Skip to content

Commit ed23c33

Browse files
committed
use Clock to get created time in Signer
1 parent 12cbcf1 commit ed23c33

File tree

2 files changed

+25
-19
lines changed

2 files changed

+25
-19
lines changed

src/main/java/org/tomitribe/auth/signatures/Signer.java

Lines changed: 13 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -22,6 +22,7 @@
2222
import java.security.NoSuchAlgorithmException;
2323
import java.security.PrivateKey;
2424
import java.security.Provider;
25+
import java.time.Clock;
2526
import java.util.Map;
2627

2728
import static java.util.Objects.requireNonNull;
@@ -45,16 +46,26 @@ public class Signer {
4546
private final Signature signature;
4647
private final Algorithm algorithm;
4748
private final Provider provider;
49+
private final Clock clock;
4850

4951
public Signer(final Key key, final Signature signature) {
50-
this(key, signature, null);
52+
this(key, signature, null, Clock.systemUTC());
5153
}
5254

5355
public Signer(final Key key, final Signature signature, final Provider provider) {
56+
this(key, signature, provider, Clock.systemUTC());
57+
}
58+
59+
public Signer(final Key key, final Signature signature, final Clock clock) {
60+
this(key, signature, null, clock);
61+
}
62+
63+
public Signer(final Key key, final Signature signature, final Provider provider, Clock clock) {
5464
requireNonNull(key, "Key cannot be null");
5565
this.signature = requireNonNull(signature, "Signature cannot be null");
5666
this.algorithm = signature.getAlgorithm();
5767
this.provider = provider;
68+
this.clock = requireNonNull(clock, "clock cannot be null");
5869

5970
if (java.security.Signature.class.equals(algorithm.getType())) {
6071

@@ -96,7 +107,7 @@ public Signer(final Key key, final Signature signature, final Provider provider)
96107
* @return a Signature object containing the signed message.
97108
*/
98109
public Signature sign(final String method, final String uri, final Map<String, String> headers) throws IOException {
99-
final Long created = System.currentTimeMillis();
110+
final Long created = clock.millis();
100111
Long expires = signature.getSignatureMaxValidityMilliseconds();
101112
if (expires != null) {
102113
expires += created;

src/test/java/org/tomitribe/auth/signatures/SignerTest.java

Lines changed: 12 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -24,6 +24,9 @@
2424
import java.security.Key;
2525
import java.security.PrivateKey;
2626
import java.security.Provider;
27+
import java.time.Clock;
28+
import java.time.Instant;
29+
import java.time.ZoneId;
2730
import java.util.Arrays;
2831
import java.util.HashMap;
2932
import java.util.Map;
@@ -95,7 +98,7 @@ public void testSign() throws Exception {
9598
final Signature signature = new Signature("hmac-key-1", SigningAlgorithm.HS2019.getAlgorithmName(), "hmac-sha256", null, null, Arrays.asList("content-length", "host", "date", "(request-target)"));
9699

97100
final Key key = new SecretKeySpec("don't tell".getBytes(), "HmacSHA256");
98-
final Signer signer = new Signer(key, signature);
101+
final Signer signer = new Signer(key, signature, Clock.fixed(Instant.ofEpochMilli(123456789l), ZoneId.systemDefault()));
99102

100103
{
101104
final String method = "GET";
@@ -109,8 +112,8 @@ public void testSign() throws Exception {
109112
headers.put("Content-Length", "18");
110113
final Signature signed = signer.sign(method, uri, headers);
111114
assertEquals("yT/NrPI9mKB5R7FTLRyFWvB+QLQOEAvbGmauC0tI+Jg=", signed.getSignature());
112-
assertToString("Signature keyId=\"hmac-key-1\",created=9999,algorithm=\"hs2019\"," +
113-
"headers=\"content-length host date (request-target)\",signature=\"yT/NrPI9mKB5R7FTLRyFWvB+QLQOEAvbGmauC0tI+Jg=\"", signed);
115+
assertEquals("Signature keyId=\"hmac-key-1\",created=123456,algorithm=\"hs2019\"," +
116+
"headers=\"content-length host date (request-target)\",signature=\"yT/NrPI9mKB5R7FTLRyFWvB+QLQOEAvbGmauC0tI+Jg=\"", signed.toString());
114117
}
115118

116119
{ // method changed. should get a different signature
@@ -125,8 +128,8 @@ public void testSign() throws Exception {
125128
headers.put("Content-Length", "18");
126129
final Signature signed = signer.sign(method, uri, headers);
127130
assertEquals("DPIsA/PWeYjySmfjw2P2SLJXZj1szDOei/Hh8nTcaPo=", signed.getSignature());
128-
assertToString("Signature keyId=\"hmac-key-1\",created=9999,algorithm=\"hs2019\"," +
129-
"headers=\"content-length host date (request-target)\",signature=\"DPIsA/PWeYjySmfjw2P2SLJXZj1szDOei/Hh8nTcaPo=\"", signed);
131+
assertEquals("Signature keyId=\"hmac-key-1\",created=123456,algorithm=\"hs2019\"," +
132+
"headers=\"content-length host date (request-target)\",signature=\"DPIsA/PWeYjySmfjw2P2SLJXZj1szDOei/Hh8nTcaPo=\"", signed.toString());
130133
}
131134

132135
{ // only Digest changed. not part of the signature, should have no effect
@@ -141,8 +144,8 @@ public void testSign() throws Exception {
141144
headers.put("Content-Length", "18");
142145
final Signature signed = signer.sign(method, uri, headers);
143146
assertEquals("DPIsA/PWeYjySmfjw2P2SLJXZj1szDOei/Hh8nTcaPo=", signed.getSignature());
144-
assertToString("Signature keyId=\"hmac-key-1\",created=1628283435,algorithm=\"hs2019\"," +
145-
"headers=\"content-length host date (request-target)\",signature=\"DPIsA/PWeYjySmfjw2P2SLJXZj1szDOei/Hh8nTcaPo=\"", signed);
147+
assertEquals("Signature keyId=\"hmac-key-1\",created=123456,algorithm=\"hs2019\"," +
148+
"headers=\"content-length host date (request-target)\",signature=\"DPIsA/PWeYjySmfjw2P2SLJXZj1szDOei/Hh8nTcaPo=\"", signed.toString());
146149
}
147150

148151
{ // uri changed. should get a different signature
@@ -157,19 +160,11 @@ public void testSign() throws Exception {
157160
headers.put("Content-Length", "18");
158161
final Signature signed = signer.sign(method, uri, headers);
159162
assertEquals("IWTDxmOoEJI67YxY3eDIRzxrsAtlYYCuGZxKlkUSYdA=", signed.getSignature());
160-
assertToString("Signature keyId=\"hmac-key-1\",created=9999,algorithm=\"hs2019\"," +
161-
"headers=\"content-length host date (request-target)\",signature=\"IWTDxmOoEJI67YxY3eDIRzxrsAtlYYCuGZxKlkUSYdA=\"", signed);
163+
assertEquals("Signature keyId=\"hmac-key-1\",created=123456,algorithm=\"hs2019\"," +
164+
"headers=\"content-length host date (request-target)\",signature=\"IWTDxmOoEJI67YxY3eDIRzxrsAtlYYCuGZxKlkUSYdA=\"", signed.toString());
162165
}
163166
}
164167

165-
private void assertToString(final String expected, final Signature signed) {
166-
assertEquals(normalize(expected), normalize(signed.toString()));
167-
}
168-
169-
private static String normalize(final String s) {
170-
return s.replaceAll("(created)=[0-9]+", "$1=9999");
171-
}
172-
173168
@Test
174169
public void defaultHeaderList() throws Exception {
175170
final Signature signature = new Signature("hmac-key-1", SigningAlgorithm.HS2019.getAlgorithmName(), "hmac-sha256",

0 commit comments

Comments
 (0)