TokenManager (HavenPlugin 4.0.0 API)

java.lang.Object

com.haven.havenplugin.accounts.TokenManager

public class TokenManager extends Object

Issues and verifies HMAC-SHA256-signed tokens.

Token format

base64url(payload_json) + "." + base64url(hmac_sha256(payload_json, secret))

Payload fields

uuid — 32-char account UUID
tracker — referral / analytics tracker string
expiry — Unix timestamp (seconds) as a string

Key persistence

The HMAC key is stored in <pluginDataFolder>/data/tokenKey. If absent or shorter than 24 bytes a new key is generated and written.

Method Summary

Modifier and Type

Method

Description

static String

createToken(String uuid, String tracker)

Create a signed token for the given account.

static void

init(File pluginDataFolder, Logger logger)

Must be called once during plugin enable, before any tokens are created or verified.

static String

verifyToken(String token)

Verify a token and return the account UUID it encodes.

Methods inherited from class Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Details
- init
  
  public static void init(File pluginDataFolder, Logger logger)
  
  Must be called once during plugin enable, before any tokens are created or verified.
  
  Parameters:
  
  pluginDataFolder - plugin.getDataFolder()
  
  logger - Plugin logger for warnings
- createToken
  
  public static String createToken(String uuid, String tracker)
  
  Create a signed token for the given account.
  
  Parameters:
  
  uuid - 32-char account UUID
  
  tracker - Tracker string stored in the account
  
  Returns:
  
  Signed token string
- verifyToken
  
  public static String verifyToken(String token)
  
  Verify a token and return the account UUID it encodes.
  
  Parameters:
  
  token - Token string as returned by createToken(String, String)
  
  Returns:
  
  The UUID from the token payload, or null if the token is missing, malformed, has an invalid signature, or has expired