Source code

001/*
002 * (C) Copyright 2006-2007 Nuxeo SAS (http://nuxeo.com/) and contributors.
003 *
004 * All rights reserved. This program and the accompanying materials
005 * are made available under the terms of the GNU Lesser General Public License
006 * (LGPL) version 2.1 which accompanies this distribution, and is available at
007 * http://www.gnu.org/licenses/lgpl.html
008 *
009 * This library is distributed in the hope that it will be useful,
010 * but WITHOUT ANY WARRANTY; without even the implied warranty of
011 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
012 * Lesser General Public License for more details.
013 *
014 * Contributors:
015 *     Nuxeo - initial API and implementation
016 *
017 * $Id: JOOoConvertPluginImpl.java 18651 2007-05-13 20:28:53Z sfermigier $
018 */
019
020package org.nuxeo.ecm.http.client.authentication;
021
022import java.security.MessageDigest;
023import java.security.NoSuchAlgorithmException;
024import java.util.Date;
025import java.util.HashMap;
026import java.util.Map;
027import java.util.Random;
028
029import com.noelios.restlet.util.Base64;
030
031public class PortalSSOAuthenticationProvider {
032
033    private static final String TOKEN_SEP = ":";
034
035    private static final String TS_HEADER = "NX_TS";
036
037    private static final String RANDOM_HEADER = "NX_RD";
038
039    private static final String TOKEN_HEADER = "NX_TOKEN";
040
041    private static final String USER_HEADER = "NX_USER";
042
043    public static Map<String, String> getHeaders(String secretKey, String userName) {
044
045        Map<String, String> headers = new HashMap<String, String>();
046
047        Date timestamp = new Date();
048        int randomData = new Random(timestamp.getTime()).nextInt();
049
050        String clearToken = timestamp.getTime() + TOKEN_SEP + randomData + TOKEN_SEP + secretKey + TOKEN_SEP + userName;
051
052        byte[] hashedToken;
053
054        try {
055            hashedToken = MessageDigest.getInstance("MD5").digest(clearToken.getBytes());
056        } catch (NoSuchAlgorithmException e) {
057            return null;
058        }
059
060        String base64HashedToken = Base64.encodeBytes(hashedToken);
061
062        headers.put(TS_HEADER, String.valueOf(timestamp.getTime()));
063        headers.put(RANDOM_HEADER, String.valueOf(randomData));
064        headers.put(TOKEN_HEADER, base64HashedToken);
065        headers.put(USER_HEADER, userName);
066
067        return headers;
068    }
069
070}