Merge branch 'fix/gradleAndReadme' into 'master'

Update README to explain SignatureVerifier.verify() method last param See merge request adscore/adscore-client-libraries!3
Adscore · Mar 6, 2020 · 9c53ae3 · 9c53ae3
2 parents 47bad02 + 4471f25
commit 9c53ae3
Show file tree

Hide file tree

Showing 2 changed files with 93 additions and 54 deletions.
diff --git a/README.md b/README.md
@@ -53,6 +53,8 @@ or as a Gradle:
 compile files('libs/adscore-client-libraries-1.0.0.jar')
 ```
 
+Note that this is a thin jar, so in case of manual referencing (i.e. not via mvn central) you need to ensure yourself that dependencies are satisifed - for list of those please look at build.gradle.
+
 <h3>How to build library manually</h3>
 
 If you want you can also build the library yourself. in order to do that you need to ensure:
@@ -69,7 +71,7 @@ or following if you do not have gradle installed globally:
 user@PC:~/project-dir$ ./gradlew build
 ```
 
-executing above should succesfully run unit tests and produce `client-libraries-x-x-x.jar` within `~/project-dir/build/libs` directory
+executing above should succesfully run unit tests and produce `adscore-client-libraries-x-x-x.jar` within `~/project-dir/build/libs` directory
 
 If you wish you can also do:
 
@@ -83,63 +85,100 @@ which should allow to reference library from your local repository.
 
 <h3>1. SignatureVerifier</h3>
 
-Following are few quick examples of how to use verifier, first import the entry point for library:
-
-```java
-import com.adscore.signature.SignatureVerifier;
-[..]
-```
-
-than you have few options of how to verify signatures
-
-<h5> Verify with encoded key</h5>
+The definition of verify function looks as follows:
 
 ```java
-SignatureVerificationResult result = SignatureVerifier.verify(
- "signature",
- "userAgent",
- "customer",
-  "encodedKey",
-  true,
- "firstIpAddress",
- "secondIpAddress"
-);
-
+  /**
+   * @param signature the string which we want to verify
+   * @param userAgent string with full description of user agent like 'Mozilla/5.0 (Linux; Android
+   *     9; SM-J530F)...'
+   * @param signRole string which specifies if we operate in customer or master role. For AdScore
+   *     customers this should be always set to 'customer'
+   * @param key string containing related zone key
+   * @param ipAddresses array of strings containing ip4 or ip6 addresses against which we check
+   *     signature
+   * @param expiry number which is time in seconds. IF signatureTime + expiry > CurrentDateInSeconds
+   *     THEN result is expired
+   * @param isKeyBase64Encoded boolean defining if passed key is base64 encoded or not
+   * @return VerificationResult
+   */
+  public static SignatureVerificationResult verify(
+      String signature,
+      String userAgent,
+      String signRole,
+      String key,
+      [boolean isKeyBase64Encoded,] // optional due existance of overloaded function
+      [Integer expiry,]             // optional due existance of overloaded function
+      String... ipAddresses) {
 ```
 
-result object will contain a non-null value in verdict field in case of success
-or a non-null value in error field in cases of failure
-
-<h5>Verify with expiry</h5>
+Following are few quick examples of how to use verifier, first import the entry point for library:
 
 ```java
-SignatureVerificationResult result = SignatureVerifier.verify(
- "signature",
- "userAgent",
- "signRole",
-  "decodedKey",
-  12345, //expiry
- "firstIpAddress",
- "secondIpAddress"
-);
+import com.adscore.signature.SignatureVerifier;
+[..]
 ```
 
-
-<h5>Verify expiry with encoded key</h5>
+than you have at least few options of how to verify signatures:
 
 ```java
-SignatureVerificationResult result = SignatureVerifier.verify(
- "signature",
- "userAgent",
- "signRole",
-  "encodedKey",
-  true,
-  12345, //expiry
- "firstIpAddress",
- "secondIpAddress"
-)
-```
 
-
-IF signatureTime + expiry > CurrentDateInSeconds
-THEN result.getExpired() = true
+    // Verify with base64 encoded key
+    SignatureVerificationResult result =
+        SignatureVerifier.verify(
+            "BAYAXlNKGQFeU0oggAGBAcAAIAUdn1gbCBmA-u-kF--oUSuFw4B93piWC1Dn-D_1_6gywQAgEXCqgk2zPD6hWI1Y2rlrtV-21eIYBsms0odUEXNbRbA",
+            "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36",
+            "customer",
+            "a2V5X25vbl9iYXNlNjRfZW5jb2RlZA==",
+            true, // notify that we use encoded key
+            "73.109.57.137");
+
+    [..]
+
+    // Verify with checking if expired
+    //
+    // IF signatureTime + expiry > CurrentDateInSeconds
+    // THEN result.getExpired() = true
+    result =
+        SignatureVerifier.verify(
+            "BAYAXlNKGQFeU0oggAGBAcAAIAUdn1gbCBmA-u-kF--oUSuFw4B93piWC1Dn-D_1_6gywQAgEXCqgk2zPD6hWI1Y2rlrtV-21eIYBsms0odUEXNbRbA",
+            "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36",
+            "customer",
+            "key_non_base64_encoded",
+            60, // 1 min
+            "73.109.57.137");
+    [..]
+
+    // Verify against number of ip4 and ip6 addresses
+    result =
+        SignatureVerifier.verify(
+            "BAYAXlNKGQFeU0oggAGBAcAAIAUdn1gbCBmA-u-kF--oUSuFw4B93piWC1Dn-D_1_6gywQAgEXCqgk2zPD6hWI1Y2rlrtV-21eIYBsms0odUEXNbRbA",
+            "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36",
+            "customer",
+            "key_non_base64_encoded",
+            "73.109.57.137", "73.109.57.138", "73.109.57.139", "73.109.57.140", "0:0:0:0:0:ffff:4d73:55d3", "0:0:0:0:0:fffff:4d73:55d4", "0:0:0:0:0:fffff:4d73:55d5", "0:0:0:0:0:fffff:4d73:55d6");
+
+    // Verify 
+
+    result =
+        SignatureVerifier.verify(
+            "BAYAXlNKGQFeU0oggAGBAcAAIAUdn1gbCBmA-u-kF--oUSuFw4B93piWC1Dn-D_1_6gywQAgEXCqgk2zPD6hWI1Y2rlrtV-21eIYBsms0odUEXNbRbA",
+            "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36",
+            "customer",
+            "a2V5X25vbl9iYXNlNjRfZW5jb2RlZA==",
+            true, // notify that we use encoded key
+            360,  // 5min
+            "73.109.57.137", "73.109.57.138", "73.109.57.139", "73.109.57.140", "0:0:0:0:0:ffff:4d73:55d3", "0:0:0:0:0:fffff:4d73:55d4", "0:0:0:0:0:fffff:4d73:55d5", "0:0:0:0:0:fffff:4d73:55d6");
+
+
+    // result object will contain a non-null value in verdict field in case of success
+    // or a non-null value in error field in cases of failure
+
+    if (result.getError() != null) {
+      // Failed to verify signature, handle error i.e.
+      Logger.warning("Failed to verify signature: " + result.getError());
+    } else {
+      Logger.info("Signature verification with verdict: " + result.getVerdict() + " for ip " + result.getIpAddress());
+    }
+);
+```
diff --git a/build.gradle b/build.gradle
@@ -88,8 +88,8 @@ publishing {
             def snapshotsRepoUrl = "https://oss.sonatype.org/content/repositories/snapshots"
             url = version.endsWith('SNAPSHOT') ? snapshotsRepoUrl : releasesRepoUrl
             credentials {
-                username = ossrhUsername
-                password = ossrhPassword
+                username = project.findProperty("ossrhUsername") ?: "none"
+                password = project.findProperty("ossrhPassword") ?: "none"
             }
         }
     }
@@ -107,6 +107,6 @@ javadoc {
 
 nexusStaging {
     packageGroup = "com.adscore"
-    username = ossrhUsername
-    password = ossrhPassword
+    username = project.findProperty("ossrhUsername") ?: "none"
+    password = project.findProperty("ossrhPassword") ?: "none"
 }