net.adamcin.httpsig.api

Class DefaultVerifier

java.lang.Object

net.adamcin.httpsig.api.DefaultVerifier

All Implemented Interfaces:

Verifier

public final class DefaultVerifier
extends Object
implements Verifier

The Server-Side component of the protocol which verifies Authorization headers using SSH Public Keys

Field Summary

Fields

Modifier and Type	Field and Description
static long	DEFAULT_SKEW

Constructor Summary

Constructors

Constructor and Description
DefaultVerifier(Keychain keychain)
DefaultVerifier(Keychain keychain, KeyId keyId)
DefaultVerifier(Keychain keychain, KeyId keyId, long skew)

Method Summary

Modifier and Type	Method and Description
Keychain	getKeychain()
long	getSkew()
Key	selectKey(Authorization authorization) Selects an appropriate Key from the Keychain matching the keyId specified in the Authorization.
void	setSkew(long skew) Deprecated. will remove to make the class immutable. use constructor overload instead.
boolean	verify(Challenge challenge, RequestContent requestContent, Authorization authorization) Verifies the provided Authorization header against the original Challenge
VerifyResult	verifyWithResult(Challenge challenge, RequestContent requestContent, Authorization authorization) Verifies the provided Authorization header against the original Challenge

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

DEFAULT_SKEW

public static final long DEFAULT_SKEW

See Also:

Constant Field Values

Constructor Detail

DefaultVerifier

public DefaultVerifier(Keychain keychain)

DefaultVerifier

public DefaultVerifier(Keychain keychain,
                       KeyId keyId)

DefaultVerifier

public DefaultVerifier(Keychain keychain,
                       KeyId keyId,
                       long skew)

Method Detail

getKeychain

public Keychain getKeychain()

getSkew

public long getSkew()

Specified by:

getSkew in interface Verifier

Returns:

server skew in milliseconds

setSkew

public void setSkew(long skew)

Deprecated. will remove to make the class immutable. use constructor overload instead.

Parameters:

skew - new server skew in milliseconds

selectKey

public Key selectKey(Authorization authorization)

Selects an appropriate Key from the Keychain matching the keyId specified in the Authorization. This method is called by Verifier.verifyWithResult(Challenge, RequestContent, Authorization), but can be called by client code to retrieve the identified Key directly

Specified by:

selectKey in interface Verifier

Parameters:

authorization - the Authorization header

Returns:

a matching Key or null

verify

public boolean verify(Challenge challenge,
                      RequestContent requestContent,
                      Authorization authorization)

Verifies the provided Authorization header against the original Challenge

Specified by:

verify in interface Verifier

Parameters:

challenge - the WWW-Authenticate challenge sent to the client in the previous response

requestContent - the RequestContent containing the request header content

authorization - the Authorization header to verify

Returns:

true if valid (VerifyResult.SUCCESS), false otherwise

verifyWithResult

public VerifyResult verifyWithResult(Challenge challenge,
                                     RequestContent requestContent,
                                     Authorization authorization)

Verifies the provided Authorization header against the original Challenge

Specified by:

verifyWithResult in interface Verifier

Parameters:

challenge - the WWW-Authenticate challenge sent to the client in the previous response

requestContent - the RequestContent containing the request header content

authorization - the Authorization header to verify

Returns:

a VerifyResult