Package com.github.zhangkaitao.shiro.chapter18.oauth2

Examples of com.github.zhangkaitao.shiro.chapter18.oauth2.OAuth2Token


              request);
      if (handlerError != null) {
        return handlerError;
      }

      final OAuth2Token accessToken = accessor.getAccessToken();

      String ext = accessToken.getMacExt();
      if (ext == null || ext.length() == 0) {
        ext = "";
      }

      // REQUIRED. The MAC key identifier.
      final String id = new String(accessToken.getSecret(), "UTF-8");

      // REQUIRED. A unique string generated by the client to allow the
      // server to verify that a request has never been made before and
      // helps prevent replay attacks when requests are made over an
      // insecure channel. The nonce value MUST be unique across all
      // requests with the same MAC key identifier.
      // The nonce value MUST consist of the age of the MAC credentials
      // expressed as the number of seconds since the credentials were
      // issued to the client, a colon character (%x25), and a unique
      // string (typically random). The age value MUST be a positive
      // integer and MUST NOT include leading zeros (e.g.
      // "000137131200"). For example: "273156:di3hvdf8".
      // To avoid the need to retain an infinite number of nonce values
      // for future checks, the server MAY choose to restrict the time
      // period after which a request with an old age is rejected. If
      // such a restriction is enforced, the server SHOULD allow for a
      // sufficiently large window to accommodate network delays which
      // will affect the credentials issue time used by the client to
      // calculate the credentials' age.
      final long currentTime = System.currentTimeMillis() / 1000;
      final String nonce = Long.toString(currentTime - accessToken.getIssuedAt()) + ':'
              + String.valueOf(Math.abs(Crypto.RAND.nextLong()));

      // OPTIONAL. The HTTP request payload body hash as described in
      // Section 3.2.

      String bodyHash = MacTokenHandler.getBodyHash(request, accessToken.getMacSecret(),
              accessToken.getMacAlgorithm());
      if (bodyHash == null) {
        bodyHash = "";
      }

      // mac
      // REQUIRED. The HTTP request MAC as described in Section 3.3.
      final Uri uri = request.getUri();

      String uriString = uri.getPath();
      if (uri.getQuery() != null) {
        uriString = uriString + '?' + uri.getQuery();
      }

      String host = uri.getAuthority();
      String port = "80";
      final int index = host.indexOf(':');
      if (index > 0) {
        port = host.substring(index + 1);
        host = host.substring(0, index);
      } else {
        final String scheme = uri.getScheme();
        if ("https".equals(scheme)) {
          port = "443";
        }
      }

      final String mac = MacTokenHandler.getMac(nonce, request.getMethod(), uriString, host, port,
              bodyHash, ext, accessToken.getMacSecret(), accessToken.getMacAlgorithm());

      final String headerString = buildHeaderString(id, nonce, bodyHash, ext, mac);

      request.setHeader(OAuth2Message.AUTHORIZATION_HEADER, headerString);
      return null;
View Full Code Here


    if (request == null) {
      return MacTokenHandler.getError("request is null");
    }

    final OAuth2Token accessToken = accessor.getAccessToken();

    if (accessToken == null || accessToken.getTokenType().length() == 0) {
      return MacTokenHandler.getError("accessToken is invalid " + accessToken);
    }

    if (!MacTokenHandler.TOKEN_TYPE.equalsIgnoreCase(accessToken.getTokenType())) {
      return MacTokenHandler.getError("token type mismatch expected " + MacTokenHandler.TOKEN_TYPE
              + " but got " + accessToken.getTokenType());
    }

    final String algorithm = accessToken.getMacAlgorithm();
    if (algorithm == null || algorithm.length() == 0) {
      return MacTokenHandler.getError("invalid mac algorithm " + algorithm);
    }

    if (!OAuth2Message.HMAC_SHA_1.equalsIgnoreCase(algorithm)) {
      return MacTokenHandler.getError("unsupported algorithm " + algorithm);
    }

    final byte[] macSecret = accessToken.getMacSecret();
    if (macSecret == null) {
      return MacTokenHandler.getError("mac secret is null");
    }

    if (macSecret.length == 0) {
View Full Code Here

            final String macAlgorithm = msg.getMacAlgorithm();
            final String macSecret = msg.getMacSecret();
            final Map<String, String> unparsedProperties = msg.getUnparsedProperties();

            if (accessToken != null) {
              final OAuth2Token storedAccessToken = this.store.createToken();
              storedAccessToken.setIssuedAt(issuedAt);
              if (expiresIn != null) {
                storedAccessToken.setExpiresAt(issuedAt + Long.decode(expiresIn) * 1000);
              } else {
                storedAccessToken.setExpiresAt(0);
              }
              storedAccessToken.setGadgetUri(gadgetUri);
              storedAccessToken.setServiceName(providerName);
              storedAccessToken.setScope(scope);
              storedAccessToken.setSecret(accessToken.getBytes("UTF-8"));
              storedAccessToken.setTokenType(tokenType);
              storedAccessToken.setType(OAuth2Token.Type.ACCESS);
              storedAccessToken.setUser(user);
              if (macAlgorithm != null) {
                storedAccessToken.setMacAlgorithm(macAlgorithm);
              }
              if (macSecret != null) {
                storedAccessToken.setMacSecret(macSecret.getBytes("UTF-8"));
              }
              storedAccessToken.setProperties(unparsedProperties);
              this.store.setToken(storedAccessToken);
              accessor.setAccessToken(storedAccessToken);
            }

            if (refreshToken != null) {
              final OAuth2Token storedRefreshToken = this.store.createToken();
              storedRefreshToken.setExpiresAt(0);
              storedRefreshToken.setGadgetUri(gadgetUri);
              storedRefreshToken.setServiceName(providerName);
              storedRefreshToken.setScope(scope);
              storedRefreshToken.setSecret(refreshToken.getBytes("UTF-8"));
              storedRefreshToken.setTokenType(tokenType);
              storedRefreshToken.setType(OAuth2Token.Type.REFRESH);
              storedRefreshToken.setUser(user);
              this.store.setToken(storedRefreshToken);
              accessor.setRefreshToken(storedRefreshToken);
            }
          }
        }
View Full Code Here

    final OAuth2HandlerError result = TokenAuthorizationResponseHandlerTest.tarh.handleResponse(
            accessor, response);

    Assert.assertNull(result);

    final OAuth2Token accessToken = TokenAuthorizationResponseHandlerTest.store.getToken(
            accessor.getGadgetUri(), accessor.getServiceName(), accessor.getUser(),
            accessor.getScope(), OAuth2Token.Type.ACCESS);
    Assert.assertNotNull(accessToken);
    Assert.assertEquals("xxx", new String(accessToken.getSecret(), "UTF-8"));
    Assert.assertEquals(OAuth2Message.BEARER_TOKEN_TYPE, accessToken.getTokenType());
    Assert.assertTrue(accessToken.getExpiresAt() > 1000);

    final OAuth2Token refreshToken = TokenAuthorizationResponseHandlerTest.store.getToken(
            accessor.getGadgetUri(), accessor.getServiceName(), accessor.getUser(),
            accessor.getScope(), OAuth2Token.Type.REFRESH);
    Assert.assertNotNull(refreshToken);
    Assert.assertEquals("yyy", new String(refreshToken.getSecret(), "UTF-8"));
  }
View Full Code Here

    final OAuth2HandlerError result = TokenAuthorizationResponseHandlerTest.tarh.handleResponse(
            accessor, response);

    Assert.assertNull(result);

    final OAuth2Token accessToken = TokenAuthorizationResponseHandlerTest.store.getToken(
            accessor.getGadgetUri(), accessor.getServiceName(), accessor.getUser(),
            accessor.getScope(), OAuth2Token.Type.ACCESS);
    Assert.assertNotNull(accessToken);
    Assert.assertEquals("xxx", new String(accessToken.getSecret(), "UTF-8"));
    Assert.assertEquals(OAuth2Message.BEARER_TOKEN_TYPE, accessToken.getTokenType());
    Assert.assertTrue(accessToken.getExpiresAt() > 1000);

    final OAuth2Token refreshToken = TokenAuthorizationResponseHandlerTest.store.getToken(
            accessor.getGadgetUri(), accessor.getServiceName(), accessor.getUser(),
            accessor.getScope(), OAuth2Token.Type.REFRESH);
    Assert.assertNotNull(refreshToken);
    Assert.assertEquals("yyy", new String(refreshToken.getSecret(), "UTF-8"));
  }
View Full Code Here

    final OAuth2HandlerError result = TokenAuthorizationResponseHandlerTest.tarh.handleResponse(
            accessor, response);

    Assert.assertNull(result);
    final OAuth2Token accessToken = TokenAuthorizationResponseHandlerTest.store.getToken(
            accessor.getGadgetUri(), accessor.getServiceName(), accessor.getUser(),
            accessor.getScope(), OAuth2Token.Type.ACCESS);
    Assert.assertEquals("xxx", new String(accessToken.getSecret(), "UTF-8"));
    Assert.assertEquals(OAuth2Message.BEARER_TOKEN_TYPE, accessToken.getTokenType());
    Assert.assertTrue(accessToken.getExpiresAt() > 1000);
  }
View Full Code Here

      return true;
    }
    if (!(obj instanceof OAuth2Token)) {
      return false;
    }
    final OAuth2Token other = (OAuth2Token) obj;
    if (this.gadgetUri == null) {
      if (other.getGadgetUri() != null) {
        return false;
      }
    } else if (!this.gadgetUri.equals(other.getGadgetUri())) {
      return false;
    }
    if (this.serviceName == null) {
      if (other.getServiceName() != null) {
        return false;
      }
    } else if (!this.serviceName.equals(other.getServiceName())) {
      return false;
    }

    if (this.user == null) {
      if (other.getUser() != null) {
        return false;
      }
    } else if (!this.user.equals(other.getUser())) {
      return false;
    }
    if (this.scope == null) {
      if (other.getScope() != null) {
        return false;
      }
    } else if (!this.scope.equals(other.getScope())) {
      return false;
    }
    if (this.type == null) {
      if (other.getType() != null) {
        return false;
      }
    } else if (!this.type.equals(other.getType())) {
      return false;
    }

    return true;
  }
View Full Code Here

              request);
      if (handlerError != null) {
        return handlerError;
      }

      final OAuth2Token accessToken = accessor.getAccessToken();

      String ext = accessToken.getMacExt();
      if (ext == null || ext.length() == 0) {
        ext = "";
      }

      // REQUIRED. The MAC key identifier.
      final String id = new String(accessToken.getSecret(), "UTF-8");

      // REQUIRED. A unique string generated by the client to allow the
      // server to verify that a request has never been made before and
      // helps prevent replay attacks when requests are made over an
      // insecure channel. The nonce value MUST be unique across all
      // requests with the same MAC key identifier.
      // The nonce value MUST consist of the age of the MAC credentials
      // expressed as the number of seconds since the credentials were
      // issued to the client, a colon character (%x25), and a unique
      // string (typically random). The age value MUST be a positive
      // integer and MUST NOT include leading zeros (e.g.
      // "000137131200"). For example: "273156:di3hvdf8".
      // To avoid the need to retain an infinite number of nonce values
      // for future checks, the server MAY choose to restrict the time
      // period after which a request with an old age is rejected. If
      // such a restriction is enforced, the server SHOULD allow for a
      // sufficiently large window to accommodate network delays which
      // will affect the credentials issue time used by the client to
      // calculate the credentials' age.
      final long currentTime = System.currentTimeMillis() / 1000;
      final String nonce = Long.toString(currentTime - accessToken.getIssuedAt()) + ':'
              + String.valueOf(Math.abs(Crypto.RAND.nextLong()));

      // OPTIONAL. The HTTP request payload body hash as described in
      // Section 3.2.

      String bodyHash = MacTokenHandler.getBodyHash(request, accessToken.getMacSecret(),
              accessToken.getMacAlgorithm());
      if (bodyHash == null) {
        bodyHash = "";
      }

      // mac
      // REQUIRED. The HTTP request MAC as described in Section 3.3.
      final Uri uri = request.getUri();

      String uriString = uri.getPath();
      if (uri.getQuery() != null) {
        uriString = uriString + '?' + uri.getQuery();
      }

      String host = uri.getAuthority();
      String port = "80";
      final int index = host.indexOf(':');
      if (index > 0) {
        port = host.substring(index + 1);
        host = host.substring(0, index);
      } else {
        final String scheme = uri.getScheme();
        if ("https".equals(scheme)) {
          port = "443";
        }
      }

      final String mac = MacTokenHandler.getMac(nonce, request.getMethod(), uriString, host, port,
              bodyHash, ext, accessToken.getMacSecret(), accessToken.getMacAlgorithm());

      final String headerString = buildHeaderString(id, nonce, bodyHash, ext, mac);

      request.setHeader(OAuth2Message.AUTHORIZATION_HEADER, headerString);
      return null;
View Full Code Here

    if (request == null) {
      return MacTokenHandler.getError("request is null");
    }

    final OAuth2Token accessToken = accessor.getAccessToken();

    if (accessToken == null || accessToken.getTokenType().length() == 0) {
      return MacTokenHandler.getError("accessToken is invalid " + accessToken);
    }

    if (!MacTokenHandler.TOKEN_TYPE.equalsIgnoreCase(accessToken.getTokenType())) {
      return MacTokenHandler.getError("token type mismatch expected " + MacTokenHandler.TOKEN_TYPE
              + " but got " + accessToken.getTokenType());
    }

    final String algorithm = accessToken.getMacAlgorithm();
    if (algorithm == null || algorithm.length() == 0) {
      return MacTokenHandler.getError("invalid mac algorithm " + algorithm);
    }

    if (!OAuth2Message.HMAC_SHA_1.equalsIgnoreCase(algorithm)) {
      return MacTokenHandler.getError("unsupported algorithm " + algorithm);
    }

    final byte[] macSecret = accessToken.getMacSecret();
    if (macSecret == null) {
      return MacTokenHandler.getError("mac secret is null");
    }

    if (macSecret.length == 0) {
View Full Code Here

    return ret;
  }

  public OAuth2Token getToken(final String gadgetUri, final String serviceName, final String user,
          final String scope, final Type type) {
    OAuth2Token ret = null;
    final String tokenKey = this.getTokenKey(gadgetUri, serviceName, user, scope, type);
    if (tokenKey != null) {
      ret = this.getTokenMap().get(tokenKey);
    }
View Full Code Here

TOP

Related Classes of com.github.zhangkaitao.shiro.chapter18.oauth2.OAuth2Token

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.