incubator-amber-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From simonetrip...@apache.org
Subject svn commit: r962588 - in /incubator/amber/trunk/signature-api/src: main/java/org/apache/amber/signature/ main/java/org/apache/amber/signature/beaninfo/ main/java/org/apache/amber/signature/credential/ main/java/org/apache/amber/signature/descriptors/ m...
Date Fri, 09 Jul 2010 16:08:20 GMT
Author: simonetripodi
Date: Fri Jul  9 16:08:19 2010
New Revision: 962588

URL: http://svn.apache.org/viewvc?rev=962588&view=rev
Log:
successfully integrated the API specifications in the concrete implementation
tests started working -YAHOOOOOO!!!

Added:
    incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/AbstractMethod.java
  (with props)
    incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/BasicKey.java
  (with props)
    incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/hmac/
    incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/hmac/HmacSha1Method.java
  (with props)
    incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/plaintext/
    incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/plaintext/PlaintextMethod.java
  (with props)
    incubator/amber/trunk/signature-api/src/test/java/org/apache/amber/signature/AbstractSimpleMethodTestCase.java
      - copied, changed from r955627, incubator/amber/trunk/signature-api/src/test/java/org/apache/amber/signature/signers/AbstractMethodAlgorithmTestCase.java
    incubator/amber/trunk/signature-api/src/test/java/org/apache/amber/signature/FakeOAuthRequest.java
  (with props)
    incubator/amber/trunk/signature-api/src/test/java/org/apache/amber/signature/FakeToken.java
  (with props)
    incubator/amber/trunk/signature-api/src/test/java/org/apache/amber/signature/hmac/
    incubator/amber/trunk/signature-api/src/test/java/org/apache/amber/signature/hmac/HmacSha1MethodTestCase.java
  (with props)
    incubator/amber/trunk/signature-api/src/test/java/org/apache/amber/signature/plaintext/
    incubator/amber/trunk/signature-api/src/test/java/org/apache/amber/signature/plaintext/PlaintextMethodTestCase.java
  (with props)
Removed:
    incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/beaninfo/
    incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/credential/
    incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/descriptors/
    incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/message/
    incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/parameters/
    incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/signers/AbstractKey.java
    incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/signers/AbstractMethodAlgorithm.java
    incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/signers/Key.java
    incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/signers/SignatureException.java
    incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/signers/SignatureMethod.java
    incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/signers/SignatureMethodAlgorithm.java
    incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/signers/SigningKey.java
    incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/signers/VerifyingKey.java
    incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/signers/hmac/
    incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/signers/plaintext/
    incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/signers/rsa/
    incubator/amber/trunk/signature-api/src/test/java/org/apache/amber/signature/signers/AbstractMethodAlgorithmTestCase.java
    incubator/amber/trunk/signature-api/src/test/java/org/apache/amber/signature/signers/hmac/
    incubator/amber/trunk/signature-api/src/test/java/org/apache/amber/signature/signers/plaintext/

Added: incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/AbstractMethod.java
URL: http://svn.apache.org/viewvc/incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/AbstractMethod.java?rev=962588&view=auto
==============================================================================
--- incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/AbstractMethod.java
(added)
+++ incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/AbstractMethod.java
Fri Jul  9 16:08:19 2010
@@ -0,0 +1,328 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.amber.signature;
+
+import java.net.URL;
+import java.nio.charset.Charset;
+import java.util.ArrayList;
+import java.util.BitSet;
+import java.util.Collections;
+import java.util.List;
+
+import org.apache.amber.OAuthMessageParameter;
+import org.apache.amber.OAuthRequest;
+import org.apache.amber.OAuthRequestParameter;
+import org.apache.amber.OAuthToken;
+import org.apache.commons.codec.binary.Base64;
+import org.apache.commons.codec.net.URLCodec;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+/**
+ * Abstract implementation of OAuth signature method algorithm.
+ *
+ * @param <S> the {@link SigningKey} type.
+ * @param <V> the {@link VerifyingKey} type.
+ * @version $Id$
+ */
+public abstract class AbstractMethod implements SignatureMethod {
+
+    /**
+     * HTTP protocol name.
+     */
+    private static final String HTTP_PROTOCOL = "http";
+
+    /**
+     * HTTPS protocol name.
+     */
+    private static final String HTTPS_PROTOCOL = "https";
+
+    /**
+     * URL path separator.
+     */
+    private static final String PATH_SEPARATOR = "/";
+
+    /**
+     * URL scheme separator.
+     */
+    private static final String SCHEME_SEPARATOR = "://";
+
+    /**
+     * The default HTTP port ({@code 80}) constant.
+     */
+    private static final int DEFAULT_HTTP_PORT = 80;
+
+    /**
+     * The default HTTPS port ({@code 443}) constant.
+     */
+    private static final int DEFAULT_HTTPS_PORT = 443;
+
+    /**
+     * The empty string constant.
+     */
+    private static final String EMPTY = "";
+
+    /**
+     * The default {@code UTF-8} character encoding.
+     */
+    private static final Charset UTF_8 = Charset.forName("UTF-8");
+
+    /**
+     * The {@code RFC3986} unreserved chars.
+     */
+    private static final BitSet UNRESERVED_CHARS = new BitSet(256);
+
+    /**
+     * Static unreserved chars bit set initialization.
+     */
+    static {
+        for (byte b = 'A'; b <= 'Z'; b++) {
+            UNRESERVED_CHARS.set(b);
+        }
+        for (byte b = 'a'; b <= 'z'; b++) {
+            UNRESERVED_CHARS.set(b);
+        }
+        for (byte b = '0'; b <= '9'; b++) {
+            UNRESERVED_CHARS.set(b);
+        }
+
+        // special URL encoding chars
+        UNRESERVED_CHARS.set('-');
+        UNRESERVED_CHARS.set('.');
+        UNRESERVED_CHARS.set('_');
+        UNRESERVED_CHARS.set('~');
+    }
+
+    /**
+     * This class log.
+     */
+    private final Log log = LogFactory.getLog(this.getClass());
+
+    /**
+     * Return this class log.
+     *
+     * @return this class log.
+     */
+    protected Log getLog() {
+        return this.log;
+    }
+
+    /**
+     * {@inheritDoc}
+     */
+    public final String calculate(SigningKey signingKey,
+            OAuthToken token,
+            OAuthRequest request) throws SignatureException {
+        if (signingKey == null) {
+            throw new IllegalArgumentException("parameter 'signingKey' must not be null");
+        }
+        if (request == null) {
+            throw new IllegalArgumentException("parameter 'request' must not be null");
+        }
+
+        String baseString = this.createBaseString(request);
+        String tokenSecret = extractTokenSecret(token);
+        return this.calculate(signingKey, tokenSecret, baseString);
+    }
+
+    /**
+     * Calculates the signature applying the method algorithm.
+     *
+     * @param signingKey the key has to be used to sign the request.
+     * @param tokenSecret the temporary/token credential.
+     * @param baseString the OAuth base string.
+     * @return the calculated signature.
+     * @throws SignatureException if any error occurs.
+     */
+    protected abstract String calculate(SigningKey signingKey, String tokenSecret, String
baseString) throws SignatureException;
+
+    /**
+     * {@inheritDoc}
+     */
+    public final boolean verify(String signature,
+            VerifyingKey verifyingKey,
+            OAuthToken token,
+            OAuthRequest request) throws SignatureException {
+        if (signature == null) {
+            throw new IllegalArgumentException("parameter 'signature' must not be null");
+        }
+        if (verifyingKey == null) {
+            throw new IllegalArgumentException("parameter 'verifyingKey' must not be null");
+        }
+        if (request == null) {
+            throw new IllegalArgumentException("parameter 'request' must not be null");
+        }
+
+        String baseString = this.createBaseString(request);
+        String tokenSecret = extractTokenSecret(token);
+        return this.verify(signature, verifyingKey, tokenSecret, baseString);
+    }
+
+    /**
+     * Verifies the signature applying the method algorithm.
+     *
+     * @param signature the OAuth signature has to be verified.
+     * @param verifyingKey the key has to be used to verify the request.
+     * @param tokenSecret the temporary/token credential.
+     * @param baseString the OAuth base string.
+     * @return true if the signature is verified, false otherwise.
+     * @throws SignatureException if any error occurs.
+     */
+    protected abstract boolean verify(String signature, VerifyingKey verifyingKey, String
tokenSecret, String baseString) throws SignatureException;
+
+    /**
+     * Calculates the OAuth base string.
+     *
+     * @param request
+     * @return the calculated OAuth base string.
+     * @throws SignatureException if any error occurs.
+     */
+    private String createBaseString(OAuthRequest request) throws SignatureException {
+        // the HTTP method
+        String method = request.getHTTPMethod().name();
+
+        // the normalized request URL
+        URL url = request.getRequestURL();
+        String scheme = url.getProtocol().toLowerCase();
+        String authority = url.getAuthority().toLowerCase();
+
+        int port = url.getPort();
+        if ((HTTP_PROTOCOL.equals(scheme) && DEFAULT_HTTP_PORT == port)
+                || (HTTPS_PROTOCOL.equals(scheme) && DEFAULT_HTTPS_PORT == port))
{
+            int index = authority.lastIndexOf(':');
+            if (index >= 0) {
+                authority = authority.substring(0, index);
+            }
+        }
+
+        String path = url.getPath();
+        if (path == null || path.length() <= 0) {
+            path = PATH_SEPARATOR; // conforms to RFC 2616 section 3.2.2
+        }
+
+        String requestUrl =  new StringBuilder(scheme)
+                                .append(SCHEME_SEPARATOR)
+                                .append(authority)
+                                .append(path)
+                                .toString();
+
+        // parameters normalization
+        int normalizedParametersSize = request.getOAuthMessageParameters().size()
+                                        + request.getOAuthRequestParameters().size();
+        List<OAuthRequestParameter> normalizedParameters = new ArrayList<OAuthRequestParameter>(normalizedParametersSize);
+
+        for (OAuthMessageParameter parameter : request.getOAuthMessageParameters()) {
+            if (parameter.getKey().isIncludeInSignature()) {
+                encodeAndAddParameter(parameter.getKey().getLabel(), parameter.getValue(),
normalizedParameters);
+            }
+        }
+
+        for (OAuthRequestParameter parameter : request.getOAuthRequestParameters()) {
+            if (request.getOAuthMessageParameters().contains(parameter)) {
+                throw new SignatureException("Request parameter "
+                        + parameter
+                        + " can't override an OAuth message one");
+            }
+            encodeAndAddParameter(parameter.getKey(), parameter.getValue(), normalizedParameters);
+        }
+
+        // now serialize the normalized parameters
+        StringBuilder normalizedParametersBuffer = new StringBuilder();
+        for (int i = 0; i < normalizedParameters.size(); i++) {
+            if (i > 0) {
+                normalizedParametersBuffer.append('&');
+            }
+
+            OAuthRequestParameter parameter = normalizedParameters.get(i);
+            normalizedParametersBuffer.append(parameter.getKey());
+            normalizedParametersBuffer.append('=');
+            normalizedParametersBuffer.append(parameter.getValue());
+        }
+
+        return new StringBuilder(method)
+                .append('&')
+                .append(percentEncode(requestUrl))
+                .append('&')
+                .append(percentEncode(normalizedParametersBuffer.toString()))
+                .toString();
+    }
+
+    private static final String extractTokenSecret(OAuthToken token) {
+        if (token == null) {
+            return EMPTY;
+        }
+        return token.getTokenSecret();
+    }
+
+    /**
+     * Applies the percent encoding algorithm to the input text.
+     *
+     * @param text the text has to be encoded.
+     * @return the encoded string.
+     */
+    protected static String percentEncode(String text) {
+        return new String(URLCodec.encodeUrl(UNRESERVED_CHARS, toUTF8Bytes(text)), UTF_8);
+    }
+
+    /**
+     * Converts the input text in a sequence of UTF-8 bytes.
+     *
+     * @param text the text has to be converted.
+     * @return the UTF-8 bytes sequence.
+     */
+    protected static byte[] toUTF8Bytes(String text) {
+        return text.getBytes(UTF_8);
+    }
+
+    /**
+     * Encodes a bytes sequence applying the Base64 algorithm without chuncking
+     * the output string.
+     *
+     * @param sequence the bytes sequence has to be encoded.
+     * @return the Base64 encoded string.
+     */
+    protected static String base64Encode(byte[] sequence) {
+        return new String(Base64.encodeBase64(sequence, false));
+    }
+
+    /**
+     * Decodes an input text to a bytes sequence applying the Base64 algorithm.
+     *
+     * @param text the text has to be encoded.
+     * @return the decoded bytes sequence;
+     */
+    protected static byte[] decodeBase64(String text) {
+        return Base64.decodeBase64(text);
+    }
+
+    /**
+     * Add the input parameter in the list, encoding the parameter name/value
+     * first, then putting it in the list in the right position
+     *
+     * @param parameter the input parameter.
+     * @param parametersList the list where add the parameter.
+     */
+    private static void encodeAndAddParameter(String name, String value, List<OAuthRequestParameter>
parametersList) {
+        OAuthRequestParameter parameter = new OAuthRequestParameter(percentEncode(name),
percentEncode(value));
+        int paramIndex = Collections.binarySearch(parametersList, parameter);
+        if (paramIndex < 0) {
+            paramIndex = -paramIndex - 1;
+        }
+        parametersList.add(paramIndex, parameter);
+    }
+
+}

Propchange: incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/AbstractMethod.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/AbstractMethod.java
------------------------------------------------------------------------------
    svn:keywords = Date Author Id Revision HeadURL

Propchange: incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/AbstractMethod.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/BasicKey.java
URL: http://svn.apache.org/viewvc/incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/BasicKey.java?rev=962588&view=auto
==============================================================================
--- incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/BasicKey.java
(added)
+++ incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/BasicKey.java
Fri Jul  9 16:08:19 2010
@@ -0,0 +1,42 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.amber.signature;
+
+/**
+ * 
+ *
+ * @version $Id$
+ */
+public final class BasicKey implements SigningKey, VerifyingKey {
+
+    private static final String[] METHODS = { "PLAINTEXT", "HMAC-SHA1" };
+
+    private final String value;
+
+    public BasicKey(String value) {
+        this.value = value;
+    }
+
+    public String getValue() {
+        return this.value;
+    }
+
+    public String[] getAlgorithmMethods() {
+        return METHODS;
+    }
+
+}

Propchange: incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/BasicKey.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/BasicKey.java
------------------------------------------------------------------------------
    svn:keywords = Date Author Id Revision HeadURL

Propchange: incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/BasicKey.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/hmac/HmacSha1Method.java
URL: http://svn.apache.org/viewvc/incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/hmac/HmacSha1Method.java?rev=962588&view=auto
==============================================================================
--- incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/hmac/HmacSha1Method.java
(added)
+++ incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/hmac/HmacSha1Method.java
Fri Jul  9 16:08:19 2010
@@ -0,0 +1,105 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.amber.signature.hmac;
+
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+
+import javax.crypto.Mac;
+import javax.crypto.spec.SecretKeySpec;
+
+import org.apache.amber.signature.AbstractMethod;
+import org.apache.amber.signature.SignatureException;
+import org.apache.amber.signature.SigningKey;
+import org.apache.amber.signature.VerifyingKey;
+
+/**
+ * HMAC-SHA1 Method implementation.
+ *
+ * @version $Id$
+ */
+public final class HmacSha1Method extends AbstractMethod {
+
+    private static final String HMAC_SHA1 = "HMAC-SHA1";
+
+    private static final String HMAC_SHA1_ALGORITHM = "HmacSHA1";
+
+    /**
+     * {@inheritDoc}
+     */
+    @Override
+    protected String calculate(SigningKey signingKey,
+            String tokenSecret,
+            String baseString) throws SignatureException {
+        String key = new StringBuilder(percentEncode(signingKey.getValue()))
+                .append('&')
+                .append(percentEncode(tokenSecret))
+                .toString();
+
+        SecretKeySpec secretKeySpec = new SecretKeySpec(key.getBytes(), HMAC_SHA1_ALGORITHM);
+
+        Mac mac = null;
+        try {
+            mac = Mac.getInstance(HMAC_SHA1_ALGORITHM);
+        } catch (NoSuchAlgorithmException e) {
+            throw new SignatureException("HMAC-SHA1 Algorithm not supported", e);
+        }
+
+        try {
+            mac.init(secretKeySpec);
+        } catch (InvalidKeyException e) {
+            throw new SignatureException(new StringBuilder("Signing key '")
+                    .append(key)
+                    .append("' caused HMAC-SHA1 error")
+                    .toString(), e);
+        }
+
+        byte[] rawHmac = mac.doFinal(baseString.getBytes());
+
+        return base64Encode(rawHmac);
+    }
+
+    /**
+     * {@inheritDoc}
+     */
+    @Override
+    protected boolean verify(String signature,
+            VerifyingKey verifyingKey,
+            String tokenSecret,
+            String baseString) throws SignatureException {
+        String expectedSignature = this.calculate((SigningKey) verifyingKey, tokenSecret,
baseString);
+
+        if (this.getLog().isDebugEnabled()) {
+            this.getLog().debug(new StringBuilder("Received signature {")
+                    .append(signature)
+                    .append("} expected signature {")
+                    .append(expectedSignature)
+                    .append('}')
+                    .toString());
+        }
+
+        return expectedSignature.equals(signature);
+    }
+
+    /**
+     * {@inheritDoc}
+     */
+    public String getAlgorithm() {
+        return HMAC_SHA1;
+    }
+
+}

Propchange: incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/hmac/HmacSha1Method.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/hmac/HmacSha1Method.java
------------------------------------------------------------------------------
    svn:keywords = Date Author Id Revision HeadURL

Propchange: incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/hmac/HmacSha1Method.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/plaintext/PlaintextMethod.java
URL: http://svn.apache.org/viewvc/incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/plaintext/PlaintextMethod.java?rev=962588&view=auto
==============================================================================
--- incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/plaintext/PlaintextMethod.java
(added)
+++ incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/plaintext/PlaintextMethod.java
Fri Jul  9 16:08:19 2010
@@ -0,0 +1,75 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.amber.signature.plaintext;
+
+import org.apache.amber.signature.AbstractMethod;
+import org.apache.amber.signature.SignatureException;
+import org.apache.amber.signature.SigningKey;
+import org.apache.amber.signature.VerifyingKey;
+
+/**
+ * PLAINTEXT Method implementation.
+ *
+ * @version $Id$
+ */
+public final class PlaintextMethod extends AbstractMethod {
+
+    private static final String PLAINTEXT = "PLAINTEXT";
+
+    /**
+     * {@inheritDoc}
+     */
+    @Override
+    protected String calculate(SigningKey signingKey,
+            String tokenSecret,
+            String baseString) throws SignatureException {
+        return new StringBuilder(signingKey.getValue())
+                .append('&')
+                .append(tokenSecret)
+                .toString();
+    }
+
+    /**
+     * {@inheritDoc}
+     */
+    @Override
+    protected boolean verify(String signature,
+            VerifyingKey verifyingKey,
+            String tokenSecret,
+            String baseString) throws SignatureException {
+        String expectedSignature = this.calculate((SigningKey) verifyingKey, tokenSecret,
baseString);
+
+        if (this.getLog().isDebugEnabled()) {
+            this.getLog().debug(new StringBuilder("Received signature {")
+                    .append(signature)
+                    .append("} expected signature {")
+                    .append(expectedSignature)
+                    .append('}')
+                    .toString());
+        }
+
+        return expectedSignature.equals(signature);
+    }
+
+    /**
+     * {@inheritDoc}
+     */
+    public String getAlgorithm() {
+        return PLAINTEXT;
+    }
+
+}

Propchange: incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/plaintext/PlaintextMethod.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/plaintext/PlaintextMethod.java
------------------------------------------------------------------------------
    svn:keywords = Date Author Id Revision HeadURL

Propchange: incubator/amber/trunk/signature-api/src/main/java/org/apache/amber/signature/plaintext/PlaintextMethod.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Copied: incubator/amber/trunk/signature-api/src/test/java/org/apache/amber/signature/AbstractSimpleMethodTestCase.java
(from r955627, incubator/amber/trunk/signature-api/src/test/java/org/apache/amber/signature/signers/AbstractMethodAlgorithmTestCase.java)
URL: http://svn.apache.org/viewvc/incubator/amber/trunk/signature-api/src/test/java/org/apache/amber/signature/AbstractSimpleMethodTestCase.java?p2=incubator/amber/trunk/signature-api/src/test/java/org/apache/amber/signature/AbstractSimpleMethodTestCase.java&p1=incubator/amber/trunk/signature-api/src/test/java/org/apache/amber/signature/signers/AbstractMethodAlgorithmTestCase.java&r1=955627&r2=962588&rev=962588&view=diff
==============================================================================
--- incubator/amber/trunk/signature-api/src/test/java/org/apache/amber/signature/signers/AbstractMethodAlgorithmTestCase.java
(original)
+++ incubator/amber/trunk/signature-api/src/test/java/org/apache/amber/signature/AbstractSimpleMethodTestCase.java
Fri Jul  9 16:08:19 2010
@@ -14,21 +14,22 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-package org.apache.amber.signature.signers;
+package org.apache.amber.signature;
 
 import static junit.framework.Assert.assertTrue;
 
 import java.net.URL;
 
-import org.apache.amber.signature.descriptors.HTTPMethod;
-import org.apache.amber.signature.descriptors.Service;
-import org.apache.amber.signature.message.TokenRequestMessage;
-import org.apache.amber.signature.parameters.Parameter;
-import org.apache.amber.signature.signers.SignatureMethod;
-import org.apache.amber.signature.signers.SignatureMethodAlgorithm;
-import org.apache.amber.signature.signers.SigningKey;
-import org.apache.amber.signature.signers.VerifyingKey;
-
+import org.apache.amber.HTTPMethod;
+import org.apache.amber.OAuthMessageParameter;
+import org.apache.amber.OAuthParameter;
+import org.apache.amber.OAuthRequest;
+import org.apache.amber.OAuthRequestParameter;
+import org.apache.amber.OAuthToken;
+import org.apache.amber.Version;
+import org.apache.amber.signature.SignatureMethod;
+import org.apache.amber.signature.SigningKey;
+import org.apache.amber.signature.VerifyingKey;
 
 /**
  * Abstract implementation of OAuth signature method algorithm test case.
@@ -36,34 +37,36 @@ import org.apache.amber.signature.signer
  * @param <S> the {@link SigningKey} type.
  * @param <V> the {@link VerifyingKey} type.
  */
-public abstract class AbstractMethodAlgorithmTestCase<S extends SigningKey, V extends
VerifyingKey> {
+public abstract class AbstractSimpleMethodTestCase {
 
-    protected void verifySignature(S signingKey,
-            V verifyingKey,
-            SignatureMethodAlgorithm<S, V> methodAlgorithm,
+    protected void verifySignature(SignatureMethod signatureMethod,
             String expectedSignature) throws Exception {
-        // token secret
-        String secretCredential = "pfkkdhi9sl3r4s00";
+        OAuthRequest request = new FakeOAuthRequest();
+        request.setRequestURL(new URL("http://photos.example.net/photos"));
+        request.setHTTPMethod(HTTPMethod.GET);
+        addMessageParameter(OAuthParameter.CONSUMER_KEY, "dpf43f3p2l4k3l03", request);
+        addMessageParameter(OAuthParameter.NONCE, "kllo9940pd9333jh", request);
+        addMessageParameter(OAuthParameter.SIGNATURE_METHOD, signatureMethod.getAlgorithm(),
request);
+        addMessageParameter(OAuthParameter.TIMESTAMP, "1191242096", request);
+        addMessageParameter(OAuthParameter.TOKEN, "nnch734d00sl2jdk", request);
+        addMessageParameter(OAuthParameter.VERSION, Version.v1_0.toString(), request);
+        addMessageParameter("size", "original", request);
+        addMessageParameter("file", "vacation.jpg", request);
+
+        OAuthToken token = new FakeToken();
+        token.setTokenSecret("pfkkdhi9sl3r4s00");
+
+        VerifyingKey verifyingKey = new BasicKey("kd94hf93k423kf44");
+
+        assertTrue(signatureMethod.verify(expectedSignature, verifyingKey, token, request));
+    }
+
+    private static void addMessageParameter(OAuthParameter parameter, String value, OAuthRequest
request) {
+        request.addOAuthMessageParameter(new OAuthMessageParameter(parameter, value));
+    }
 
-        // oauth message
-        TokenRequestMessage message = new TokenRequestMessage();
-        message.setClientIdentifier("dpf43f3p2l4k3l03");
-        message.setNonce("kllo9940pd9333jh");
-        message.setSignatureMethod(methodAlgorithm.getClass().getAnnotation(SignatureMethod.class).value());
-        message.setTimestamp(1191242096);
-        message.setToken("nnch734d00sl2jdk");
-        message.setVersion(TokenRequestMessage.DEFAULT_VERSION);
-
-        // the service has to be invoked
-        Service service = new Service(HTTPMethod.GET, new URL("http://photos.example.net/photos"));
-
-        assertTrue(methodAlgorithm.verify(expectedSignature,
-                verifyingKey,
-                secretCredential,
-                service,
-                message,
-                new Parameter("size", "original"),
-                new Parameter("file", "vacation.jpg")));
+    private static void addMessageParameter(String name, String value, OAuthRequest request)
{
+        request.addOAuthRequestParameter(new OAuthRequestParameter(name, value));
     }
 
 }

Added: incubator/amber/trunk/signature-api/src/test/java/org/apache/amber/signature/FakeOAuthRequest.java
URL: http://svn.apache.org/viewvc/incubator/amber/trunk/signature-api/src/test/java/org/apache/amber/signature/FakeOAuthRequest.java?rev=962588&view=auto
==============================================================================
--- incubator/amber/trunk/signature-api/src/test/java/org/apache/amber/signature/FakeOAuthRequest.java
(added)
+++ incubator/amber/trunk/signature-api/src/test/java/org/apache/amber/signature/FakeOAuthRequest.java
Fri Jul  9 16:08:19 2010
@@ -0,0 +1,74 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.amber.signature;
+
+import java.net.URL;
+import java.util.Collection;
+import java.util.HashSet;
+
+import org.apache.amber.HTTPMethod;
+import org.apache.amber.OAuthMessageParameter;
+import org.apache.amber.OAuthRequest;
+import org.apache.amber.OAuthRequestParameter;
+
+/**
+ * 
+ * @version $Id$
+ */
+final class FakeOAuthRequest implements OAuthRequest {
+
+    private HTTPMethod httpMethod;
+
+    private URL requestURL;
+
+    private final Collection<OAuthMessageParameter> messageParameters = new HashSet<OAuthMessageParameter>();
+
+    private final Collection<OAuthRequestParameter> requestParameters = new HashSet<OAuthRequestParameter>();
+
+    public void addOAuthMessageParameter(OAuthMessageParameter parameter) {
+        this.messageParameters.add(parameter);
+    }
+
+    public void addOAuthRequestParameter(OAuthRequestParameter parameter) {
+        this.requestParameters.add(parameter);
+    }
+
+    public HTTPMethod getHTTPMethod() {
+        return this.httpMethod;
+    }
+
+    public void setHTTPMethod(HTTPMethod httpMethod) {
+        this.httpMethod = httpMethod;
+    }
+
+    public Collection<OAuthMessageParameter> getOAuthMessageParameters() {
+        return this.messageParameters;
+    }
+
+    public Collection<OAuthRequestParameter> getOAuthRequestParameters() {
+        return this.requestParameters;
+    }
+
+    public URL getRequestURL() {
+        return this.requestURL;
+    }
+
+    public void setRequestURL(URL requestURL) {
+        this.requestURL = requestURL;
+    }
+
+}

Propchange: incubator/amber/trunk/signature-api/src/test/java/org/apache/amber/signature/FakeOAuthRequest.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: incubator/amber/trunk/signature-api/src/test/java/org/apache/amber/signature/FakeOAuthRequest.java
------------------------------------------------------------------------------
    svn:keywords = Date Author Id Revision HeadURL

Propchange: incubator/amber/trunk/signature-api/src/test/java/org/apache/amber/signature/FakeOAuthRequest.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: incubator/amber/trunk/signature-api/src/test/java/org/apache/amber/signature/FakeToken.java
URL: http://svn.apache.org/viewvc/incubator/amber/trunk/signature-api/src/test/java/org/apache/amber/signature/FakeToken.java?rev=962588&view=auto
==============================================================================
--- incubator/amber/trunk/signature-api/src/test/java/org/apache/amber/signature/FakeToken.java
(added)
+++ incubator/amber/trunk/signature-api/src/test/java/org/apache/amber/signature/FakeToken.java
Fri Jul  9 16:08:19 2010
@@ -0,0 +1,53 @@
+package org.apache.amber.signature;
+
+import java.util.Set;
+import java.util.Map.Entry;
+
+import org.apache.amber.OAuthToken;
+
+final class FakeToken implements OAuthToken {
+
+    /**
+     * 
+     */
+    private static final long serialVersionUID = -4501539974041422272L;
+
+    private String tokenSecret;
+
+    public void addAdditionalParameters(String name, String value) {
+        // unneded for test purposes
+    }
+
+    public Set<Entry<String, String>> additionalParametersEntrySet() {
+        // unneded for test purposes
+        return null;
+    }
+
+    public String getToken() {
+        // unneded for test purposes
+        return null;
+    }
+
+    public String getTokenSecret() {
+        // unneded for test purposes
+        return this.tokenSecret;
+    }
+
+    public boolean isCallbackConfirmed() {
+        // unneded for test purposes
+        return false;
+    }
+
+    public void setCallbackConfirmed(boolean callbackConfirmed) {
+        // unneded for test purposes
+    }
+
+    public void setToken(String token) {
+        // unneded for test purposes
+    }
+
+    public void setTokenSecret(String tokenSecret) {
+        this.tokenSecret = tokenSecret;
+    }
+
+}

Propchange: incubator/amber/trunk/signature-api/src/test/java/org/apache/amber/signature/FakeToken.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: incubator/amber/trunk/signature-api/src/test/java/org/apache/amber/signature/FakeToken.java
------------------------------------------------------------------------------
    svn:keywords = Date Author Id Revision HeadURL

Propchange: incubator/amber/trunk/signature-api/src/test/java/org/apache/amber/signature/FakeToken.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: incubator/amber/trunk/signature-api/src/test/java/org/apache/amber/signature/hmac/HmacSha1MethodTestCase.java
URL: http://svn.apache.org/viewvc/incubator/amber/trunk/signature-api/src/test/java/org/apache/amber/signature/hmac/HmacSha1MethodTestCase.java?rev=962588&view=auto
==============================================================================
--- incubator/amber/trunk/signature-api/src/test/java/org/apache/amber/signature/hmac/HmacSha1MethodTestCase.java
(added)
+++ incubator/amber/trunk/signature-api/src/test/java/org/apache/amber/signature/hmac/HmacSha1MethodTestCase.java
Fri Jul  9 16:08:19 2010
@@ -0,0 +1,34 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.amber.signature.hmac;
+
+import org.apache.amber.signature.AbstractSimpleMethodTestCase;
+import org.junit.Test;
+
+/**
+ * HMAC-SHA1 Method test case implementation.
+ *
+ * @version $Id$
+ */
+public class HmacSha1MethodTestCase extends AbstractSimpleMethodTestCase {
+
+    @Test
+    public void verifyHmacSha1MethodAlgorithm() throws Exception {
+        this.verifySignature(new HmacSha1Method(), "tR3+Ty81lMeYAr/Fid0kMTYa/WM=");
+    }
+
+}

Propchange: incubator/amber/trunk/signature-api/src/test/java/org/apache/amber/signature/hmac/HmacSha1MethodTestCase.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: incubator/amber/trunk/signature-api/src/test/java/org/apache/amber/signature/hmac/HmacSha1MethodTestCase.java
------------------------------------------------------------------------------
    svn:keywords = Date Author Id Revision HeadURL

Propchange: incubator/amber/trunk/signature-api/src/test/java/org/apache/amber/signature/hmac/HmacSha1MethodTestCase.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: incubator/amber/trunk/signature-api/src/test/java/org/apache/amber/signature/plaintext/PlaintextMethodTestCase.java
URL: http://svn.apache.org/viewvc/incubator/amber/trunk/signature-api/src/test/java/org/apache/amber/signature/plaintext/PlaintextMethodTestCase.java?rev=962588&view=auto
==============================================================================
--- incubator/amber/trunk/signature-api/src/test/java/org/apache/amber/signature/plaintext/PlaintextMethodTestCase.java
(added)
+++ incubator/amber/trunk/signature-api/src/test/java/org/apache/amber/signature/plaintext/PlaintextMethodTestCase.java
Fri Jul  9 16:08:19 2010
@@ -0,0 +1,34 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.amber.signature.plaintext;
+
+import org.apache.amber.signature.AbstractSimpleMethodTestCase;
+import org.junit.Test;
+
+/**
+ * HMAC-SHA1 Method test case implementation.
+ *
+ * @version $Id$
+ */
+public class PlaintextMethodTestCase extends AbstractSimpleMethodTestCase {
+
+    @Test
+    public void verifyHmacSha1MethodAlgorithm() throws Exception {
+        this.verifySignature(new PlaintextMethod(), "kd94hf93k423kf44&pfkkdhi9sl3r4s00");
+    }
+
+}

Propchange: incubator/amber/trunk/signature-api/src/test/java/org/apache/amber/signature/plaintext/PlaintextMethodTestCase.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: incubator/amber/trunk/signature-api/src/test/java/org/apache/amber/signature/plaintext/PlaintextMethodTestCase.java
------------------------------------------------------------------------------
    svn:keywords = Date Author Id Revision HeadURL

Propchange: incubator/amber/trunk/signature-api/src/test/java/org/apache/amber/signature/plaintext/PlaintextMethodTestCase.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain



Mime
View raw message