2 * Copyright 2008, 2009 Electronic Business Systems Ltd.
4 * This file is part of GSS.
6 * GSS is free software: you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation, either version 3 of the License, or
9 * (at your option) any later version.
11 * GSS is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with GSS. If not, see <http://www.gnu.org/licenses/>.
19 package gr.ebs.gss.server.domain;
21 import java.io.UnsupportedEncodingException;
22 import java.net.URLEncoder;
23 import java.security.SecureRandom;
24 import java.util.Calendar;
25 import java.util.Date;
27 import javax.persistence.Entity;
28 import javax.persistence.GeneratedValue;
29 import javax.persistence.Id;
30 import javax.persistence.Temporal;
31 import javax.persistence.TemporalType;
33 import org.apache.commons.codec.binary.Base64;
34 import org.apache.commons.logging.Log;
35 import org.apache.commons.logging.LogFactory;
36 import org.hibernate.annotations.Cache;
37 import org.hibernate.annotations.CacheConcurrencyStrategy;
40 * The class that holds an issued nonce for a user.
45 @Cache(usage=CacheConcurrencyStrategy.READ_WRITE)
51 private static Log logger = LogFactory.getLog(Nonce.class);
54 * The nonce size in bytes.
56 private static final int NONCE_SIZE = 20;
59 * The persistence ID of the object.
66 * The nonce issued for logging in this user.
71 * The nonce encoded in Base64.
73 private String encodedNonce;
76 * The time that the user's issued nonce
79 @Temporal(TemporalType.TIMESTAMP)
80 private Date nonceExpiryDate;
84 * The ID of the user for whom this nonce was issued.
98 * Retrieve the nonce. If it is not valid or non-existent,
99 * this method returns null. Therefore, call sites must
100 * request a regeneration of the authentication token in
105 public byte[] getNonce() {
112 * Return true if the nonce is usable, or false
113 * if a new one must be regenerated.
115 * @return true if the nonce is valid
117 private boolean isNonceValid() {
120 if (nonceExpiryDate == null)
122 if (nonceExpiryDate.before(new Date()))
128 * Creates a new nonce and resets its expiry date.
130 * @param userId the ID of the associated user
131 * @return a new nonce
133 public static Nonce createNonce(Long userId) {
134 Nonce n = new Nonce();
136 SecureRandom random = new SecureRandom();
137 n.nonce = new byte[NONCE_SIZE];
138 random.nextBytes(n.nonce);
139 Calendar cal = Calendar.getInstance();
140 // Set nonce time-to-live to 5 minutes.
141 cal.add(Calendar.MINUTE, 5);
142 n.nonceExpiryDate = cal.getTime();
144 n.encodedNonce = URLEncoder.encode(new String(Base64.encodeBase64(n.nonce), "US-ASCII"), "US-ASCII");
145 } catch (UnsupportedEncodingException e) {
152 * Retrieve the userId.
156 public Long getUserId() {
163 * @param aNonce the nonce to set
165 public void setNonce(byte[] aNonce) {
170 * Modify the nonceExpiryDate.
172 * @param aNonceExpiryDate the nonceExpiryDate to set
174 public void setNonceExpiryDate(Date aNonceExpiryDate) {
175 nonceExpiryDate = aNonceExpiryDate;
179 * Retrieve the encodedNonce.
181 * @return the encodedNonce
183 public String getEncodedNonce() {
188 * Retrieve the nonceExpiryDate.
190 * @return the nonceExpiryDate
192 public Date getNonceExpiryDate() {
193 return nonceExpiryDate;