File name
Commit message
Commit date
File name
Commit message
Commit date
File name
Commit message
Commit date
File name
Commit message
Commit date
File name
Commit message
Commit date
File name
Commit message
Commit date
/*
* Copyright 2008-2009 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package kcc.com.cmm.util;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.log4j.Logger;
import egovframework.rte.fdl.idgnr.impl.Base64;
public class TokenUtil {
private static final String TOKEN_KEY = "TOKEN_KEY";
private static final Logger logger = Logger.getLogger(TokenUtil.class.getName());
/**
* 로직처리를 위해 세션과 request에 Token 생성
*
* @param request
*/
public static void saveToken(HttpServletRequest request) {
HttpSession session = request.getSession(true);
long systemTime = System.currentTimeMillis();
byte[] time = new Long(systemTime).toString().getBytes();
byte[] id = session.getId().getBytes();
try {
MessageDigest SHA = MessageDigest.getInstance("SHA-256");
SHA.update(id);
SHA.update(time);
String token = Base64.encode(SHA.digest());
request.setAttribute(TOKEN_KEY, token);
session.setAttribute(TOKEN_KEY, token);
logger.error("#########################################################################");
logger.error("# Generate Token Key Value = " + token + " #");
logger.error("#########################################################################");
} catch (NoSuchAlgorithmException e) {
System.out.println("NoSuchAlgorithmException Occured!!!");
}
}
/**
* 로직처리 이후 중복방지를 위해 세션의 Token 초기화
*
* @param request
*/
public static void resetToken(HttpServletRequest request) {
HttpSession session = request.getSession(true);
try {
session.removeAttribute(TOKEN_KEY);
} catch (Exception e) {
System.out.println("Exception Occured!!!");
}
}
/**
* 세션과 request의 Token이 동일한지 비교
*
* @param request
* @return
*/
public static boolean isTokenValid(HttpServletRequest request) {
HttpSession session = request.getSession(true);
String requestToken = request.getParameter(TOKEN_KEY);
String sessionToken = (String) session.getAttribute(TOKEN_KEY);
if (requestToken == null || sessionToken == null) {
logger.error("# null #");
return false;
} else {
logger.error("# notnull #");
return requestToken.equals(sessionToken);
}
}
}