokenClaimsSet.getNonce().getValue());
    assertEquals(accessTokenHash.getValue(), idTokenClaimsSet.getAccessTokenHash().getValue());
    assertEquals(codeHash.getValue(), idTokenClaimsSet.getCodeHash().getValue());
    assertEquals(acr.getValue(), idTokenClaimsSet.getACR().getValue());
    assertEquals("A", idTokenClaimsSet.getAMR().get(0).getValue());
    assertEquals(authorizedParty.getValue(), idTokenClaimsSet.getAuthorizedParty().getValue());

    String json = idTokenClaimsSet.toJSONObject().toJSONString();

    // Try to JWT claims set too
    idTokenClaimsSet.toJWTClaimsSet();

    idTokenClaimsSet = IDTokenClaimsSet.parse(json);

    // Mandatory claims
    assertEquals("iss", idTokenClaimsSet.getIssuer().getValue());
    assertEquals("sub", idTokenClaimsSet.getSubject().getValue());
    assertEquals("aud", idTokenClaimsSet.getAudience().get(0).getValue());
    assertEquals(100000l, idTokenClaimsSet.getExpirationTime().getTime() / 1000);
    assertEquals(200000l, idTokenClaimsSet.getIssueTime().getTime() / 1000);

    // Optional claims
    assertEquals(300000l, idTokenClaimsSet.getAuthenticationTime().getTime() / 1000);
    assertEquals(nonce.getValue(), idTokenClaimsSet.getNonce().getValue());
    assertEquals(accessTokenHash.getValue(), idTokenClaimsSet.getAccessTokenHash().getValue());
    assertEquals(codeHash.getValue(), idTokenClaimsSet.getCodeHash().getValue());
    assertEquals(acr.getValue(), idTokenClaimsSet.getACR().getValue());
    assertEquals("A", idTokenClaimsSet.getAMR().get(0).getValue());
    assertEquals(authorizedParty.getValue(), idTokenClaimsSet.getAuthorizedParty().getValue());
View Full Code Here

Examples of com.nimbusds.openid.connect.sdk.Nonce

258
259
260
261
262
263
264
265
266
267
      new Date(),
      new Date());

    assertFalse(claimsSet.hasRequiredClaims(responseType));

    claimsSet.setNonce(new Nonce());
    claimsSet.setAccessTokenHash(new AccessTokenHash("at_hash"));

    assertTrue(claimsSet.hasRequiredClaims(responseType));
  }
View Full Code Here

Examples of com.nimbusds.openid.connect.sdk.Nonce

303
304
305
306
307
308
309
310
311
312
    assertFalse(claimsSet.hasRequiredClaims(responseType));

    claimsSet.setCodeHash(new CodeHash("c_hash"));

    claimsSet.setNonce(new Nonce());
    claimsSet.setAccessTokenHash(new AccessTokenHash("at_hash"));

    assertTrue(claimsSet.hasRequiredClaims(responseType));
  }
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.