ScramSaslServer (Core XMPP Server 5.1.0-SNAPSHOT API)

java.lang.Object

org.jivesoftware.openfire.sasl.ScramSaslServer

All Implemented Interfaces:: SaslServer

Direct Known Subclasses:: ScramSha1SaslServer

public abstract class ScramSaslServer extends Object implements SaslServer

Constructor Summary

Constructors

Constructor

Description

ScramSaslServer()
Method Summary

Modifier and Type

Method

Description

protected static byte[]

extractRawGS2Header(byte[] data)

Extracts the raw GS2 header from a SCRAM client-first-message byte array.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface javax.security.sasl.SaslServer
dispose, evaluateResponse, getAuthorizationID, getMechanismName, getNegotiatedProperty, isComplete, unwrap, wrap

Constructor Details
- ScramSaslServer
  
  public ScramSaslServer()
Method Details
- extractRawGS2Header
  
  protected static byte[] extractRawGS2Header(byte[] data) throws SaslException
  Extracts the raw GS2 header from a SCRAM client-first-message byte array. The GS2 header is defined in RFC 5802 as:
  gs2-header = gs2-cbind-flag "," [authzid] ","
  and always terminates with a trailing comma. This method performs a byte-level scan of the input and returns a copy of the original byte array from index 0 up to and including the second comma (i.e., the full GS2 header including its trailing comma). No character decoding or normalization is performed. This ensures that the returned GS2 header is byte-for- byte identical to the original input, which is required for correct SCRAM-SHA-1-PLUS channel binding validation.
  Parameters:
  
  data - the raw SCRAM client-first-message bytes
  
  Returns:
  
  a byte array containing the complete GS2 header including the trailing comma
  
  Throws:
  
  SaslException - if the input does not contain a valid GS2 header