NonceManager

interface NonceManager

Represents a nonce manager. It’s responsibility is to produce nonce values and verify nonce values from untrusted sources that they are provided by this manager. This is usually required in web environment to mitigate CSRF attacks. Depending on it’s underlying implementation it could be stateful or stateless. Note that there is usually some timeout for nonce values to reduce memory usage and to avoid replay attacks. Nonce length is unspecified.

Functions

newNonce

abstract suspend fun newNonce(): String

Generate new nonce instance

verifyNonce

abstract suspend fun verifyNonce(nonce: String): Boolean

Verify nonce value

Inheritors

AlwaysFailNonceManager

object AlwaysFailNonceManager : NonceManager

Stub implementation that always fails. Will be removed so no public signatures should rely on it

GenerateOnlyNonceManager

object GenerateOnlyNonceManager : NonceManager

This implementation does only generate nonce values but doesn’t validate them. This is recommended for testing only.

StatelessHmacNonceManager

class StatelessHmacNonceManager : NonceManager

Stateless nonce manager implementation with HMAC verification and timeout. Every nonce provided by this manager consist of a random part, timestamp and HMAC.