Direkt zum Hauptbereich

Create a Bearer token in Scala

Bearer tokens are a standard which is used in OAuth 2.0. Although there have been discussions if the security mechanisms are significantly weaker than the use of using signatures as many implementations of OAuth 1.0 did (see http://tools.ietf.org/html/draft-ietf-oauth-v2-http-mac-00), bearer tokens are part of the OAuth 2.0 specification and therefore widely adopted in nearly all implementations.

The syntax of Bearer tokens is specified in RFC6750 (http://http://tools.ietf.org/html/rfc6750)

This is a lean utils object to create specification compliant Bearers in Scala using the java.security.SecureRandom implementation as a randomizer.

The standard generate function returns a token of 32 byte length. A second polymorphic functions allows for the generation of a token of individual size.


import scala.util._
import java.security.SecureRandom

/*
 * Generates a Bearer Token with the length of 32 characters according to the
 * specification RFC6750 (http://http://tools.ietf.org/html/rfc6750)
 */
object BearerTokenGenerator {
  
  val TOKEN_LENGTH = 32
  val TOKEN_CHARS = 
     "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz-._"
  val secureRandom = new SecureRandom()
    
  def generateToken:String =  
    generateToken(TOKEN_LENGTH)   
  
  def generateToken(tokenLength: Int): String =
    if(tokenLength == 0) "" else TOKEN_CHARS(secureRandom.nextInt(TOKEN_CHARS.length())) + 
     generateToken(tokenLength - 1)
  
}

Kommentare

Kommentar veröffentlichen

Beliebte Posts aus diesem Blog

CQRS - Command Query Responsibility Segregation

A lot of information systems have been built with a data manipulation focus in mind. Often CRUD (create, read, update delete) operations built on top of a predefined relational data model are the first functionalities that are implemented and lay out as a foundation for the rest of an application. This is mainly because when we think about information systems we have a mental model of some record structure where we can create new records, read records, update existing records, and delete records. This had been learned throughout the last decade of data centric and transaction oriented IT systems. This approach often leads to shortcomings when it comes to query and analyze the system's data. Classical layered architecture This is where CQRS comes into the game. CQRS stands for Command Query Responsibility Segregation and has been first described by Greg Young and later on by Martin Fowler. This architectural pattern calls for dividing the software architecture into two parts
Kommentar veröffentlichen
Mehr anzeigen

Using Chrome as Web Browser in Eclipse on Mac OS X

Today a short one: If you want to use Google Chrome as the default web browser in Eclipse on Mac OS X, just do the following (of course after you installed Chrome). In Eclipse open the "Preferences" dialog Select "General ->Web Browser" Choose "New" Enter the information in the dialog as shown in the screenshot below. Click "OK" Check the button next to the newly created entry "Google Chrome" Click "Apply" Now Chrome will be taken when you select a URL to be opened in Eclipse.
Kommentar veröffentlichen
Mehr anzeigen