/**
* Attempts to validate signature of given type
*
* @param buf the buffer to validate
* @param headerSignature the header signature to compare to
* @param type the type of key (vdc or internal api)
* @return
*/
private boolean trySignature(String buf, String headerSignature, SignatureKeyType type) {
String signature = _keyGenerator.sign(buf.toString(), type);
_log.debug("signature: " + (signature != null ? signature : "null"));
_log.debug("headerSignature: " + (headerSignature != null ? headerSignature : "null"));
if (StringUtils.isNotBlank(headerSignature)
&& StringUtils.isNotBlank(signature)
&& headerSignature.equals(signature)) {
return true;
}
return false;
}
/**
* Verifies signature on the request using the specified signature key type
*
* @param type specifies the type of key to use for verification (vdc or internal api)
* @param req
* @return true if the signature is good, false otherwise
*/
protected boolean verifySignature(HttpServletRequest req, SignatureKeyType type) {
// To Do - add more fields to signature
StringBuilder buf = new StringBuilder(req.getRequestURL().toString());
if (req.getQueryString() != null) {
buf.append("?" + req.getQueryString());
}
String timestamp = req.getHeader(INTERNODE_TIMESTAMP);
if (timestamp != null && !timestamp.isEmpty()) {
buf.append(req.getHeader(INTERNODE_TIMESTAMP));
} else {
return false;
}
_log.debug("buf: " + buf.toString());
String headerSignature = req.getHeader(INTERNODE_HMAC);
if (!trySignature(buf.toString(), headerSignature, type)) {
_log.info(
"Failed with signature key type {}. Reloading cached keys and trying again",
type.toString());
_keyGenerator.loadKeys();
return trySignature(buf.toString(), headerSignature, type);
}
return true;
}
