Examples of OAuthMessage


Examples of net.oauth.OAuthMessage

  }

  private void serveRequestToken(HttpServletRequest req,
      HttpServletResponse resp) throws IOException {
    logger.debug("Request token");
    OAuthMessage message = OAuthUtils.readMessage(req);
    try{
      // require some parameters
      message.requireParameters(OAuth.OAUTH_CONSUMER_KEY,
          OAuth.OAUTH_SIGNATURE_METHOD,
          OAuth.OAUTH_SIGNATURE,
          OAuth.OAUTH_TIMESTAMP,
          OAuth.OAUTH_NONCE);
      logger.debug("Parameters present");

      String consumerKey = message.getParameter(OAuth.OAUTH_CONSUMER_KEY);
      // load the OAuth Consumer
      org.jboss.resteasy.auth.oauth.OAuthConsumer consumer = provider.getConsumer(consumerKey);
     
      // create some structures for net.oauth
      OAuthConsumer _consumer = new OAuthConsumer(null, consumerKey, consumer.getSecret(), null);
      OAuthAccessor accessor = new OAuthAccessor(_consumer);
     
      // validate the message
      validator.validateMessage(message, accessor, null);

      // create a new Request Token
      String callbackURI = message.getParameter(OAuth.OAUTH_CALLBACK);
      if (callbackURI != null && consumer.getConnectURI() != null
              && !callbackURI.startsWith(consumer.getConnectURI())) {
          throw new OAuthException(400, "Wrong callback URI");
      }
      OAuthToken token = provider.makeRequestToken(consumerKey,
View Full Code Here

Examples of net.oauth.OAuthMessage


  private void serveAccessToken(HttpServletRequest req,
      HttpServletResponse resp) throws IOException {
    logger.debug("Access token");
    OAuthMessage message = OAuthUtils.readMessage(req);
    try{
      // request some parameters
      message.requireParameters(OAuth.OAUTH_CONSUMER_KEY,
          OAuth.OAUTH_TOKEN,
          OAuth.OAUTH_SIGNATURE_METHOD,
          OAuth.OAUTH_SIGNATURE,
          OAuth.OAUTH_TIMESTAMP,
          OAuth.OAUTH_NONCE,
          OAuthUtils.OAUTH_VERIFIER_PARAM);

      logger.debug("Parameters present");
     
      // load some parameters
      String consumerKey = message.getParameter(OAuth.OAUTH_CONSUMER_KEY);
      String requestTokenString = message.getParameter(OAuth.OAUTH_TOKEN);
      String verifier = message.getParameter(OAuth.OAUTH_VERIFIER);
     
      // get the Request Token to exchange
      OAuthToken requestToken = provider.getRequestToken(consumerKey, requestTokenString);
     
      // build some structures for net.oauth
View Full Code Here

Examples of net.oauth.OAuthMessage

     Assert.assertEquals(expectedStatus, status);
     method.releaseConnection();
   }

   private String getRequestURL(String consumerKey, String consumerSecret) throws Exception {
     OAuthMessage message = new OAuthMessage("GET", RequestURL, Collections.<Map.Entry>emptyList());
     OAuthConsumer consumer = new OAuthConsumer("http://callback.net", consumerKey, consumerSecret, null);
     OAuthAccessor accessor = new OAuthAccessor(consumer);
     message.addParameter(OAuth.OAUTH_CALLBACK, consumer.callbackURL);
     message.addRequiredParameters(accessor);
     return OAuth.addParameters(message.URL, message.getParameters());
   }
View Full Code Here

Examples of net.oauth.OAuthMessage

     message.addRequiredParameters(accessor);
     return OAuth.addParameters(message.URL, message.getParameters());
   }

   private String getAccessURL(String consumerKey, String consumerSecret, String requestKey, String requestSecret, String verifier) throws Exception {
     OAuthMessage message = new OAuthMessage("GET", AccessURL, Collections.<Map.Entry>emptyList());
     OAuthConsumer consumer = new OAuthConsumer("http://callback.net", consumerKey, consumerSecret, null);
     OAuthAccessor accessor = new OAuthAccessor(consumer);
     accessor.requestToken = requestKey;
     accessor.tokenSecret = requestSecret;
     message.addParameter(OAuthUtils.OAUTH_VERIFIER_PARAM, verifier);
     message.addParameter(OAuth.OAUTH_TOKEN, requestKey);
     message.addRequiredParameters(accessor);
     return OAuth.addParameters(message.URL, message.getParameters());
   }
View Full Code Here

Examples of net.oauth.OAuthMessage

     message.addRequiredParameters(accessor);
     return OAuth.addParameters(message.URL, message.getParameters());
   }

   private String getProtectedURL(String url, String consumerKey, String consumerSecret, String accessKey, String accessSecret) throws Exception {
     OAuthMessage message = new OAuthMessage("GET", ProtectedURL+url, Collections.<Map.Entry>emptyList());
     OAuthConsumer consumer = new OAuthConsumer("http://callback.net", consumerKey, consumerSecret, null);
     OAuthAccessor accessor = new OAuthAccessor(consumer);
     accessor.accessToken = accessKey;
     accessor.tokenSecret = accessSecret;
     message.addParameter(OAuth.OAUTH_TOKEN, accessKey);
     message.addRequiredParameters(accessor);
     return OAuth.addParameters(message.URL, message.getParameters());
   }
View Full Code Here

Examples of net.oauth.OAuthMessage

    }
   
    public static OAuthMessage getOAuthMessage(MessageContext mc,
                                               HttpServletRequest request,
                                               String[] requiredParams) throws Exception {
        OAuthMessage oAuthMessage = OAuthServlet.getMessage(request, request.getRequestURL().toString());
        OAuthUtils.addParametersIfNeeded(mc, request, oAuthMessage);
        oAuthMessage.requireParameters(requiredParams);
        return oAuthMessage;
    }
View Full Code Here

Examples of net.oauth.OAuthMessage

        };
   
    public Response handle(MessageContext mc, OAuthDataProvider dataProvider) {
        HttpServletRequest request = mc.getHttpServletRequest();
        try {
            OAuthMessage oAuthMessage =
                OAuthUtils.getOAuthMessage(mc, request, REQUIRED_PARAMETERS);
            new DefaultOAuthValidator().checkSingleParameter(oAuthMessage);

            RequestToken token = dataProvider.getRequestToken(oAuthMessage.getToken());
            if (token == null) {
                throw new OAuthProblemException(OAuth.Problems.TOKEN_REJECTED);
            }
           
            String decision = oAuthMessage.getParameter(OAuthConstants.AUTHORIZATION_DECISION_KEY);
           
            OAuthAuthorizationData secData = new OAuthAuthorizationData();
            if (!compareRequestSessionTokens(request, oAuthMessage)) {
                if (decision != null) {
                    // this is a user decision request, the session has expired or been possibly hijacked
                    LOG.warning("Session authenticity token is missing or invalid");
                    throw ExceptionUtils.toBadRequestException(null, null);
                }
                // assume it is an initial authorization request
                addAuthenticityTokenToSession(secData, request);
                return Response.ok(
                        addAdditionalParams(secData, dataProvider, token)).build();
            }
           
           
            boolean allow = OAuthConstants.AUTHORIZATION_DECISION_ALLOW.equals(decision);

            Map<String, String> queryParams = new HashMap<String, String>();
            if (allow) {
                SecurityContext sc = (SecurityContext)mc.get(SecurityContext.class.getName());
                List<String> roleNames = Collections.emptyList();
                if (sc instanceof LoginSecurityContext) {
                    roleNames = new ArrayList<String>();
                    Set<Principal> roles = ((LoginSecurityContext)sc).getUserRoles();
                    for (Principal p : roles) {
                        roleNames.add(p.getName());
                    }
                }
                token.setSubject(new UserSubject(sc.getUserPrincipal() == null
                    ? null : sc.getUserPrincipal().getName(), roleNames));
               
                AuthorizationInput input = new AuthorizationInput();
                input.setToken(token);
                
                Set<OAuthPermission> approvedScopesSet = new HashSet<OAuthPermission>();
               
                List<OAuthPermission> originalScopes = token.getScopes();
                for (OAuthPermission perm : originalScopes) {
                    String param = oAuthMessage.getParameter(perm.getPermission() + "_status");
                    if (param != null && OAuthConstants.AUTHORIZATION_DECISION_ALLOW.equals(param)) {
                        approvedScopesSet.add(perm);
                    }
                }
                List<OAuthPermission> approvedScopes = new LinkedList<OAuthPermission>(approvedScopesSet);
View Full Code Here

Examples of net.oauth.OAuthMessage

        }
       
        AccessToken accessToken = null;
        Client client = null;
       
        OAuthMessage oAuthMessage = OAuthServlet.getMessage(new CustomHttpServletWrapper(req),
                                                            OAuthServlet.getRequestURL(req));
        if (oAuthMessage.getParameter(OAuth.OAUTH_TOKEN) != null) {
            oAuthMessage.requireParameters(REQUIRED_PARAMETERS);

            accessToken = dataProvider.getAccessToken(oAuthMessage.getToken());

            //check if access token is not null
            if (accessToken == null) {
                LOG.warning("Access token is unavailable");
                throw new OAuthProblemException(OAuth.Problems.TOKEN_REJECTED);
            }
            client = accessToken.getClient();
           
            OAuthUtils.validateMessage(oAuthMessage, client, accessToken,
                                       dataProvider, validator);   
        } else {
            String consumerKey = null;
            String consumerSecret = null;
           
            String authHeader = oAuthMessage.getHeader("Authorization");
            if (authHeader != null) {
                if (authHeader.startsWith("OAuth")) {
                    consumerKey = oAuthMessage.getParameter(OAuth.OAUTH_CONSUMER_KEY);
                    consumerSecret = oAuthMessage.getParameter(OAuthConstants.OAUTH_CONSUMER_SECRET);
                } else if (authHeader.startsWith("Basic")) {
                    AuthorizationPolicy policy = getAuthorizationPolicy(authHeader);
                    if (policy != null) {
                        consumerKey = policy.getUserName();
                        consumerSecret = policy.getPassword();
View Full Code Here

Examples of net.oauth.OAuthMessage

      return new HttpResponseBuilder()
          .setHttpStatusCode(rc)
          .setResponseString("some vague error")
          .create();
    }
    OAuthMessage msg = new OAuthMessage(null, null, null);
    msg.addParameter("oauth_problem", code);
    msg.addParameter("oauth_problem_advice", text);
    return new HttpResponseBuilder()
        .setHttpStatusCode(rc)
        .addHeader("WWW-Authenticate", msg.getAuthorizationHeader("realm"))
        .create();
  }
View Full Code Here

Examples of net.oauth.OAuthMessage

        }
      }
    }

    // Return the lot
    info.message = new OAuthMessage(method, parsed.getLocation(), params);

    // Check for trusted parameters
    if (checkTrustedParams) {
      if (!"foo".equals(OAuthUtil.getParameter(info.message, "oauth_magic"))) {
        throw new RuntimeException("no oauth_trusted=foo parameter");
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.