/** * Base64-encode the given byte array using the RFC 4648 * "URL and Filename Safe Alphabet". * @param src the original byte array * @return the encoded byte array * @since 4.2.4 */ public static byte[] encodeUrlSafe(byte[] src) { if (src.length == 0) { return src; } return Base64.getUrlEncoder().encode(src); }
public String mintNewSecureToken() { byte[] tokenBuffer = new byte[15]; secureTokenGenerator.nextBytes(tokenBuffer); return Base64.getUrlEncoder().encodeToString(tokenBuffer); }
/** * Base64-encode the given byte array using the RFC 4648 * "URL and Filename Safe Alphabet". * @param src the original byte array * @return the encoded byte array * @since 4.2.4 */ public static byte[] encodeUrlSafe(byte[] src) { if (src.length == 0) { return src; } return Base64.getUrlEncoder().encode(src); }
@Override public String read(DataInput input) throws IOException { byte[] decoded = new byte[input.readUnsignedByte()]; input.readFully(decoded); return Base64.getUrlEncoder().encodeToString(decoded); } },
/** * Constructor * * @param secretKeyBase64 the secret key to sign requests */ private FCoinDigest(byte[] secretKeyBase64) { super(Base64.getUrlEncoder().withoutPadding().encodeToString(secretKeyBase64), HMAC_SHA_1); }
/** * Constructor * * @param secretKeyBase64 the secret key to sign requests */ private BitmexDigest(byte[] secretKeyBase64) { super(Base64.getUrlEncoder().withoutPadding().encodeToString(secretKeyBase64), HMAC_SHA_256); }
private static String encodeBase64Url(byte[] value) { return Base64.getUrlEncoder().encodeToString(value); }
public String mintNewSecureToken() { byte[] tokenBuffer = new byte[15]; secureTokenGenerator.nextBytes(tokenBuffer); return Base64.getUrlEncoder().encodeToString(tokenBuffer); }
public static String encodeSettings(io.vertx.core.http.Http2Settings settings) { Buffer buffer = Buffer.buffer(); fromVertxSettings(settings).forEach((c, l) -> { buffer.appendUnsignedShort(c); buffer.appendUnsignedInt(l); }); return Base64.getUrlEncoder().encodeToString(buffer.getBytes()); }
@Override public Collection<CharSequence> setUpgradeHeaders(ChannelHandlerContext ctx, HttpRequest upgradeRequest) { Http2Settings nettySettings = new Http2Settings(); HttpUtils.fromVertxInitialSettings(false, settings, nettySettings); Buffer buf = Buffer.buffer(); for (CharObjectMap.PrimitiveEntry<Long> entry : nettySettings.entries()) { buf.appendUnsignedShort(entry.key()); buf.appendUnsignedInt(entry.value()); } String encodedSettings = new String(java.util.Base64.getUrlEncoder().encode(buf.getBytes()), UTF_8); upgradeRequest.headers().set(HTTP_UPGRADE_SETTINGS_HEADER, encodedSettings); return UPGRADE_HEADERS; }
@Override public String createLogoutParameter(String sessionId) { try { Signature signature = Signature.getInstance(DEFAULT_SIGNATURE_ALGORITHM); signature.initSign(this.keyPair.getPrivate()); Base64.Encoder urlEncoder = Base64.getUrlEncoder(); return sessionId + "." + ByteIterator.ofBytes(urlEncoder.encode(ByteIterator.ofBytes(sessionId.getBytes(StandardCharsets.UTF_8)).sign(signature).drain())).asUtf8String().drainToString(); } catch (NoSuchAlgorithmException | InvalidKeyException | SignatureException e) { throw new IllegalStateException(e); } }
private static String compactSerialization(String subject, Long issuedAt, Long expirationTime, List<String> scope) { Encoder encoder = Base64.getUrlEncoder().withoutPadding(); String algorithm = "none"; String headerJson = "{\"alg\":\"" + algorithm + "\"}"; String encodedHeader = encoder.encodeToString(headerJson.getBytes(StandardCharsets.UTF_8)); String subjectJson = subject != null ? "\"sub\":\"" + subject + "\"" : null; String issuedAtJson = issuedAt != null ? "\"iat\":" + issuedAt.longValue() : null; String expirationTimeJson = expirationTime != null ? "\"exp\":" + expirationTime.longValue() : null; String scopeJson = scope != null ? scopeJson(scope) : null; String claimsJson = claimsJson(subjectJson, issuedAtJson, expirationTimeJson, scopeJson); String encodedClaims = encoder.encodeToString(claimsJson.getBytes(StandardCharsets.UTF_8)); return encodedHeader + "." + encodedClaims + "."; }
@Description("encode binary data as base64 using the URL safe alphabet") @ScalarFunction("to_base64url") @SqlType(StandardTypes.VARCHAR) public static Slice toBase64Url(@SqlType(StandardTypes.VARBINARY) Slice slice) { return Slices.wrappedBuffer(Base64.getUrlEncoder().encode(slice.getBytes())); }
private static Object validationResult(String headerJson, String claimsJson, Map<String, String> moduleOptionsMap) { Encoder urlEncoderNoPadding = Base64.getUrlEncoder().withoutPadding(); try { String tokenValue = String.format("%s.%s.", urlEncoderNoPadding.encodeToString(headerJson.getBytes(StandardCharsets.UTF_8)), urlEncoderNoPadding.encodeToString(claimsJson.getBytes(StandardCharsets.UTF_8))); OAuthBearerValidatorCallback callback = new OAuthBearerValidatorCallback(tokenValue); createCallbackHandler(moduleOptionsMap).handle(new Callback[] {callback}); return callback; } catch (Exception e) { return e; } }
@Test public void generateKeyWhenBase64AndCustomKeySizeThen32Bytes() { int size = 40; String result = new Base64StringKeyGenerator(Base64.getUrlEncoder(), size).generateKey(); assertThat(Base64.getUrlDecoder().decode(result.getBytes())).hasSize(size); } }
@Test public void generateKeyWhenBase64Then32Bytes() { String result = new Base64StringKeyGenerator(Base64.getUrlEncoder()).generateKey(); assertThat(Base64.getUrlDecoder().decode(result.getBytes())).hasSize(32); }
@Test public void validateClaimForExistenceAndType() throws OAuthBearerIllegalTokenException { String claimName = "foo"; for (Boolean exists : new Boolean[] {null, Boolean.TRUE, Boolean.FALSE}) { boolean useErrorValue = exists == null; for (Boolean required : new boolean[] {true, false}) { StringBuilder sb = new StringBuilder("{"); appendJsonText(sb, "exp", 100); appendCommaJsonText(sb, "sub", "principalName"); if (useErrorValue) appendCommaJsonText(sb, claimName, 1); else if (exists != null && exists.booleanValue()) appendCommaJsonText(sb, claimName, claimName); sb.append("}"); String compactSerialization = HEADER_COMPACT_SERIALIZATION + Base64.getUrlEncoder().withoutPadding() .encodeToString(sb.toString().getBytes(StandardCharsets.UTF_8)) + "."; OAuthBearerUnsecuredJws testJwt = new OAuthBearerUnsecuredJws(compactSerialization, "sub", "scope"); OAuthBearerValidationResult result = OAuthBearerValidationUtils .validateClaimForExistenceAndType(testJwt, required, claimName, String.class); if (useErrorValue || required && !exists.booleanValue()) assertTrue(isFailureWithMessageAndNoFailureScope(result)); else assertTrue(isSuccess(result)); } } }
appendCommaJsonText(sb, "sub", "principalName"); sb.append("}"); String compactSerialization = HEADER_COMPACT_SERIALIZATION + Base64.getUrlEncoder().withoutPadding() .encodeToString(sb.toString().getBytes(StandardCharsets.UTF_8)) + "."; OAuthBearerUnsecuredJws testJwt = new OAuthBearerUnsecuredJws(compactSerialization, "sub", "scope"); appendCommaJsonText(sb, "sub", "principalName"); sb.append("}"); String compactSerialization = HEADER_COMPACT_SERIALIZATION + Base64.getUrlEncoder().withoutPadding() .encodeToString(sb.toString().getBytes(StandardCharsets.UTF_8)) + "."; OAuthBearerUnsecuredJws testJwt = new OAuthBearerUnsecuredJws(compactSerialization, "sub", "scope");
@Test public void validateExpirationTime() { long nowMs = TIME.milliseconds(); double nowClaimValue = ((double) nowMs) / 1000; StringBuilder sb = new StringBuilder("{"); appendJsonText(sb, "exp", nowClaimValue); appendCommaJsonText(sb, "sub", "principalName"); sb.append("}"); String compactSerialization = HEADER_COMPACT_SERIALIZATION + Base64.getUrlEncoder().withoutPadding().encodeToString(sb.toString().getBytes(StandardCharsets.UTF_8)) + "."; OAuthBearerUnsecuredJws testJwt = new OAuthBearerUnsecuredJws(compactSerialization, "sub", "scope"); for (int allowableClockSkewMs : new int[] {0, 5, 10, 20}) { for (long whenCheckOffsetMs : new long[] {-10, 0, 10}) { long whenCheckMs = nowMs + whenCheckOffsetMs; OAuthBearerValidationResult result = OAuthBearerValidationUtils.validateExpirationTime(testJwt, whenCheckMs, allowableClockSkewMs); if (whenCheckMs - allowableClockSkewMs >= nowClaimValue * 1000) // expired assertTrue(assertionFailureMessage(nowClaimValue, allowableClockSkewMs, whenCheckMs), isFailureWithMessageAndNoFailureScope(result)); else assertTrue(assertionFailureMessage(nowClaimValue, allowableClockSkewMs, whenCheckMs), isSuccess(result)); } } }
@Test public void validClaims() throws OAuthBearerIllegalTokenException { double issuedAtSeconds = 100.1; double expirationTimeSeconds = 300.3; StringBuilder sb = new StringBuilder("{"); appendJsonText(sb, "sub", "SUBJECT"); appendCommaJsonText(sb, "iat", issuedAtSeconds); appendCommaJsonText(sb, "exp", expirationTimeSeconds); sb.append("}"); String compactSerialization = HEADER_COMPACT_SERIALIZATION + Base64.getUrlEncoder().withoutPadding().encodeToString(sb.toString().getBytes(StandardCharsets.UTF_8)) + "."; OAuthBearerUnsecuredJws testJwt = new OAuthBearerUnsecuredJws(compactSerialization, "sub", "scope"); assertEquals(compactSerialization, testJwt.value()); assertEquals("sub", testJwt.principalClaimName()); assertEquals(1, testJwt.header().size()); assertEquals("none", testJwt.header().get("alg")); assertEquals("scope", testJwt.scopeClaimName()); assertEquals(expirationTimeSeconds, testJwt.expirationTime()); assertTrue(testJwt.isClaimType("exp", Number.class)); assertEquals(issuedAtSeconds, testJwt.issuedAt()); assertEquals("SUBJECT", testJwt.subject()); }