com.here.account.auth

Class OAuth1Signer

java.lang.Object

com.here.account.auth.OAuth1Signer

All Implemented Interfaces:

HttpProvider.HttpRequestAuthorizer

public class OAuth1Signer
extends Object
implements HttpProvider.HttpRequestAuthorizer

Appends the The OAuth 1.0 Protocol signature to the HTTP request. This request signer computes the signature components of the "OAuth" auth-scheme and adds them as the Authorization header value.

See also HTTP Authentication Scheme Registry for a list of authschemes.

Author:

kmccrack

Constructor Summary

Constructors

Constructor and Description
OAuth1Signer(Clock clock, String accessKeyId, String accessKeySecret) Construct the OAuth signer based on clock, accessKeyId, and accessKeySecret.
OAuth1Signer(Clock clock, String consumerKey, String consumerSecret, SignatureMethod signatureMethod) Construct the OAuth signer based on clock, consumerKey, consumerSecret, and signatureMethod.
OAuth1Signer(String accessKeyId, String accessKeySecret) Construct the OAuth signer based on accessKeyId and accessKeySecret.
OAuth1Signer(String consumerKey, String consumerSecret, SignatureMethod signatureMethod)

Method Summary

Modifier and Type	Method and Description
void	authorize(HttpProvider.HttpRequest httpRequest, String method, String url, Map<String,List<String>> formParams) Computes and adds a signature or token to the request as appropriate for the authentication or authorization scheme.
protected void	nextBytes(byte[] bytes) The source of entropy for OAuth1.0 nonce values.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

OAuth1Signer

public OAuth1Signer(String accessKeyId,
                    String accessKeySecret)

Construct the OAuth signer based on accessKeyId and accessKeySecret.

Parameters:

accessKeyId - the HERE client accessKeyId. Becomes the value of oauth_consumer_key in the Authorization: OAuth header.

accessKeySecret - the HERE client accessKeySecret. Used to calculate the oauth_signature in the Authorization: OAuth header.

OAuth1Signer

public OAuth1Signer(Clock clock,
                    String accessKeyId,
                    String accessKeySecret)

Construct the OAuth signer based on clock, accessKeyId, and accessKeySecret. Use this if you want to inject your own clock, such as during unit tests.

Parameters:

clock - the implementation of a clock you want to use

accessKeyId - the HERE clientId. Becomes the value of oauth_consumer_key in the Authorization: OAuth header.

accessKeySecret - the HERE clientSecret. Used to calculate the oauth_signature in the Authorization: OAuth header.

OAuth1Signer

public OAuth1Signer(String consumerKey,
                    String consumerSecret,
                    SignatureMethod signatureMethod)

Parameters:

consumerKey - the identity of the caller, sent in plaintext. Becomes the value of oauth_consumer_key in the Authorization: OAuth header.

consumerSecret - secret of the caller, or private key of the caller. Used to calculate the oauth_signature in the Authorization: OAuth header.

signatureMethod - the choice of signature algorithm to use.

OAuth1Signer

public OAuth1Signer(Clock clock,
                    String consumerKey,
                    String consumerSecret,
                    SignatureMethod signatureMethod)

Construct the OAuth signer based on clock, consumerKey, consumerSecret, and signatureMethod.

Parameters:

clock - the implementation of a clock you want to use

consumerKey - the identity of the caller, sent in plaintext. Becomes the value of oauth_consumer_key in the Authorization: OAuth header.

consumerSecret - secret of the caller, or private key of the caller. Used to calculate the oauth_signature in the Authorization: OAuth header.

signatureMethod - the choice of signature algorithm to use.

Method Detail

nextBytes

protected void nextBytes(byte[] bytes)

The source of entropy for OAuth1.0 nonce values. File bytes with entropy for OAuth1.0 nonce values. Note the OAuth1.0 spec specifically tells us we do not need to use a SecureRandom number generator.

Parameters:

bytes - the byte array in which to stick the nonce value

authorize

public void authorize(HttpProvider.HttpRequest httpRequest,
                      String method,
                      String url,
                      Map<String,List<String>> formParams)

Computes and adds a signature or token to the request as appropriate for the authentication or authorization scheme.

Specified by:

authorize in interface HttpProvider.HttpRequestAuthorizer

Parameters:

httpRequest - the HttpRequest under construction, to which to attach authorization

method - the HTTP method

url - the URL of the request

formParams - the Content-Type: application/x-www-form-urlencoded form parameters.