From 89c2780a31c3c518429b8206a3ca70883849df6a Mon Sep 17 00:00:00 2001
From: Gabriel Rusu <gabriel.rusu@modulrfinance.com>
Date: Tue, 29 Aug 2017 11:16:48 +0100
Subject: [PATCH] Updated algorithm

---
 samples/java/build.gradle                     |  1 +
 .../java/com/modulr/api/ModulrApiAuth.java    | 55 +++++++------------
 .../src/main/java/com/modulr/hmac/Hmac.java   |  4 +-
 .../test/java/com/modulr/hmac/HmacTest.java   | 29 +++++-----
 4 files changed, 38 insertions(+), 51 deletions(-)

diff --git a/samples/java/build.gradle b/samples/java/build.gradle
index cc1f217..7777d5e 100644
--- a/samples/java/build.gradle
+++ b/samples/java/build.gradle
@@ -11,4 +11,5 @@ repositories {
 
 dependencies {
     testCompile group: 'junit', name: 'junit', version: '4.12'
+    testCompile 'org.mockito:mockito-core:2.8.47'
 }
diff --git a/samples/java/src/main/java/com/modulr/api/ModulrApiAuth.java b/samples/java/src/main/java/com/modulr/api/ModulrApiAuth.java
index f428258..9485440 100644
--- a/samples/java/src/main/java/com/modulr/api/ModulrApiAuth.java
+++ b/samples/java/src/main/java/com/modulr/api/ModulrApiAuth.java
@@ -16,56 +16,47 @@ public class ModulrApiAuth {
     private static final String DATE_PATTERN = "EEE, dd MMM yyyy HH:mm:ss z";
     private final String secret;
     private final String token;
-    private String nonce;
     private Date date;
-    private Boolean retry = false;
 
     private String lastUsedNonce;
 
-    public ModulrApiAuth(String token, String secret, String nonce) {
+    public ModulrApiAuth(String token, String secret) {
         this.token = token.trim();
         this.secret = secret.trim();
-        this.nonce = nonce.trim();
-        this.date = new Date();
     }
 
-    public Map<String, String> getApiAuthHeaders() {
+    public Map<String, String> generateApiAuthHeaders(String nonce) {
+        return buildHeaders(nonce, false);
+    }
+
+    public Map<String, String> generateRetryApiAuthHeaders() {
+        return buildHeaders(this.lastUsedNonce, true);
+    }
+
+    private Map<String, String> buildHeaders(String nonce, Boolean retry) {
         final Map<String, String> headerParams = new HashMap<>();
         try {
-            String hmac = generateHmac();
+            String hmac = generateHmac(nonce);
 
             headerParams.put("Authorization", formatAuthHeader(this.token, hmac));
-            headerParams.put("Date", getFormattedDate(this.date));
-            headerParams.put("x-mod-nonce", this.nonce);
-            headerParams.put("x-mod-retry", String.valueOf(this.retry));
+            headerParams.put("Date", getFormattedDate(this.getDate()));
+            headerParams.put("x-mod-nonce", nonce);
+            headerParams.put("x-mod-retry", String.valueOf(retry));
+
+            this.lastUsedNonce = nonce;
         } catch (SignatureException e) {
             e.printStackTrace();
         }
-
         return headerParams;
     }
 
-    public String generateHmac() throws SignatureException {
-        final String hmac;
-        if (this.retry) {
-            this.nonce = this.lastUsedNonce;
-        } else {
-            this.lastUsedNonce = this.nonce;
-        }
-
+    private String generateHmac(String nonce) throws SignatureException {
         validateFields();
-        String data = String.format("date: %s nx-mod-nonce: %s", getFormattedDate(this.date), this.nonce);
+        this.date = new Date();
+        String data = String.format("date: %s nx-mod-nonce: %s", getFormattedDate(this.getDate()), nonce);
         return calculateHmac(data);
     }
 
-    public String getNonce() {
-        return nonce;
-    }
-
-    public void setNonce(String nonce) {
-        this.nonce = nonce;
-    }
-
     public Date getDate() {
         return date;
     }
@@ -82,14 +73,6 @@ public void setDate(Date date) {
         this.date = date;
     }
 
-    public Boolean getRetry() {
-        return retry;
-    }
-
-    public void setRetry(Boolean retry) {
-        this.retry = retry;
-    }
-
     private String formatAuthHeader(String token, String signature) {
         return String.format("Signature keyId=\"%s\",algorithm=\"%s\",headers=\"date x-mod-nonce\",signature=\"%s\"", token, "hmac-sha1", signature);
     }
diff --git a/samples/java/src/main/java/com/modulr/hmac/Hmac.java b/samples/java/src/main/java/com/modulr/hmac/Hmac.java
index 95c4412..abf0fe2 100644
--- a/samples/java/src/main/java/com/modulr/hmac/Hmac.java
+++ b/samples/java/src/main/java/com/modulr/hmac/Hmac.java
@@ -6,8 +6,8 @@
 
 public class Hmac {
     public static void main(String... args) {
-        ModulrApiAuth modulrAuth = new ModulrApiAuth("KNOWN-TOKEN", "SECRET-TOKEN", "NONCE");
-        Map<String, String> headers = modulrAuth.getApiAuthHeaders();
+        ModulrApiAuth modulrAuth = new ModulrApiAuth("KNOWN-TOKEN", "SECRET-TOKEN");
+        Map<String, String> headers = modulrAuth.generateApiAuthHeaders("NONCE");
 
         headers.forEach((key, value) -> System.out.println(key + ": " + value));
     }
diff --git a/samples/java/src/test/java/com/modulr/hmac/HmacTest.java b/samples/java/src/test/java/com/modulr/hmac/HmacTest.java
index 92614a5..1bcccaf 100644
--- a/samples/java/src/test/java/com/modulr/hmac/HmacTest.java
+++ b/samples/java/src/test/java/com/modulr/hmac/HmacTest.java
@@ -4,7 +4,7 @@
 import org.junit.Before;
 import org.junit.Test;
 import org.junit.runner.RunWith;
-import org.junit.runners.JUnit4;
+import org.mockito.junit.MockitoJUnitRunner;
 
 import java.security.SignatureException;
 import java.time.LocalDateTime;
@@ -12,36 +12,39 @@
 import java.util.Date;
 import java.util.Map;
 
-import static org.hamcrest.MatcherAssert.assertThat;
 import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotEquals;
+import static org.mockito.Mockito.spy;
+import static org.mockito.Mockito.when;
 
-@RunWith(JUnit4.class)
+@RunWith(MockitoJUnitRunner.class)
 public class HmacTest {
     private ModulrApiAuth modulrAuth;
 
     @Before
     public void setUp() {
-        modulrAuth = new ModulrApiAuth("KNOWN-TOKEN", "SECRET-TOKEN", "NONCE");
-    }
-
-    @Test
-    public void testHmacGenerator() throws SignatureException {
         String dateStr = "2017-08-04T10:10:20";
         LocalDateTime dateTime = LocalDateTime.parse(dateStr);
         Date date = Date.from(dateTime.toInstant(ZoneOffset.UTC));
 
-        modulrAuth.setDate(date);
-        assertEquals("G9zfk3yPn861TKddM6wIxu4u0YU%3D", modulrAuth.generateHmac());
+        modulrAuth = spy(new ModulrApiAuth("KNOWN-TOKEN", "SECRET-TOKEN"));
+        when(modulrAuth.getDate()).thenReturn(date);
+    }
 
-        Map<String, String> headers = modulrAuth.getApiAuthHeaders();
+    @Test
+    public void testHmacGenerator() throws SignatureException {
+        Map<String, String> headers = modulrAuth.generateApiAuthHeaders("NONCE");
         assertEquals(headers.size(), 4);
         assertEquals("Signature keyId=\"KNOWN-TOKEN\",algorithm=\"hmac-sha1\",headers=\"date x-mod-nonce\",signature=\"G9zfk3yPn861TKddM6wIxu4u0YU%3D\"", headers.get("Authorization"));
         assertEquals("NONCE", headers.get("x-mod-nonce"));
         assertEquals("Fri, 04 Aug 2017 10:10:20 GMT", headers.get("Date"));
         assertEquals("false", headers.get("x-mod-retry"));
 
-        modulrAuth.setRetry(true);
-        Map<String, String> headersWithRetryOn = modulrAuth.getApiAuthHeaders();
+
+        when(modulrAuth.getDate()).thenReturn(new Date());
+        Map<String, String> headersWithRetryOn = modulrAuth.generateRetryApiAuthHeaders();
         assertEquals("true", headersWithRetryOn.get("x-mod-retry"));
+        assertEquals(headersWithRetryOn.get("x-mod-nonce"), headers.get("x-mod-nonce"));
+        assertNotEquals(headersWithRetryOn.get("Date"), headers.get("Date"));
     }
 }