Package org.tomitribe.auth.signatures

Class Signature

  • public class Signature
extends java.lang.Object

    • Field Summary

      Fields 
      Modifier and Type Field Description
      static long maxTimeSkewInMilliseconds
      The maximum time skew between the client and the server.

    • Constructor Summary

      Constructors 
      Constructor Description
      Signature​(java.lang.String keyId, java.lang.String algorithm, java.lang.String signature, java.lang.String... headers)
      Deprecated.
      Signature​(java.lang.String keyId, java.lang.String signingAlgorithm, java.lang.String algorithm, java.security.spec.AlgorithmParameterSpec parameterSpec, java.lang.String signature, java.util.List<java.lang.String> headers)  
      Signature​(java.lang.String keyId, java.lang.String signingAlgorithm, java.lang.String algorithm, java.security.spec.AlgorithmParameterSpec parameterSpec, java.util.List<java.lang.String> headers)
      Construct a signature configuration instance with the specified keyId, algorithm and HTTP headers.
      Signature​(java.lang.String keyId, java.lang.String algorithm, java.lang.String signature, java.util.List<java.lang.String> headers)
      Deprecated.
      Signature​(java.lang.String keyId, Algorithm algorithm, java.lang.String signature, java.lang.String... headers)
      Deprecated.
      Signature​(java.lang.String keyId, Algorithm algorithm, java.lang.String signature, java.util.List<java.lang.String> headers)
      Deprecated.
      Signature​(java.lang.String keyId, SigningAlgorithm signingAlgorithm, Algorithm algorithm, java.security.spec.AlgorithmParameterSpec parameterSpec, java.lang.String signature, java.util.List<java.lang.String> headers)  
      Signature​(java.lang.String keyId, SigningAlgorithm signingAlgorithm, Algorithm algorithm, java.security.spec.AlgorithmParameterSpec parameterSpec, java.lang.String signature, java.util.List<java.lang.String> headers, java.lang.Long maxSignatureValidityDuration)  
      Signature​(java.lang.String keyId, SigningAlgorithm signingAlgorithm, Algorithm algorithm, java.security.spec.AlgorithmParameterSpec parameterSpec, java.lang.String signature, java.util.List<java.lang.String> headers, java.lang.Long maxSignatureValidityDuration, java.lang.Long signatureCreatedTime, java.lang.Long signatureExpiresTime)  

    • Field Detail

      • maxTimeSkewInMilliseconds

        public static long maxTimeSkewInMilliseconds
        The maximum time skew between the client and the server. This is used to validate the (created) and (expires) fields in the HTTP signature.

    • Constructor Detail

      • Signature

        public Signature​(java.lang.String keyId,
                 java.lang.String signingAlgorithm,
                 java.lang.String algorithm,
                 java.security.spec.AlgorithmParameterSpec parameterSpec,
                 java.util.List<java.lang.String> headers)
        Construct a signature configuration instance with the specified keyId, algorithm and HTTP headers.
        Parameters:
        keyId - An opaque string that the server can use to look up the component they need to validate the signature.
        signingAlgorithm - An identifier for the HTTP Signature algorithm. This should be "hs2019" except for legacy applications that use an older version of the draft HTTP signature specification.
        algorithm - The detailed algorithm used to sign the message.
        parameterSpec - optional cryptographic parameters for the signature.
        headers - The list of HTTP headers that will be used in the signature.

      • Signature

        @Deprecated
public Signature​(java.lang.String keyId,
                 java.lang.String algorithm,
                 java.lang.String signature,
                 java.lang.String... headers)
        Deprecated.

      • Signature

        @Deprecated
public Signature​(java.lang.String keyId,
                 Algorithm algorithm,
                 java.lang.String signature,
                 java.lang.String... headers)
        Deprecated.

      • Signature

        @Deprecated
public Signature​(java.lang.String keyId,
                 java.lang.String algorithm,
                 java.lang.String signature,
                 java.util.List<java.lang.String> headers)
        Deprecated.

      • Signature

        @Deprecated
public Signature​(java.lang.String keyId,
                 Algorithm algorithm,
                 java.lang.String signature,
                 java.util.List<java.lang.String> headers)
        Deprecated.

      • Signature

        public Signature​(java.lang.String keyId,
                 java.lang.String signingAlgorithm,
                 java.lang.String algorithm,
                 java.security.spec.AlgorithmParameterSpec parameterSpec,
                 java.lang.String signature,
                 java.util.List<java.lang.String> headers)

      • Signature

        public Signature​(java.lang.String keyId,
                 SigningAlgorithm signingAlgorithm,
                 Algorithm algorithm,
                 java.security.spec.AlgorithmParameterSpec parameterSpec,
                 java.lang.String signature,
                 java.util.List<java.lang.String> headers)

      • Signature

        public Signature​(java.lang.String keyId,
                 SigningAlgorithm signingAlgorithm,
                 Algorithm algorithm,
                 java.security.spec.AlgorithmParameterSpec parameterSpec,
                 java.lang.String signature,
                 java.util.List<java.lang.String> headers,
                 java.lang.Long maxSignatureValidityDuration)

      • Signature

        public Signature​(java.lang.String keyId,
                 SigningAlgorithm signingAlgorithm,
                 Algorithm algorithm,
                 java.security.spec.AlgorithmParameterSpec parameterSpec,
                 java.lang.String signature,
                 java.util.List<java.lang.String> headers,
                 java.lang.Long maxSignatureValidityDuration,
                 java.lang.Long signatureCreatedTime,
                 java.lang.Long signatureExpiresTime)

    • Method Detail

      • getSignatureCreation

        public java.util.Date getSignatureCreation()
        Returns the signature creation time.
        Returns:
        the signature creation time.

      • getSignatureCreationTimeMilliseconds

        public java.lang.Long getSignatureCreationTimeMilliseconds()
        Returns the signature creation time in milliseconds since the epoch.
        Returns:
        the signature creation time in milliseconds since the epoch.

      • getSignatureMaxValidityMilliseconds

        public java.lang.Long getSignatureMaxValidityMilliseconds()
        Returns the signature max validity duration, in milliseconds.
        Returns:
        the signature max validity duration, in milliseconds.

      • getSignatureExpiration

        public java.util.Date getSignatureExpiration()
        Returns the signature expiration time.
        Returns:
        the signature expiration time.

      • getSignatureExpirationTimeMilliseconds

        public java.lang.Long getSignatureExpirationTimeMilliseconds()
        Returns the signature expiration time in milliseconds since the epoch.
        Returns:
        the signature expiration time in milliseconds since the epoch.

      • getKeyId

        public java.lang.String getKeyId()

      • getAlgorithm

        public Algorithm getAlgorithm()
        Returns the detailed implementation algorithm for HTTP signatures.
        Returns:
        the cryptographic algorithm.

      • getSigningAlgorithm

        public SigningAlgorithm getSigningAlgorithm()
        Returns the identifier for the HTTP Signature Algorithm, as registered in the HTTP Signature Algorithms Registry.
        Returns:
        the identifier for the HTTP Signature Algorithm.

      • getSignature

        public java.lang.String getSignature()
        Returns the base-64 encoded value of the signature.
        Returns:
        the base-64 encoded value of the signature.

      • getParameterSpec

        public java.security.spec.AlgorithmParameterSpec getParameterSpec()
        Returns the specification of cryptographic parameters.
        Returns:
        specification of cryptographic parameters.

      • getHeaders

        public java.util.List<java.lang.String> getHeaders()

      • verifySignatureValidityDates

        public void verifySignatureValidityDates()
        Verify the signature is valid with regards to the (created) and (expires) fields. When the '(created)' field is present in the HTTP signature, the '(created)' field represents the date when the signature has been created. When the '(expires)' field is present in the HTTP signature, the '(expires)' field represents the date when the signature expires.

      • fromString

        public static Signature fromString​(java.lang.String authorization,
                                   Algorithm algorithm)
        Constructs a Signature object by parsing the 'Authorization' header. As stated in the HTTP signature specification, the value of the algorithm parameter in the 'Authorization' header should be set to generic identifier. The detailed algorithm should be derived from the keyId. Hence it is not possible to determine the detailed algorithm by inspecting the signature data.
        Parameters:
        authorization - The value of the HTTP 'Authorization' header containing the signature data.
        algorithm - The detailed cryptographic algorithm for the HTTP signature.
        Returns:
        The Signature object.

      • fromString

        public static Signature fromString​(java.lang.String authorization)

      • toString

        public java.lang.String toString()
        Overrides:
        toString in class java.lang.Object

      • toParamString

        public java.lang.String toParamString()
        Returns the formatted signature parameters without any "Signature " prefix

      • toString

        public java.lang.String toString​(java.lang.String prefix)