Examples of net.oauth.SimpleOAuthValidator

net.oauth.SimpleOAuthValidator
A simple OAuthValidator, which checks the version, whether the timestamp is close to now, the nonce hasn't been used before and the signature is valid. Each check may be overridden.
This implementation is less than industrial strength:
- Duplicate nonces won't be reliably detected by a service provider running in multiple processes, since the used nonces are stored in memory.
- The collection of used nonces is a synchronized choke point
- The used nonces may occupy lots of memory, although you can minimize this by calling releaseGarbage periodically.
- The range of acceptable timestamps can't be changed, and there's no system for increasing the range smoothly.
- Correcting the clock backward may allow duplicate nonces.
For a big service provider, it might be better to store used nonces in a database. @author Dirk Balfanz @author John Kristian

  private final OAuthValidator validator;


  @Inject
  public OAuthValidatorProvider(@Named("shindig.oauth.validator-max-timestamp-age-ms")
                                  long maxTimestampAgeMsec) {
    validator = new SimpleOAuthValidator(maxTimestampAgeMsec, Double.parseDouble(OAuth.VERSION_1_0));
  }

View Full Code Here


    OAuthServiceProvider provider = new OAuthServiceProvider(null, null, null);
    OAuthConsumer consumer = new OAuthConsumer(null, appUrl, sharedSecret, provider);
    OAuthAccessor accessor = new OAuthAccessor(consumer);


    SimpleOAuthValidator validator = new SimpleOAuthValidator();
    try {
      validator.validateMessage(message, accessor);
    } catch (OAuthException e) {
      return false;
    } catch (IOException e) {
      return false;
    } catch (URISyntaxException e) {

View Full Code Here

  // Assumes data is all loaded
  public void validateRequest(String oauth_consumer_key, String oauth_secret, HttpServletRequest request) 
  {
    valid = false;
    OAuthMessage oam = OAuthServlet.getMessage(request, null);
    OAuthValidator oav = new SimpleOAuthValidator();
    OAuthConsumer cons = new OAuthConsumer("about:blank#OAuth+CallBack+NotUsed", 
        oauth_consumer_key, oauth_secret, null);


    OAuthAccessor acc = new OAuthAccessor(cons);


    try {
      base_string = OAuthSignatureMethod.getBaseString(oam);
    } catch (Exception e) {
      base_string = null;
    }


    try {
      oav.validateMessage(oam,acc);
    } catch(Exception e) {
      errorMessage = "Launch fails OAuth validation: "+e.getMessage();
      return;
    }
    valid = true;

View Full Code Here

  // Assumes data is all loaded
  public void validateRequest(String oauth_consumer_key, String oauth_secret, HttpServletRequest request) 
  {
    valid = false;
    OAuthMessage oam = OAuthServlet.getMessage(request, null);
    OAuthValidator oav = new SimpleOAuthValidator();
    OAuthConsumer cons = new OAuthConsumer("about:blank#OAuth+CallBack+NotUsed", 
        oauth_consumer_key, oauth_secret, null);


    OAuthAccessor acc = new OAuthAccessor(cons);


    try {
      base_string = OAuthSignatureMethod.getBaseString(oam);
    } catch (Exception e) {
      base_string = null;
    }


    try {
      oav.validateMessage(oam,acc);
    } catch(Exception e) {
      errorMessage = "Launch fails OAuth validation: "+e.getMessage();
      return;
    }
    valid = true;

View Full Code Here

      accessor.tokenSecret = entry.getTokenSecret();
      accessor.accessToken = entry.getToken();
    }


    try {
      OAuthValidator validator = new SimpleOAuthValidator();
      validator.validateMessage(message, accessor);
    } catch (OAuthProblemException e) {
      throw e;
    } catch (OAuthException e) {
      OAuthProblemException ope = new OAuthProblemException(OAuth.Problems.SIGNATURE_INVALID);
      ope.setParameter(OAuth.Problems.OAUTH_PROBLEM_ADVICE, e.getMessage());

View Full Code Here

   * @param keyManager The key manager instance to be used
   */
  private void initializeFilter(KeyManager keyManager) {
    this.keyManager = keyManager;
    provider = new OAuthServiceProvider(null, null, null);
    validator = new SimpleOAuthValidator();
    logger.info("Initialized OAuth filter with key manager: "
        + keyManager.getClass().getName());
  }

View Full Code Here

  @Provides
  @Singleton
  protected OAuthValidator provideOAuthValidator() {
    // TODO(ljvderijk): This isn't an industrial strength validator, it grows
    // over time. It should be replaced or cleaned out on a regular interval.
    return new SimpleOAuthValidator();
  }

View Full Code Here

            {
                throw new UnknownAcHostException(consumerKey);
            }


            host.setProperty(RSA_SHA1.PUBLIC_KEY, publicKey);
            message.validateMessage(new OAuthAccessor(host), new SimpleOAuthValidator());


            return consumerKey;
        }
        catch (OAuthProblemException e)
        {

View Full Code Here

0 1

TOP

Related Classes of net.oauth.SimpleOAuthValidator

com.atlassian.connect.play.java.oauth.OAuthRequestValidator

com.gadglet.servlets.BasicRequestServlet

com.google.feedserver.filters.AbstractOAuthFilter

com.google.gwt.gadgets.sample.traveler.server.AuthenticationFilter

com.google.wave.api.AbstractRobot

com.google.wave.api.WaveService

org.apache.shindig.social.core.oauth.OAuthAuthenticationHandler

org.apache.shindig.social.core.oauth.OAuthValidatorProvider

org.apache.shindig.social.sample.oauth.SampleContainerOAuthLookupService

org.imsglobal.json.IMSJSONRequest

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.