Package com.macasaet.fernet

Interface Validator<T>

  • Type Parameters:
    T - The type of the payload. The Fernet token encodes the payload in binary. The type T should be a domain object or data transfer object representation of that data.
    All Known Subinterfaces:
    StringObjectValidator<T>, StringValidator
    public interface Validator<T>
    This class validates a token according to the Fernet specification. It may be extended to provide domain-specific validation of the decrypted content of the token. If you use a dependency injection / inversion of control framework, it would be appropriate for a subclass to be a singleton which accesses a data store.

    Copyright © 2017 Carlos Macasaet.

    Author:
    Carlos Macasaet
    See Also:
    StringObjectValidator, StringValidator

    • Method Detail

      • getClock

        default Clock getClock()
        Override this method if your application uses a custom clock. The default implementation returns a clock in the UTC time zone with second granularity.
        Returns:
        The Clock used for all validation operations.

      • getTimeToLive

        default TemporalAmount getTimeToLive()
        Override this method to define the maximum allowable age of a token. Note that the time-to-live (TTL) check is done before applying business rules. So if the Predicate defined by getObjectValidator() applies varying TTL checks depending on the payload (e.g. progressively shorter TTLs), then the TTL specified here must be at least as long as any defined in the Predicate.
        Returns:
        the maximum allowable age of a token

      • getMaxClockSkew

        default TemporalAmount getMaxClockSkew()
        Override this method to define a custom acceptable clock skew. Fernet tokens with a timestamp that is too far in the future will be considered invalid. This essentially defines how much tolerance your application has for clock skew between VMs in the system. The default value is 60 seconds.
        Returns:
        the tolerance for clock skew between VMs.

      • getObjectValidator

        default Predicate<T> getObjectValidator()
        Implement this to define application-specific security rules. By default, no additional validation is performed.
        Returns:
        a method that implements custom validation logic on the deserialised payload

      • getTransformer

        Function<byte[],​T> getTransformer()
        Implement this to define how decrypted content is deserialised into domain objects.
        Returns:
        a method for converting the decrypted payload into a domain object

      • validateAndDecrypt

        default T validateAndDecrypt​(Key key,
                             Token token)
        Check the validity of the token then decrypt and deserialise the payload.
        Parameters:
        key - the stored shared secret key
        token - the client-provided token of unknown validity
        Returns:
        the deserialised contents of the token
        Throws:
        TokenValidationException - if the token is invalid.

      • validateAndDecrypt

        default T validateAndDecrypt​(Collection<? extends Key> keys,
                             Token token)
        Check the validity of a token against a pool of keys. This is useful if your application uses key rotation. Since token-verification is entirely CPU-bound, an attempt is made to evaluate the keys in parallel based on the available number of processors. If you wish to control the number of parallel threads used, invoke this inside a custom ForkJoinPool.
        Parameters:
        keys - all the non-expired keys that could have been used to generate a token
        token - the client-provided token of unknown validity
        Returns:
        the deserialised contents of the token
        Throws:
        TokenValidationException - if the token was not generated using any of the supplied keys.