Examples of net.oauth.OAuthMessage

• net.oauth.OAuthMessage
  A request or response message used in the OAuth protocol.

  The parameters in this class are not percent-encoded. Methods like OAuthClient.invoke and OAuthResponseMessage.completeParameters are responsible for percent-encoding parameters before transmission and decoding them after reception. @author John Kristian

    for (Map.Entry<String, String[]> entry : requestParams.entrySet()) {
      for (String value : entry.getValue()) {
        params.add(new OAuth.Parameter(entry.getKey(), value));
      }
    }
    OAuthMessage message = new OAuthMessage(POST, requestUrl, params);

    // Compute and check the hash of the body.
    try {
      MessageDigest md = MessageDigest.getInstance(SHA_1);
      byte[] hash = md.digest(jsonBody.getBytes(UTF_8));
      String encodedHash = new String(Base64.encodeBase64(hash, false), UTF_8);
      if (!encodedHash.equals(message.getParameter(OAUTH_BODY_HASH))) {
        throw new IllegalArgumentException(
            "Body hash does not match. Expected: " + encodedHash + ", provided: "
                + message.getParameter(OAUTH_BODY_HASH));
      }

      OAuthAccessor accessor = consumerData.getAccessor();
      LOG.info("Signature base string: " + OAuthSignatureMethod.getBaseString(message));
      message.validateMessage(accessor, new SimpleOAuthValidator());
    } catch (NoSuchAlgorithmException e) {
      throw new OAuthException("Error validating OAuth request", e);
    } catch (URISyntaxException e) {
      throw new OAuthException("Error validating OAuth request", e);
    } catch (OAuthException e) {

        request.headers.add(new SimpleEntry<String, String>("oauth_version", "1.0"));
        responseStream =
            httpFetcher.execute(request, Collections.<String, Object>emptyMap()).getBody();
      } else {
        OAuthAccessor accessor = consumerDataObj.getAccessor();
        OAuthMessage message = accessor.newRequestMessage("POST", rpcServerUrl, null, bodyStream);
        message.getHeaders().add(
            new SimpleEntry<String, String>(HttpMessage.CONTENT_TYPE, "application/json"));
        message.getHeaders().add(new SimpleEntry<String, String>("oauth_version", "1.0"));
        OAuthClient client = new OAuthClient(httpFetcher);
        responseStream = client.invoke(message, net.oauth.ParameterStyle.BODY).getBodyAsStream();
      }

      String responseString = HttpFetcher.readInputStream(responseStream);

   * @return a URL for the given JSON string, and the required OAuth parameters.
   */
  public static String createOAuthUrlString(
      String jsonBody, String rpcServerUrl, OAuthAccessor accessor)
      throws IOException, URISyntaxException, OAuthException {
    OAuthMessage message =
        new OAuthMessage(POST, rpcServerUrl, Collections.<SimpleEntry<String, String>>emptyList());

    // Compute the hash of the body.
    byte[] rawBody = jsonBody.getBytes(UTF_8);
    byte[] hash = DigestUtils.sha(rawBody);
    byte[] encodedHash = Base64.encodeBase64(hash);
    message.addParameter(OAUTH_BODY_HASH, new String(encodedHash, UTF_8));

    // Add other parameters.

    message.addRequiredParameters(accessor);
    LOG.info("Signature base string: " + OAuthSignatureMethod.getBaseString(message));

    // Construct the resulting URL.
    StringBuilder sb = new StringBuilder(rpcServerUrl);
    char connector = '?';
    for (Map.Entry<String, String> p : message.getParameters()) {
      if (!p.getKey().equals(jsonBody)) {
        sb.append(connector);
        sb.append(URLEncoder.encode(p.getKey(), UTF_8));
        sb.append('=');
        sb.append(URLEncoder.encode(p.getValue(), UTF_8));

    }

    public static OAuthMessage getOAuthMessage(MessageContext mc,
                                               HttpServletRequest request,
                                               String[] requiredParams) throws Exception {
        OAuthMessage oAuthMessage = OAuthServlet.getMessage(request, request.getRequestURL().toString());
        OAuthUtils.addParametersIfNeeded(mc, request, oAuthMessage);
        oAuthMessage.requireParameters(requiredParams);
        return oAuthMessage;
    }

    public static Response handleException(Exception e, int status,
                                           String realm) {
        if (e instanceof OAuthProblemException) {
            OAuthProblemException problem = (OAuthProblemException) e;
            OAuthMessage message = new OAuthMessage(null, null, problem
                    .getParameters().entrySet());
            try {
                return
                        Response.status(status).header("WWW-Authenticate",
                                message.getAuthorizationHeader(realm)).entity(e.getMessage()).build();
            } catch (IOException e1) {
                throw new WebApplicationException(
                        Response.status(status).entity(e.getMessage()).build());
            }
        }

        }

        AccessToken accessToken = null;
        Client client = null;

        OAuthMessage oAuthMessage = OAuthServlet.getMessage(req, req.getRequestURL().toString());
        if (oAuthMessage.getParameter(OAuth.OAUTH_TOKEN) != null) {
            oAuthMessage.requireParameters(REQUIRED_PARAMETERS);

            accessToken = dataProvider.getAccessToken(oAuthMessage.getToken());

            //check if access token is not null
            if (accessToken == null) {
                LOG.warning("Access token is unavailable");
                throw new OAuthProblemException(OAuth.Problems.TOKEN_REJECTED);
            }
            client = accessToken.getClient();

        } else {
            // TODO: the secret may not be included and only used to create a signature
            //       so the header will effectively be similar to the one used during
            //       RequestToken requests; we'd need to handle this case too
            String consumerKey = oAuthMessage.getParameter(OAuth.OAUTH_CONSUMER_KEY);
            String consumerSecret = oAuthMessage.getParameter("oauth_consumer_secret");
            client = dataProvider.getClient(consumerKey);
            if (client == null || consumerSecret == null || !consumerSecret.equals(client.getSecretKey())) {
                LOG.warning("Client is invalid");
                throw new OAuthProblemException(OAuth.Problems.CONSUMER_KEY_UNKNOWN);
            }

        OAuthConsumer consumer = new OAuthConsumer(null, params.get(OAuth.OAUTH_CONSUMER_KEY),
            CLIENT_SECRET, null);

        OAuthAccessor accessor = new OAuthAccessor(consumer);

        OAuthMessage msg = accessor
            .newRequestMessage(method, url, params.entrySet());

        OAuthClient client = new OAuthClient(new URLConnectionClient());

        return client.access(msg, style);

            OAuth.OAUTH_VERIFIER
        };

    public Response handle(MessageContext mc, OAuthDataProvider dataProvider) {
        try {
            OAuthMessage oAuthMessage =
                OAuthUtils.getOAuthMessage(mc, mc.getHttpServletRequest(), REQUIRED_PARAMETERS);

            RequestToken requestToken = dataProvider.getRequestToken(oAuthMessage.getToken());
            if (requestToken == null) {
                throw new OAuthProblemException(OAuth.Problems.TOKEN_REJECTED);
            }
            String oauthVerifier = oAuthMessage.getParameter(OAuth.OAUTH_VERIFIER);
            if (oauthVerifier == null || !oauthVerifier.equals(requestToken.getVerifier())) {
                throw new OAuthProblemException(OAuthConstants.VERIFIER_INVALID);
            }

            OAuthUtils.validateMessage(oAuthMessage, requestToken.getClient(), requestToken,

    }

    private static String doGetAuthorizationHeader(OAuthAccessor accessor,
            String method, String requestURI, Map<String, String> parameters) {
        try {
            OAuthMessage msg = accessor.newRequestMessage(method, requestURI, parameters.entrySet());
            return msg.getAuthorizationHeader(null);
        } catch (Exception ex) {
            throw new ClientWebApplicationException(ex);
        }
    }

        };

    public Response handle(MessageContext mc, OAuthDataProvider dataProvider) {
        HttpServletRequest request = mc.getHttpServletRequest();
        try {
            OAuthMessage oAuthMessage =
                OAuthUtils.getOAuthMessage(mc, request, REQUIRED_PARAMETERS);
            new DefaultOAuthValidator().checkSingleParameter(oAuthMessage);

            RequestToken token = dataProvider.getRequestToken(oAuthMessage.getToken());
            if (token == null) {
                throw new OAuthProblemException(OAuth.Problems.TOKEN_REJECTED);
            }

            OAuthAuthorizationData secData = new OAuthAuthorizationData();
            if (!compareRequestSessionTokens(request, oAuthMessage)) {
                addAuthenticityTokenToSession(secData, request);
                return Response.ok(
                        addAdditionalParams(secData, dataProvider, token)).build();
            }

            String decision = oAuthMessage.getParameter(OAuthConstants.AUTHORIZATION_DECISION_KEY);
            boolean allow = OAuthConstants.AUTHORIZATION_DECISION_ALLOW.equals(decision);

            Map<String, String> queryParams = new HashMap<String, String>();
            if (allow) {
                SecurityContext sc = mc.getSecurityContext();