java implementation for generating the sso_token for single signon

Avatar
  • updated
  • Answered
do you guys have a java implementation for generating the sso_token for single signon


Pinned replies
Avatar
Sergey Stukov co-founder
  • Answer
  • Answered

Find out Java example below.

UserEchoTokenGen.java

Avatar
Sergey Stukov co-founder
  • Answer
  • Answered

Find out Java example below.

UserEchoTokenGen.java

Avatar
simpleboy007

Thanks Sergey for your reply, but when I test it out with the following json string


{"guid":"12345","display_name":"qwe qwe","avatar_url":"http://recruit-match.ncsasports.org/fasttrack/","email":"qwe@qwe.com","locale":"en","expires_date":"2000-11-11 12:12:12"}


I get the following when I try to reverse decrypt it


3_,!IeOPH@n"display_name":"qwe qwe","avatar_url":"http://recruit-match.ncsasports.org/fasttrack/","email":"qwe@qwe.com","locale":"en","expires_date":"2000-11-11 12:12:12"}


another reverse decrypt gives me


R   !PC[mEc@"display_name":"qwe qwe","avatar_url":"http://recruit-match.ncsasports.org/fasttrack/","email":"qwe@qwe.com","locale":"en","expires_date":"2000-11-11 12:12:12"}


What am I doing wrong, is the guid hidden on purpose or is something missing in the decryption I am using, here is the decryption method I am using, with all the constants being the same as whats defined in the UserEchoTokenGen.java you sent me.


  public String decryptToken(String token) throws Exception {
  String decodedString = null;
  try {
  Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
  cipher.init(Cipher.DECRYPT_MODE, secretKeySpec, ivSpec);
  byte[] decodedValue = (new Base64().decode(urlCodec.decode(token)));
  byte[] decryptedVal = cipher.doFinal(decodedValue);
  decodedString = new String(decryptedVal,"UTF-8");
  } catch (Exception e) {
     System.out.println(e);
  }
  return decodedString;
  }

Avatar
Vladimir Mullagaliyev co-founder
Quote from simpleboy007

Thanks Sergey for your reply, but when I test it out with the following json string


{"guid":"12345","display_name":"qwe qwe","avatar_url":"http://recruit-match.ncsasports.org/fasttrack/","email":"qwe@qwe.com","locale":"en","expires_date":"2000-11-11 12:12:12"}


I get the following when I try to reverse decrypt it


3_,!IeOPH@n"display_name":"qwe qwe","avatar_url":"http://recruit-match.ncsasports.org/fasttrack/","email":"qwe@qwe.com","locale":"en","expires_date":"2000-11-11 12:12:12"}


another reverse decrypt gives me


R   !PC[mEc@"display_name":"qwe qwe","avatar_url":"http://recruit-match.ncsasports.org/fasttrack/","email":"qwe@qwe.com","locale":"en","expires_date":"2000-11-11 12:12:12"}


What am I doing wrong, is the guid hidden on purpose or is something missing in the decryption I am using, here is the decryption method I am using, with all the constants being the same as whats defined in the UserEchoTokenGen.java you sent me.


  public String decryptToken(String token) throws Exception {
  String decodedString = null;
  try {
  Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
  cipher.init(Cipher.DECRYPT_MODE, secretKeySpec, ivSpec);
  byte[] decodedValue = (new Base64().decode(urlCodec.decode(token)));
  byte[] decryptedVal = cipher.doFinal(decodedValue);
  decodedString = new String(decryptedVal,"UTF-8");
  } catch (Exception e) {
     System.out.println(e);
  }
  return decodedString;
  }

Please give us an encrypted sso_token. We will check it.

Avatar
simpleboy007

6nTYdJppyCgrSOUzTJXaH%2Bw9ZYAued%2F2hb0LSHYIQK8W0DCTl1exrkpLoqBeWa9rCBqNpbNhnk0a%0D%0Ao8VYYf7DFlcPd3heU8ll98cRRCHiicJMJl1TE9w03l88D3EUjcq%2FH0mu15XD8FbQUul%2B7bFFFdEp%0D%0A7m9v%2BwBe%2BvdRZAslib0M6uWh68Cl9yU8H7XvfefIdNa%2FgMTcMybG%2B5ZBmCfIQoBUM1un03TPohYC%0D%0A9v0KNvhwfm4z01otfye3rrgg%2BjCF%0D%0A