Token based authentication implemented.

We use the session id cookie in the SRP process, and then reset the cookie store (forgetting about that cookie) and store the authentication token in a static variable inside LeapSRPSession.
author: Parménides GV <parmegv@sdf.org> 2013-11-07 16:24:58 +0100
committer: Parménides GV <parmegv@sdf.org> 2013-11-19 19:29:59 +0100
commit: f15ca67765fe3d9e129398d4ee3daa27cedfe00d (patch)
tree: 54529106a24ee2b94f005bad8c61e7820a648504 /src/se/leap/bitmaskclient/LeapSRPSession.java
parent: f52bc57e04f573e3a6ecda0d763f221b0eab5fb9 (diff)
1 files changed, 11 insertions, 0 deletions
diff --git a/src/se/leap/bitmaskclient/LeapSRPSession.java b/src/se/leap/bitmaskclient/LeapSRPSession.java
index 14a8bff2..0849f777 100644
--- a/src/se/leap/bitmaskclient/LeapSRPSession.java
+++ b/src/se/leap/bitmaskclient/LeapSRPSession.java
@@ -35,9 +35,12 @@ import org.jboss.security.srp.SRPParameters;
  */
 public class LeapSRPSession {
 	
+	private static String token = "";
+	
 	final public static String SALT = "salt";
 	final public static String M1 = "M1";
 	final public static String M2 = "M2";
+	final public static String TOKEN = "token";
 
 	private SRPParameters params;
 	private String username;
@@ -312,6 +315,14 @@ public class LeapSRPSession {
 		boolean valid = Arrays.equals(M2, myM2);
 		return valid;
 	}
+	
+	protected static void setToken(String token) {
+		LeapSRPSession.token = token;
+	}
+	
+	protected static String getToken() {
+		return token;
+	}
 
 	/**
 	 * @return a new SHA-256 digest.
author	Parménides GV <parmegv@sdf.org>	2013-11-07 16:24:58 +0100
committer	Parménides GV <parmegv@sdf.org>	2013-11-19 19:29:59 +0100
commit	f15ca67765fe3d9e129398d4ee3daa27cedfe00d (patch)
tree	54529106a24ee2b94f005bad8c61e7820a648504 /src/se/leap/bitmaskclient/LeapSRPSession.java
parent	f52bc57e04f573e3a6ecda0d763f221b0eab5fb9 (diff)