com.yahoo.security.token.Token

public class Token extends Object

A token represents an arbitrary, opaque sequence of secret bytes (preferably from a secure random source) whose possession gives the holder the right to some resource(s) or action(s). For a token to be recognized it must be presented in its entirety, i.e. bitwise exact. This includes any (optional) text prefixes.

Only the party presenting the token should store the token secret itself; any parties that need to identify and/or verify the token should store derivations of the token instead (TokenFingerprint and TokenCheckHash, respectively).

A Token object is bound to a particular TokenDomain, but any given secret token string may be used to create many Token objects for any number of domains; it is opaque and not in and by itself tied to any specific domain.

Method Summary

Modifier and Type

Method

Description

TokenDomain

domain()

boolean

equals(Object o)

TokenFingerprint

fingerprint()

int

hashCode()

static Token

of(TokenDomain domain, String secretTokenString)

String

secretTokenString()

String

toString()

Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Method Details
- of
  
  public static Token of(TokenDomain domain, String secretTokenString)
- domain
  
  public TokenDomain domain()
- secretTokenString
  
  public String secretTokenString()
- fingerprint
  
  public TokenFingerprint fingerprint()
- equals
  
  public boolean equals(Object o)
  
  Overrides:
  
  equals in class Object
- hashCode
  
  public int hashCode()
  
  Overrides:
  
  hashCode in class Object
- toString
  
  public String toString()
  
  Overrides:
  
  toString in class Object

Class Token

Method Summary

Methods inherited from class java.lang.Object

Method Details

of

domain

secretTokenString

fingerprint

equals

hashCode

toString