Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.springframework.security.oauth.provider.nonce
Class InMemoryNonceServices

java.lang.Object
  extended by org.springframework.security.oauth.provider.nonce.ExpiringTimestampNonceServices
      extended by org.springframework.security.oauth.provider.nonce.InMemoryNonceServices
All Implemented Interfaces:
org.springframework.beans.factory.InitializingBean, OAuthNonceServices
public class InMemoryNonceServices
extends ExpiringTimestampNonceServices

Expands on the ExpiringTimestampNonceServices to include validation of the nonce for replay protection.

To validate of the nonce, the InMemoryNonceService first validates the consumer key and timestamp as does the ExpiringTimestampNonceServices. Assuming the consumer and timestamp are valid, the InMemoryNonceServices further ensures that the specified nonce was not used with the specified timestamp within the specified validity window. The list of nonces used within the validity window is kept in memory.

Author:
Ryan Heaton

Nested Class Summary
protected static class InMemoryNonceServices.TimestampEntry
           
 
Field Summary
protected static java.util.concurrent.ConcurrentMap<java.lang.String,java.util.LinkedList<InMemoryNonceServices.TimestampEntry>> TIMESTAMP_ENTRIES
           
 
Constructor Summary
InMemoryNonceServices()
           
 
Method Summary
 boolean validateNonce(ConsumerDetails consumerDetails, long timestamp, java.lang.String nonce)
          Validate a nonce for a specific consumer timestamp.
 
Methods inherited from class org.springframework.security.oauth.provider.nonce.ExpiringTimestampNonceServices
afterPropertiesSet, getConsumerDetailsService, getValidityWindowSeconds, setConsumerDetailsService, setValidityWindowSeconds
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

TIMESTAMP_ENTRIES

protected static final java.util.concurrent.ConcurrentMap<java.lang.String,java.util.LinkedList<InMemoryNonceServices.TimestampEntry>> TIMESTAMP_ENTRIES
Constructor Detail

InMemoryNonceServices

public InMemoryNonceServices()
Method Detail

validateNonce

public boolean validateNonce(ConsumerDetails consumerDetails,
                             long timestamp,
                             java.lang.String nonce)
                      throws org.springframework.security.AuthenticationException
Description copied from interface: OAuthNonceServices
Validate a nonce for a specific consumer timestamp. This is an opportunity to prevent replay attacks. Every nonce should be unique for each consumer timestamp. In other words, this method should throw a BadCredentialsException if the specified nonce was used by the consumer more than once with the specified timestamp.

Specified by:
validateNonce in interface OAuthNonceServices
Overrides:
validateNonce in class ExpiringTimestampNonceServices
Parameters:
consumerDetails - The consumer details.
timestamp - The timestamp.
nonce - The nonce.
Returns:
Whether the timestamp is a new timestamp. This gives the authentication processor the chance to enforce that all peer requests have the same timestamp, per the OAuth spec.
Throws:
org.springframework.security.AuthenticationException - If the nonce failed to validate.
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2008. All Rights Reserved.