2 * Copyright 2008, 2009 Electronic Business Systems Ltd.
4 * This file is part of GSS.
6 * GSS is free software: you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation, either version 3 of the License, or
9 * (at your option) any later version.
11 * GSS is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with GSS. If not, see <http://www.gnu.org/licenses/>.
19 package gr.ebs.gss.server.domain;
21 import java.io.UnsupportedEncodingException;
22 import java.net.URLEncoder;
23 import java.security.SecureRandom;
24 import java.util.Calendar;
25 import java.util.Date;
27 import javax.persistence.Entity;
28 import javax.persistence.GeneratedValue;
29 import javax.persistence.Id;
30 import javax.persistence.Temporal;
31 import javax.persistence.TemporalType;
33 import org.apache.commons.codec.binary.Base64;
34 import org.apache.commons.logging.Log;
35 import org.apache.commons.logging.LogFactory;
38 * The class that holds an issued nonce for a user.
48 private static Log logger = LogFactory.getLog(Nonce.class);
51 * The nonce size in bytes.
53 private static final int NONCE_SIZE = 20;
56 * The persistence ID of the object.
63 * The nonce issued for logging in this user.
68 * The nonce encoded in Base64.
70 private String encodedNonce;
73 * The time that the user's issued nonce
76 @Temporal(TemporalType.TIMESTAMP)
77 private Date nonceExpiryDate;
81 * The ID of the user for whom this nonce was issued.
95 * Retrieve the nonce. If it is not valid or non-existent,
96 * this method returns null. Therefore, call sites must
97 * request a regeneration of the authentication token in
102 public byte[] getNonce() {
109 * Return true if the nonce is usable, or false
110 * if a new one must be regenerated.
112 * @return true if the nonce is valid
114 private boolean isNonceValid() {
117 if (nonceExpiryDate == null)
119 if (nonceExpiryDate.before(new Date()))
125 * Creates a new nonce and resets its expiry date.
127 * @param userId the ID of the associated user
128 * @return a new nonce
130 public static Nonce createNonce(Long userId) {
131 Nonce n = new Nonce();
133 SecureRandom random = new SecureRandom();
134 n.nonce = new byte[NONCE_SIZE];
135 random.nextBytes(n.nonce);
136 Calendar cal = Calendar.getInstance();
137 // Set nonce time-to-live to 5 minutes.
138 cal.add(Calendar.MINUTE, 5);
139 n.nonceExpiryDate = cal.getTime();
141 n.encodedNonce = URLEncoder.encode(new String(Base64.encodeBase64(n.nonce), "US-ASCII"), "US-ASCII");
142 } catch (UnsupportedEncodingException e) {
149 * Retrieve the userId.
153 public Long getUserId() {
160 * @param aNonce the nonce to set
162 public void setNonce(byte[] aNonce) {
167 * Modify the nonceExpiryDate.
169 * @param aNonceExpiryDate the nonceExpiryDate to set
171 public void setNonceExpiryDate(Date aNonceExpiryDate) {
172 nonceExpiryDate = aNonceExpiryDate;
176 * Retrieve the encodedNonce.
178 * @return the encodedNonce
180 public String getEncodedNonce() {
185 * Retrieve the nonceExpiryDate.
187 * @return the nonceExpiryDate
189 public Date getNonceExpiryDate() {
190 return nonceExpiryDate;