fr.cnes.doi.security

Class TokenSecurity

java.lang.Object

fr.cnes.doi.security.TokenSecurity

@Requirement(reqId="DOI_AUTH_020",
             reqName="Authentification par token")
public final class TokenSecurity
extends Object

Security class for token generation.

Author:

Jean-Christophe Malapert (jean-christophe.malapert@cnes.fr)

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	TokenSecurity.TimeUnit Time unit.
private static class	TokenSecurity.TokenSecurityHolder Class to handle the instance

Field Summary

Fields

Modifier and Type	Field and Description
static String	DATE_FORMAT Default date format for the token "EEE MMM dd HH:mm:ss z yyyy"
static String	DEFAULT_TOKEN_KEY Default token key.
private static org.apache.logging.log4j.Logger	LOG Logger.
static String	PROJECT_ID Project ID name in token.
static String	PROJECT_NAME Project name in token.
private static AbstractTokenDBHelper	TOKEN_DB Plugin for token database.
private String	tokenKey token key.

Constructor Summary

Constructors

Modifier	Constructor and Description
private	TokenSecurity() Private constructor.

Method Summary

Modifier and Type	Method and Description
private Date	computeExpirationDate(Date now, int calendarTime, int amount) Computes the expiration date.
static String	createKeySignatureHS256() Creates a key for token signature encoded with the algorithm HS256
String	generate(String userID, int projectID, TokenSecurity.TimeUnit timeUnit, int amount) Creates a token.
String	generate(String userID, TokenSecurity.TimeUnit timeUnit, int amount) Creates a token.
static TokenSecurity	getInstance() Access to unique INSTANCE of Settings
AbstractTokenDBHelper	getTokenDB() Returns the token DB.
io.jsonwebtoken.Jws<io.jsonwebtoken.Claims>	getTokenInformation(String jwtToken) Returns the token information.
String	getTokenKey() Returns the token key computed by the algorithm HS256.
private void	init() Init.
boolean	isExpired(String token) Returns true when the token is expired otherwise false.
void	setTokenKey(String tokenKey) Sets a custom token key.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

tokenKey

private String tokenKey

token key.

PROJECT_ID

public static final String PROJECT_ID

Project ID name in token.

See Also:

Constant Field Values

PROJECT_NAME

public static final String PROJECT_NAME

Project name in token.

See Also:

Constant Field Values

DEFAULT_TOKEN_KEY

public static final String DEFAULT_TOKEN_KEY

Default token key.

See Also:

Constant Field Values

DATE_FORMAT

public static final String DATE_FORMAT

Default date format for the token "EEE MMM dd HH:mm:ss z yyyy"

See Also:

Constant Field Values

TOKEN_DB

private static final AbstractTokenDBHelper TOKEN_DB

Plugin for token database.

LOG

private static final org.apache.logging.log4j.Logger LOG

Logger.

Constructor Detail

TokenSecurity

private TokenSecurity()

Private constructor.

Method Detail

getInstance

public static TokenSecurity getInstance()

Access to unique INSTANCE of Settings

Returns:

the configuration instance.

createKeySignatureHS256

public static String createKeySignatureHS256()

Creates a key for token signature encoded with the algorithm HS256

Returns:

key encoded in Base64

See Also:

Base64

init

private void init()

Init.

generate

public String generate(String userID,
                       int projectID,
                       TokenSecurity.TimeUnit timeUnit,
                       int amount)
                throws TokenSecurityException

Creates a token.

Parameters:

userID - The user that creates the token

projectID - The project ID

timeUnit - The time unit for the date expiration

amount - the amount of timeUnit for the date expiration

Returns:

JWT token

Throws:

TokenSecurityException - if the projectID is not first registered

generate

public String generate(String userID,
                       TokenSecurity.TimeUnit timeUnit,
                       int amount)

Creates a token. (no project ID required)

Parameters:

userID - The user that creates the token

timeUnit - The time unit for the date expiration

amount - the amount of timeUnit for the date expiration

Returns:

JWT token

getTokenKey

public String getTokenKey()

Returns the token key computed by the algorithm HS256.

Returns:

the token key encoded in base64

setTokenKey

public void setTokenKey(String tokenKey)

Sets a custom token key.

Parameters:

tokenKey - token key

isExpired

public boolean isExpired(String token)

Returns true when the token is expired otherwise false.

Parameters:

token - token

Returns:

true when the token is expired otherwise false.

getTokenInformation

public io.jsonwebtoken.Jws<io.jsonwebtoken.Claims> getTokenInformation(String jwtToken)
                                                                throws DoiRuntimeException

Returns the token information.

Parameters:

jwtToken - token JWT

Returns:

the information or null when the token is expired.

Throws:

DoiRuntimeException - - if an error happens getting information from the token

getTokenDB

public AbstractTokenDBHelper getTokenDB()

Returns the token DB.

Returns:

the token DB

computeExpirationDate

private Date computeExpirationDate(Date now,
                                   int calendarTime,
                                   int amount)

Computes the expiration date.

Parameters:

now - the current date

calendarTime - the unit time associated to the amount

amount - amount

Returns:

the expiration date