| /* |
| * Copyright (c) 2010, 2018 Oracle and/or its affiliates. All rights reserved. |
| * |
| * This program and the accompanying materials are made available under the |
| * terms of the Eclipse Public License v. 2.0, which is available at |
| * http://www.eclipse.org/legal/epl-2.0. |
| * |
| * This Source Code may also be made available under the following Secondary |
| * Licenses when the conditions for such availability set forth in the |
| * Eclipse Public License v. 2.0 are satisfied: GNU General Public License, |
| * version 2 with the GNU Classpath Exception, which is available at |
| * https://www.gnu.org/software/classpath/license.html. |
| * |
| * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0 |
| */ |
| |
| package org.glassfish.jersey.server.oauth1; |
| |
| import java.util.HashMap; |
| import java.util.HashSet; |
| import java.util.Map; |
| import java.util.Set; |
| import java.util.SortedMap; |
| import java.util.TreeMap; |
| import java.util.concurrent.TimeUnit; |
| |
| /** |
| * Tracks the nonces for a given consumer key and/or token. Automagically |
| * ensures timestamp is monotonically increasing and tracks all nonces |
| * for a given timestamp. |
| * |
| * @author Paul C. Bryan |
| * @author Martin Matula |
| * @author Thomas Meire |
| */ |
| final class NonceManager { |
| /** |
| * The maximum valid age of a nonce timestamp, in milliseconds. |
| */ |
| private final long maxAge; |
| |
| /** |
| * Verifications to perform on average before performing garbage collection. |
| */ |
| private final int gcPeriod; |
| |
| /** |
| * Counts number of verification requests performed to schedule garbage collection. |
| */ |
| private int gcCounter = 0; |
| |
| private final TimeUnit timestampUnit; |
| |
| private final long maximumMapSize; |
| |
| /** |
| * Maps timestamps to key-nonce pairs. |
| */ |
| private final SortedMap<Long, Map<String, Set<String>>> tsToKeyNoncePairs = new TreeMap<>(); |
| |
| private volatile long mapSize = 0; |
| |
| /** |
| * Create a new nonce manager configured with maximum age, old nonce cleaning period and a time |
| * unit of timestamps. |
| * |
| * @param maxAge the maximum valid age of a nonce timestamp, in milliseconds. |
| * @param gcPeriod number of verifications to be performed on average before performing garbage collection |
| * of old nonces. |
| * @param timestampUnit unit in which timestamps are passed to {@link #verify(String, String, String)} method. |
| * @param maximumCacheSize maximum size of the cache that keeps nonces. If the cache exceeds the method |
| * {@link #verify(String, String, String)} will return {@code false}. |
| */ |
| public NonceManager(final long maxAge, final int gcPeriod, final TimeUnit timestampUnit, final long maximumCacheSize) { |
| if (maxAge <= 0 || gcPeriod <= 0) { |
| throw new IllegalArgumentException(); |
| } |
| |
| this.maxAge = maxAge; |
| this.gcPeriod = gcPeriod; |
| this.timestampUnit = timestampUnit; |
| this.maximumMapSize = maximumCacheSize; |
| } |
| |
| |
| /** |
| * Evaluates the timestamp/nonce combination for validity, storing and/or |
| * clearing nonces as required. |
| * <p> |
| * The method is package private in order to be used in unit tests only. |
| * </p> |
| * |
| * @param key the oauth_consumer_key value for a given consumer request |
| * @param timestamp the oauth_timestamp value for a given consumer request (in milliseconds). |
| * @param nonce the oauth_nonce value for a given consumer request. |
| * @param now current time in milliseconds |
| * @return true if the timestamp/nonce are valid. |
| */ |
| synchronized boolean verify(final String key, final String timestamp, final String nonce, final long now) { |
| // convert timestamp to milliseconds since epoch to deal with uniformly |
| final long stamp = timestampUnit.toMillis(longValue(timestamp)); |
| |
| if (mapSize + 1 > maximumMapSize) { |
| gc(now); |
| if (mapSize + 1 > maximumMapSize) { |
| // cannot keep another nonce (prevents exhausting memory) |
| return false; |
| } |
| } |
| |
| // invalid timestamp supplied; automatically invalid |
| if (stamp + maxAge < now || stamp - maxAge > now) { |
| return false; |
| } |
| |
| Map<String, Set<String>> keyToNonces = tsToKeyNoncePairs.get(stamp); |
| if (keyToNonces == null) { |
| keyToNonces = new HashMap<>(); |
| tsToKeyNoncePairs.put(stamp, keyToNonces); |
| } |
| |
| Set<String> nonces = keyToNonces.get(key); |
| if (nonces == null) { |
| nonces = new HashSet<>(); |
| keyToNonces.put(key, nonces); |
| } |
| |
| final boolean result = nonces.add(nonce); |
| if (result) { |
| mapSize++; |
| } |
| |
| // perform garbage collection if counter is up to established number of passes |
| if (++gcCounter >= gcPeriod) { |
| gc(now); |
| } |
| |
| // returns false if nonce already encountered for given timestamp |
| return result; |
| } |
| |
| /** |
| * Evaluates the timestamp/nonce combination for validity, storing and/or |
| * clearing nonces as required. |
| * |
| * @param key the oauth_consumer_key value for a given consumer request |
| * @param timestamp the oauth_timestamp value for a given consumer request (in milliseconds). |
| * @param nonce the oauth_nonce value for a given consumer request. |
| * @return true if the timestamp/nonce are valid. |
| */ |
| public synchronized boolean verify(final String key, final String timestamp, final String nonce) { |
| return verify(key, timestamp, nonce, System.currentTimeMillis()); |
| } |
| |
| /** |
| * Deletes all nonces older than maxAge. |
| * This method is package private (instead of private) for testability purposes. |
| * |
| * @param now milliseconds since epoch representing "now" |
| */ |
| void gc(final long now) { |
| gcCounter = 0; |
| final SortedMap<Long, Map<String, Set<String>>> headMap = tsToKeyNoncePairs.headMap(now - maxAge); |
| for (final Map.Entry<Long, Map<String, Set<String>>> entry : headMap.entrySet()) { |
| for (final Map.Entry<String, Set<String>> timeEntry : entry.getValue().entrySet()) { |
| mapSize -= timeEntry.getValue().size(); |
| } |
| } |
| |
| headMap.clear(); |
| } |
| |
| /** |
| * Returns number of currently tracked timestamp-key-nonce tuples. The method should be used by tests only. |
| * @return number of currently tracked timestamp-key-nonce tuples. |
| */ |
| long checkAndGetSize() { |
| long size = 0; |
| for (final Map<String, Set<String>> keyToNonces : tsToKeyNoncePairs.values()) { |
| size += keyToNonces.values().size(); |
| } |
| assert mapSize == size; |
| return mapSize; |
| } |
| |
| private static long longValue(final String value) { |
| try { |
| return Long.parseLong(value); |
| } catch (final NumberFormatException nfe) { |
| return -1; |
| } |
| } |
| } |
| |