private byte[] digest(ConsumerKey consumerAuth, RequestToken userAuth, ByteBuffer message) throws InvalidKeyException { StringBuilder sb = StringBuilderPool.DEFAULT.stringBuilder(); Utf8UrlEncoder.encodeAndAppendQueryElement(sb, consumerAuth.getSecret()); sb.append('&'); if (userAuth != null && userAuth.getSecret() != null) { Utf8UrlEncoder.encodeAndAppendQueryElement(sb, userAuth.getSecret()); } byte[] keyBytes = StringUtils.charSequence2Bytes(sb, UTF_8); SecretKeySpec signingKey = new SecretKeySpec(keyBytes, HMAC_SHA1_ALGORITHM); mac.init(signingKey); mac.reset(); mac.update(message); return mac.doFinal(); }
private static String computeDigestAuthentication(Realm realm) { String realmUri = computeRealmURI(realm.getUri(), realm.isUseAbsoluteURI(), realm.isOmitQuery()); StringBuilder builder = new StringBuilder().append("Digest "); append(builder, "username", realm.getPrincipal(), true); append(builder, "realm", realm.getRealmName(), true); append(builder, "nonce", realm.getNonce(), true); append(builder, "uri", realmUri, true); if (isNonEmpty(realm.getAlgorithm())) append(builder, "algorithm", realm.getAlgorithm(), false); append(builder, "response", realm.getResponse(), true); if (realm.getOpaque() != null) append(builder, "opaque", realm.getOpaque(), true); if (realm.getQop() != null) { append(builder, "qop", realm.getQop(), false); // nc and cnonce only sent if server sent qop append(builder, "nc", realm.getNc(), false); append(builder, "cnonce", realm.getCnonce(), true); } builder.setLength(builder.length() - 2); // remove tailing ", " // FIXME isn't there a more efficient way? return new String(StringUtils.charSequence2Bytes(builder, ISO_8859_1)); }
public ThreadSafeHMAC(ConsumerKey consumerAuth, RequestToken userAuth) { StringBuilder sb = StringUtils.stringBuilder(); Utf8UrlEncoder.encodeAndAppendQueryElement(sb, consumerAuth.getSecret()); sb.append('&'); if(userAuth != null && userAuth.getSecret() != null) { Utf8UrlEncoder.encodeAndAppendQueryElement(sb, userAuth.getSecret()); } byte[] keyBytes = StringUtils.charSequence2Bytes(sb, UTF_8); SecretKeySpec signingKey = new SecretKeySpec(keyBytes, HMAC_SHA1_ALGORITHM); // Get an hmac_sha1 instance and initialize with the signing key try { mac = Mac.getInstance(HMAC_SHA1_ALGORITHM); mac.init(signingKey); } catch (Exception e) { throw new IllegalArgumentException(e); } }
private static String computeDigestAuthentication(Realm realm) { StringBuilder builder = new StringBuilder().append("Digest "); append(builder, "username", realm.getPrincipal(), true); append(builder, "realm", realm.getRealmName(), true); append(builder, "nonce", realm.getNonce(), true); append(builder, "uri", computeRealmURI(realm), true); if (isNonEmpty(realm.getAlgorithm())) append(builder, "algorithm", realm.getAlgorithm(), false); append(builder, "response", realm.getResponse(), true); if (realm.getOpaque() != null) append(builder, "opaque", realm.getOpaque(), true); if (realm.getQop() != null) { append(builder, "qop", realm.getQop(), false); // nc and cnonce only sent if server sent qop append(builder, "nc", realm.getNc(), false); append(builder, "cnonce", realm.getCnonce(), true); } builder.setLength(builder.length() - 2); // remove tailing ", " // FIXME isn't there a more efficient way? return new String(StringUtils.charSequence2Bytes(builder, ISO_8859_1)); }