From 535288c26c364738d6dd8d64fcd67af7a831bd3a Mon Sep 17 00:00:00 2001 From: "Christian P. MOMON" Date: Mon, 26 Aug 2013 16:50:44 +0200 Subject: [PATCH] Improve design code. --- .classpath | 2 +- .../devinsy/kiss4web/SimpleSecurityAgent.java | 87 +++++++++++++++---- 2 files changed, 72 insertions(+), 17 deletions(-) diff --git a/.classpath b/.classpath index 7bdf471..96752de 100644 --- a/.classpath +++ b/.classpath @@ -10,7 +10,7 @@ - + diff --git a/src/fr/devinsy/kiss4web/SimpleSecurityAgent.java b/src/fr/devinsy/kiss4web/SimpleSecurityAgent.java index ac83328..e5cd2cd 100644 --- a/src/fr/devinsy/kiss4web/SimpleSecurityAgent.java +++ b/src/fr/devinsy/kiss4web/SimpleSecurityAgent.java @@ -7,6 +7,7 @@ import org.apache.commons.codec.digest.DigestUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import fr.devinsy.util.StringList; /** * @@ -59,6 +60,35 @@ public class SimpleSecurityAgent return (result); } + /** + * This method builds a key from keys and a secret key. + */ + public String computeAuth(final String... keys) + { + String result; + + if (keys == null) + { + result = null; + } + else + { + // Add a secret key to the key list. + String[] targetKeys = new String[keys.length + 1]; + for (int keyIndex = 0; keyIndex < keys.length; keyIndex++) + { + targetKeys[keyIndex] = keys[keyIndex]; + } + targetKeys[keys.length] = this.secretKey; + + // + result = md5sum(targetKeys); + } + + // + return (result); + } + /** * Check authentication and refresh it (reset countdown). */ @@ -75,7 +105,7 @@ public class SimpleSecurityAgent { result = false; } - else if (auth.equals(computeAuth(accountId, userId, request.getRemoteAddr(), this.secretKey))) + else if (auth.equals(computeAuth(accountId, userId, request.getRemoteAddr()))) { result = true; @@ -91,6 +121,29 @@ public class SimpleSecurityAgent return (result); } + /** + * + * @param source + * @return + */ + public String md5sumWithSecret(final String source) + { + String result; + + if (source == null) + { + result = null; + } + else + { + String key = source + this.secretKey; + result = md5sum(key); + } + + // + return result; + } + /** * */ @@ -108,7 +161,7 @@ public class SimpleSecurityAgent { // Refresh cookie. int duration = 60 * 60; - String auth = computeAuth(String.valueOf(accountId), userId, request.getRemoteAddr(), this.secretKey); + String auth = computeAuth(String.valueOf(accountId), userId, request.getRemoteAddr()); response.addCookie(CookieHelper.buildCookie(this.authLabel, auth, duration)); response.addCookie(CookieHelper.buildCookie(this.accountIdLabel, accountId, duration)); @@ -133,24 +186,26 @@ public class SimpleSecurityAgent /** * */ - static public String computeAuth(final String key1, final String key2, final String key3, final String key4) + static public String md5sum(final String... keys) { String result; - result = md5sum(key1 + key2 + key3 + key4); + if (keys == null) + { + result = null; + } + else + { + // + StringList targetKey = new StringList(); + for (String key : keys) + { + targetKey.append(key); + } - // - return (result); - } - - /** - * - */ - static String md5sum(final String source) - { - String result; - - result = DigestUtils.md5Hex(source); + // + result = DigestUtils.md5Hex(targetKey.toString()); + } // return (result);