boolean isValid()

in src/main/java/org/apache/sling/auth/saml2/impl/TokenStore.java [214:256]

• 30 lines of code
• 6 McCabe index (conditional complexity)

    boolean isValid(String value) {
        String[] parts = split(value);
        if (parts != null) {

            // single digit token number
            // part 0 = token/hash
            // part 1 = token number (1 ... 5) + system time in ms
            // part 2 = user name
            int tokenNumber = parts[1].charAt(0) - '0';
            //https://stackoverflow.com/questions/4318263/java-subtract-0-from-char-to-get-an-int-why-does-this-work
            if (tokenNumber >= 0 && tokenNumber < currentTokens.length) {
                long cookieTime = Long.parseLong(parts[1].substring(1));
                if (System.currentTimeMillis() < cookieTime) {

                    try {
                        SecretKey secretKey = currentTokens[tokenNumber];
                        String hmac = encode(cookieTime, parts[2], tokenNumber,
                                secretKey);
                        return value.equals(hmac);
                    } catch (ArrayIndexOutOfBoundsException | InvalidKeyException | IllegalStateException | UnsupportedEncodingException | NoSuchAlgorithmException e) {
                        log.error(e.getMessage(), e);
                    }

                    log.error("AuthNCookie value '{}' is invalid", value);

                } else {
                    log.error("AuthNCookie value '{}' has expired {}ms ago",
                            value, (System.currentTimeMillis() - cookieTime));
                }

            } else {
                log.error(
                    "AuthNCookie value '{}' is invalid: refers to an invalid token number, {}",
                        value, tokenNumber);
            }

        } else {
            log.error("AuthNCookie value '{}' has invalid format", value);
        }

        // failed verification, reason is logged
        return false;
    }