1.3.0

Author: kelvinwijaya

src/main/java/com/api/util/ApiSecurity/ApiSigning.java

@@ -1,7 +1,5 @@
 package com.api.util.ApiSecurity;
 
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERInteger;
 import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
 import org.bouncycastle.openssl.PEMDecryptorProvider;
 import org.bouncycastle.openssl.PEMEncryptedKeyPair;
@@ -15,30 +13,20 @@
 import javax.crypto.Mac;
 import javax.crypto.spec.SecretKeySpec;
 
-import java.io.BufferedReader;
 import java.io.File;
 import java.io.FileInputStream;
 import java.io.FileNotFoundException;
 import java.io.FileReader;
 import java.io.IOException;
-import java.io.InputStreamReader;
 import java.io.UnsupportedEncodingException;
-import java.math.BigInteger;
 import java.net.URI;
 import java.net.URISyntaxException;
 import java.nio.charset.StandardCharsets;
 import java.security.*;
 import java.security.cert.CertificateException;
 import java.security.cert.CertificateFactory;
 import java.security.cert.X509Certificate;
-import java.security.interfaces.RSAPublicKey;
-import java.security.spec.InvalidKeySpecException;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.security.spec.RSAPrivateCrtKeySpec;
-import java.security.spec.RSAPrivateKeySpec;
-import java.security.spec.X509EncodedKeySpec;
 import java.util.Base64;
-import java.util.Enumeration;
 
 
 /**
@@ -573,12 +561,6 @@ public static String getSignatureToken(
             }
             timestamp = timestamp != null ? timestamp : Long.toString(getNewTimestamp());
 
-
-//            if (secret != null) {
-//                signatureMethod = "HMACSHA256";
-//            } else {
-//                signatureMethod = "SHA256withRSA";
-//            }
             if(authPrefix.toLowerCase().contains("l1")){
     			signatureMethod = "HMACSHA256";
     		}else if(authPrefix.toLowerCase().contains("l2")){
@@ -591,9 +573,9 @@ public static String getSignatureToken(
                     , appId, urlPath, httpMethod
                     , formList, nonce, timestamp);
 
-            if (signatureMethod.equals("HMACSHA256")) {
+            if ("HMACSHA256".equals(signatureMethod)) {
                 base64Token = getHMACSignature(baseString, secret);
-            } else if(signatureMethod.equals("SHA256withRSA")){
+            } else if("SHA256withRSA".equals(signatureMethod)){
             	PrivateKey privateKey = null;
             	if(null!=fileName && (fileName.contains(".key")||fileName.contains(".pem"))){
             		privateKey = ApiSigning.getPrivateKeyPEM(fileName, password);

src/test/java/ApiSecurityTest.java renamed to src/test/java/com/api/util/ApiSecurity/ApiSecurityTest.java

@@ -1,3 +1,4 @@
+package com.api.util.ApiSecurity;
 
 import java.io.BufferedReader;
 import java.io.File;

src/test/java/AuthorizationTokenTest.java renamed to src/test/java/com/api/util/ApiSecurity/AuthorizationTokenTest.java

@@ -1,3 +1,4 @@
+package com.api.util.ApiSecurity;
 import com.api.util.ApiSecurity.ApiSigning;
 import com.api.util.ApiSecurity.ApiUtilException;
 import org.junit.Test;

src/test/java/BaseStringTest.java renamed to src/test/java/com/api/util/ApiSecurity/BaseStringTest.java

@@ -1,3 +1,4 @@
+package com.api.util.ApiSecurity;
 import static org.junit.Assert.*;
 import java.net.URISyntaxException;
 import org.junit.Test;

src/test/java/HMACSignatureTest.java renamed to src/test/java/com/api/util/ApiSecurity/HMACSignatureTest.java

@@ -1,3 +1,4 @@
+package com.api.util.ApiSecurity;
 import static org.junit.Assert.*;
 import java.util.ArrayList;
 

src/test/java/RSASignatureTest.java renamed to src/test/java/com/api/util/ApiSecurity/RSASignatureTest.java

@@ -1,3 +1,4 @@
+package com.api.util.ApiSecurity;
 import static org.junit.Assert.*;
 
 import java.io.File;