org.lightningj.paywall.tokengenerator

Class BaseTokenGenerator

java.lang.Object

org.lightningj.paywall.tokengenerator.BaseTokenGenerator

All Implemented Interfaces:

TokenGenerator

Direct Known Subclasses:

AsymmetricKeyTokenGenerator, SymmetricKeyTokenGenerator

public abstract class BaseTokenGenerator
extends java.lang.Object
implements TokenGenerator

Default abstract base class containing help method for implementing TokenGenerators. Created by Philip Vendil on 2018-10-29.

Field Summary

Fields

Modifier and Type	Field and Description
static long	ALLOWED_CLOCK_SKEW
static int	PREIMAGE_LENGTH

Constructor Summary

Constructors

Constructor and Description
BaseTokenGenerator()

Method Summary

Modifier and Type	Method and Description
java.lang.String	generateInvoiceToken(OrderRequest orderRequest, MinimalInvoice invoice, RequestData requestData, java.time.Instant expireDate, java.time.Instant notBefore, java.lang.String recipientSubject) Help method to generate a JWT token containing a invoice data claim.
java.lang.String	generatePaymentToken(OrderRequest orderRequest, Order order, RequestData requestData, java.time.Instant expireDate, java.time.Instant notBefore, java.lang.String recipientSubject) Help method to generate a JWT token containing a payment data claim.
java.lang.String	generateSettlementToken(OrderRequest orderRequest, Settlement settlement, RequestData requestData, java.time.Instant expireDate, java.time.Instant notBefore, java.lang.String recipientSubject) Help method to generate a JWT token containing a settlement data claim.
java.lang.String	generateToken(java.lang.String tokenContextType, java.time.Instant expireDate, java.time.Instant notBefore, boolean encrypt, java.lang.String recipientSubject, JWTClaim... claim) General method to generate JWT token that is JWS signed and optionally JWE encrypted.
PreImageData	genPreImageData() Method that should generate a random pre image data used to create invoice.
protected java.security.SecureRandom	getSecureRandom()
org.jose4j.jwt.JwtClaims	parseToken(java.lang.String tokenContextType, java.lang.String jwtToken) Method to parse, verify signature and decrypt (if encrypted) a token.
protected abstract void	populateJWEDecryptionAlgAndKey(TokenContext context, org.jose4j.jwe.JsonWebEncryption jwe) Method to set the encryption algorithm and key used to deencrypt the token.
protected abstract void	populateJWEEncryptionAlgAndKey(TokenContext context, java.lang.String recipientSubject, org.jose4j.jwe.JsonWebEncryption jwe) Method to set the encryption algorithm and key used to encrypt the token.
protected abstract void	populateJWSSignatureAlgAndKey(TokenContext context, org.jose4j.jws.JsonWebSignature jws) Method to set the signature algorithm and key used to sign the token.
protected abstract void	populateJWSVerifyAlgAndKey(TokenContext context, org.jose4j.jws.JsonWebSignature jws) Method to set algorithm whitelisting and verification key before verification of the JWS signature.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.lightningj.paywall.tokengenerator.TokenGenerator

getIssuerName

Field Detail

PREIMAGE_LENGTH

public static final int PREIMAGE_LENGTH

See Also:

Constant Field Values

ALLOWED_CLOCK_SKEW

public static final long ALLOWED_CLOCK_SKEW

See Also:

Constant Field Values

Constructor Detail

BaseTokenGenerator

public BaseTokenGenerator()

Method Detail

genPreImageData

public PreImageData genPreImageData()
                             throws InternalErrorException

Method that should generate a random pre image data used to create invoice.

Specified by:

genPreImageData in interface TokenGenerator

Returns:

a newly created unique PreImageData

Throws:

InternalErrorException - if internal errors occurred generating the pre image data.

generatePaymentToken

public java.lang.String generatePaymentToken(OrderRequest orderRequest,
                                             Order order,
                                             RequestData requestData,
                                             java.time.Instant expireDate,
                                             java.time.Instant notBefore,
                                             java.lang.String recipientSubject)
                                      throws TokenException,
                                             java.io.IOException,
                                             InternalErrorException

Help method to generate a JWT token containing a payment data claim.

Specified by:

generatePaymentToken in interface TokenGenerator

Parameters:

orderRequest - the order request derived from the payment required annotation.

order - the payment data to include in the token.

requestData - optional request data that could be set if workflow requires it.

expireDate - the expire date of the token in the future.

notBefore - an optional not before data, indicating when the token starts to become valid. Use null not to set.

recipientSubject - the subject (usually keyId) of the recipient, required if asymmetrical keys are used, otherwise it can be null.

Returns:

the generate JWT/JWS/JWE token with a payment data claim.

Throws:

TokenException - if problems occurred looking up the recipient public key.

java.io.IOException - if communication problems occurred with underlying systems.

InternalErrorException - if internal problems occurred processing the token.

generateInvoiceToken

public java.lang.String generateInvoiceToken(OrderRequest orderRequest,
                                             MinimalInvoice invoice,
                                             RequestData requestData,
                                             java.time.Instant expireDate,
                                             java.time.Instant notBefore,
                                             java.lang.String recipientSubject)
                                      throws TokenException,
                                             java.io.IOException,
                                             InternalErrorException

Help method to generate a JWT token containing a invoice data claim.

Specified by:

generateInvoiceToken in interface TokenGenerator

Parameters:

orderRequest - the order request derived from the payment required annotation.

invoice - the invoice data to include in the token.

requestData - optional request data that could be set if workflow requires it.

expireDate - the expire date of the token in the future.

notBefore - an optional not before data, indicating when the token starts to become valid. Use null not to set.

recipientSubject - the subject (usually keyId) of the recipient, required if asymmetrical keys are used, otherwise it can be null.

Returns:

the generate JWT/JWS/JWE token with a invoice data claim.

Throws:

TokenException - if problems occurred looking up the recipient public key.

java.io.IOException - if communication problems occurred with underlying systems.

InternalErrorException - if internal problems occurred processing the token.

generateSettlementToken

public java.lang.String generateSettlementToken(OrderRequest orderRequest,
                                                Settlement settlement,
                                                RequestData requestData,
                                                java.time.Instant expireDate,
                                                java.time.Instant notBefore,
                                                java.lang.String recipientSubject)
                                         throws TokenException,
                                                java.io.IOException,
                                                InternalErrorException

Help method to generate a JWT token containing a settlement data claim.

Specified by:

generateSettlementToken in interface TokenGenerator

Parameters:

orderRequest - the order request derived from the payment required annotation.

settlement - the settlement data to include in the token.

requestData - optional request data that could be set if workflow requires it.

expireDate - the expire date of the token in the future.

notBefore - an optional not before data, indicating when the token starts to become valid. Use null not to set.

recipientSubject - the subject (usually keyId) of the recipient, required if asymmetrical keys are used, otherwise it can be null.

Returns:

the generate JWT/JWS/JWE token with a settlement data claim.

Throws:

TokenException - if problems occurred looking up the recipient public key.

java.io.IOException - if communication problems occurred with underlying systems.

InternalErrorException - if internal problems occurred processing the token.

generateToken

public java.lang.String generateToken(java.lang.String tokenContextType,
                                      java.time.Instant expireDate,
                                      java.time.Instant notBefore,
                                      boolean encrypt,
                                      java.lang.String recipientSubject,
                                      JWTClaim... claim)
                               throws TokenException,
                                      java.io.IOException,
                                      InternalErrorException

General method to generate JWT token that is JWS signed and optionally JWE encrypted.

Specified by:

generateToken in interface TokenGenerator

Parameters:

tokenContextType - the type the token context

expireDate - the expire date of the token in the future.

notBefore - an optional not before data, indicating when the token starts to become valid. Use null not to set.

encrypt - true if JWE encrypted token should be generated.

recipientSubject - the subject (usually keyId) of the recipient, required if asymmetrical keys are used, otherwise it can be null.

claim - a list of claims to include in the token.

Returns:

the generate JWT/JWS/JWE token.

Throws:

TokenException - if problems occurred looking up the recipient public key.

java.io.IOException - if communication problems occurred with underlying systems.

InternalErrorException - if internal problems occurred processing the token.

parseToken

public org.jose4j.jwt.JwtClaims parseToken(java.lang.String tokenContextType,
                                           java.lang.String jwtToken)
                                    throws TokenException,
                                           java.io.IOException,
                                           InternalErrorException

Method to parse, verify signature and decrypt (if encrypted) a token.

Specified by:

parseToken in interface TokenGenerator

Parameters:

tokenContextType - the type of token context used when parsing a token.

jwtToken - The JWT token string data to parse.

Returns:

a JwtClaims from the JWT token.

Throws:

TokenException - if problems occurred parsing, verifying or decrypting the token.

java.io.IOException - if communication problems occurred with underlying systems.

InternalErrorException - if internal problems occurred processing the token.

populateJWSSignatureAlgAndKey

protected abstract void populateJWSSignatureAlgAndKey(TokenContext context,
                                                      org.jose4j.jws.JsonWebSignature jws)
                                               throws java.io.IOException,
                                                      InternalErrorException

Method to set the signature algorithm and key used to sign the token.

Parameters:

context - the related token context.

jws - the signature to populate used algorithm and key for.

Throws:

java.io.IOException - if communication problems occurred with underlying systems.

InternalErrorException - if internal problem occurred setting the JWS properties.

populateJWSVerifyAlgAndKey

protected abstract void populateJWSVerifyAlgAndKey(TokenContext context,
                                                   org.jose4j.jws.JsonWebSignature jws)
                                            throws TokenException,
                                                   org.jose4j.lang.JoseException,
                                                   java.io.IOException,
                                                   InternalErrorException

Method to set algorithm whitelisting and verification key before verification of the JWS signature. Important, the implementation must check that the verification key is trusted.

Parameters:

context - the related token context.

jws - the signature to check signing algorithm and signing key for.

Throws:

TokenException - if no trusted signing key could be found.

org.jose4j.lang.JoseException - if JWT problems occurred.

java.io.IOException - if communication problems occurred with underlying systems.

InternalErrorException - if internal problem occurred setting the JWS properties.

populateJWEEncryptionAlgAndKey

protected abstract void populateJWEEncryptionAlgAndKey(TokenContext context,
                                                       java.lang.String recipientSubject,
                                                       org.jose4j.jwe.JsonWebEncryption jwe)
                                                throws TokenException,
                                                       java.io.IOException,
                                                       InternalErrorException

Method to set the encryption algorithm and key used to encrypt the token.

Parameters:

context - the related token context.

recipientSubject - the subject name of the recipient for the generated token, could be null if not applicable.

jwe - the encryption object to populate used algorithm and key for.

Throws:

TokenException - if no related encryption key could be found.

java.io.IOException - if communication problems occurred with underlying systems.

InternalErrorException - if internal problem occurred setting the JWE properties.

populateJWEDecryptionAlgAndKey

protected abstract void populateJWEDecryptionAlgAndKey(TokenContext context,
                                                       org.jose4j.jwe.JsonWebEncryption jwe)
                                                throws java.io.IOException,
                                                       InternalErrorException

Method to set the encryption algorithm and key used to deencrypt the token.

Parameters:

context - the related token context.

jwe - the encryption object to populate used algorithm and key for.

Throws:

java.io.IOException - if communication problems occurred with underlying systems.

InternalErrorException - if internal problem occurred setting the JWE properties.

getSecureRandom

protected java.security.SecureRandom getSecureRandom()
                                              throws InternalErrorException

Throws:

InternalErrorException