diff options
Diffstat (limited to 'eaaf_core_utils')
2 files changed, 64 insertions, 22 deletions
| diff --git a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/AuthenticatedEncryptionPendingRequestIdGenerationStrategy.java b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/AuthenticatedEncryptionPendingRequestIdGenerationStrategy.java index ca1db67d..cbf2be5a 100644 --- a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/AuthenticatedEncryptionPendingRequestIdGenerationStrategy.java +++ b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/AuthenticatedEncryptionPendingRequestIdGenerationStrategy.java @@ -80,31 +80,13 @@ public class AuthenticatedEncryptionPendingRequestIdGenerationStrategy    @Override    public String generateExternalPendingRequestId() throws EaafException {      try { -      final String toSign = buildInternalToken(Random.nextLongRandom(), DateTime.now()); -      JsonWebEncryption encToken = new JsonWebEncryption();      -      encToken.setAlgorithmHeaderValue(selectKeyWrappingAlgorithm(key.getFirst())); -      encToken.setEncryptionMethodHeaderParameter(ContentEncryptionAlgorithmIdentifiers.AES_128_GCM); -      encToken.setKey(key.getFirst()); -      encToken.setPayload(toSign); -       -       -       -      if (key.getSecond() != null) { -        final ProviderContext providerCtx = new ProviderContext(); -        providerCtx.getSuppliedKeyProviderContext().setSignatureProvider( -            key.getSecond().getName()); -        encToken.setProviderContext(providerCtx); - -      } -       -      return Base64.getUrlEncoder() -          .encodeToString(encToken.getCompactSerialization().getBytes(StandardCharsets.UTF_8)); -       +      final String toSign = buildInternalToken(Random.nextLongRandom(), DateTime.now());       +      return encryptAndEncodeToken(toSign); +                  } catch (final JoseException e) {        throw new EaafException("internal.pendingreqid.02", new Object[] { e.getMessage() }, e);      } -    }    @Override @@ -272,9 +254,30 @@ public class AuthenticatedEncryptionPendingRequestIdGenerationStrategy    } -  private String buildInternalToken(final String internalPendingReqId, final DateTime now) { +  protected String buildInternalToken(final String internalPendingReqId, final DateTime now) {      return new StringBuilder().append(TOKEN_TEXTUAL_DATE_FORMAT.print(now)).append(TOKEN_SEPARATOR)          .append(internalPendingReqId).toString(); +     +  } +   +  protected String encryptAndEncodeToken(String token) throws JoseException {     +    JsonWebEncryption encToken = new JsonWebEncryption();      +    encToken.setAlgorithmHeaderValue(selectKeyWrappingAlgorithm(key.getFirst())); +    encToken.setEncryptionMethodHeaderParameter(ContentEncryptionAlgorithmIdentifiers.AES_128_GCM); +    encToken.setKey(key.getFirst()); +    encToken.setPayload(token);         +     +    if (key.getSecond() != null) { +      final ProviderContext providerCtx = new ProviderContext(); +      providerCtx.getSuppliedKeyProviderContext().setSignatureProvider( +          key.getSecond().getName()); +      encToken.setProviderContext(providerCtx); + +    } +     +    return Base64.getUrlEncoder() +        .encodeToString(encToken.getCompactSerialization().getBytes(StandardCharsets.UTF_8)); +        }  } diff --git a/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/utils/TestAuthenticatedEncryptionPendingRequestIdGenerationStrategy.java b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/utils/TestAuthenticatedEncryptionPendingRequestIdGenerationStrategy.java new file mode 100644 index 00000000..0ec9446c --- /dev/null +++ b/eaaf_core_utils/src/test/java/at/gv/egiz/eaaf/core/test/utils/TestAuthenticatedEncryptionPendingRequestIdGenerationStrategy.java @@ -0,0 +1,39 @@ +package at.gv.egiz.eaaf.core.test.utils; + +import org.joda.time.DateTime; +import org.jose4j.lang.JoseException; + +import at.gv.egiz.eaaf.core.exceptions.EaafException; +import at.gv.egiz.eaaf.core.impl.utils.AuthenticatedEncryptionPendingRequestIdGenerationStrategy; +import at.gv.egiz.eaaf.core.impl.utils.Random; + +/** + * {@link AuthenticatedEncryptionPendingRequestIdGenerationStrategy} with special methodes for software testing. + *  + * @author tlenz + * + */ +public class TestAuthenticatedEncryptionPendingRequestIdGenerationStrategy extends +    AuthenticatedEncryptionPendingRequestIdGenerationStrategy { + +  /** +   * Generate a new pendingRequestId with a specific timestamp. +   *  +   * <p>This method is only for software testing to generate expired pendingRequestId's</p> +   *  +   * @param timestamp Timestamp on which this pendingRequestId was generated +   * @return pendingRequestId +   * @throws EaafException In case of an error +   */ +  public String generateExternalPendingRequestId(DateTime timestamp) throws EaafException { +    try { +      final String toSign = buildInternalToken(Random.nextLongRandom(),timestamp);       +      return encryptAndEncodeToken(toSign); +             +    } catch (final JoseException e) { +      throw new EaafException("internal.pendingreqid.02", new Object[] { e.getMessage() }, e); + +    } +  } +   +} | 
