01: /*
02: * Copyright 2005, Dave Johnson
03: *
04: * Licensed under the Apache License, Version 2.0 (the "License");
05: * you may not use this file except in compliance with the License.
06: * You may obtain a copy of the License at
07: *
08: * http://www.apache.org/licenses/LICENSE-2.0
09: *
10: * Unless required by applicable law or agreed to in writing, software
11: * distributed under the License is distributed on an "AS IS" BASIS,
12: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13: * See the License for the specific language governing permissions and
14: * limitations under the License.
15: */
16: package org.apache.roller.util;
17:
18: import java.io.IOException;
19: import java.io.UnsupportedEncodingException;
20: import java.security.MessageDigest;
21: import java.security.NoSuchAlgorithmException;
22: import java.text.SimpleDateFormat;
23: import java.util.Date;
24:
25: import org.apache.commons.codec.binary.Base64;
26:
27: /**
28: * Utilties to support WSSE authentication.
29: * @author Dave Johnson
30: */
31: public class WSSEUtilities {
32: public static synchronized String generateDigest(byte[] nonce,
33: byte[] created, byte[] password) {
34: String result = null;
35: try {
36: MessageDigest digester = MessageDigest.getInstance("SHA");
37: digester.reset();
38: digester.update(nonce);
39: digester.update(created);
40: digester.update(password);
41: byte[] digest = digester.digest();
42: result = new String(base64Encode(digest));
43: } catch (NoSuchAlgorithmException e) {
44: result = null;
45: }
46: return result;
47: }
48:
49: public static byte[] base64Decode(String value) throws IOException {
50: return Base64.decodeBase64(value.getBytes("UTF-8"));
51: }
52:
53: public static String base64Encode(byte[] value) {
54: return new String(Base64.encodeBase64(value));
55: }
56:
57: public static String generateWSSEHeader(String userName,
58: String password) throws UnsupportedEncodingException {
59:
60: byte[] nonceBytes = Long.toString(new Date().getTime())
61: .getBytes();
62: String nonce = new String(WSSEUtilities
63: .base64Encode(nonceBytes));
64:
65: SimpleDateFormat sdf = new SimpleDateFormat(
66: "yyyy-MM-dd'T'HH:mm:ss'Z'");
67: String created = sdf.format(new Date());
68:
69: String digest = WSSEUtilities.generateDigest(nonceBytes,
70: created.getBytes("UTF-8"), password.getBytes("UTF-8"));
71:
72: StringBuffer header = new StringBuffer(
73: "UsernameToken Username=\"");
74: header.append(userName);
75: header.append("\", ");
76: header.append("PasswordDigest=\"");
77: header.append(digest);
78: header.append("\", ");
79: header.append("Nonce=\"");
80: header.append(nonce);
81: header.append("\", ");
82: header.append("Created=\"");
83: header.append(created);
84: header.append("\"");
85: return header.toString();
86: }
87: }
|