com.pingidentity.opentoken
Class Token

java.lang.Object
  extended by com.pingidentity.opentoken.Token

public class Token
extends Object

Provides encoding/decoding of OpenTokens.


Field Summary
static int CIPHER_SUITE_3DES168CBC
          Triple DES (168 bit, CBC mode, PKCS/5 padding) cipher suite
static int CIPHER_SUITE_AES128CBC
          AES (128 bit, CBC mode, PKCS/5 padding) cipher suite
static int CIPHER_SUITE_AES256CBC
          AES (256 bit, CBC mode, PKCS/5 padding) cipher suite
static int CIPHER_SUITE_NULL
          NULL (no encryption) cipher suite
static String SUN_CRYPTO_PROVIDER
          Sun JCE
 
Method Summary
static org.apache.commons.collections.MultiMap decode(String token, com.pingidentity.opentoken.key.KeyManager keyman, boolean useSunJCE)
          Deprecated. Use encode() method with explicit parameter useVerboseErrorMessages to control verbose messages.
static org.apache.commons.collections.MultiMap decode(String token, com.pingidentity.opentoken.key.KeyManager keyman, boolean useSunJCE, boolean useVerboseErrorMessages)
          Decodes a provided OpenToken and extracts the key/value(s) pairs.This new method is provided in order to enable suppression of verbose error messages in the TokenException message.
static String encode(org.apache.commons.collections.MultiMap values, com.pingidentity.opentoken.key.KeyManager keyman, boolean useSunJCE)
          Deprecated. Use encode() method with explicit parameter useVerboseErrorMessages to control verbose messages.
static String encode(org.apache.commons.collections.MultiMap values, com.pingidentity.opentoken.key.KeyManager keyman, boolean useSunJCE, boolean useVerboseErrorMessages, boolean removeTrailingBackslashes)
          Encode a map of key/value(s) pairs into an opentoken string.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

CIPHER_SUITE_NULL

public static final int CIPHER_SUITE_NULL
NULL (no encryption) cipher suite

See Also:
Constant Field Values

CIPHER_SUITE_AES256CBC

public static final int CIPHER_SUITE_AES256CBC
AES (256 bit, CBC mode, PKCS/5 padding) cipher suite

See Also:
Constant Field Values

CIPHER_SUITE_AES128CBC

public static final int CIPHER_SUITE_AES128CBC
AES (128 bit, CBC mode, PKCS/5 padding) cipher suite

See Also:
Constant Field Values

CIPHER_SUITE_3DES168CBC

public static final int CIPHER_SUITE_3DES168CBC
Triple DES (168 bit, CBC mode, PKCS/5 padding) cipher suite

See Also:
Constant Field Values

SUN_CRYPTO_PROVIDER

public static final String SUN_CRYPTO_PROVIDER
Sun JCE

See Also:
Constant Field Values
Method Detail

encode

public static String encode(org.apache.commons.collections.MultiMap values,
                            com.pingidentity.opentoken.key.KeyManager keyman,
                            boolean useSunJCE)
                     throws TokenException
Deprecated. Use encode() method with explicit parameter useVerboseErrorMessages to control verbose messages.

Encode a map of key/value(s) pairs into an opentoken string. This method is provided for backward compatibility. It invokes the new encode() method with the default value for the useVerboseErrorMessages parameter.

Parameters:
values - values to encode
keyman - key manager to use for getting an encryption key
useSunJCE - use Sun JCE
Returns:
base64 encoded, encrypted opentoken
Throws:
TokenException - if wrong type of key is provided or stream errors occur when performing encryption.

encode

public static String encode(org.apache.commons.collections.MultiMap values,
                            com.pingidentity.opentoken.key.KeyManager keyman,
                            boolean useSunJCE,
                            boolean useVerboseErrorMessages,
                            boolean removeTrailingBackslashes)
                     throws TokenException
Encode a map of key/value(s) pairs into an opentoken string. This new method is provided in order to enable suppression of verbose error messages in the TokenException message. Generic error messages prevent a security attack.

Parameters:
values - values to encode
keyman - key manager to use for getting an encryption key
useSunJCE - use Sun JCE
useVerboseErrorMessages - if true, meaningful error messages will be included in TokenException. If false, only a generic "Error" message is included.
removeTrailingBackslashes - if true, remove last backslash if last 2 characters are \' or \".
Returns:
base64 encoded, encrypted opentoken
Throws:
TokenException - if wrong type of key is provided or stream errors occur when performing encryption.

decode

public static org.apache.commons.collections.MultiMap decode(String token,
                                                             com.pingidentity.opentoken.key.KeyManager keyman,
                                                             boolean useSunJCE)
                                                      throws TokenException
Deprecated. Use encode() method with explicit parameter useVerboseErrorMessages to control verbose messages.

Decodes a provided OpenToken and extracts the key/value(s) pairs. This method is provided for backward compatibility. It invokes the new encode() method with the default value for the useVerboseErrorMessages parameter.

Parameters:
token - base-64 encoded, encrypted token that will be decoded
keyman - key manager for getting a decryption key
useSunJCE - use Sun JCE
Returns:
map of key/value pairs
Throws:
TokenException - if wrong type of key is provided or stream errors occur when performing decryption.

decode

public static org.apache.commons.collections.MultiMap decode(String token,
                                                             com.pingidentity.opentoken.key.KeyManager keyman,
                                                             boolean useSunJCE,
                                                             boolean useVerboseErrorMessages)
                                                      throws TokenException
Decodes a provided OpenToken and extracts the key/value(s) pairs.This new method is provided in order to enable suppression of verbose error messages in the TokenException message. Generic error messages prevent a security attack.

Parameters:
token - base-64 encoded, encrypted token that will be decoded
keyman - key manager for getting a decryption key
useSunJCE - use Sun JCE
useVerboseErrorMessages - if true, meaningful error messages will be included in TokenException. If false, only a generic "Error" message is included.
Returns:
map of key/value pairs
Throws:
TokenException - if wrong type of key is provided or stream errors occur when performing decryption.


Copyright © 2012. All Rights Reserved.