Examples of org.glassfish.jersey.client.oauth1.OAuth1AuthorizationFlow

Package org.glassfish.jersey.client.oauth1

Examples of org.glassfish.jersey.client.oauth1.OAuth1AuthorizationFlow

org.glassfish.jersey.client.oauth1.OAuth1Builder
The interface of the OAuth 1 Authorization Flow utility.
The implementation of this interface is capable of performing of the user authorization defined in the OAuth1 specification. The result of the authorization is the {@link AccessToken access token}. The user authorization is called also Authorization Flow. The implementation initiates the authorization process with the Authorization server, then provides redirect URI to which the user should be redirected (the URI points to authorization consent page hosted by Service Provider). The user grants an access using this page. Service Provider redirects the user back to the our server and the authorization process is finished using the implementation.

To perform the authorization follow these steps:
Get the instance of this interface using {@link OAuth1ClientSupport}.
Call {@link #start()} method. The method returns redirection uri as a String. Note: the method internallymakes a request to the request token uri and gets Request Token which will be used for the authorization process.
Redirect user to the redirect uri returned from the {@code start} method. If your application deploymentdoes not allow redirection (for example the app is a console application), then provide the redirection URI to the user in other ways.
User should authorize your application on the redirect URI.
After authorization the Authorization Server redirects the user back to the URI specified by {@link OAuth1Builder.FlowBuilder#callbackUri(String)} and provide the {@code oauth_verifier} asa request query parameter. Extract this parameter from the request. If your deployment does not support redirection (your app is not a web server) then Authorization Server will provide the user with {@code verifier} in other ways (for example display on the html page). You need to getthis verifier from the user.
Use the {@code verifier} to finish the authorization process by calling the method{@link #finish(String)} supplying the verifier. The method will internally requestthe access token from the Authorization Server and return it.
You can use {@code AccessToken} together with {@link ConsumerCredentials} toperform the authenticated requests to the Service Provider. You can also call methods {@link #getAuthorizedClient()} to get {@link Client client} already configured with supportfor authentication from consumer credentials and access token received during authorization process.

Important note: one instance of the interface can be used only for one authorization process. The methods must be called exactly in the order specified by the list above. Therefore the instance is also not thread safe and no concurrent access is expected.

    @Test
    public void testOAuthClientFeature() {
        final URI baseUri = getBaseUri();


        // baseline for requests
        final OAuth1Builder oAuth1Builder = OAuth1ClientSupport.builder(new ConsumerCredentials("dpf43f3p2l4k3l03",
                "kd94hf93k423kf44")).timestamp("1191242090").nonce("hsu94j3884jdopsl").signatureMethod(PlaintextMethod.NAME)
                .version("1.0");
        final Feature feature = oAuth1Builder.feature().build();


        final Client client = client();

View Full Code Here

    @Test
    public void testOAuthClientFlow() throws Exception {
        final String uri = getBaseUri().toString();


        final OAuth1AuthorizationFlow authFlow = OAuth1ClientSupport
                .builder(new ConsumerCredentials("dpf43f3p2l4k3l03", "kd94hf93k423kf44"))
                .timestamp("1191242090")
                .nonce("hsu94j3884jdopsl")
                .signatureMethod("PLAINTEXT")
                .authorizationFlow(
                        uri + "request_token",

View Full Code Here

        final Feature filterFeature;
        if (PROPERTIES.getProperty(PROPERTY_TOKEN) == null) {


            // we do not have Access Token yet. Let's perfom the Authorization Flow first,
            // let the user approve our app and get Access Token.
            final OAuth1AuthorizationFlow authFlow = OAuth1ClientSupport.builder(consumerCredentials)
                    .authorizationFlow(
                            "https://api.twitter.com/oauth/request_token",
                            "https://api.twitter.com/oauth/access_token",
                            "https://api.twitter.com/oauth/authorize")
                    .build();
            final String authorizationUri = authFlow.start();


            System.out.println("Enter the following URI into a web browser and authorize me:");
            System.out.println(authorizationUri);
            System.out.print("Enter the authorization code: ");
            final String verifier;
            try {
                verifier = IN.readLine();
            } catch (final IOException ex) {
                throw new RuntimeException(ex);
            }
            final AccessToken accessToken = authFlow.finish(verifier);


            // store access token for next application execution
            PROPERTIES.setProperty(PROPERTY_TOKEN, accessToken.getToken());
            PROPERTIES.setProperty(PROPERTY_TOKEN_SECRET, accessToken.getAccessTokenSecret());


            // get the feature that will configure the client with consumer credentials and
            // received access token
            filterFeature = authFlow.getOAuth1Feature();
        } else {
            final AccessToken storedToken = new AccessToken(PROPERTIES.getProperty(PROPERTY_TOKEN),
                    PROPERTIES.getProperty(PROPERTY_TOKEN_SECRET));
            // build a new feature from the stored consumer credentials and access token
            filterFeature = OAuth1ClientSupport.builder(consumerCredentials).feature()

View Full Code Here

    @Test
    public void testAuthorizationFlow() {
        String tempCredUri = UriBuilder.fromUri(getBaseUri()).path("requestTokenSpecialUri").build().toString();
        String accessTokenUri = UriBuilder.fromUri(getBaseUri()).path("accessTokenSpecialUri").build().toString();
        final String userAuthorizationUri = UriBuilder.fromUri(getBaseUri()).path("user-authorization").build().toString();
        final OAuth1AuthorizationFlow authFlow = OAuth1ClientSupport.builder(new ConsumerCredentials(CONSUMER_KEY, SECRET_CONSUMER_KEY))
                .authorizationFlow(tempCredUri, accessTokenUri, userAuthorizationUri)
                .callbackUri("http://consumer/callback/homer").build();


        final String authUri = authFlow.start();
        // authorize by a request to authorization URI
        final Response userAuthResponse = ClientBuilder.newClient().target(authUri).request().get();
        Assert.assertEquals(200, userAuthResponse.getStatus());
        final String verifier = userAuthResponse.readEntity(String.class);
        System.out.println("Verifier: " + verifier);


        final AccessToken accessToken = authFlow.finish(verifier);
        final Client authorizedClient = authFlow.getAuthorizedClient();


        Response response = authorizedClient.target(getBaseUri()).path("resource")
                .request().get();
        Assert.assertEquals(200, response.getStatus());
        Assert.assertEquals("homer", response.readEntity(String.class));

View Full Code Here


    @Test
    public void testOAuthClientFlow() throws Exception {
        final String uri = getBaseUri().toString();


        final OAuth1AuthorizationFlow authFlow = OAuth1ClientSupport
                .builder(new ConsumerCredentials("dpf43f3p2l4k3l03", "kd94hf93k423kf44"))
                .timestamp("1191242090")
                .nonce("hsu94j3884jdopsl")
                .signatureMethod("PLAINTEXT")
                .authorizationFlow(
                        uri + "request_token",
                        uri + "access_token",
                        uri + "authorize")
                .enableLogging()
                .build();


        // Check we have correct authorization URI.
        final String authorizationUri = authFlow.start();
        assertThat(authorizationUri, containsString("authorize?oauth_token=hh5s93j4hdidpola"));


        // For the purpose of the test I need parameters (and there is no way how to do it now).
        final Field paramField = authFlow.getClass().getDeclaredField("parameters");
        paramField.setAccessible(true);
        final OAuth1Parameters params = (OAuth1Parameters) paramField.get(authFlow);


        // Update parameters.
        params.timestamp("1191242092").nonce("dji430splmx33448");


        final AccessToken accessToken = authFlow.finish();
        assertThat(accessToken, equalTo(new AccessToken("nnch734d00sl2jdk", "pfkkdhi9sl3r4s00")));


        // Update parameters before creating a feature (i.e. changing signature method).
        params.nonce("kllo9940pd9333jh").signatureMethod("HMAC-SHA1").timestamp("1191242096");


        // Check Authorized Client.
        final Client flowClient = authFlow.getAuthorizedClient().register(LoggingFilter.class);


        String responseEntity = flowClient.target(uri).path("/photos")
                .queryParam("file", "vacation.jpg")
                .queryParam("size", "original")
                .request()
                .get(String.class);


        assertThat("Flow Authorized Client", responseEntity, equalTo("PHOTO"));


        // Check Feature.
        final Client featureClient = ClientBuilder.newClient()
                .register(authFlow.getOAuth1Feature()).register(LoggingFilter.class);


        responseEntity = featureClient.target(uri).path("/photos")
                .queryParam("file", "vacation.jpg")
                .queryParam("size", "original")
                .request()

View Full Code Here

    @Test
    public void testOAuthClientFeature() {
        final URI baseUri = getBaseUri();


        // baseline for requests
        final OAuth1Builder oAuth1Builder = OAuth1ClientSupport.builder(new ConsumerCredentials("dpf43f3p2l4k3l03",
                "kd94hf93k423kf44")).timestamp("1191242090").nonce("hsu94j3884jdopsl").signatureMethod(PlaintextMethod.NAME)
                .version("1.0");
        final Feature feature = oAuth1Builder.feature().build();


        final Client client = client();
        client.register(new LoggingFilter());
        final WebTarget target = client.target(baseUri);


        // simulate request for Request Token (temporary credentials)
        String responseEntity = target.path("request_token").register(feature).request().post(Entity.entity("entity",
                MediaType.TEXT_PLAIN_TYPE), String.class);
        assertEquals(responseEntity, "oauth_token=hh5s93j4hdidpola&oauth_token_secret=hdhd0244k9j7ao03");


        final Feature feature2 = oAuth1Builder.timestamp("1191242092").nonce("dji430splmx33448").feature().accessToken(new
                AccessToken("hh5s93j4hdidpola", "hdhd0244k9j7ao03")).build();


        // simulate request for Access Token
        responseEntity = target.path("access_token").register(feature2).request().post(Entity.entity("entity",
                MediaType.TEXT_PLAIN_TYPE), String.class);
        assertEquals(responseEntity, "oauth_token=nnch734d00sl2jdk&oauth_token_secret=pfkkdhi9sl3r4s00");


        final Feature feature3 = oAuth1Builder.nonce("kllo9940pd9333jh").signatureMethod("HMAC-SHA1").timestamp("1191242096")
                .feature().accessToken(new AccessToken("nnch734d00sl2jdk", "pfkkdhi9sl3r4s00")).build();


        // based on Access Token
        responseEntity = target.path("/photos").register(feature3).queryParam("file", "vacation.jpg").queryParam("size",
                "original").request().get(String.class);

View Full Code Here

0 1

TOP

Related Classes of org.glassfish.jersey.client.oauth1.OAuth1AuthorizationFlow

org.glassfish.jersey.examples.oauth.twitterclient.App

org.glassfish.jersey.filter.LoggingFilter

org.glassfish.jersey.oauth1.signature.OAuth1Parameters

org.glassfish.jersey.oauth1.signature.OAuth1Secrets

org.glassfish.jersey.tests.e2e.oauth.OauthClientAuthorizationFlowTest

org.glassfish.jersey.tests.e2e.oauth.OAuthClientServerTest

javax.ws.rs.ext.MessageBodyReader

javax.ws.rs.NotAuthorizedException

java.lang.reflect.Type

java.io.ByteArrayInputStream

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.