/*
* Copyright 2010-2017 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
* A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed
* on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
* express or implied. See the License for the specific language governing
* permissions and limitations under the License.
*
*/
package com.amazon.photosharing.utils;
import org.jasypt.encryption.pbe.StandardPBEStringEncryptor;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import java.text.DateFormat;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.UUID;
import java.util.concurrent.TimeUnit;
public final class TokenGenerator {
protected final Logger _logger = LoggerFactory.getLogger(this.getClass());
private static final TokenGenerator tokenGenerator = new TokenGenerator();
private final DateFormat format = new SimpleDateFormat("ddMMyyHHmmss");
private final StandardPBEStringEncryptor jasypt = new StandardPBEStringEncryptor();
private final int LOGIN_TIME = 30;
private TokenGenerator() {
jasypt.setPassword("tokenpassword");
}
public static TokenGenerator getInstance() {
return tokenGenerator;
}
public String issueToken(String userName) {
Date creationDate = new Date();
String key = UUID.randomUUID().toString().toUpperCase() +
"|" + userName +
"|" + format.format(creationDate);
// this is the authentication token user will send in order to use the web service
String authenticationToken = jasypt.encrypt(key);
return authenticationToken;
}
public String getUsernameFromToken(String token) {
try {
String key = jasypt.decrypt(token);
String [] keyParts = key.split("\\|");
for (String part : keyParts)
_logger.info(part);
return keyParts[1];
}
catch (Exception exc) {
_logger.info("Could not extract username from token: " + token);
return null;
}
}
public boolean validateToken(String token, Integer loginTime, TimeUnit timeUnit) {
try {
String key = jasypt.decrypt(token);
String [] keyParts = key.split("\\|");
String strDate = keyParts[keyParts.length - 1];
Date date = format.parse(strDate);
Date currentTime = new Date();
long duration = currentTime.getTime() - date.getTime();
long diff;
if (timeUnit.equals(TimeUnit.MINUTES))
diff = TimeUnit.MILLISECONDS.toMinutes(duration);
else if (timeUnit.equals(TimeUnit.SECONDS))
diff = TimeUnit.MILLISECONDS.toSeconds(duration);
else
throw new UnsupportedOperationException(timeUnit.toString() + " not supported");
if (diff > loginTime)
return false;
return true;
}
catch (Exception exc) {
exc.printStackTrace();
return false;
}
}
public boolean validateToken(String token) {
return this.validateToken(token, LOGIN_TIME, TimeUnit.MINUTES);
}
}
