org.apache.shiro.codec.Base64 Java Examples

The following examples show how to use org.apache.shiro.codec.Base64. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: AuthzLoginController.java    From spring-boot-starter-samples with Apache License 2.0 6 votes vote down vote up
/**
 * 
 * @param request
 * @return
 * @throws Exception
 */
@ApiOperation(value = "获取RSA公钥", notes = "用于登录功能获取RSA公钥")
@RequestMapping(value = "publicKey", method = {RequestMethod.POST, RequestMethod.GET})
@ResponseBody
public JSONObject getPublicKey(@ApiIgnore HttpServletRequest request) throws Exception {

	RSAPublicKey publicKey = getAuthzLoginService().genPublicKey(request);

	byte[] modulus = publicKey.getModulus().toByteArray();
	byte[] exponent = publicKey.getPublicExponent().toByteArray();

	JSONObject json = new JSONObject();
	json.put("modulus", Base64.encodeToString(modulus));
	json.put("exponent", Base64.encodeToString(exponent));
	
	return json;
}
 
Example #2
Source File: HashedCredentialsMatcher.java    From nano-framework with Apache License 2.0 6 votes vote down vote up
/**
 *
 * @param info the AuthenticationInfo from which to retrieve the credentials which assumed to be in already-hashed form.
 * @return a {@link Hash Hash} instance representing the given AuthenticationInfo's stored credentials.
 */
protected Object getCredentials(AuthenticationInfo info) {
    Object credentials = info.getCredentials();

    byte[] storedBytes = toBytes(credentials);

    if (credentials instanceof String || credentials instanceof char[]) {
        //account.credentials were a char[] or String, so
        //we need to do text decoding first:
        if (isStoredCredentialsHexEncoded()) {
            storedBytes = Hex.decode(storedBytes);
        } else {
            storedBytes = Base64.decode(storedBytes);
        }
    }
    AbstractHash hash = newHashInstance();
    hash.setBytes(storedBytes);
    return hash;
}
 
Example #3
Source File: HMACSignature.java    From gazpachoquest with GNU General Public License v3.0 6 votes vote down vote up
/**
 * Computes RFC 2104-compliant HMAC signature.
 * * @param data
 * The data to be signed.
 * 
 * @param key
 *            The signing key.
 * @return
 *         The Base64-encoded RFC 2104-compliant HMAC signature.
 * @throws java.security.SignatureException
 *             when signature generation fails
 */
public static String calculateRFC2104HMAC(String data, String key) throws java.security.SignatureException {
    String result = null;
    try {
        Charset utf8ChartSet = Charset.forName("UTF-8");
        // get an hmac_sha1 key from the raw key bytes
        SecretKeySpec signingKey = new SecretKeySpec(key.getBytes(utf8ChartSet), HMAC_SHA1_ALGORITHM);

        // get an hmac_sha1 Mac instance and initialize with the signing key
        Mac mac = Mac.getInstance(HMAC_SHA1_ALGORITHM);
        mac.init(signingKey);

        // compute the hmac on input data bytes
        byte[] rawHmac = mac.doFinal(data.getBytes(utf8ChartSet));

        // base64-encode the hmac
        result = Base64.encodeToString(rawHmac);
    } catch (NoSuchAlgorithmException | InvalidKeyException e) {
        throw new SignatureException("Failed to generate HMAC : " + e.getMessage());
    }
    return result;
}
 
Example #4
Source File: ShiroTest.java    From EasyEE with MIT License 6 votes vote down vote up
public static void main(String[] args) {
	String base64="zGkG0zevFbnIioooS3MfnnbWeBUeiZrScKVJms0CZAdJ2MYTddPkvBHGmMhvgdKA5QJk8FSb9T1Y1tFlUnnCsIvcK+iX4cfrwD7voGdU5bW9AWjwNvl3BDrAgRf+hvjrI3T5nBTFeW7uI6GzfFrIx92qER9lQ97g19Dn555uwIzf0ULvc8jICZTraLLrf2avh1hy2kUJJblO6u5IHiBbAXBNitZ6W1yjLEWmSFnb+EsEWAGB3WwV1u1HZO045LB4G57UIH4QGM0xfJjWWeahiTS4j9IAEJBbghwfL1A5pdzFiXJzzA5GF85vtP+6jLwQfGaQJyv35PvNNsDmCqFe8eUSBLji5z5y/y+yKfZk9izXiEvFjKQ5kqMqKfLMp+Vn5OuO+syc4CfJL4PLI16vwVUPV1EWAzyxUhK7DtD5OMVcLPwVtwZ11dG88wkZtjXvBymLyGCj5/Tk8gTWYsdcNKD5i8WvbMLT45S4iWsZxa/5offIiCipkkqoqvxCppJLTzBoaR/wlqoa1Bc/cvpijiJTIbSCj+iFloQRdax1mMQ";
	 base64 = ensurePadding(base64);
	  byte[] decoded = Base64.decode(base64);
	  
	  
	   byte[] serialized = decoded;
        CipherService cipherService = new AesCipherService();
        if (cipherService != null) {
            ByteSource byteSource = cipherService.decrypt(decoded, new byte[]{-112, -15, -2, 108, -116, 100, -28, 61, -99, 121, -104, -120, -59, -58, -102, 104});
            serialized = byteSource.getBytes();
        }
        Serializer<PrincipalCollection> serializer = new DefaultSerializer<PrincipalCollection>();
        ;
        System.out.println(serializer.deserialize(serialized));
        
        	SimplePrincipalCollection p=(SimplePrincipalCollection) serializer.deserialize(serialized);	

	  System.out.println(p.getPrimaryPrincipal());
	  System.out.println(p.getRealmNames());
	  System.out.println(p);
}
 
Example #5
Source File: ShiroTest.java    From EasyEE with MIT License 6 votes vote down vote up
public static void main(String[] args) {
	String base64="zGkG0zevFbnIioooS3MfnnbWeBUeiZrScKVJms0CZAdJ2MYTddPkvBHGmMhvgdKA5QJk8FSb9T1Y1tFlUnnCsIvcK+iX4cfrwD7voGdU5bW9AWjwNvl3BDrAgRf+hvjrI3T5nBTFeW7uI6GzfFrIx92qER9lQ97g19Dn555uwIzf0ULvc8jICZTraLLrf2avh1hy2kUJJblO6u5IHiBbAXBNitZ6W1yjLEWmSFnb+EsEWAGB3WwV1u1HZO045LB4G57UIH4QGM0xfJjWWeahiTS4j9IAEJBbghwfL1A5pdzFiXJzzA5GF85vtP+6jLwQfGaQJyv35PvNNsDmCqFe8eUSBLji5z5y/y+yKfZk9izXiEvFjKQ5kqMqKfLMp+Vn5OuO+syc4CfJL4PLI16vwVUPV1EWAzyxUhK7DtD5OMVcLPwVtwZ11dG88wkZtjXvBymLyGCj5/Tk8gTWYsdcNKD5i8WvbMLT45S4iWsZxa/5offIiCipkkqoqvxCppJLTzBoaR/wlqoa1Bc/cvpijiJTIbSCj+iFloQRdax1mMQ";
	 base64 = ensurePadding(base64);
	  byte[] decoded = Base64.decode(base64);
	  
	  
	   byte[] serialized = decoded;
        CipherService cipherService = new AesCipherService();
        if (cipherService != null) {
            ByteSource byteSource = cipherService.decrypt(decoded, new byte[]{-112, -15, -2, 108, -116, 100, -28, 61, -99, 121, -104, -120, -59, -58, -102, 104});
            serialized = byteSource.getBytes();
        }
        Serializer<PrincipalCollection> serializer = new DefaultSerializer<PrincipalCollection>();
        ;
        System.out.println(serializer.deserialize(serialized));
        
        	SimplePrincipalCollection p=(SimplePrincipalCollection) serializer.deserialize(serialized);	

	  System.out.println(p.getPrimaryPrincipal());
	  System.out.println(p.getRealmNames());
	  System.out.println(p);
}
 
Example #6
Source File: ApplicationResourceIT.java    From usergrid with Apache License 2.0 6 votes vote down vote up
/**
 * Retrieve an authentication token using a combination of form input and payload
 */
@Test
public void clientCredentialsFlowWithHeaderAuthorizationAndPayload() throws Exception {
    //retrieve the credentials
    Credentials orgCredentials = getOrgCredentials();
    String clientId = orgCredentials.getClientId();
    String clientSecret = orgCredentials.getClientSecret();

    //Encode the credentials
    String clientCredentials = clientId + ":" + clientSecret;
    String token = Base64.encodeToString(clientCredentials.getBytes());

    //POST the form to the application token endpoint along with the payload
    Token apiResponse = this.app().token().getTarget( false ).request()
        .header( "Authorization", "Basic " + token )
        .accept( MediaType.APPLICATION_JSON )
        .post(javax.ws.rs.client.Entity.entity(
            hashMap("grant_type", "client_credentials"), MediaType.APPLICATION_JSON_TYPE), Token.class);

    //Assert that a valid token with a valid TTL is returned
    assertNotNull("It has access_token.", apiResponse.getAccessToken());
    assertNotNull("It has expires_in.", apiResponse.getExpirationDate());
}
 
Example #7
Source File: AesEncryptUtil.java    From jeecg-boot-with-activiti with MIT License 6 votes vote down vote up
/**
  * 解密方法
  * @param data 要解密的数据
  * @param key  解密key
  * @param iv 解密iv
  * @return 解密的结果
  * @throws Exception
  */
 public static String desEncrypt(String data, String key, String iv) throws Exception {
     try {
byte[] encrypted1 = Base64.decode(data);

         Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
         SecretKeySpec keyspec = new SecretKeySpec(key.getBytes(), "AES");
         IvParameterSpec ivspec = new IvParameterSpec(iv.getBytes());

         cipher.init(Cipher.DECRYPT_MODE, keyspec, ivspec);

         byte[] original = cipher.doFinal(encrypted1);
         String originalString = new String(original);
         return originalString;
     } catch (Exception e) {
         e.printStackTrace();
         return null;
     }
 }
 
Example #8
Source File: CookieRememberMeManager.java    From nano-framework with Apache License 2.0 6 votes vote down vote up
@Override
protected void rememberSerializedIdentity(Subject subject, byte[] serialized) {
    if (!WebUtils.isHttp(subject)) {
        if (LOGGER.isDebugEnabled()) {
            String msg = "Subject argument is not an HTTP-aware instance.  This is required to obtain a servlet " +
                    "request and response in order to set the rememberMe cookie. Returning immediately and " +
                    "ignoring rememberMe operation.";
            LOGGER.debug(msg);
        }
        
        return;
    }


    HttpServletRequest request = WebUtils.getHttpRequest(subject);
    HttpServletResponse response = WebUtils.getHttpResponse(subject);

    // base 64 encode it and store as a cookie:
    String base64 = Base64.encodeToString(serialized);

    // the class attribute is really a template for the outgoing cookies
    Cookie cookie = getCookie(); 
    cookie.setValue(base64);
    cookie.saveTo(request, response);
}
 
Example #9
Source File: TestTwilioAckEventHandler.java    From arcusplatform with Apache License 2.0 6 votes vote down vote up
public void buildMocks(String anweredBy,String host, String sigHost,String callStatus) throws Exception{
   URIBuilder builder = new URIBuilder("/ivr/event/ack")
      .addParameter(TwilioBaseHandler.SCRIPT_PARAM, "alarm.smoke.triggered")
      .addParameter(TwilioHelper.NOTIFICATION_ID_PARAM_NAME, "place:"+UUID.randomUUID())
      .addParameter(TwilioHelper.PERSON_ID_PARAM_NAME, "test")
      .addParameter(TwilioHelper.NOTIFICATION_EVENT_TIME_PARAM_NAME, "12345678910")
      .addParameter(TwilioHelper.CALL_STATUS_PARAM_KEY, callStatus)
      .addParameter(TwilioHelper.ANSWEREDBY_PARAM_KEY, anweredBy);
   
   String testURI=builder.build().toString();
   FieldUtils.writeField(handler, "twilioAccountAuth", "AUTHKEY", true);
   
   String protocol =TwilioHelper.PROTOCOL_HTTPS;
   
   String sig = Base64.encodeToString(HmacUtils.hmacSha1 ("AUTHKEY", protocol + sigHost + testURI));
   
   EasyMock.expect(request.getMethod()).andReturn(HttpMethod.GET).anyTimes();
   EasyMock.expect(request.getUri()).andReturn(testURI).anyTimes();
   EasyMock.expect(request.headers()).andReturn(httpHeaders).anyTimes();
   EasyMock.expect(httpHeaders.contains(TwilioHelper.SIGNATURE_HEADER_KEY)).andReturn(true).anyTimes();
   EasyMock.expect(httpHeaders.get(TwilioHelper.SIGNATURE_HEADER_KEY)).andReturn(sig).anyTimes();
   EasyMock.expect(httpHeaders.get(TwilioHelper.HOST_HEADER_KEY)).andReturn(host).anyTimes();
   EasyMock.expect(mockPopulationCacheMgr.getPopulationByPlaceId(EasyMock.anyObject(UUID.class))).andReturn(Population.NAME_GENERAL);
}
 
Example #10
Source File: TestTwilioAckScriptHandler.java    From arcusplatform with Apache License 2.0 6 votes vote down vote up
@Before
public void setUp() throws Exception {
   super.setUp();
   builder = buildParameters(null);
   FieldUtils.writeField(handler, "twilioAccountAuth", "AUTHKEY", true);

   sig = Base64.encodeToString(HmacUtils.hmacSha1 ("AUTHKEY", TwilioHelper.PROTOCOL_HTTPS + "somehost" + builder.toString()));
   EasyMock.expect(request.getUri()).andReturn(builder.toString()).anyTimes();
   EasyMock.expect(request.getMethod()).andReturn(HttpMethod.GET);
   EasyMock.expect(request.headers()).andReturn(httpHeaders).anyTimes();
   
   EasyMock.expect(httpHeaders.contains(TwilioHelper.SIGNATURE_HEADER_KEY)).andReturn(true).anyTimes();
   EasyMock.expect(httpHeaders.get(TwilioHelper.SIGNATURE_HEADER_KEY)).andReturn(sig).anyTimes();
   EasyMock.expect(httpHeaders.get(TwilioHelper.HOST_HEADER_KEY)).andReturn("somehost").anyTimes();
   EasyMock.expect(personDAO.findById(personID)).andReturn(person);
   EasyMock.expect(placeDAO.findById(placeId)).andReturn(place);
   EasyMock.expect(populationCacheMgr.getPopulationByPlaceId(EasyMock.anyObject(UUID.class))).andReturn(Population.NAME_GENERAL).anyTimes();
}
 
Example #11
Source File: AesEncryptUtil.java    From teaching with Apache License 2.0 6 votes vote down vote up
/**
  * 解密方法
  * @param data 要解密的数据
  * @param key  解密key
  * @param iv 解密iv
  * @return 解密的结果
  * @throws Exception
  */
 public static String desEncrypt(String data, String key, String iv) throws Exception {
     try {
byte[] encrypted1 = Base64.decode(data);

         Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
         SecretKeySpec keyspec = new SecretKeySpec(key.getBytes(), "AES");
         IvParameterSpec ivspec = new IvParameterSpec(iv.getBytes());

         cipher.init(Cipher.DECRYPT_MODE, keyspec, ivspec);

         byte[] original = cipher.doFinal(encrypted1);
         String originalString = new String(original);
         return originalString;
     } catch (Exception e) {
         e.printStackTrace();
         return null;
     }
 }
 
Example #12
Source File: AesEncryptUtil.java    From jeecg-boot with Apache License 2.0 6 votes vote down vote up
/**
  * 解密方法
  * @param data 要解密的数据
  * @param key  解密key
  * @param iv 解密iv
  * @return 解密的结果
  * @throws Exception
  */
 public static String desEncrypt(String data, String key, String iv) throws Exception {
     try {
byte[] encrypted1 = Base64.decode(data);

         Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
         SecretKeySpec keyspec = new SecretKeySpec(key.getBytes(), "AES");
         IvParameterSpec ivspec = new IvParameterSpec(iv.getBytes());

         cipher.init(Cipher.DECRYPT_MODE, keyspec, ivspec);

         byte[] original = cipher.doFinal(encrypted1);
         String originalString = new String(original);
         return originalString;
     } catch (Exception e) {
         e.printStackTrace();
         return null;
     }
 }
 
Example #13
Source File: AuthzLoginController.java    From spring-boot-starter-samples with Apache License 2.0 6 votes vote down vote up
/**
 * 
 * @param request
 * @return
 * @throws Exception
 */
@ApiOperation(value = "获取RSA公钥", notes = "用于登录功能获取RSA公钥")
@RequestMapping(value = "publicKey", method = {RequestMethod.POST, RequestMethod.GET})
@ResponseBody
public JSONObject getPublicKey(@ApiIgnore HttpServletRequest request) throws Exception {

	RSAPublicKey publicKey = getAuthzLoginService().genPublicKey(request);

	byte[] modulus = publicKey.getModulus().toByteArray();
	byte[] exponent = publicKey.getPublicExponent().toByteArray();

	JSONObject json = new JSONObject();
	json.put("modulus", Base64.encodeToString(modulus));
	json.put("exponent", Base64.encodeToString(exponent));
	
	return json;
}
 
Example #14
Source File: ApplicationResourceIT.java    From usergrid with Apache License 2.0 5 votes vote down vote up
/**
 * Retrieve an access token using HTTP Basic authentication
 */
@Test
public void clientCredentialsFlowWithBasicAuthentication() throws Exception {
    //retrieve the credentials
    Credentials orgCredentials = getOrgCredentials();
    String clientId = orgCredentials.getClientId();
    String clientSecret = orgCredentials.getClientSecret();

    //encode the credentials
    String clientCredentials = clientId + ":" + clientSecret;
    String token = Base64.encodeToString(clientCredentials.getBytes());

    Map<String, String> map = new HashMap<>(1);
    map.put("grant_type", "client_credentials");
    //GET the token endpoint, adding the basic auth header
    Token apiResponse = clientSetup.getRestClient().management().token().getTarget( false )
        //add the auth header
        .request()
        .header( "Authorization", "Basic " + token )
        .accept(MediaType.APPLICATION_JSON)
        .post( javax.ws.rs.client.Entity.entity(map, MediaType.APPLICATION_JSON_TYPE), Token.class );

    //Assert that a valid token with a valid TTL is returned
    assertNotNull("A valid response was returned.", apiResponse);
    assertNull("There is no error.", apiResponse.getError());
    assertNotNull("It has access_token.", apiResponse.getAccessToken());
    assertNotNull("It has expires_in.", apiResponse.getExpirationDate());
}
 
Example #15
Source File: SerializableUtils.java    From phone with Apache License 2.0 5 votes vote down vote up
public static String serialize(Object session) {
    try {
        ByteArrayOutputStream bos = new ByteArrayOutputStream();
        ObjectOutputStream oos = new ObjectOutputStream(bos);
        oos.writeObject(session);
        return Base64.encodeToString(bos.toByteArray());
    } catch (Exception e) {
        throw new RuntimeException("serialize session error", e);
    }
}
 
Example #16
Source File: ShiroConfig.java    From EasyReport with Apache License 2.0 5 votes vote down vote up
@Bean
public CookieRememberMeManager rememberMeManager() {
    final CookieRememberMeManager cookieRememberMeManager = new CookieRememberMeManager();
    cookieRememberMeManager.setCipherKey(Base64.decode("ZUdsaGJuSmxibVI2ZHc9PQ=="));
    cookieRememberMeManager.setCookie(rememberMeCookie());
    return cookieRememberMeManager;
}
 
Example #17
Source File: SecurityModule.java    From tapestry-security with Apache License 2.0 5 votes vote down vote up
@SuppressWarnings({"rawtypes", "unchecked"})
public static RememberMeManager buildRememberMeManager(Serializer serializer, Logger logger,
													   @Symbol(SymbolConstants.HMAC_PASSPHRASE) String hmacPassphrase,
													   @Symbol(SecuritySymbols.REMEMBERME_CIPHERKERY) String rememberMeCipherKey) throws UnsupportedEncodingException {
	CookieRememberMeManager rememberMeManager = new CookieRememberMeManager();
	// the default Shiro serializer produces obnoxiously long cookies
	rememberMeManager.setSerializer(serializer);

	// assume properly configured cipher is of the right width (divisable by 16)
	byte[] cipherKey = Base64.decode(rememberMeCipherKey);
	if (cipherKey.length <= 0) {
		if (hmacPassphrase.isEmpty()) {
			logger
					.error("Neither symbol '"
								   + SecuritySymbols.REMEMBERME_CIPHERKERY
								   + "' nor  '"
								   + SymbolConstants.HMAC_PASSPHRASE
								   + "' is set. Using a random value as the cipher key for encrypting rememberMe information. Cookies will be invalidated when the JVM is restarted");
			return rememberMeManager;
		}

		logger.warn("Symbol '" + SecuritySymbols.REMEMBERME_CIPHERKERY + "' is not set, using '"
							+ SymbolConstants.HMAC_PASSPHRASE
							+ "' as the cipher. Beware that changing the value will invalidate rememberMe cookies");
		if (hmacPassphrase.length() < 16)
			hmacPassphrase = hmacPassphrase + ("================".substring(hmacPassphrase.length()));
		cipherKey = hmacPassphrase.getBytes("UTF-8");
		if (cipherKey.length > 16) cipherKey = Arrays.copyOf(cipherKey, 16);
	}
	rememberMeManager.setCipherKey(cipherKey);
	return rememberMeManager;
}
 
Example #18
Source File: AbstractHash.java    From nano-framework with Apache License 2.0 5 votes vote down vote up
/**
 *
 * @return a Base64-encoded string of the underlying {@link #getBytes byte array}.
 */
public String toBase64() {
    if (this.base64Encoded == null) {
        //cache result in case this method is called multiple times.
        this.base64Encoded = Base64.encodeToString(getBytes());
    }
    return this.base64Encoded;
}
 
Example #19
Source File: SimpleHash.java    From nano-framework with Apache License 2.0 5 votes vote down vote up
/**
 *
 * @return a Base64-encoded string of the underlying {@link #getBytes byte array}.
 */
public String toBase64() {
    if (this.base64Encoded == null) {
        //cache result in case this method is called multiple times.
        this.base64Encoded = Base64.encodeToString(getBytes());
    }
    return this.base64Encoded;
}
 
Example #20
Source File: ShiroConfig.java    From pybbs with GNU Affero General Public License v3.0 5 votes vote down vote up
@Bean
@DependsOn("mybatisPlusConfig")
public CookieRememberMeManager rememberMeManager() {
    //System.out.println("ShiroConfiguration.rememberMeManager()");
    CookieRememberMeManager cookieRememberMeManager = new CookieRememberMeManager();
    cookieRememberMeManager.setCookie(rememberMeCookie());
    //rememberMe cookie加密的密钥 建议每个项目都不一样 默认AES算法 密钥长度(128 256 512 位)
    cookieRememberMeManager.setCipherKey(Base64.encode("pybbs is the best!".getBytes()));
    return cookieRememberMeManager;
}
 
Example #21
Source File: SerializableUtil.java    From zheng with MIT License 5 votes vote down vote up
public static String serialize(Session session) {
    if (null == session) {
        return null;
    }
    try {
        ByteArrayOutputStream bos = new ByteArrayOutputStream();
        ObjectOutputStream oos = new ObjectOutputStream(bos);
        oos.writeObject(session);
        return Base64.encodeToString(bos.toByteArray());
    } catch (Exception e) {
        throw new RuntimeException("serialize session error", e);
    }
}
 
Example #22
Source File: MySimpleHash.java    From cms with Apache License 2.0 5 votes vote down vote up
public String toBase64() {
    if (this.base64Encoded == null) {
        this.base64Encoded = Base64.encodeToString(this.getBytes());
    }

    return this.base64Encoded;
}
 
Example #23
Source File: SerializeUtils.java    From Spring-Shiro-Spark with Apache License 2.0 5 votes vote down vote up
public static <T> Collection<T> deserializeFromStrings(Collection<String> base64s){
    try{
        List<T> list = Lists.newLinkedList();
        for(String base64 : base64s){
            byte[] objectData = Base64.decode(base64);
            T t = deserialize(objectData);
            list.add(t);
        }
        return list;
    }catch (Exception e){
        throw new ResultException("deserialize session error");
    }
}
 
Example #24
Source File: SerializeUtils.java    From Spring-Shiro-Spark with Apache License 2.0 5 votes vote down vote up
public static <T> T deserializeFromString(String base64){
    try{
        byte[] objectData = Base64.decode(base64);
        return deserialize(objectData);
    } catch (Exception e){
        throw new ResultException("deserialize session error");
    }
}
 
Example #25
Source File: SerializeUtils.java    From Spring-Shiro-Spark with Apache License 2.0 5 votes vote down vote up
public static String serializaToString(Serializable obj){
    try{
        byte[] value = serialize(obj);
        return Base64.encodeToString(value);
    }catch (Exception e){
        throw new ResultException("serialize session error");
    }
}
 
Example #26
Source File: ApplicationResourceIT.java    From usergrid with Apache License 2.0 5 votes vote down vote up
/**
 * Retrieve an app user access token using HTTP Basic authentication
 */
@Test
public void clientCredentialsFlowWithHeaderAuthorization() throws Exception {

    // get app credentials from /<org>/<app>/credentials end-point (using admin credentials)
    Credentials appCredentials = getAppCredentials();
    String clientId = appCredentials.getClientId();
    String clientSecret = appCredentials.getClientSecret();

    // use app credentials to admin user access token
    Token token = clientSetup.getRestClient().management().token()
        .post(Token.class,new Token("client_credentials", clientId, clientSecret));

    String clientCredentials = clientId + ":" + clientSecret;
    String encodedToken = Base64.encodeToString( clientCredentials.getBytes() );

    Map<String, String> payload = hashMap( "grant_type", "client_credentials" );

    // use admin user access token to get app user access token
    Token apiResponse = this.app().token().getTarget( false ).request()
        //add the auth header
        .header( "Authorization", "Basic " + encodedToken )
        .accept( MediaType.APPLICATION_JSON )
        .post(javax.ws.rs.client.Entity.entity(payload, MediaType.APPLICATION_JSON_TYPE ), Token.class );

    //Assert that a valid token with a valid TTL is returned
    assertNotNull("A valid response was returned.", apiResponse);
    assertNull("There is no error.", apiResponse.getError());
    assertNotNull("It has access_token.", apiResponse.getAccessToken());
    assertNotNull("It has expires_in.", apiResponse.getExpirationDate());




}
 
Example #27
Source File: ShiroConfig.java    From supplierShop with MIT License 5 votes vote down vote up
/**
 * 记住我
 */
public CookieRememberMeManager rememberMeManager()
{
    CookieRememberMeManager cookieRememberMeManager = new CookieRememberMeManager();
    cookieRememberMeManager.setCookie(rememberMeCookie());
    cookieRememberMeManager.setCipherKey(Base64.decode("fCq+/xW488hMTCD+cmJ3aQ=="));
    return cookieRememberMeManager;
}
 
Example #28
Source File: ShiroConfig.java    From yyblog with MIT License 5 votes vote down vote up
/**
* cookie管理器;
* @return
*/
@Bean
public CookieRememberMeManager rememberMeManager(){
    CookieRememberMeManager cookieRememberMeManager = new CookieRememberMeManager();
    //rememberme cookie加密的密钥 建议每个项目都不一样 默认AES算法 密钥长度(128 256 512 位),通过以下代码可以获取
    //KeyGenerator keygen = KeyGenerator.getInstance("AES");
    //SecretKey deskey = keygen.generateKey();
    //System.out.println(Base64.encodeToString(deskey.getEncoded()));
    byte[] cipherKey = Base64.decode("wGiHplamyXlVB11UXWol8g==");
    cookieRememberMeManager.setCipherKey(cipherKey);
    cookieRememberMeManager.setCookie(rememberMeCookie());
    return cookieRememberMeManager;
}
 
Example #29
Source File: ShiroByteSource.java    From xmanager with Apache License 2.0 5 votes vote down vote up
@Override
public String toBase64() {
	if ( this.cachedBase64 == null ) {
		this.cachedBase64 = Base64.encodeToString(getBytes());
	}
	return this.cachedBase64;
}
 
Example #30
Source File: SerializableUtil.java    From zheng with MIT License 5 votes vote down vote up
public static Session deserialize(String sessionStr) {
    if (StringUtils.isBlank(sessionStr)) {
        return null;
    }
    try {
        ByteArrayInputStream bis = new ByteArrayInputStream(Base64.decode(sessionStr));
        ObjectInputStream ois = new ObjectInputStream(bis);
        return (Session) ois.readObject();
    } catch (Exception e) {
        throw new RuntimeException("deserialize session error", e);
    }
}