Module org.bzdev.ejws

Package org.bzdev.ejws

Class AuthCode

java.lang.Object

org.bzdev.ejws.AuthCode

public class AuthCode
extends Object

Get an authorization code. This code can be used to determine if a user should be immediately made active. In this case, the user will most likely be sent a link for setting up an account. That link will include the authentication code. For example,

<https://example.com/site/login?user=user1%40example.com& uploadtype=password& authcode=a4123914091a471f9adf4a4370072f2d>

The code is computed using the MD5 message digest, mainly so that the code is not too long. While less secure than more recent message digest, the use case is one in which it would be unlikely for a third party to even find an example of a user name and the corresponding authorization code.

See Also:

• EjwsAuthenticator.createAuthCode(String)

Constructor Summary

Constructors

Constructor	Description
AuthCode(String secret)	Constructor.

Method Summary

Modifier and Type	Method	Description
String	getCode(String uname)	Get an authorization code.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

AuthCode

public AuthCode(String secret)

Constructor. The argument should be random string containing at least 16 pairs of hexidecimal digits.

Parameters:

secret - a string known only to the user

Method Details

getCode

public String getCode(String uname)

Get an authorization code.

The return value is case sensitive.

Parameters:

uname - a user name or email address

Returns:

the authorization code.