Examples of net.oauth.SimpleOAuthValidator

net.oauth.SimpleOAuthValidator
A simple OAuthValidator, which checks the version, whether the timestamp is close to now, the nonce hasn't been used before and the signature is valid. Each check may be overridden.
This implementation is less than industrial strength:
- Duplicate nonces won't be reliably detected by a service provider running in multiple processes, since the used nonces are stored in memory.
- The collection of used nonces is a synchronized choke point
- The used nonces may occupy lots of memory, although you can minimize this by calling releaseGarbage periodically.
- The range of acceptable timestamps can't be changed, and there's no system for increasing the range smoothly.
- Correcting the clock backward may allow duplicate nonces.
For a big service provider, it might be better to store used nonces in a database. @author Dirk Balfanz @author John Kristian

  @Provides
  @Singleton
  protected OAuthValidator provideOAuthValidator() {
    // TODO(ljvderijk): This isn't an industrial strength validator, it grows
    // over time. It should be replaced or cleaned out on a regular interval.
    return new SimpleOAuthValidator();
  }

View Full Code Here

    consumer.setProperty(OAuth.OAUTH_SIGNATURE_METHOD, OAuth.HMAC_SHA1);


    OAuthAccessor accessor = new OAuthAccessor(consumer);


    try {
      message.validateMessage(accessor, new SimpleOAuthValidator());
    } catch (OAuthException e) {
      return false;
    }


    return true;

View Full Code Here

    consumer.setProperty(RSA_SHA1.X509_CERTIFICATE, certificate);


    OAuthAccessor accessor = new OAuthAccessor(consumer);


    try {
      message.validateMessage(accessor, new SimpleOAuthValidator());
    } catch (OAuthException e) {
      return false;
    }


    return true;

View Full Code Here

      accessor.tokenSecret = entry.tokenSecret;
      accessor.accessToken = entry.token;
    }


    try {
      message.validateMessage(accessor, new SimpleOAuthValidator());
    } catch (OAuthProblemException e) {
      throw e;
    } catch (OAuthException e) {
      OAuthProblemException ope = new OAuthProblemException(OAuth.Problems.SIGNATURE_INVALID);
      ope.setParameter(OAuth.Problems.OAUTH_PROBLEM_ADVICE, e.getMessage());

View Full Code Here

                + message.getParameter(OAUTH_BODY_HASH));
      }


      OAuthAccessor accessor = consumerData.getAccessor();
      LOG.info("Signature base string: " + OAuthSignatureMethod.getBaseString(message));
      message.validateMessage(accessor, new SimpleOAuthValidator());
    } catch (NoSuchAlgorithmException e) {
      throw new OAuthException("Error validating OAuth request", e);
    } catch (URISyntaxException e) {
      throw new OAuthException("Error validating OAuth request", e);
    } catch (OAuthException e) {

View Full Code Here


    // Construct validator arguments.
    OAuthConsumer consumer = new OAuthConsumer(null, consumerKey, consumerSecret, null);
    OAuthAccessor accessor = new OAuthAccessor(consumer);
    LOG.info("Signature base string: " + OAuthSignatureMethod.getBaseString(message));
    message.validateMessage(accessor, new SimpleOAuthValidator());
  }

View Full Code Here

      OAuthMessage message = new OAuthMessage(request.getMethod(),
          request.getRequestURL().toString(), getRequestParameters(request));


      OAuthAccessor accessor = new OAuthAccessor(consumer);


      SimpleOAuthValidator validator = new SimpleOAuthValidator();
      validator.validateMessage(message, accessor);
      return true;
    } catch (OAuthProblemException ope) {
      log.warning(OAuthServlet.htmlEncode(ope.getProblem()));
      log.warning(ope.toString());
    } catch (OAuthException e) {

View Full Code Here

  private final OAuthValidator validator;


  @Inject
  public OAuthValidatorProvider(@Named("shindig.oauth.validator-max-timestamp-age-ms")
                                  long maxTimestampAgeMsec) {
    validator = new SimpleOAuthValidator(maxTimestampAgeMsec, Double.parseDouble(OAuth.VERSION_1_0));
  }

View Full Code Here

            {
                throw new UnknownAcHostException(consumerKey);
            }


            host.setProperty(RSA_SHA1.PUBLIC_KEY, publicKey);
            message.validateMessage(new OAuthAccessor(host), new SimpleOAuthValidator());


            return consumerKey;
        }
        catch (OAuthProblemException e)
        {

View Full Code Here

          platformRequestWrapper.getRequestURL().toString(),
          getRequestParameters(platformRequestWrapper));


      OAuthAccessor accessor = new OAuthAccessor(consumer);


      SimpleOAuthValidator validator = new SimpleOAuthValidator();
      validator.validateMessage(message, accessor);
      return true;
    } catch (OAuthProblemException ope) {


      log.warning(ope.toString());
    } catch (IOException e) {

View Full Code Here

0 1

TOP

Related Classes of net.oauth.SimpleOAuthValidator

com.atlassian.connect.play.java.oauth.OAuthRequestValidator

com.gadglet.servlets.BasicRequestServlet

com.google.feedserver.filters.AbstractOAuthFilter

com.google.gwt.gadgets.sample.traveler.server.AuthenticationFilter

com.google.wave.api.AbstractRobot

com.google.wave.api.WaveService

org.apache.shindig.social.core.oauth.OAuthAuthenticationHandler

org.apache.shindig.social.core.oauth.OAuthValidatorProvider

org.apache.shindig.social.sample.oauth.SampleContainerOAuthLookupService

org.imsglobal.json.IMSJSONRequest

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.