use of io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthTokenInvalidException in project powerauth-restful-integration by lime-company.
the class PowerAuthAuthenticationProvider method validateTokenWithActivationDetails.
@Nonnull
@Override
public PowerAuthApiAuthentication validateTokenWithActivationDetails(@Nonnull String tokenHeader, @Nonnull List<PowerAuthSignatureTypes> allowedSignatureTypes) throws PowerAuthAuthenticationException {
// Check for HTTP PowerAuth signature header
if (tokenHeader.equals("undefined")) {
logger.warn("Token HTTP header is missing");
throw new PowerAuthHeaderMissingException();
}
// Parse HTTP header
final PowerAuthTokenHttpHeader header = new PowerAuthTokenHttpHeader().fromValue(tokenHeader);
// Validate the header
try {
PowerAuthTokenHttpHeaderValidator.validate(header);
} catch (InvalidPowerAuthHttpHeaderException ex) {
logger.warn("Token validation failed, error: {}", ex.getMessage());
logger.debug(ex.getMessage(), ex);
throw new PowerAuthTokenInvalidException();
}
// Prepare authentication object
final PowerAuthTokenAuthenticationImpl powerAuthTokenAuthentication = new PowerAuthTokenAuthenticationImpl();
powerAuthTokenAuthentication.setTokenId(header.getTokenId());
powerAuthTokenAuthentication.setTokenDigest(header.getTokenDigest());
powerAuthTokenAuthentication.setNonce(header.getNonce());
powerAuthTokenAuthentication.setTimestamp(header.getTimestamp());
powerAuthTokenAuthentication.setVersion(header.getVersion());
powerAuthTokenAuthentication.setHttpHeader(header);
// Call the authentication based on token authentication object
final PowerAuthApiAuthentication auth = (PowerAuthApiAuthentication) this.authenticate(powerAuthTokenAuthentication);
// In case authentication is null, throw PowerAuth exception
if (auth == null) {
logger.debug("Invalid token value");
throw new PowerAuthTokenInvalidException();
}
// Check if the signature type is allowed
final PowerAuthSignatureTypes expectedSignatureType = auth.getAuthenticationContext().getSignatureType();
if (expectedSignatureType == null || !allowedSignatureTypes.contains(expectedSignatureType)) {
logger.warn("Invalid signature type in token validation: {}", expectedSignatureType);
throw new PowerAuthSignatureTypeInvalidException();
}
return auth;
}
Aggregations