File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Other Java Products and Servers and the fly likes Generating Nonce value for Orkut Oauth Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » Other Java Products and Servers
Bookmark "Generating Nonce value for Orkut Oauth" Watch "Generating Nonce value for Orkut Oauth" New topic
Author

Generating Nonce value for Orkut Oauth

kalpesh pradhan
Greenhorn

Joined: Jan 05, 2010
Posts: 3
Hi,

Can anyone please help me with the following issue..

I am creating an web based application for orkut. But for that i need to generate oauth request which is mandatory.
So for it we need a parameter called "nonce".. which means

Random 64-bit, unsigned number encoded as an ASCII string in decimal format. The nonce/timestamp pair should always be unique to prevent replay attacks.


For genrating nonce value i am writing following code:

Random ran = new Random();
long nonce1 = ran.nextLong();

Long nonce = Math.abs(new Long(nonce1));
String hexString = Long.toHexString(nonce);



Please help me where i am going wrong or can anyone provide with the code??



Saifuddin Merchant
Ranch Hand

Joined: Feb 08, 2009
Posts: 606

And the problem that you are facing with this code is?


Cheers - Sam.
Twisters - The new age Java Quiz || My Blog
kalpesh pradhan
Greenhorn

Joined: Jan 05, 2010
Posts: 3
Sam Mercs wrote:And the problem that you are facing with this code is?



That its not correctly generating the nonce value... we get invalid signature as response.
salvin francis
Ranch Hand

Joined: Jan 12, 2009
Posts: 928

Take system time in ms, XOR it with some predefined value say XXX and then take the MD5 hash of the result.

where XXX is any predetermined constant say : "@$#SDFG$#^%E%DSFdfgjhk6875678wqe35REYT"


My Website: [Salvin.in] Cool your mind:[Salvin.in/painting] My Sally:[Salvin.in/sally]
kalpesh pradhan
Greenhorn

Joined: Jan 05, 2010
Posts: 3
salvin francis wrote:Take system time in ms, XOR it with some predefined value say XXX and then take the MD5 hash of the result.

where XXX is any predetermined constant say : "@$#SDFG$#^%E%DSFdfgjhk6875678wqe35REYT"




Can you please give me the java code itself... please its urgent
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 61768
    
  67

Please read this.


[Asking smart questions] [Bear's FrontMan] [About Bear] [Books by Bear]
salvin francis
Ranch Hand

Joined: Jan 12, 2009
Posts: 928

Kalpesh,
Post your code here and i could help you complete it.

no problems if its incomplete or wrong...

As i suggested:

1. You need to obtain the system time in milliseconds, you could use the Calendar class for that
2. You need a hard coded (or maybe read from file) value to be XORed
3. You need to calculate MD5 hash of the XORed value:


salvin francis
Ranch Hand

Joined: Jan 12, 2009
Posts: 928

also its not necessary that my approach is right, there could be a better approach, keep in mind that calculating an hash is generally not a fast process.
Ernest Friedman-Hill
author and iconoclast
Marshal

Joined: Jul 08, 2003
Posts: 24187
    
  34

Your directions say "decimal format", not "hexadecimal format." Is the correct answer to just use nonce.toString() instead of toHexString() in the original code? Or are the directions wrong?

[Jess in Action][AskingGoodQuestions]
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Generating Nonce value for Orkut Oauth