/*
* Copyright (c) 2005 Aetrion LLC.
*/
package com.googlecode.flickr2twitter.com.aetrion.flickr.auth;
import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import com.googlecode.flickr2twitter.com.aetrion.flickr.Parameter;
import com.googlecode.flickr2twitter.com.aetrion.flickr.ParameterAlphaComparator;
import com.googlecode.flickr2twitter.com.aetrion.flickr.RequestContext;
import com.googlecode.flickr2twitter.com.aetrion.flickr.util.ByteUtilities;
/**
* Utilities used by the authentication API.
*
* @author Anthony Eden
* @version $Id: AuthUtilities.java,v 1.11 2009/11/07 23:23:24 x-mago Exp $
*/
public class AuthUtilities {
/**
* Get a signature for a list of parameters using the given shared secret.
*
* @param sharedSecret The shared secret
* @param params The parameters
* @return The signature String
*/
public static String getSignature(String sharedSecret, List<Parameter> params) {
addAuthToken(params);
StringBuffer buffer = new StringBuffer();
buffer.append(sharedSecret);
Collections.sort(params, new ParameterAlphaComparator());
Iterator<Parameter> iter = params.iterator();
while (iter.hasNext()) {
Parameter param = (Parameter) iter.next();
buffer.append(param.getName());
buffer.append(param.getValue());
}
try {
MessageDigest md = MessageDigest.getInstance("MD5");
return ByteUtilities.toHexString(md.digest(buffer.toString().getBytes("UTF-8")));
} catch (NoSuchAlgorithmException e) {
throw new RuntimeException(e);
} catch (UnsupportedEncodingException u) {
throw new RuntimeException(u);
}
}
public static String getMultipartSignature(String sharedSecret, List<Parameter> params) {
List<String> ignoreParameters = new ArrayList<String>();
ignoreParameters.add("photo");
addAuthToken(params);
StringBuffer buffer = new StringBuffer();
buffer.append(sharedSecret);
Collections.sort(params, new ParameterAlphaComparator());
Iterator<Parameter> iter = params.iterator();
while (iter.hasNext()) {
Parameter param = (Parameter) iter.next();
if (!ignoreParameters.contains(param.getName().toLowerCase())) {
buffer.append(param.getName());
buffer.append(param.getValue());
}
}
try {
MessageDigest md = MessageDigest.getInstance("MD5");
return ByteUtilities.toHexString(md.digest(buffer.toString().getBytes("UTF-8")));
} catch (NoSuchAlgorithmException e) {
throw new RuntimeException(e);
} catch (UnsupportedEncodingException u) {
throw new RuntimeException(u);
}
}
/**
* Adds the auth_token to the parameter list if it is necessary.
* @param params
*/
public static void addAuthToken(List<Parameter> params) {
//Checking for the auth_token parameter
Iterator<Parameter> it = params.iterator();
boolean tokenFlag = false;
while (it.hasNext()) {
if (((Parameter) it.next()).getName().equals("auth_token")) {
tokenFlag = true;
}
}
if (!tokenFlag) {
if (RequestContext.getRequestContext().getAuth() != null) {
String authToken = RequestContext.getRequestContext().getAuth().getToken();
if(authToken != null && !authToken.equals(""))
params.add(new Parameter("auth_token", authToken));
}
}
}
/**
* Check, if we are authenticated.
*
* @param params
* @return isAuthenticated
*/
public static boolean isAuthenticated(List<Parameter> params) {
Iterator<Parameter> it = params.iterator();
boolean tokenFlag = false;
while (it.hasNext()) {
if (((Parameter) it.next()).getName().equals("auth_token")) {
tokenFlag = true;
}
}
if (!tokenFlag) {
if (RequestContext.getRequestContext().getAuth() != null) {
String authToken = RequestContext.getRequestContext().getAuth().getToken();
if (authToken != null && !authToken.equals("")) {
tokenFlag = true;
}
}
}
return tokenFlag;
}
}