ExpiringTimestampNonceServices (OAuth 1(a) for Spring Security 2.0.0.M2 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.springframework.security.oauth.provider.nonce
Class ExpiringTimestampNonceServices

java.lang.Object
  org.springframework.security.oauth.provider.nonce.ExpiringTimestampNonceServices

All Implemented Interfaces:: OAuthNonceServices

public class ExpiringTimestampNonceServices
extends Object
implements OAuthNonceServices
extends Object
implements OAuthNonceServices

Nonce services that only validates the timestamp of a consumer request. The nonce is not checked for replay attacks.

The timestamp is interpreted as the number of seconds from January 1, 1970 00:00:00 GMT. If the timestamp is older than the configured validity window, the nonce is not valid. The default validity window is 12 hours.

Author:: Ryan Heaton

Constructor Summary
`ExpiringTimestampNonceServices()`

Method Summary
`long`	`getValidityWindowSeconds()` Set the timestamp validity window (in seconds).
`void`	`setValidityWindowSeconds(long validityWindowSeconds)` The timestamp validity window (in seconds).
`void`	`validateNonce(ConsumerDetails consumerDetails, long timestamp, String nonce)` Validate a nonce for a specific consumer timestamp.

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Constructor Detail

ExpiringTimestampNonceServices

public ExpiringTimestampNonceServices()

Method Detail

validateNonce

public void validateNonce(ConsumerDetails consumerDetails,
                          long timestamp,
                          String nonce)
                   throws org.springframework.security.core.AuthenticationException

Description copied from interface: OAuthNonceServices

Validate a nonce for a specific consumer timestamp. This is an opportunity to prevent replay attacks. Every nonce should be unique for each consumer timestamp. In other words, this method should throw a BadCredentialsException if the specified nonce was used by the consumer more than once with the specified timestamp.

Specified by:: validateNonce in interface OAuthNonceServices

Parameters:: consumerDetails - The consumer details.; timestamp - The timestamp.; nonce - The nonce.
Throws:: org.springframework.security.core.AuthenticationException - If the nonce failed to validate.

getValidityWindowSeconds

public long getValidityWindowSeconds()

Set the timestamp validity window (in seconds).

Returns:: the timestamp validity window (in seconds).

setValidityWindowSeconds

public void setValidityWindowSeconds(long validityWindowSeconds)

The timestamp validity window (in seconds).

Parameters:: validityWindowSeconds - the timestamp validity window (in seconds).