com.here.account.auth

Class SignatureCalculator

java.lang.Object

com.here.account.auth.SignatureCalculator

public class SignatureCalculator
extends Object

Compute OAuth1.0 signature using the given parameters. This class is specific to HERE Account.

Author:

srrajago

Field Summary

Fields

Modifier and Type	Field and Description
static String	ELLIPTIC_CURVE_ALGORITHM This is the constant for Elliptic Curve algorithm

Constructor Summary

Constructors

Constructor and Description
SignatureCalculator(String consumerKey, String consumerSecret)

Method Summary

Modifier and Type	Method and Description
String	calculateSignature(String method, String baseURL, long oauthTimestamp, String nonce, SignatureMethod signatureMethod, Map<String,List<String>> formParams, Map<String,List<String>> queryParams) Calculate the OAuth 1.0 signature based on the given parameters.
String	calculateSignature(String method, String baseURL, long oauthTimestamp, String nonce, SignatureMethod signatureMethod, String oauthVersion, Map<String,List<String>> formParams, Map<String,List<String>> queryParams) Calculate the OAuth 1.0 signature based on the given parameters
String	constructAuthHeader(String signature, String nonce, long oauthTimestamp, SignatureMethod signatureMethod) Construct the OAuth 1.0 authorization header with the given parameters.
protected static boolean	verifySignature(String signedText, SignatureMethod signatureMethod, String signatureToVerify, String verificationKey) Verify the signature.
static boolean	verifySignature(String consumerKey, String method, String baseURL, long oauthTimestamp, String nonce, SignatureMethod signatureMethod, Map<String,List<String>> formParams, Map<String,List<String>> queryParams, String signatureToVerify, String verificationKey) Verify the signature.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

ELLIPTIC_CURVE_ALGORITHM

public static final String ELLIPTIC_CURVE_ALGORITHM

This is the constant for Elliptic Curve algorithm

See Also:

Constant Field Values

Constructor Detail

SignatureCalculator

public SignatureCalculator(String consumerKey,
                           String consumerSecret)

Method Detail

calculateSignature

public String calculateSignature(String method,
                                 String baseURL,
                                 long oauthTimestamp,
                                 String nonce,
                                 SignatureMethod signatureMethod,
                                 Map<String,List<String>> formParams,
                                 Map<String,List<String>> queryParams)

Calculate the OAuth 1.0 signature based on the given parameters. Same as calculateSignature(String, String, long, String, SignatureMethod, String, Map, Map) but with oauthVersion hard-coded to "1.0".

Parameters:

method - the HTTP method

baseURL - The base url including the protocol, host, port, and path. The query portion of the request URL must be assembled in the 'queryParams' input.

oauthTimestamp - the time stamp

nonce - nonce

signatureMethod - signature method to be used - supported are HMAC-SHA1, HMAC-SHA256, ES512

formParams - the list of form parameters

queryParams - list of query parameters

Returns:

computed signature using the requested signature method.

calculateSignature

public String calculateSignature(String method,
                                 String baseURL,
                                 long oauthTimestamp,
                                 String nonce,
                                 SignatureMethod signatureMethod,
                                 String oauthVersion,
                                 Map<String,List<String>> formParams,
                                 Map<String,List<String>> queryParams)

Calculate the OAuth 1.0 signature based on the given parameters

Parameters:

method - the HTTP method

baseURL - The base url including the protocol, host, port, and path. The query portion of the request URL must be assembled in the 'queryParams' input.

oauthTimestamp - the time stamp

nonce - nonce

signatureMethod - signature method to be used - supported are HMAC-SHA1, HMAC-SHA256, ES512

oauthVersion - the oauth_version value; OPTIONAL. If present, MUST be set to "1.0". Provides the version of the authentication process as defined in RFC5849.

formParams - the list of form parameters

queryParams - list of query parameters

Returns:

computed signature using the requested signature method.

constructAuthHeader

public String constructAuthHeader(String signature,
                                  String nonce,
                                  long oauthTimestamp,
                                  SignatureMethod signatureMethod)

Construct the OAuth 1.0 authorization header with the given parameters. The oauth_version is set to "1.0"

Parameters:

signature - the computed signature

nonce - nonce parameter

oauthTimestamp - timestamp parameter

signatureMethod - signature method used to compute this header.

Returns:

the Authorization header for OAuth 1.0 calls.

verifySignature

public static boolean verifySignature(String consumerKey,
                                      String method,
                                      String baseURL,
                                      long oauthTimestamp,
                                      String nonce,
                                      SignatureMethod signatureMethod,
                                      Map<String,List<String>> formParams,
                                      Map<String,List<String>> queryParams,
                                      String signatureToVerify,
                                      String verificationKey)

Verify the signature. Compute the cipher text based on the given parameters and verify if the given signature is valid. The oauth_version is set to "1.0" when computing the base string.

Parameters:

consumerKey - the consumer key

method - the HTTP method

baseURL - The base url including the protocol, host, port, and path. The query portion of the request URL must be assembled in the 'queryParams' input.

oauthTimestamp - the time stamp

nonce - nonce

signatureMethod - signature method to be used - supported are HMAC-SHA1, HMAC-SHA256, ES512

formParams - the list of form parameters

queryParams - list of query parameters

signatureToVerify - the signature bytes to be verified.

verificationKey - the key used to verify the signature. This will be the shared secret key for HMAC-SHAn signature method and is the public key for ES512 signature method.

Returns:

true if the signature was verified, false if not.

verifySignature

protected static boolean verifySignature(String signedText,
                                         SignatureMethod signatureMethod,
                                         String signatureToVerify,
                                         String verificationKey)

Verify the signature.

Parameters:

signedText - the original text that was signed.

signatureMethod - signature method to be used - supported are HMAC-SHA1, HMAC-SHA256, ES512

signatureToVerify - the signature bytes to be verified.

verificationKey - the key used to verify the signature. This will be the consumer key for HMAC-SHAn signature method and is the public key for ES512 signature method.

Returns:

true if the signature was verified, false if not.