HMACAlgorithm.java example

Explorer

java-jwt-master
- lib
  - src
    - main
      - java
        com
        auth0
        jwt
        ClockImpl.java
        JWT.java
        JWTCreator.java
        JWTDecoder.java
        JWTVerifier.java
        TokenUtils.java
        algorithms
        Algorithm.java
        CryptoHelper.java
        ECDSAAlgorithm.java
        HMACAlgorithm.java
        NoneAlgorithm.java
        RSAAlgorithm.java
        exceptions
        AlgorithmMismatchException.java
        InvalidClaimException.java
        JWTCreationException.java
        JWTDecodeException.java
        JWTVerificationException.java
        SignatureGenerationException.java
        SignatureVerificationException.java
        TokenExpiredException.java
        impl
        BasicHeader.java
        ClaimsHolder.java
        HeaderDeserializer.java
        JWTParser.java
        JsonNodeClaim.java
        NullClaim.java
        PayloadDeserializer.java
        PayloadImpl.java
        PayloadSerializer.java
        PublicClaims.java
        interfaces
        Claim.java
        Clock.java
        DecodedJWT.java
        ECDSAKeyProvider.java
        Header.java
        JWTPartsParser.java
        KeyProvider.java
        Payload.java
        RSAKeyProvider.java
        Verification.java
    - test
      - java
        com
        auth0
        jwt
        ClockImplTest.java
        ConcurrentVerifyTest.java
        JWTCreatorTest.java
        JWTDecoderTest.java
        JWTTest.java
        JWTVerifierTest.java
        JsonMatcher.java
        PemUtils.java
        TokenUtilsTest.java
        UserPojo.java
        algorithms
        AlgorithmTest.java
        ECDSAAlgorithmTest.java
        HMACAlgorithmTest.java
        NoneAlgorithmTest.java
        RSAAlgorithmTest.java
        impl
        BasicHeaderTest.java
        ClaimsHolderTest.java
        HeaderDeserializerTest.java
        JWTParserTest.java
        JsonNodeClaimTest.java
        NullClaimTest.java
        PayloadDeserializerTest.java
        PayloadImplTest.java
        PayloadSerializerTest.java

package com.auth0.jwt.algorithms;

import com.auth0.jwt.exceptions.SignatureGenerationException;
import com.auth0.jwt.exceptions.SignatureVerificationException;
import com.auth0.jwt.interfaces.DecodedJWT;
import org.apache.commons.codec.CharEncoding;
import org.apache.commons.codec.binary.Base64;

import java.io.UnsupportedEncodingException;
import java.nio.charset.StandardCharsets;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;

class HMACAlgorithm extends Algorithm {

    private final CryptoHelper crypto;
    private final byte[] secret;

    //Visible for testing
    HMACAlgorithm(CryptoHelper crypto, String id, String algorithm, byte[] secretBytes) throws IllegalArgumentException {
        super(id, algorithm);
        if (secretBytes == null) {
            throw new IllegalArgumentException("The Secret cannot be null");
        }
        this.secret = secretBytes;
        this.crypto = crypto;
    }

    HMACAlgorithm(String id, String algorithm, byte[] secretBytes) throws IllegalArgumentException {
        this(new CryptoHelper(), id, algorithm, secretBytes);
    }

    HMACAlgorithm(String id, String algorithm, String secret) throws IllegalArgumentException, UnsupportedEncodingException {
        this(new CryptoHelper(), id, algorithm, getSecretBytes(secret));
    }

    //Visible for testing
    static byte[] getSecretBytes(String secret) throws IllegalArgumentException, UnsupportedEncodingException {
        if (secret == null) {
            throw new IllegalArgumentException("The Secret cannot be null");
        }
        return secret.getBytes(CharEncoding.UTF_8);
    }

    @Override
    public void verify(DecodedJWT jwt) throws SignatureVerificationException {
        byte[] contentBytes = String.format("%s.%s", jwt.getHeader(), jwt.getPayload()).getBytes(StandardCharsets.UTF_8);
        byte[] signatureBytes = Base64.decodeBase64(jwt.getSignature());

        try {
            boolean valid = crypto.verifySignatureFor(getDescription(), secret, contentBytes, signatureBytes);
            if (!valid) {
                throw new SignatureVerificationException(this);
            }
        } catch (IllegalStateException | InvalidKeyException | NoSuchAlgorithmException e) {
            throw new SignatureVerificationException(this, e);
        }
    }

    @Override
    public byte[] sign(byte[] contentBytes) throws SignatureGenerationException {
        try {
            return crypto.createSignatureFor(getDescription(), secret, contentBytes);
        } catch (NoSuchAlgorithmException | InvalidKeyException e) {
            throw new SignatureGenerationException(this, e);
        }
    }

}