org.xdi.oxauth.model.common.AuthorizationCode の継承関係図

org.xdi.oxauth.model.common.AuthorizationCode 連携図

公開メンバ関数
	AuthorizationCode (int lifeTime)

	AuthorizationCode (String code, Date creationDate, Date expirationDate)

boolean	isValid ()

boolean	isUsed ()

synchronized void	setUsed (boolean used)

void	checkExpired ()

void	checkExpired (Date now)

String	getCode ()

void	setCode (String code)

Date	getCreationDate ()

void	setCreationDate (Date creationDate)

Date	getExpirationDate ()

void	setExpirationDate (Date expirationDate)

boolean	isRevoked ()

synchronized void	setRevoked (boolean revoked)

boolean	isExpired ()

synchronized void	setExpired (boolean expired)

String	getAuthMode ()

void	setAuthMode (String authMode)

String	getSessionDn ()

void	setSessionDn (String sessionDn)

int	getExpiresIn ()

String	getHash (SignatureAlgorithm signatureAlgorithm)

非公開変数類
boolean	used

詳解

The authorization code is obtained by using an authorization server as an intermediary between the client and resource owner. Instead of requesting authorization directly from the resource owner, the client directs the resource owner to an authorization server (via its user- agent as defined in [RFC2616]), which in turn directs the resource owner back to the client with the authorization code.

Before directing the resource owner back to the client with the authorization code, the authorization server authenticates the resource owner and obtains authorization. Because the resource owner only authenticates with the authorization server, the resource owner's credentials are never shared with the client.

The authorization code provides a few important security benefits such as the ability to authenticate the client, and the transmission of the access token directly to the client without passing it through the resource owner's user-agent, potentially exposing it to others, including the resource owner.

著者: Javier Rojas Blum Date: 09.29.2011

構築子と解体子

◆ AuthorizationCode() [1/2]

org.xdi.oxauth.model.common.AuthorizationCode.AuthorizationCode ( int lifeTime )

inline

Constructs an authorization code.

When created, a token is valid for a given lifetime, and after this period of time, it will be marked as expired automatically by a background process.

When required, the token can be marked as revoked.

引数

lifeTime The life time of the token.

                                            {
         super(lifeTime);
         used = false;
     }

◆ AuthorizationCode() [2/2]

org.xdi.oxauth.model.common.AuthorizationCode.AuthorizationCode	(	String	code,
		Date	creationDate,
		Date	expirationDate
	)

inline

                                                                                   {
         super(code, creationDate, expirationDate);
         used = false;
         checkExpired();
     }

関数詳解

◆ checkExpired() [1/2]

void org.xdi.oxauth.model.common.AbstractToken.checkExpired ( )

inlineinherited

Checks whether the token has expired and if true, marks itself as expired.

                                {
         checkExpired(new Date());
     }

◆ checkExpired() [2/2]

void org.xdi.oxauth.model.common.AbstractToken.checkExpired ( Date now )

inlineinherited

Checks whether the token has expired and if true, marks itself as expired.

                                        {
         if (now.after(expirationDate)) {
             expired = true;
         }
     }

◆ getAuthMode()

String org.xdi.oxauth.model.common.AbstractToken.getAuthMode ( )

inlineinherited

Returns the authentication mode.

戻り値: The authentication mode.

                                 {
         return authMode;
     }

◆ getCode()

String org.xdi.oxauth.model.common.AbstractToken.getCode ( )

inlineinherited

Returns the token code.

戻り値: The Code of the token.

                             {
         return code;
     }

◆ getCreationDate()

Date org.xdi.oxauth.model.common.AbstractToken.getCreationDate ( )

inlineinherited

Returns the creation date of the token.

戻り値: The creation date.

                                   {
         return creationDate != null ? new Date(creationDate.getTime()) : null;
     }

◆ getExpirationDate()

Date org.xdi.oxauth.model.common.AbstractToken.getExpirationDate ( )

inlineinherited

Returns the expiration date of the token.

戻り値: The expiration date.

                                     {
         return expirationDate != null ? new Date(expirationDate.getTime()) : null;
     }

◆ getExpiresIn()

int org.xdi.oxauth.model.common.AbstractToken.getExpiresIn ( )

inlineinherited

Returns the lifetime in seconds of the token.

戻り値: The lifetime in seconds of the token.

                               {
         int expiresIn = 0;
 
         checkExpired();
         if (isValid()) {
             long diff = expirationDate.getTime() - new Date().getTime();
             expiresIn = diff != 0 ? (int) (diff / 1000) : 0;
         }
 
         return expiresIn;
     }

◆ getHash()

String org.xdi.oxauth.model.common.AbstractToken.getHash ( SignatureAlgorithm signatureAlgorithm )

inlineinherited

                                                                  {
         String hash = null;
 
         try {
             byte[] digest;
             if (signatureAlgorithm == SignatureAlgorithm.HS256 ||
                     signatureAlgorithm == SignatureAlgorithm.RS256 ||
                     signatureAlgorithm == SignatureAlgorithm.ES256) {
                 digest = JwtUtil.getMessageDigestSHA256(code);
             } else if (signatureAlgorithm == SignatureAlgorithm.HS384 ||
                     signatureAlgorithm == SignatureAlgorithm.RS384 ||
                     signatureAlgorithm == SignatureAlgorithm.ES512) {
                 digest = JwtUtil.getMessageDigestSHA384(code);
             } else if (signatureAlgorithm == SignatureAlgorithm.HS512 ||
                     signatureAlgorithm == SignatureAlgorithm.RS384 ||
                     signatureAlgorithm == SignatureAlgorithm.ES512) {
                 digest = JwtUtil.getMessageDigestSHA512(code);
             } else { // Default
                 digest = JwtUtil.getMessageDigestSHA256(code);
             }
 
             if (digest != null) {
                 byte[] lefMostHalf = new byte[digest.length / 2];
                 System.arraycopy(digest, 0, lefMostHalf, 0, lefMostHalf.length);
                 hash = Base64Util.base64urlencode(lefMostHalf);
             }
         } catch (NoSuchAlgorithmException e) {
         } catch (UnsupportedEncodingException e) {
         } catch (NoSuchProviderException e) {
         } catch (Exception e) {
         }
 
         return hash;
     }

◆ getSessionDn()

String org.xdi.oxauth.model.common.AbstractToken.getSessionDn ( )

inlineinherited

                                  {
         return sessionDn;
     }

◆ isExpired()

boolean org.xdi.oxauth.model.common.AbstractToken.isExpired ( )

inlineinherited

Return true if the token has expired.

戻り値: true if the token has expired.

                                {
         return expired;
     }

◆ isRevoked()

boolean org.xdi.oxauth.model.common.AbstractToken.isRevoked ( )

inlineinherited

Returns true if the token has been revoked.

戻り値: true if the token has been revoked.

                                {
         return revoked;
     }

◆ isUsed()

boolean org.xdi.oxauth.model.common.AuthorizationCode.isUsed ( )

inline

Returns whether an authorization code has been used.

戻り値: true if the authorization code has been used.

                             {
         return used;
     }

◆ isValid()

boolean org.xdi.oxauth.model.common.AuthorizationCode.isValid ( )

inline

Checks whether a token is valid. An authorization code is valid if it has not been used before, not revoked and not expired.

                              {
         return super.isValid() && !used;
     }

◆ setAuthMode()

void org.xdi.oxauth.model.common.AbstractToken.setAuthMode ( String authMode )

inlineinherited

Sets the authentication mode.

引数

authMode The authentication mode.

                                              {
         this.authMode = authMode;
     }

◆ setCode()

void org.xdi.oxauth.model.common.AbstractToken.setCode ( String code )

inlineinherited

Sets the token code.

引数

code	The code of the token.

                                      {
         this.code = code;
     }

◆ setCreationDate()

void org.xdi.oxauth.model.common.AbstractToken.setCreationDate ( Date creationDate )

inlineinherited

Sets the creation date of the token.

引数

creationDate The creation date.

                                                    {
         this.creationDate = creationDate != null ? new Date(creationDate.getTime()) : null;
     }

◆ setExpirationDate()

void org.xdi.oxauth.model.common.AbstractToken.setExpirationDate ( Date expirationDate )

inlineinherited

Sets the expiration date of the token.

引数

expirationDate The expiration date.

                                                        {
         this.expirationDate = expirationDate != null ? new Date(expirationDate.getTime()) : null;
     }

◆ setExpired()

synchronized void org.xdi.oxauth.model.common.AbstractToken.setExpired ( boolean expired )

inlineinherited

Sets the value of the expired flag to indicate whether the token has expired.

引数

expired Expire or not.

                                                          {
         this.expired = expired;
     }

◆ setRevoked()

synchronized void org.xdi.oxauth.model.common.AbstractToken.setRevoked ( boolean revoked )

inlineinherited

Sets the value of the revoked flag to indicate whether the token has been revoked.

引数

revoked Revoke or not.

                                                          {
         this.revoked = revoked;
     }

◆ setSessionDn()

void org.xdi.oxauth.model.common.AbstractToken.setSessionDn ( String sessionDn )

inlineinherited

                                                {
         this.sessionDn = sessionDn;
     }

◆ setUsed()

synchronized void org.xdi.oxauth.model.common.AuthorizationCode.setUsed ( boolean used )

inline

Sets the flag to indicate whether a token has been used. The authorization code must be used only once and after it must be marked as used.

引数

used	Used or not.

                                                    {
         this.used = used;
     }

メンバ詳解

◆ used

boolean org.xdi.oxauth.model.common.AuthorizationCode.used

private

このクラス詳解は次のファイルから抽出されました:

D:/AppData/OpenId/gluu/src/oxAuth/Server/src/main/java/org/xdi/oxauth/model/common/AuthorizationCode.java

公開メンバ関数

非公開変数類

詳解

構築子と解体子

◆ AuthorizationCode() [1/2]

◆ AuthorizationCode() [2/2]

関数詳解

◆ checkExpired() [1/2]

◆ checkExpired() [2/2]

◆ getAuthMode()

◆ getCode()

◆ getCreationDate()

◆ getExpirationDate()

◆ getExpiresIn()

◆ getHash()

◆ getSessionDn()

◆ isExpired()

◆ isRevoked()

◆ isUsed()

◆ isValid()

◆ setAuthMode()

◆ setCode()

◆ setCreationDate()

◆ setExpirationDate()

◆ setExpired()

◆ setRevoked()

◆ setSessionDn()

◆ setUsed()

メンバ詳解

◆ used