Mastercard
diff --git a/‎README.md‎
Lines changed: 12 additions & 56 deletions b/‎README.md‎
Lines changed: 12 additions & 56 deletions
diff --git a/‎pom.xml‎
Lines changed: 1 addition & 7 deletions b/‎pom.xml‎
Lines changed: 1 addition & 7 deletions
diff --git a/‎src/main/java/com/mastercard/developer/interceptors/HttpExecuteOAuth1Interceptor.java‎
Lines changed: 1 addition & 7 deletions b/‎src/main/java/com/mastercard/developer/interceptors/HttpExecuteOAuth1Interceptor.java‎
Lines changed: 1 addition & 7 deletions
diff --git a/‎src/main/java/com/mastercard/developer/interceptors/OkHttp2OAuth1Interceptor.java‎
Lines changed: 1 addition & 7 deletions b/‎src/main/java/com/mastercard/developer/interceptors/OkHttp2OAuth1Interceptor.java‎
Lines changed: 1 addition & 7 deletions
diff --git a/‎src/main/java/com/mastercard/developer/interceptors/OkHttpOAuth1Interceptor.java‎
Lines changed: 1 addition & 7 deletions b/‎src/main/java/com/mastercard/developer/interceptors/OkHttpOAuth1Interceptor.java‎
Lines changed: 1 addition & 7 deletions
diff --git a/‎src/main/java/com/mastercard/developer/interceptors/OpenFeignOAuth1Interceptor.java‎
Lines changed: 1 addition & 7 deletions b/‎src/main/java/com/mastercard/developer/interceptors/OpenFeignOAuth1Interceptor.java‎
Lines changed: 1 addition & 7 deletions
diff --git a/‎src/main/java/com/mastercard/developer/interceptors/SpringWebfluxOAuth1Interceptor.java‎
Lines changed: 1 addition & 7 deletions b/‎src/main/java/com/mastercard/developer/interceptors/SpringWebfluxOAuth1Interceptor.java‎
Lines changed: 1 addition & 7 deletions
diff --git a/‎src/main/java/com/mastercard/developer/oauth/OAuth.java‎
Lines changed: 8 additions & 43 deletions b/‎src/main/java/com/mastercard/developer/oauth/OAuth.java‎
Lines changed: 8 additions & 43 deletions
@@ -87,11 +87,7 @@ URI uri = URI.create("https://sandbox.api.mastercard.com/service");
 String method = "POST";
 String payload = "Hello world!";
 Charset charset = StandardCharsets.UTF_8;
-String authHeader = OAuth.getAuthorizationHeader(uri, method, payload, charset, consumerKey, signingKey); // uses RSA_SHA256 as the default signature method
-```
-Alternatively, you can specify the signature method as well:
-```java
-String authHeader = OAuth.getAuthorizationHeader(uri, method, payload, charset, consumerKey, signingKey, SignatureMethod.RSA_PSS_SHA256);
+String authHeader = OAuth.getAuthorizationHeader(uri, method, payload, charset, consumerKey, signingKey);
 ```
 
 ### Signing HTTP Client Request Objects <a name="signing-http-client-request-objects"></a>
@@ -117,13 +113,7 @@ HttpsURLConnection con = (HttpsURLConnection)url.openConnection();
 con.setRequestMethod("POST");
 con.setRequestProperty("Content-Type", "application/json; charset=" + charset.name());
 
-HttpsUrlConnectionSigner signer = new HttpsUrlConnectionSigner(charset, consumerKey, signingKey); // uses RSA_SHA256 as the default signature method
-signer.sign(con, payload);
-```
-
-You can also specify the signature method when creating the signer object:
-```java
-HttpsUrlConnectionSigner signer = new HttpsUrlConnectionSigner(charset, consumerKey, signingKey, SignatureMethod.RSA_PSS_SHA256);
+HttpsUrlConnectionSigner signer = new HttpsUrlConnectionSigner(charset, consumerKey, signingKey);
 signer.sign(con, payload);
 ```
 
@@ -135,9 +125,7 @@ HttpClient httpClient = HttpClientBuilder.create().build();
 HttpPost httpPost = new HttpPost("https://sandbox.api.mastercard.com/service");
 httpPost.setEntity(new StringEntity(payload, ContentType.APPLICATION_JSON));
 
-ApacheHttpClient4Signer signer = new ApacheHttpClient4Signer(consumerKey, signingKey); // uses RSA_SHA256 as the default signature method
-// You can also specify the signature method:
-// ApacheHttpClient4Signer signer = new ApacheHttpClient4Signer(consumerKey, signingKey, SignatureMethod.RSA_PSS_SHA256);
+ApacheHttpClient4Signer signer = new ApacheHttpClient4Signer(consumerKey, signingKey);
 signer.sign(httpPost);
 ```
 
@@ -152,9 +140,7 @@ Request.Builder request = new Request.Builder()
         .url("https://sandbox.api.mastercard.com/service")
         .post(body);
 
-OkHttpSigner signer = new OkHttpSigner(consumerKey, signingKey); // uses RSA_SHA256 as the default signature method
-// You can also specify the signature method:
-// OkHttpSigner signer = new OkHttpSigner(consumerKey, signingKey, SignatureMethod.RSA_PSS_SHA256);
+OkHttpSigner signer = new OkHttpSigner(consumerKey, signingKey);
 signer.sign(request);
 ```
 
@@ -166,9 +152,7 @@ ClientRequest request = ClientRequest.create(HttpMethod.POST, URI.create("https:
         .body(BodyInserters.fromValue(new BodyInserterWrapper(yourRequestObject)))
         .build();
 
-SpringWebfluxSigner signer = new SpringWebfluxSigner(consumerKey, signingKey); // uses RSA_SHA256 as the default signature method
-// You can also specify the signature method:
-// SpringWebfluxSigner signer = new SpringWebfluxSigner(consumerKey, signingKey, SignatureMethod.RSA_PSS_SHA256);
+SpringWebfluxSigner signer = new SpringWebfluxSigner(consumerKey, signingKey);
 ClientRequest signedRequest = signer.sign(request);
 client.exchange(signedRequest);
 ```
@@ -209,11 +193,7 @@ See also:
 ApiClient client = new ApiClient();
 client.setBasePath("https://sandbox.api.mastercard.com");
 List<Interceptor> interceptors = client.getHttpClient().interceptors();
-interceptors.add(
-        new OkHttp2OAuth1Interceptor(consumerKey, signingKey) // uses RSA_SHA256 as the default signature method
-        // if you want to specify the signature method
-        // new OkHttp2OAuth1Interceptor(consumerKey, signingKey, SignatureMethod.RSA_PSS_SHA256)
-);
+interceptors.add(new OkHttp2OAuth1Interceptor(consumerKey, signingKey));
 ServiceApi serviceApi = new ServiceApi(client);
 // ...
 ```
@@ -227,11 +207,7 @@ client.setHttpClient(
     client.getHttpClient()
         .newBuilder()
         .proxy(proxy) // Optional proxy
-        .addInterceptor(
-                new OkHttpOAuth1Interceptor(consumerKey, signingKey) // uses RSA_SHA256 as the default signature method
-                // if you want to specify the signature method
-                // new OkHttpOAuth1Interceptor(consumerKey, signingKey, SignatureMethod.RSA_PSS_SHA256)
-        )
+        .addInterceptor(new OkHttpOAuth1Interceptor(consumerKey, signingKey))
         .build()
 );
 ServiceApi serviceApi = new ServiceApi(client);
@@ -255,11 +231,7 @@ ApiClient client = new ApiClient();
 client.setBasePath("https://sandbox.api.mastercard.com");
 Feign.Builder feignBuilder = client.getFeignBuilder();
 ArrayList<RequestInterceptor> interceptors = new ArrayList<>();
-interceptors.add(
-        new OpenFeignOAuth1Interceptor(consumerKey, signingKey, client.getBasePath()) // uses RSA_SHA256 as the default signature method
-        // if you want to specify the signature method
-        // new OpenFeignOAuth1Interceptor(consumerKey, signingKey, client.getBasePath(), SignatureMethod.RSA_PSS_SHA256)
-);
+interceptors.add(new OpenFeignOAuth1Interceptor(consumerKey, signingKey, client.getBasePath()));
 feignBuilder.requestInterceptors(interceptors);
 ServiceApi serviceApi = client.buildClient(ServiceApi.class);
 // ...
@@ -282,11 +254,7 @@ ApiClient client = new ApiClient();
 RestAdapter.Builder adapterBuilder = client.getAdapterBuilder();
 adapterBuilder.setEndpoint("https://sandbox.api.mastercard.com"); 
 List<Interceptor> interceptors = client.getOkClient().interceptors();
-interceptors.add(
-        new OkHttp2OAuth1Interceptor(consumerKey, signingKey) // uses RSA_SHA256 as the default signature method
-        // if you want to specify the signature method
-        // new OkHttp2OAuth1Interceptor(consumerKey, signingKey, SignatureMethod.RSA_PSS_SHA256)
-);
+interceptors.add(new OkHttp2OAuth1Interceptor(consumerKey, signingKey));
 ServiceApi serviceApi = client.createService(ServiceApi.class);
 // ...
 ```
@@ -308,11 +276,7 @@ ApiClient client = new ApiClient();
 Retrofit.Builder adapterBuilder = client.getAdapterBuilder();
 adapterBuilder.baseUrl("https://sandbox.api.mastercard.com"); 
 OkHttpClient.Builder okBuilder = client.getOkBuilder();
-okBuilder.addInterceptor(
-        new OkHttpOAuth1Interceptor(consumerKey, signingKey) // uses RSA_SHA256 as the default signature method
-        // if you want to specify the signature method
-        // new OkHttpOAuth1Interceptor(consumerKey, signingKey, SignatureMethod.RSA_PSS_SHA256)
-);
+okBuilder.addInterceptor(new OkHttpOAuth1Interceptor(consumerKey, signingKey));
 ServiceApi serviceApi = client.createService(ServiceApi.class);
 // ...
 ```
@@ -333,11 +297,7 @@ ServiceApi serviceApi = client.createService(ServiceApi.class);
 HttpRequestInitializer initializer = new HttpRequestInitializer() {
     @Override
     public void initialize(HttpRequest request) {
-        request.setInterceptor(
-                new HttpExecuteOAuth1Interceptor(consumerKey, signingKey) // uses RSA_SHA256 as the default signature method
-                // if you want to specify the signature method
-                // new HttpExecuteOAuth1Interceptor(consumerKey, signingKey, SignatureMethod.RSA_PSS_SHA256)
-        );
+        request.setInterceptor(new HttpExecuteOAuth1Interceptor(consumerKey, signingKey));
     }
 };
 ApiClient client = new ApiClient("https://sandbox.api.mastercard.com", null, initializer, null);
@@ -360,11 +320,7 @@ ServiceApi serviceApi = client.serviceApi();
 ```java
 WebClient.Builder webClientBuilder = WebClient.builder()
   .baseUrl("https://api.mastercard.com/service")
-  .filter(
-          new SpringWebfluxOAuth1Interceptor(consumerKey, signingKey) // uses RSA_SHA256 as the default signature method
-            // if you want to specify the signature method
-            // new SpringWebfluxOAuth1Interceptor(consumerKey, signingKey, SignatureMethod.RSA_PSS_SHA256)
-  );
+  .filter(new SpringWebfluxOAuth1Interceptor(consumerKey, signingKey));
 
 ApiClient apiClient = new ApiClient(webClientBuilder);
 ServiceApi serviceApi = client.serviceApi();
 
@@ -6,7 +6,7 @@
 
     <groupId>com.mastercard.developer</groupId>
     <artifactId>oauth1-signer</artifactId>
-    <version>1.6.0</version>
+    <version>1.5.6</version>
     <packaging>jar</packaging>
     <description>Zero dependency library for generating a Mastercard API compliant OAuth signature</description>
     <url>https://github.com/Mastercard/oauth1-signer-java</url>
@@ -113,12 +113,6 @@
             <version>3.27.7</version> <!-- We can't bump this one because of the Java 7 support -->
             <scope>test</scope>
         </dependency>
-        <dependency>
-            <groupId>org.mockito</groupId>
-            <artifactId>mockito-core</artifactId>
-            <version>5.21.0</version>
-            <scope>test</scope>
-        </dependency>
     </dependencies>
 
     <profiles>
 
@@ -2,8 +2,6 @@
 
 import com.google.api.client.http.HttpExecuteInterceptor;
 import com.google.api.client.http.HttpRequest;
-import com.mastercard.developer.oauth.OAuth;
-import com.mastercard.developer.oauth.SignatureMethod;
 import com.mastercard.developer.signers.GoogleApiClientSigner;
 
 import java.io.IOException;
@@ -18,11 +16,7 @@ public class HttpExecuteOAuth1Interceptor implements HttpExecuteInterceptor {
     private final GoogleApiClientSigner signer;
 
     public HttpExecuteOAuth1Interceptor(String consumerKey, PrivateKey signingKey) {
-        this(consumerKey, signingKey, OAuth.DEFAULT_SIGNATURE_METHOD);
-    }
-
-    public HttpExecuteOAuth1Interceptor(String consumerKey, PrivateKey signingKey, SignatureMethod signatureMethod) {
-        this.signer = new GoogleApiClientSigner(consumerKey, signingKey, signatureMethod);
+        this.signer = new GoogleApiClientSigner(consumerKey, signingKey);
     }
 
     public void intercept(HttpRequest request) throws IOException {
 
@@ -1,7 +1,5 @@
 package com.mastercard.developer.interceptors;
 
-import com.mastercard.developer.oauth.OAuth;
-import com.mastercard.developer.oauth.SignatureMethod;
 import com.mastercard.developer.signers.OkHttp2Signer;
 import com.squareup.okhttp.*;
 
@@ -16,11 +14,7 @@ public class OkHttp2OAuth1Interceptor implements Interceptor {
     private final OkHttp2Signer signer;
 
     public OkHttp2OAuth1Interceptor(String consumerKey, PrivateKey signingKey) {
-        this(consumerKey, signingKey, OAuth.DEFAULT_SIGNATURE_METHOD);
-    }
-
-    public OkHttp2OAuth1Interceptor(String consumerKey, PrivateKey signingKey, SignatureMethod signatureMethod) {
-        this.signer = new OkHttp2Signer(consumerKey, signingKey, signatureMethod);
+        this.signer = new OkHttp2Signer(consumerKey, signingKey);
     }
 
     @Override
 
@@ -1,7 +1,5 @@
 package com.mastercard.developer.interceptors;
 
-import com.mastercard.developer.oauth.OAuth;
-import com.mastercard.developer.oauth.SignatureMethod;
 import com.mastercard.developer.signers.OkHttpSigner;
 import okhttp3.*;
 
@@ -16,11 +14,7 @@ public class OkHttpOAuth1Interceptor implements Interceptor {
     private final OkHttpSigner signer;
 
     public OkHttpOAuth1Interceptor(String consumerKey, PrivateKey signingKey) {
-        this(consumerKey, signingKey, OAuth.DEFAULT_SIGNATURE_METHOD);
-    }
-
-    public OkHttpOAuth1Interceptor(String consumerKey, PrivateKey signingKey, SignatureMethod signatureMethod) {
-        this.signer = new OkHttpSigner(consumerKey, signingKey, signatureMethod);
+        this.signer = new OkHttpSigner(consumerKey, signingKey);
     }
 
     @Override
 
@@ -1,7 +1,5 @@
 package com.mastercard.developer.interceptors;
 
-import com.mastercard.developer.oauth.OAuth;
-import com.mastercard.developer.oauth.SignatureMethod;
 import com.mastercard.developer.signers.OpenFeignSigner;
 import feign.RequestInterceptor;
 import feign.RequestTemplate;
@@ -17,11 +15,7 @@ public class OpenFeignOAuth1Interceptor implements RequestInterceptor {
     private final OpenFeignSigner signer;
 
     public OpenFeignOAuth1Interceptor(String consumerKey, PrivateKey signingKey, String baseUri) {
-        this(consumerKey, signingKey, baseUri, OAuth.DEFAULT_SIGNATURE_METHOD);
-    }
-
-    public OpenFeignOAuth1Interceptor(String consumerKey, PrivateKey signingKey, String baseUri, SignatureMethod signatureMethod) {
-        this.signer = new OpenFeignSigner(consumerKey, signingKey, baseUri, signatureMethod);
+        this.signer = new OpenFeignSigner(consumerKey, signingKey, baseUri);
     }
 
     @Override
 
@@ -1,7 +1,5 @@
 package com.mastercard.developer.interceptors;
 
-import com.mastercard.developer.oauth.OAuth;
-import com.mastercard.developer.oauth.SignatureMethod;
 import com.mastercard.developer.signers.SpringWebfluxSigner;
 import org.springframework.web.reactive.function.client.ClientRequest;
 import org.springframework.web.reactive.function.client.ClientResponse;
@@ -19,11 +17,7 @@ public class SpringWebfluxOAuth1Interceptor implements ExchangeFilterFunction {
     private final SpringWebfluxSigner signer;
 
     public SpringWebfluxOAuth1Interceptor(String consumerKey, PrivateKey signingKey) {
-        this(consumerKey, signingKey, OAuth.DEFAULT_SIGNATURE_METHOD);
-    }
-
-    public SpringWebfluxOAuth1Interceptor(String consumerKey, PrivateKey signingKey, SignatureMethod signatureMethod) {
-        this.signer = new SpringWebfluxSigner(consumerKey, signingKey, signatureMethod);
+        this.signer = new SpringWebfluxSigner(consumerKey, signingKey);
     }
 
     @Override
 
@@ -24,29 +24,12 @@ private OAuth() {
 
   public static final String EMPTY_STRING = "";
   public static final String AUTHORIZATION_HEADER_NAME = "Authorization";
-  public static final SignatureMethod DEFAULT_SIGNATURE_METHOD = SignatureMethod.RSA_SHA256;
 
   private static final Logger LOG = Logger.getLogger(OAuth.class.getName());
-  private static final String BODY_HASH_ALGORITHM = "SHA-256";
+  private static final String HASH_ALGORITHM = "SHA-256";
   private static final int NONCE_LENGTH = 16;
   private static final String ALPHA_NUMERIC_CHARS = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
 
-  /**
-   * Creates a Mastercard API compliant OAuth Authorization header, using RSA-SHA256 as the signature method
-   *
-   * @param uri Target URI for this request
-   * @param method HTTP method of the request
-   * @param payload Payload (nullable)
-   * @param charset Charset encoding of the request
-   * @param consumerKey Consumer key set up in a Mastercard Developer Portal project
-   * @param signingKey The private key that will be used for signing the request that corresponds to the consumerKey
-   * @return Valid OAuth1.0a signature with a body hash when payload is present
-   * @see #getAuthorizationHeader(URI, String, String, Charset, String, PrivateKey, SignatureMethod)
-   */
-  public static String getAuthorizationHeader(URI uri, String method, String payload, Charset charset, String consumerKey, PrivateKey signingKey) {
-    return getAuthorizationHeader(uri, method, payload, charset, consumerKey, signingKey, DEFAULT_SIGNATURE_METHOD);
-  }
-
   /**
    * Creates a Mastercard API compliant OAuth Authorization header
    *
@@ -56,19 +39,18 @@ public static String getAuthorizationHeader(URI uri, String method, String paylo
    * @param charset Charset encoding of the request
    * @param consumerKey Consumer key set up in a Mastercard Developer Portal project
    * @param signingKey The private key that will be used for signing the request that corresponds to the consumerKey
-   * @param signMethod The signature method to use when signing the request
    * @return Valid OAuth1.0a signature with a body hash when payload is present
    */
-  public static String getAuthorizationHeader(URI uri, String method, String payload, Charset charset, String consumerKey, PrivateKey signingKey, SignatureMethod signMethod) {
+  public static String getAuthorizationHeader(URI uri, String method, String payload, Charset charset, String consumerKey, PrivateKey signingKey) {
     TreeMap<String, List<String>> queryParams = extractQueryParams(uri, charset);
 
     HashMap<String, String> oauthParams = new HashMap<>();
     oauthParams.put("oauth_consumer_key", consumerKey);
     oauthParams.put("oauth_nonce", getNonce());
-    oauthParams.put("oauth_signature_method", signMethod.getOauthName());
+    oauthParams.put("oauth_signature_method", "RSA-" + HASH_ALGORITHM.replace("-", ""));
     oauthParams.put("oauth_timestamp", getTimestamp());
     oauthParams.put("oauth_version", "1.0");
-    oauthParams.put("oauth_body_hash", getBodyHash(payload, charset, BODY_HASH_ALGORITHM));
+    oauthParams.put("oauth_body_hash", getBodyHash(payload, charset, HASH_ALGORITHM));
 
     // Combine query and oauth_ parameters into lexicographically sorted string
     String paramString = toOauthParamString(queryParams, oauthParams);
@@ -80,7 +62,7 @@ public static String getAuthorizationHeader(URI uri, String method, String paylo
     String sbs = getSignatureBaseString(method, baseUri, paramString, charset);
 
     // Signature
-    String signature = signSignatureBaseString(sbs, signingKey, charset, signMethod);
+    String signature = signSignatureBaseString(sbs, signingKey, charset);
     oauthParams.put("oauth_signature", Util.percentEncode(signature, charset));
 
     return getAuthorizationString(oauthParams);
@@ -270,19 +252,6 @@ static String getBodyHash(String payload, Charset charset, String hashAlg) {
     return Util.b64Encode(hash);
   }
 
-  /**
-   * Signs the signature base string using an RSA private key and RSA-SHA256 as the signature method.
-   *
-   * @param sbs Signature base string formatted as per https://tools.ietf.org/html/rfc5849#section-3.4.1
-   * @param signingKey Private key of the RSA key pair that was established with the service provider
-   * @param charset Charset encoding of the request
-   * @return RSA signature matching the contents of signature base string
-   * @see #signSignatureBaseString(String, PrivateKey, Charset, SignatureMethod)
-   */
-  static String signSignatureBaseString(String sbs, PrivateKey signingKey, Charset charset) {
-    return signSignatureBaseString(sbs, signingKey, charset, DEFAULT_SIGNATURE_METHOD);
-  }
-
   /**
    * Signs the signature base string using an RSA private key. The methodology is described at
    * https://tools.ietf.org/html/rfc5849#section-3.4.3 but Mastercard uses the stronger SHA-256 algorithm
@@ -291,22 +260,18 @@ static String signSignatureBaseString(String sbs, PrivateKey signingKey, Charset
    * @param sbs Signature base string formatted as per https://tools.ietf.org/html/rfc5849#section-3.4.1
    * @param signingKey Private key of the RSA key pair that was established with the service provider
    * @param charset Charset encoding of the request
-   * @param signMethod The signature method to use when signing the request
    * @return RSA signature matching the contents of signature base string
    */
-  static String signSignatureBaseString(String sbs, PrivateKey signingKey, Charset charset, SignatureMethod signMethod) {
+  static String signSignatureBaseString(String sbs, PrivateKey signingKey, Charset charset) {
     try {
-      Signature signer = Signature.getInstance(signMethod.getJcaName());
-      if(signMethod.getAlgorithmParams() != null) {
-        signer.setParameter(signMethod.getAlgorithmParams());
-      }
+      Signature signer = Signature.getInstance("SHA256withRSA");
       signer.initSign(signingKey);
       byte[] sbsBytes = sbs.getBytes(charset);
       signer.update(sbsBytes);
       byte[] signatureBytes = signer.sign();
       return Util.b64Encode(signatureBytes);
     } catch (GeneralSecurityException e) {
-      throw new IllegalStateException("Unable to sign with method " + signMethod.getOauthName() + " using the provided key", e);
+      throw new IllegalStateException("Unable to RSA-SHA256 sign the given string with the provided key", e);
     }
   }