-
-
Save anton-x-t/43a298607937c46bbdf9e102ddeec332 to your computer and use it in GitHub Desktop.
SOAP JAX WS Password Digest Nonce Date Created Handler generator
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Thank you very much eogiles for earlier written code, credit goes to you. | |
// Thank you very much javajack for earlier written code, credit goes to you. | |
// License for this code: cc by-sa 3.0 | |
// Please get Maven in order for this code to work. | |
// Please get your own imports, you'll probably have to get commons-codec manually by adding it to your POM in Maven: | |
// <!-- https://mvnrepository.com/artifact/commons-codec/commons-codec | |
// To be able to convert to Base64 when making the PasswordDigest token. --> | |
// <dependency> | |
// <groupId>commons-codec</groupId> | |
// <artifactId>commons-codec</artifactId> | |
// <version>1.11</version> | |
// </dependency> | |
// On building a complete security header including nonce, createdTime and passwordDigest, | |
// thank you eogiles and Rakesh Waghela (javajack), https://gist.github.com/propatience/43a298607937c46bbdf9e102ddeec332 | |
private static String[] buildSecurityHeader(String passwordParam) throws IOException, NoSuchAlgorithmException { | |
String password = passwordParam; | |
// From the spec: Password_Digest = Base64 ( SHA-1 ( nonce + created + password ) ) | |
// Make the nonce | |
SecureRandom rand = SecureRandom.getInstance("SHA1PRNG"); | |
rand.setSeed(System.currentTimeMillis()); | |
byte[] nonceBytes = new byte[16]; | |
rand.nextBytes(nonceBytes); | |
// Make the created date | |
DateFormat df = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.SSS'Z'"); | |
df.setTimeZone(TimeZone.getTimeZone("UTC")); | |
String createdDate = df.format(Calendar.getInstance().getTime()); | |
byte[] createdDateBytes = createdDate.getBytes("UTF-8"); | |
// Make the password | |
byte[] passwordBytes = password.getBytes("UTF-8"); | |
// SHA-1 hash the bunch of it. | |
ByteArrayOutputStream baos = new ByteArrayOutputStream(); | |
baos.write(nonceBytes); | |
baos.write(createdDateBytes); | |
baos.write(passwordBytes); | |
MessageDigest md = MessageDigest.getInstance("SHA-1"); | |
byte[] digestedPassword = md.digest(baos.toByteArray()); | |
// Encode the password and nonce for sending | |
// String passwordB64 = (new BASE64Encoder()).encode(digestedPassword); | |
// On "Base64Encoder cannot be resolved", thank you Sai, https://stackoverflow.com/q/6526883 | |
byte[] passwordDigestB64 = org.apache.commons.codec.binary.Base64.encodeBase64(digestedPassword); | |
String passwordDigest = new String(passwordDigestB64); | |
byte[] nonceB64 = org.apache.commons.codec.binary.Base64.encodeBase64(nonceBytes); | |
String nonce = new String(nonceB64); | |
// On initializing String[], thank you glmxndr, https://stackoverflow.com/q/1200621 | |
String returnString[] = new String[3]; | |
returnString[0] = nonce; | |
returnString[1] = createdDate; | |
returnString[2] = passwordDigest; | |
return returnString; | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment