org.apache.shiro.codec.Base64 Java Examples

/**
 * 
 * @param request
 * @return
 * @throws Exception
 */
@ApiOperation(value = "获取RSA公钥", notes = "用于登录功能获取RSA公钥")
@RequestMapping(value = "publicKey", method = {RequestMethod.POST, RequestMethod.GET})
@ResponseBody
public JSONObject getPublicKey(@ApiIgnore HttpServletRequest request) throws Exception {

	RSAPublicKey publicKey = getAuthzLoginService().genPublicKey(request);

	byte[] modulus = publicKey.getModulus().toByteArray();
	byte[] exponent = publicKey.getPublicExponent().toByteArray();

	JSONObject json = new JSONObject();
	json.put("modulus", Base64.encodeToString(modulus));
	json.put("exponent", Base64.encodeToString(exponent));
	
	return json;
}
 

/**
 *
 * @param info the AuthenticationInfo from which to retrieve the credentials which assumed to be in already-hashed form.
 * @return a {@link Hash Hash} instance representing the given AuthenticationInfo's stored credentials.
 */
protected Object getCredentials(AuthenticationInfo info) {
    Object credentials = info.getCredentials();

    byte[] storedBytes = toBytes(credentials);

    if (credentials instanceof String || credentials instanceof char[]) {
        //account.credentials were a char[] or String, so
        //we need to do text decoding first:
        if (isStoredCredentialsHexEncoded()) {
            storedBytes = Hex.decode(storedBytes);
        } else {
            storedBytes = Base64.decode(storedBytes);
        }
    }
    AbstractHash hash = newHashInstance();
    hash.setBytes(storedBytes);
    return hash;
}
 

/**
 * Computes RFC 2104-compliant HMAC signature.
 * * @param data
 * The data to be signed.
 * 
 * @param key
 *            The signing key.
 * @return
 *         The Base64-encoded RFC 2104-compliant HMAC signature.
 * @throws java.security.SignatureException
 *             when signature generation fails
 */
public static String calculateRFC2104HMAC(String data, String key) throws java.security.SignatureException {
    String result = null;
    try {
        Charset utf8ChartSet = Charset.forName("UTF-8");
        // get an hmac_sha1 key from the raw key bytes
        SecretKeySpec signingKey = new SecretKeySpec(key.getBytes(utf8ChartSet), HMAC_SHA1_ALGORITHM);

        // get an hmac_sha1 Mac instance and initialize with the signing key
        Mac mac = Mac.getInstance(HMAC_SHA1_ALGORITHM);
        mac.init(signingKey);

        // compute the hmac on input data bytes
        byte[] rawHmac = mac.doFinal(data.getBytes(utf8ChartSet));

        // base64-encode the hmac
        result = Base64.encodeToString(rawHmac);
    } catch (NoSuchAlgorithmException | InvalidKeyException e) {
        throw new SignatureException("Failed to generate HMAC : " + e.getMessage());
    }
    return result;
}
 

public static void main(String[] args) {
	String base64="zGkG0zevFbnIioooS3MfnnbWeBUeiZrScKVJms0CZAdJ2MYTddPkvBHGmMhvgdKA5QJk8FSb9T1Y1tFlUnnCsIvcK+iX4cfrwD7voGdU5bW9AWjwNvl3BDrAgRf+hvjrI3T5nBTFeW7uI6GzfFrIx92qER9lQ97g19Dn555uwIzf0ULvc8jICZTraLLrf2avh1hy2kUJJblO6u5IHiBbAXBNitZ6W1yjLEWmSFnb+EsEWAGB3WwV1u1HZO045LB4G57UIH4QGM0xfJjWWeahiTS4j9IAEJBbghwfL1A5pdzFiXJzzA5GF85vtP+6jLwQfGaQJyv35PvNNsDmCqFe8eUSBLji5z5y/y+yKfZk9izXiEvFjKQ5kqMqKfLMp+Vn5OuO+syc4CfJL4PLI16vwVUPV1EWAzyxUhK7DtD5OMVcLPwVtwZ11dG88wkZtjXvBymLyGCj5/Tk8gTWYsdcNKD5i8WvbMLT45S4iWsZxa/5offIiCipkkqoqvxCppJLTzBoaR/wlqoa1Bc/cvpijiJTIbSCj+iFloQRdax1mMQ";
	 base64 = ensurePadding(base64);
	  byte[] decoded = Base64.decode(base64);
	  
	  
	   byte[] serialized = decoded;
        CipherService cipherService = new AesCipherService();
        if (cipherService != null) {
            ByteSource byteSource = cipherService.decrypt(decoded, new byte[]{-112, -15, -2, 108, -116, 100, -28, 61, -99, 121, -104, -120, -59, -58, -102, 104});
            serialized = byteSource.getBytes();
        }
        Serializer<PrincipalCollection> serializer = new DefaultSerializer<PrincipalCollection>();
        ;
        System.out.println(serializer.deserialize(serialized));
        
        	SimplePrincipalCollection p=(SimplePrincipalCollection) serializer.deserialize(serialized);	

	  System.out.println(p.getPrimaryPrincipal());
	  System.out.println(p.getRealmNames());
	  System.out.println(p);
}
 

public static void main(String[] args) {
	String base64="zGkG0zevFbnIioooS3MfnnbWeBUeiZrScKVJms0CZAdJ2MYTddPkvBHGmMhvgdKA5QJk8FSb9T1Y1tFlUnnCsIvcK+iX4cfrwD7voGdU5bW9AWjwNvl3BDrAgRf+hvjrI3T5nBTFeW7uI6GzfFrIx92qER9lQ97g19Dn555uwIzf0ULvc8jICZTraLLrf2avh1hy2kUJJblO6u5IHiBbAXBNitZ6W1yjLEWmSFnb+EsEWAGB3WwV1u1HZO045LB4G57UIH4QGM0xfJjWWeahiTS4j9IAEJBbghwfL1A5pdzFiXJzzA5GF85vtP+6jLwQfGaQJyv35PvNNsDmCqFe8eUSBLji5z5y/y+yKfZk9izXiEvFjKQ5kqMqKfLMp+Vn5OuO+syc4CfJL4PLI16vwVUPV1EWAzyxUhK7DtD5OMVcLPwVtwZ11dG88wkZtjXvBymLyGCj5/Tk8gTWYsdcNKD5i8WvbMLT45S4iWsZxa/5offIiCipkkqoqvxCppJLTzBoaR/wlqoa1Bc/cvpijiJTIbSCj+iFloQRdax1mMQ";
	 base64 = ensurePadding(base64);
	  byte[] decoded = Base64.decode(base64);
	  
	  
	   byte[] serialized = decoded;
        CipherService cipherService = new AesCipherService();
        if (cipherService != null) {
            ByteSource byteSource = cipherService.decrypt(decoded, new byte[]{-112, -15, -2, 108, -116, 100, -28, 61, -99, 121, -104, -120, -59, -58, -102, 104});
            serialized = byteSource.getBytes();
        }
        Serializer<PrincipalCollection> serializer = new DefaultSerializer<PrincipalCollection>();
        ;
        System.out.println(serializer.deserialize(serialized));
        
        	SimplePrincipalCollection p=(SimplePrincipalCollection) serializer.deserialize(serialized);	

	  System.out.println(p.getPrimaryPrincipal());
	  System.out.println(p.getRealmNames());
	  System.out.println(p);
}
 

/**
 * Retrieve an authentication token using a combination of form input and payload
 */
@Test
public void clientCredentialsFlowWithHeaderAuthorizationAndPayload() throws Exception {
    //retrieve the credentials
    Credentials orgCredentials = getOrgCredentials();
    String clientId = orgCredentials.getClientId();
    String clientSecret = orgCredentials.getClientSecret();

    //Encode the credentials
    String clientCredentials = clientId + ":" + clientSecret;
    String token = Base64.encodeToString(clientCredentials.getBytes());

    //POST the form to the application token endpoint along with the payload
    Token apiResponse = this.app().token().getTarget( false ).request()
        .header( "Authorization", "Basic " + token )
        .accept( MediaType.APPLICATION_JSON )
        .post(javax.ws.rs.client.Entity.entity(
            hashMap("grant_type", "client_credentials"), MediaType.APPLICATION_JSON_TYPE), Token.class);

    //Assert that a valid token with a valid TTL is returned
    assertNotNull("It has access_token.", apiResponse.getAccessToken());
    assertNotNull("It has expires_in.", apiResponse.getExpirationDate());
}
 

/**
  * 解密方法
  * @param data 要解密的数据
  * @param key  解密key
  * @param iv 解密iv
  * @return 解密的结果
  * @throws Exception
  */
 public static String desEncrypt(String data, String key, String iv) throws Exception {
     try {
byte[] encrypted1 = Base64.decode(data);

         Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
         SecretKeySpec keyspec = new SecretKeySpec(key.getBytes(), "AES");
         IvParameterSpec ivspec = new IvParameterSpec(iv.getBytes());

         cipher.init(Cipher.DECRYPT_MODE, keyspec, ivspec);

         byte[] original = cipher.doFinal(encrypted1);
         String originalString = new String(original);
         return originalString;
     } catch (Exception e) {
         e.printStackTrace();
         return null;
     }
 }
 

@Override
protected void rememberSerializedIdentity(Subject subject, byte[] serialized) {
    if (!WebUtils.isHttp(subject)) {
        if (LOGGER.isDebugEnabled()) {
            String msg = "Subject argument is not an HTTP-aware instance.  This is required to obtain a servlet " +
                    "request and response in order to set the rememberMe cookie. Returning immediately and " +
                    "ignoring rememberMe operation.";
            LOGGER.debug(msg);
        }
        
        return;
    }


    HttpServletRequest request = WebUtils.getHttpRequest(subject);
    HttpServletResponse response = WebUtils.getHttpResponse(subject);

    // base 64 encode it and store as a cookie:
    String base64 = Base64.encodeToString(serialized);

    // the class attribute is really a template for the outgoing cookies
    Cookie cookie = getCookie(); 
    cookie.setValue(base64);
    cookie.saveTo(request, response);
}
 

public void buildMocks(String anweredBy,String host, String sigHost,String callStatus) throws Exception{
   URIBuilder builder = new URIBuilder("/ivr/event/ack")
      .addParameter(TwilioBaseHandler.SCRIPT_PARAM, "alarm.smoke.triggered")
      .addParameter(TwilioHelper.NOTIFICATION_ID_PARAM_NAME, "place:"+UUID.randomUUID())
      .addParameter(TwilioHelper.PERSON_ID_PARAM_NAME, "test")
      .addParameter(TwilioHelper.NOTIFICATION_EVENT_TIME_PARAM_NAME, "12345678910")
      .addParameter(TwilioHelper.CALL_STATUS_PARAM_KEY, callStatus)
      .addParameter(TwilioHelper.ANSWEREDBY_PARAM_KEY, anweredBy);
   
   String testURI=builder.build().toString();
   FieldUtils.writeField(handler, "twilioAccountAuth", "AUTHKEY", true);
   
   String protocol =TwilioHelper.PROTOCOL_HTTPS;
   
   String sig = Base64.encodeToString(HmacUtils.hmacSha1 ("AUTHKEY", protocol + sigHost + testURI));
   
   EasyMock.expect(request.getMethod()).andReturn(HttpMethod.GET).anyTimes();
   EasyMock.expect(request.getUri()).andReturn(testURI).anyTimes();
   EasyMock.expect(request.headers()).andReturn(httpHeaders).anyTimes();
   EasyMock.expect(httpHeaders.contains(TwilioHelper.SIGNATURE_HEADER_KEY)).andReturn(true).anyTimes();
   EasyMock.expect(httpHeaders.get(TwilioHelper.SIGNATURE_HEADER_KEY)).andReturn(sig).anyTimes();
   EasyMock.expect(httpHeaders.get(TwilioHelper.HOST_HEADER_KEY)).andReturn(host).anyTimes();
   EasyMock.expect(mockPopulationCacheMgr.getPopulationByPlaceId(EasyMock.anyObject(UUID.class))).andReturn(Population.NAME_GENERAL);
}
 

@Before
public void setUp() throws Exception {
   super.setUp();
   builder = buildParameters(null);
   FieldUtils.writeField(handler, "twilioAccountAuth", "AUTHKEY", true);

   sig = Base64.encodeToString(HmacUtils.hmacSha1 ("AUTHKEY", TwilioHelper.PROTOCOL_HTTPS + "somehost" + builder.toString()));
   EasyMock.expect(request.getUri()).andReturn(builder.toString()).anyTimes();
   EasyMock.expect(request.getMethod()).andReturn(HttpMethod.GET);
   EasyMock.expect(request.headers()).andReturn(httpHeaders).anyTimes();
   
   EasyMock.expect(httpHeaders.contains(TwilioHelper.SIGNATURE_HEADER_KEY)).andReturn(true).anyTimes();
   EasyMock.expect(httpHeaders.get(TwilioHelper.SIGNATURE_HEADER_KEY)).andReturn(sig).anyTimes();
   EasyMock.expect(httpHeaders.get(TwilioHelper.HOST_HEADER_KEY)).andReturn("somehost").anyTimes();
   EasyMock.expect(personDAO.findById(personID)).andReturn(person);
   EasyMock.expect(placeDAO.findById(placeId)).andReturn(place);
   EasyMock.expect(populationCacheMgr.getPopulationByPlaceId(EasyMock.anyObject(UUID.class))).andReturn(Population.NAME_GENERAL).anyTimes();
}
 

/**
  * 解密方法
  * @param data 要解密的数据
  * @param key  解密key
  * @param iv 解密iv
  * @return 解密的结果
  * @throws Exception
  */
 public static String desEncrypt(String data, String key, String iv) throws Exception {
     try {
byte[] encrypted1 = Base64.decode(data);

         Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
         SecretKeySpec keyspec = new SecretKeySpec(key.getBytes(), "AES");
         IvParameterSpec ivspec = new IvParameterSpec(iv.getBytes());

         cipher.init(Cipher.DECRYPT_MODE, keyspec, ivspec);

         byte[] original = cipher.doFinal(encrypted1);
         String originalString = new String(original);
         return originalString;
     } catch (Exception e) {
         e.printStackTrace();
         return null;
     }
 }
 

/**
  * 解密方法
  * @param data 要解密的数据
  * @param key  解密key
  * @param iv 解密iv
  * @return 解密的结果
  * @throws Exception
  */
 public static String desEncrypt(String data, String key, String iv) throws Exception {
     try {
byte[] encrypted1 = Base64.decode(data);

         Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
         SecretKeySpec keyspec = new SecretKeySpec(key.getBytes(), "AES");
         IvParameterSpec ivspec = new IvParameterSpec(iv.getBytes());

         cipher.init(Cipher.DECRYPT_MODE, keyspec, ivspec);

         byte[] original = cipher.doFinal(encrypted1);
         String originalString = new String(original);
         return originalString;
     } catch (Exception e) {
         e.printStackTrace();
         return null;
     }
 }
 

/**
 * 
 * @param request
 * @return
 * @throws Exception
 */
@ApiOperation(value = "获取RSA公钥", notes = "用于登录功能获取RSA公钥")
@RequestMapping(value = "publicKey", method = {RequestMethod.POST, RequestMethod.GET})
@ResponseBody
public JSONObject getPublicKey(@ApiIgnore HttpServletRequest request) throws Exception {

	RSAPublicKey publicKey = getAuthzLoginService().genPublicKey(request);

	byte[] modulus = publicKey.getModulus().toByteArray();
	byte[] exponent = publicKey.getPublicExponent().toByteArray();

	JSONObject json = new JSONObject();
	json.put("modulus", Base64.encodeToString(modulus));
	json.put("exponent", Base64.encodeToString(exponent));
	
	return json;
}
 

/**
 * Retrieve an access token using HTTP Basic authentication
 */
@Test
public void clientCredentialsFlowWithBasicAuthentication() throws Exception {
    //retrieve the credentials
    Credentials orgCredentials = getOrgCredentials();
    String clientId = orgCredentials.getClientId();
    String clientSecret = orgCredentials.getClientSecret();

    //encode the credentials
    String clientCredentials = clientId + ":" + clientSecret;
    String token = Base64.encodeToString(clientCredentials.getBytes());

    Map<String, String> map = new HashMap<>(1);
    map.put("grant_type", "client_credentials");
    //GET the token endpoint, adding the basic auth header
    Token apiResponse = clientSetup.getRestClient().management().token().getTarget( false )
        //add the auth header
        .request()
        .header( "Authorization", "Basic " + token )
        .accept(MediaType.APPLICATION_JSON)
        .post( javax.ws.rs.client.Entity.entity(map, MediaType.APPLICATION_JSON_TYPE), Token.class );

    //Assert that a valid token with a valid TTL is returned
    assertNotNull("A valid response was returned.", apiResponse);
    assertNull("There is no error.", apiResponse.getError());
    assertNotNull("It has access_token.", apiResponse.getAccessToken());
    assertNotNull("It has expires_in.", apiResponse.getExpirationDate());
}
 

public static String serialize(Object session) {
    try {
        ByteArrayOutputStream bos = new ByteArrayOutputStream();
        ObjectOutputStream oos = new ObjectOutputStream(bos);
        oos.writeObject(session);
        return Base64.encodeToString(bos.toByteArray());
    } catch (Exception e) {
        throw new RuntimeException("serialize session error", e);
    }
}
 

@Bean
public CookieRememberMeManager rememberMeManager() {
    final CookieRememberMeManager cookieRememberMeManager = new CookieRememberMeManager();
    cookieRememberMeManager.setCipherKey(Base64.decode("ZUdsaGJuSmxibVI2ZHc9PQ=="));
    cookieRememberMeManager.setCookie(rememberMeCookie());
    return cookieRememberMeManager;
}
 

@SuppressWarnings({"rawtypes", "unchecked"})
public static RememberMeManager buildRememberMeManager(Serializer serializer, Logger logger,
													   @Symbol(SymbolConstants.HMAC_PASSPHRASE) String hmacPassphrase,
													   @Symbol(SecuritySymbols.REMEMBERME_CIPHERKERY) String rememberMeCipherKey) throws UnsupportedEncodingException {
	CookieRememberMeManager rememberMeManager = new CookieRememberMeManager();
	// the default Shiro serializer produces obnoxiously long cookies
	rememberMeManager.setSerializer(serializer);

	// assume properly configured cipher is of the right width (divisable by 16)
	byte[] cipherKey = Base64.decode(rememberMeCipherKey);
	if (cipherKey.length <= 0) {
		if (hmacPassphrase.isEmpty()) {
			logger
					.error("Neither symbol '"
								   + SecuritySymbols.REMEMBERME_CIPHERKERY
								   + "' nor  '"
								   + SymbolConstants.HMAC_PASSPHRASE
								   + "' is set. Using a random value as the cipher key for encrypting rememberMe information. Cookies will be invalidated when the JVM is restarted");
			return rememberMeManager;
		}

		logger.warn("Symbol '" + SecuritySymbols.REMEMBERME_CIPHERKERY + "' is not set, using '"
							+ SymbolConstants.HMAC_PASSPHRASE
							+ "' as the cipher. Beware that changing the value will invalidate rememberMe cookies");
		if (hmacPassphrase.length() < 16)
			hmacPassphrase = hmacPassphrase + ("================".substring(hmacPassphrase.length()));
		cipherKey = hmacPassphrase.getBytes("UTF-8");
		if (cipherKey.length > 16) cipherKey = Arrays.copyOf(cipherKey, 16);
	}
	rememberMeManager.setCipherKey(cipherKey);
	return rememberMeManager;
}
 

/**
 *
 * @return a Base64-encoded string of the underlying {@link #getBytes byte array}.
 */
public String toBase64() {
    if (this.base64Encoded == null) {
        //cache result in case this method is called multiple times.
        this.base64Encoded = Base64.encodeToString(getBytes());
    }
    return this.base64Encoded;
}
 

/**
 *
 * @return a Base64-encoded string of the underlying {@link #getBytes byte array}.
 */
public String toBase64() {
    if (this.base64Encoded == null) {
        //cache result in case this method is called multiple times.
        this.base64Encoded = Base64.encodeToString(getBytes());
    }
    return this.base64Encoded;
}
 

@Bean
@DependsOn("mybatisPlusConfig")
public CookieRememberMeManager rememberMeManager() {
    //System.out.println("ShiroConfiguration.rememberMeManager()");
    CookieRememberMeManager cookieRememberMeManager = new CookieRememberMeManager();
    cookieRememberMeManager.setCookie(rememberMeCookie());
    //rememberMe cookie加密的密钥 建议每个项目都不一样 默认AES算法 密钥长度(128 256 512 位)
    cookieRememberMeManager.setCipherKey(Base64.encode("pybbs is the best!".getBytes()));
    return cookieRememberMeManager;
}
 

public static String serialize(Session session) {
    if (null == session) {
        return null;
    }
    try {
        ByteArrayOutputStream bos = new ByteArrayOutputStream();
        ObjectOutputStream oos = new ObjectOutputStream(bos);
        oos.writeObject(session);
        return Base64.encodeToString(bos.toByteArray());
    } catch (Exception e) {
        throw new RuntimeException("serialize session error", e);
    }
}
 

public String toBase64() {
    if (this.base64Encoded == null) {
        this.base64Encoded = Base64.encodeToString(this.getBytes());
    }

    return this.base64Encoded;
}
 

public static <T> Collection<T> deserializeFromStrings(Collection<String> base64s){
    try{
        List<T> list = Lists.newLinkedList();
        for(String base64 : base64s){
            byte[] objectData = Base64.decode(base64);
            T t = deserialize(objectData);
            list.add(t);
        }
        return list;
    }catch (Exception e){
        throw new ResultException("deserialize session error");
    }
}
 

public static <T> T deserializeFromString(String base64){
    try{
        byte[] objectData = Base64.decode(base64);
        return deserialize(objectData);
    } catch (Exception e){
        throw new ResultException("deserialize session error");
    }
}
 

public static String serializaToString(Serializable obj){
    try{
        byte[] value = serialize(obj);
        return Base64.encodeToString(value);
    }catch (Exception e){
        throw new ResultException("serialize session error");
    }
}
 

/**
 * Retrieve an app user access token using HTTP Basic authentication
 */
@Test
public void clientCredentialsFlowWithHeaderAuthorization() throws Exception {

    // get app credentials from /<org>/<app>/credentials end-point (using admin credentials)
    Credentials appCredentials = getAppCredentials();
    String clientId = appCredentials.getClientId();
    String clientSecret = appCredentials.getClientSecret();

    // use app credentials to admin user access token
    Token token = clientSetup.getRestClient().management().token()
        .post(Token.class,new Token("client_credentials", clientId, clientSecret));

    String clientCredentials = clientId + ":" + clientSecret;
    String encodedToken = Base64.encodeToString( clientCredentials.getBytes() );

    Map<String, String> payload = hashMap( "grant_type", "client_credentials" );

    // use admin user access token to get app user access token
    Token apiResponse = this.app().token().getTarget( false ).request()
        //add the auth header
        .header( "Authorization", "Basic " + encodedToken )
        .accept( MediaType.APPLICATION_JSON )
        .post(javax.ws.rs.client.Entity.entity(payload, MediaType.APPLICATION_JSON_TYPE ), Token.class );

    //Assert that a valid token with a valid TTL is returned
    assertNotNull("A valid response was returned.", apiResponse);
    assertNull("There is no error.", apiResponse.getError());
    assertNotNull("It has access_token.", apiResponse.getAccessToken());
    assertNotNull("It has expires_in.", apiResponse.getExpirationDate());




}
 

/**
 * 记住我
 */
public CookieRememberMeManager rememberMeManager()
{
    CookieRememberMeManager cookieRememberMeManager = new CookieRememberMeManager();
    cookieRememberMeManager.setCookie(rememberMeCookie());
    cookieRememberMeManager.setCipherKey(Base64.decode("fCq+/xW488hMTCD+cmJ3aQ=="));
    return cookieRememberMeManager;
}
 

/**
* cookie管理器;
* @return
*/
@Bean
public CookieRememberMeManager rememberMeManager(){
    CookieRememberMeManager cookieRememberMeManager = new CookieRememberMeManager();
    //rememberme cookie加密的密钥 建议每个项目都不一样 默认AES算法 密钥长度（128 256 512 位），通过以下代码可以获取
    //KeyGenerator keygen = KeyGenerator.getInstance("AES");
    //SecretKey deskey = keygen.generateKey();
    //System.out.println(Base64.encodeToString(deskey.getEncoded()));
    byte[] cipherKey = Base64.decode("wGiHplamyXlVB11UXWol8g==");
    cookieRememberMeManager.setCipherKey(cipherKey);
    cookieRememberMeManager.setCookie(rememberMeCookie());
    return cookieRememberMeManager;
}
 

@Override
public String toBase64() {
	if ( this.cachedBase64 == null ) {
		this.cachedBase64 = Base64.encodeToString(getBytes());
	}
	return this.cachedBase64;
}
 

public static Session deserialize(String sessionStr) {
    if (StringUtils.isBlank(sessionStr)) {
        return null;
    }
    try {
        ByteArrayInputStream bis = new ByteArrayInputStream(Base64.decode(sessionStr));
        ObjectInputStream ois = new ObjectInputStream(bis);
        return (Session) ois.readObject();
    } catch (Exception e) {
        throw new RuntimeException("deserialize session error", e);
    }
}