Package org.apache.shindig.gadgets.oauth2

Examples of org.apache.shindig.gadgets.oauth2.OAuth2Token


              request);
      if (handlerError != null) {
        return handlerError;
      }

      final OAuth2Token accessToken = accessor.getAccessToken();

      String ext = accessToken.getMacExt();
      if (ext == null || ext.length() == 0) {
        ext = "";
      }

      // REQUIRED. The MAC key identifier.
      final String id = new String(accessToken.getSecret(), "UTF-8");

      // REQUIRED. A unique string generated by the client to allow the
      // server to verify that a request has never been made before and
      // helps prevent replay attacks when requests are made over an
      // insecure channel. The nonce value MUST be unique across all
      // requests with the same MAC key identifier.
      // The nonce value MUST consist of the age of the MAC credentials
      // expressed as the number of seconds since the credentials were
      // issued to the client, a colon character (%x25), and a unique
      // string (typically random). The age value MUST be a positive
      // integer and MUST NOT include leading zeros (e.g.
      // "000137131200"). For example: "273156:di3hvdf8".
      // To avoid the need to retain an infinite number of nonce values
      // for future checks, the server MAY choose to restrict the time
      // period after which a request with an old age is rejected. If
      // such a restriction is enforced, the server SHOULD allow for a
      // sufficiently large window to accommodate network delays which
      // will affect the credentials issue time used by the client to
      // calculate the credentials' age.
      final long currentTime = System.currentTimeMillis() / 1000;
      final String nonce = Long.toString(currentTime - accessToken.getIssuedAt()) + ':'
              + String.valueOf(Math.abs(Crypto.RAND.nextLong()));

      // OPTIONAL. The HTTP request payload body hash as described in
      // Section 3.2.

      String bodyHash = MacTokenHandler.getBodyHash(request, accessToken.getMacSecret(),
              accessToken.getMacAlgorithm());
      if (bodyHash == null) {
        bodyHash = "";
      }

      // mac
      // REQUIRED. The HTTP request MAC as described in Section 3.3.
      final Uri uri = request.getUri();

      String uriString = uri.getPath();
      if (uri.getQuery() != null) {
        uriString = uriString + '?' + uri.getQuery();
      }

      String host = uri.getAuthority();
      String port = "80";
      final int index = host.indexOf(':');
      if (index > 0) {
        port = host.substring(index + 1);
        host = host.substring(0, index);
      } else {
        final String scheme = uri.getScheme();
        if ("https".equals(scheme)) {
          port = "443";
        }
      }

      final String mac = MacTokenHandler.getMac(nonce, request.getMethod(), uriString, host, port,
              bodyHash, ext, accessToken.getMacSecret(), accessToken.getMacAlgorithm());

      final String headerString = buildHeaderString(id, nonce, bodyHash, ext, mac);

      request.setHeader(OAuth2Message.AUTHORIZATION_HEADER, headerString);
      return null;
View Full Code Here


    if (request == null) {
      return MacTokenHandler.getError("request is null");
    }

    final OAuth2Token accessToken = accessor.getAccessToken();

    if (accessToken == null || accessToken.getTokenType().length() == 0) {
      return MacTokenHandler.getError("accessToken is invalid " + accessToken);
    }

    if (!MacTokenHandler.TOKEN_TYPE.equalsIgnoreCase(accessToken.getTokenType())) {
      return MacTokenHandler.getError("token type mismatch expected " + MacTokenHandler.TOKEN_TYPE
              + " but got " + accessToken.getTokenType());
    }

    final String algorithm = accessToken.getMacAlgorithm();
    if (algorithm == null || algorithm.length() == 0) {
      return MacTokenHandler.getError("invalid mac algorithm " + algorithm);
    }

    if (!OAuth2Message.HMAC_SHA_1.equalsIgnoreCase(algorithm)) {
      return MacTokenHandler.getError("unsupported algorithm " + algorithm);
    }

    final byte[] macSecret = accessToken.getMacSecret();
    if (macSecret == null) {
      return MacTokenHandler.getError("mac secret is null");
    }

    if (macSecret.length == 0) {
View Full Code Here

    return ret;
  }

  public OAuth2Token getToken(final String gadgetUri, final String serviceName, final String user,
          final String scope, final Type type) {
    OAuth2Token ret = null;
    final String tokenKey = this.getTokenKey(gadgetUri, serviceName, user, scope, type);
    if (tokenKey != null) {
      ret = this.getTokenMap().get(tokenKey);
    }
View Full Code Here

    return ret;
  }

  public OAuth2Token removeToken(final OAuth2Token token) {
    OAuth2Token ret = null;
    final String tokenKey = this.getTokenKey(token);
    if (tokenKey != null) {
      ret = this.getTokenMap().remove(tokenKey);
    }
View Full Code Here

            final String macAlgorithm = msg.getMacAlgorithm();
            final String macSecret = msg.getMacSecret();
            final Map<String, String> unparsedProperties = msg.getUnparsedProperties();

            if (accessToken != null) {
              final OAuth2Token storedAccessToken = this.store.createToken();
              storedAccessToken.setIssuedAt(issuedAt);
              if (expiresIn != null) {
                storedAccessToken.setExpiresAt(issuedAt + Long.decode(expiresIn) * 1000);
              } else {
                storedAccessToken.setExpiresAt(0);
              }
              storedAccessToken.setGadgetUri(gadgetUri);
              storedAccessToken.setServiceName(providerName);
              storedAccessToken.setScope(scope);
              storedAccessToken.setSecret(accessToken.getBytes("UTF-8"));
              storedAccessToken.setTokenType(tokenType);
              storedAccessToken.setType(OAuth2Token.Type.ACCESS);
              storedAccessToken.setUser(user);
              if (macAlgorithm != null) {
                storedAccessToken.setMacAlgorithm(macAlgorithm);
              }
              if (macSecret != null) {
                storedAccessToken.setMacSecret(macSecret.getBytes("UTF-8"));
              }
              storedAccessToken.setProperties(unparsedProperties);
              this.store.setToken(storedAccessToken);
              accessor.setAccessToken(storedAccessToken);
            }

            if (refreshToken != null) {
              final OAuth2Token storedRefreshToken = this.store.createToken();
              storedRefreshToken.setExpiresAt(0);
              storedRefreshToken.setGadgetUri(gadgetUri);
              storedRefreshToken.setServiceName(providerName);
              storedRefreshToken.setScope(scope);
              storedRefreshToken.setSecret(refreshToken.getBytes("UTF-8"));
              storedRefreshToken.setTokenType(tokenType);
              storedRefreshToken.setType(OAuth2Token.Type.REFRESH);
              storedRefreshToken.setUser(user);
              this.store.setToken(storedRefreshToken);
              accessor.setRefreshToken(storedRefreshToken);
            }
          }
        }
View Full Code Here

      if (unAuthorizedRequestUri == null) {
        return BearerTokenHandler.getError("unAuthorizedRequestUri is null");
      }

      final OAuth2Token accessToken = accessor.getAccessToken();

      if (accessToken == null || accessToken.getTokenType().length() == 0) {
        return BearerTokenHandler.getError("accessToken is invalid " + accessToken);
      }

      if (!BearerTokenHandler.TOKEN_TYPE.equalsIgnoreCase(accessToken.getTokenType())) {
        return BearerTokenHandler.getError("token type mismatch expected "
                + BearerTokenHandler.TOKEN_TYPE + " but got " + accessToken.getTokenType());
      }

      if (accessor.isUrlParameter()) {
        final Map<String, String> queryParams = Maps.newHashMap();
        final byte[] secretBytes = accessToken.getSecret();
        final String secret = new String(secretBytes, "UTF-8");
        queryParams.put(OAuth2Message.ACCESS_TOKEN, secret);
        final String authorizedUriString = OAuth2Utils.buildUrl(unAuthorizedRequestUri.toString(),
                queryParams, null);

        request.setUri(Uri.parse(authorizedUriString));
      }

      if (accessor.isAuthorizationHeader()) {
        request.setHeader("Authorization", BearerTokenHandler.TOKEN_TYPE + ' '
                + new String(accessToken.getSecret(), "UTF-8"));
      }

      return null;
    } catch (final Exception e) {
      return BearerTokenHandler.getError("Exception occurred " + e.getMessage(), e);
View Full Code Here

    Assert.assertNull(result);
  }

  @Test
  public void testGetToken_1() throws Exception {
    final OAuth2Token result = this.cache.getToken(MockUtils.GADGET_URI1, MockUtils.SERVICE_NAME,
            MockUtils.USER, MockUtils.SCOPE, Type.ACCESS);

    Assert.assertNotNull(result);
    Assert.assertEquals(MockUtils.ACCESS_SECRET, new String(result.getSecret(), "UTF-8"));
  }
View Full Code Here

  }

  @Test
  public void testRemoveToken_1() throws Exception {

    OAuth2Token result = this.cache.getToken(MockUtils.GADGET_URI1, MockUtils.SERVICE_NAME,
            MockUtils.USER, MockUtils.SCOPE, Type.ACCESS);

    Assert.assertNotNull(result);

    result = this.cache.removeToken(result);
View Full Code Here

    Assert.assertEquals("AAA", accessor.getRedirectUri());
  }

  @Test
  public void testStoreToken_1() throws Exception {
    OAuth2Token token = new OAuth2TokenPersistence(MockUtils.getDummyEncrypter());
    token.setGadgetUri("xxx");
    token.setServiceName("yyy");
    token.setExpiresAt(2);
    token.setIssuedAt(1);
    token.setMacAlgorithm(OAuth2Message.HMAC_SHA_1);
    token.setMacSecret("shh, it's a secret".getBytes("UTF-8"));
    token.setScope("mac_scope");
    token.setSecret("i'll never tell".getBytes("UTF-8"));
    token.setTokenType(OAuth2Message.MAC_TOKEN_TYPE);
    token.setType(OAuth2Token.Type.ACCESS);
    token.setUser("zzz");

    this.cache.storeToken(token);

    token = this.cache.getToken(token.getGadgetUri(), token.getServiceName(), token.getUser(),
            token.getScope(), token.getType());

    Assert.assertNotNull(token);
    Assert.assertEquals("xxx", token.getGadgetUri());
    Assert.assertEquals("yyy", token.getServiceName());

    Assert.assertEquals(2, token.getExpiresAt());
    Assert.assertEquals(1, token.getIssuedAt());
    Assert.assertEquals(OAuth2Message.HMAC_SHA_1, token.getMacAlgorithm());
    Assert.assertEquals("shh, it's a secret", new String(token.getMacSecret(), "UTF-8"));
    Assert.assertEquals("mac_scope", token.getScope());
    Assert.assertEquals("i'll never tell", new String(token.getSecret(), "UTF-8"));
    Assert.assertEquals(OAuth2Message.MAC_TOKEN_TYPE, token.getTokenType());
    Assert.assertEquals(OAuth2Token.Type.ACCESS, token.getType());
    Assert.assertEquals("zzz", token.getUser());
  }
View Full Code Here

  public void testStoreTokens_1() throws Exception {
    this.cache.clearTokens();

    final Collection<OAuth2Token> tokens = new HashSet<OAuth2Token>(2);

    final OAuth2Token accessToken = MockUtils.getAccessToken();
    final OAuth2Token refreshToken = MockUtils.getRefreshToken();

    tokens.add(accessToken);
    tokens.add(refreshToken);

    this.cache.storeTokens(tokens);

    Assert.assertNotNull(this.cache.getToken(accessToken.getGadgetUri(),
            accessToken.getServiceName(), accessToken.getUser(), accessToken.getScope(),
            accessToken.getType()));
    Assert.assertNotNull(this.cache.getToken(refreshToken.getGadgetUri(),
            refreshToken.getServiceName(), refreshToken.getUser(), refreshToken.getScope(),
            refreshToken.getType()));
  }
View Full Code Here

TOP

Related Classes of org.apache.shindig.gadgets.oauth2.OAuth2Token

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.