Examples of org.springframework.security.oauth.consumer.OAuthConsumerToken

• org.springframework.security.oauth.consumer.OAuthConsumerToken
  Interface for a consumer-side OAuth token. @author Ryan Heaton

    if (context == null) {
      context = new OAuthSecurityContextImpl();
    }

    Map<String, OAuthConsumerToken> accessTokens = context.getAccessTokens();
    OAuthConsumerToken accessToken = accessTokens == null ? null : accessTokens.get(this.resource.getId());

    boolean useAuthHeader = this.resource.isAcceptsAuthorizationHeader();
    if (!useAuthHeader) {
      String queryString = this.support.getOAuthQueryString(this.resource, accessToken, uri.toURL(), httpMethod.name(), this.additionalOAuthParameters);
      String uriValue = String.valueOf(uri);

    Map<String, OAuthConsumerToken> rememberedTokens = getRememberMeServices().loadRememberedTokens(request, response);
    Map<String, OAuthConsumerToken> accessTokens = new TreeMap<String, OAuthConsumerToken>();
    Map<String, OAuthConsumerToken> requestTokens = new TreeMap<String, OAuthConsumerToken>();
    if (rememberedTokens != null) {
      for (Map.Entry<String, OAuthConsumerToken> tokenEntry : rememberedTokens.entrySet()) {
        OAuthConsumerToken token = tokenEntry.getValue();
        if (token != null) {
          if (token.isAccessToken()) {
            accessTokens.put(tokenEntry.getKey(), token);
          }
          else {
            requestTokens.put(tokenEntry.getKey(), token);
          }
        }
      }
    }

    context.setAccessTokens(accessTokens);
    OAuthSecurityContextHolder.setContext(context);
    if (LOG.isDebugEnabled()) {
      LOG.debug("Storing access tokens in request attribute '" + getAccessTokensRequestAttribute() + "'.");
    }

    try {
      try {
        request.setAttribute(getAccessTokensRequestAttribute(), new ArrayList<OAuthConsumerToken>(accessTokens.values()));
        chain.doFilter(request, response);
      }
      catch (Exception e) {
        try {
          ProtectedResourceDetails resourceThatNeedsAuthorization = checkForResourceThatNeedsAuthorization(e);
          String neededResourceId = resourceThatNeedsAuthorization.getId();
          while (!accessTokens.containsKey(neededResourceId)) {
            OAuthConsumerToken token = requestTokens.remove(neededResourceId);
            if (token == null) {
              token = getTokenServices().getToken(neededResourceId);
            }

            String verifier = request.getParameter(OAuthProviderParameter.oauth_verifier.toString());
            // if the token is null OR
            // if there is NO access token and (we're not using 1.0a or the verifier is not null)
            if (token == null || (!token.isAccessToken() && (!resourceThatNeedsAuthorization.isUse10a() || verifier == null))) {
              //no token associated with the resource, start the oauth flow.
              //if there's a request token, but no verifier, we'll assume that a previous oauth request failed and we need to get a new request token.
              if (LOG.isDebugEnabled()) {
                LOG.debug("Obtaining request token for resource: " + neededResourceId);
              }

              //obtain authorization.
              String callbackURL = response.encodeRedirectURL(getCallbackURL(request));
              token = getConsumerSupport().getUnauthorizedRequestToken(neededResourceId, callbackURL);
              if (LOG.isDebugEnabled()) {
                LOG.debug("Request token obtained for resource " + neededResourceId + ": " + token);
              }

              //okay, we've got a request token, now we need to authorize it.
              requestTokens.put(neededResourceId, token);
              getTokenServices().storeToken(neededResourceId, token);
              String redirect = getUserAuthorizationRedirectURL(resourceThatNeedsAuthorization, token, callbackURL);

              if (LOG.isDebugEnabled()) {
                LOG.debug("Redirecting request to " + redirect + " for user authorization of the request token for resource " + neededResourceId + ".");
              }

              request.setAttribute("org.springframework.security.oauth.consumer.AccessTokenRequiredException", e);
              this.redirectStrategy.sendRedirect(request, response, redirect);
              return;
            }
            else if (!token.isAccessToken()) {
              //we have a presumably authorized request token, let's try to get an access token with it.
              if (LOG.isDebugEnabled()) {
                LOG.debug("Obtaining access token for resource: " + neededResourceId);
              }

  protected OAuthConsumerToken getTokenFromProvider(ProtectedResourceDetails details, URL tokenURL, String httpMethod,
                                                    OAuthConsumerToken requestToken, Map<String, String> additionalParameters) {
    boolean isAccessToken = requestToken != null;
    if (!isAccessToken) {
      //create an empty token to make a request for a new unauthorized request token.
      requestToken = new OAuthConsumerToken();
    }

    TreeMap<String, String> requestHeaders = new TreeMap<String, String>();
    if ("POST".equalsIgnoreCase(httpMethod)) {
      requestHeaders.put("Content-Type", "application/x-www-form-urlencoded");
    }
    InputStream inputStream = readResource(details, tokenURL, httpMethod, requestToken, additionalParameters, requestHeaders);
    String tokenInfo;
    try {
      ByteArrayOutputStream out = new ByteArrayOutputStream();
      byte[] buffer = new byte[1024];
      int len = inputStream.read(buffer);
      while (len >= 0) {
        out.write(buffer, 0, len);
        len = inputStream.read(buffer);
      }

      tokenInfo = new String(out.toByteArray(), "UTF-8");
    }
    catch (IOException e) {
      throw new OAuthRequestFailedException("Unable to read the token.", e);
    }

    StringTokenizer tokenProperties = new StringTokenizer(tokenInfo, "&");
    Map<String, String> tokenPropertyValues = new TreeMap<String, String>();
    while (tokenProperties.hasMoreElements()) {
      try {
        String tokenProperty = (String) tokenProperties.nextElement();
        int equalsIndex = tokenProperty.indexOf('=');
        if (equalsIndex > 0) {
          String propertyName = OAuthCodec.oauthDecode(tokenProperty.substring(0, equalsIndex));
          String propertyValue = OAuthCodec.oauthDecode(tokenProperty.substring(equalsIndex + 1));
          tokenPropertyValues.put(propertyName, propertyValue);
        }
        else {
          tokenProperty = OAuthCodec.oauthDecode(tokenProperty);
          tokenPropertyValues.put(tokenProperty, null);
        }
      }
      catch (DecoderException e) {
        throw new OAuthRequestFailedException("Unable to decode token parameters.");
      }
    }

    String tokenValue = tokenPropertyValues.remove(OAuthProviderParameter.oauth_token.toString());
    if (tokenValue == null) {
      throw new OAuthRequestFailedException("OAuth provider failed to return a token.");
    }

    String tokenSecret = tokenPropertyValues.remove(OAuthProviderParameter.oauth_token_secret.toString());
    if (tokenSecret == null) {
      throw new OAuthRequestFailedException("OAuth provider failed to return a token secret.");
    }

    OAuthConsumerToken consumerToken = new OAuthConsumerToken();
    consumerToken.setValue(tokenValue);
    consumerToken.setSecret(tokenSecret);
    consumerToken.setResourceId(details.getId());
    consumerToken.setAccessToken(isAccessToken);
    if (!tokenPropertyValues.isEmpty()) {
      consumerToken.setAdditionalParameters(tokenPropertyValues);
    }
    return consumerToken;
  }

  public static final String KEY_PREFIX = "OAUTH_TOKEN";


  public OAuthConsumerToken getToken(String resourceId) throws AuthenticationException {
    HttpSession session = getSession();
    OAuthConsumerToken consumerToken = (OAuthConsumerToken) session.getAttribute(KEY_PREFIX + "#" + resourceId);
    if (consumerToken != null) {
      Long expiration = (Long) session.getAttribute(KEY_PREFIX + "#" + resourceId + "#EXPIRATION");
      if (expiration != null && (System.currentTimeMillis() > expiration)) {
        //token expired; remove it
        removeToken(resourceId);

   */
  @Test
  public void testGetUserAuthorizationRedirectURL() throws Exception {
    OAuthConsumerContextFilter filter = new OAuthConsumerContextFilter();

    OAuthConsumerToken token = new OAuthConsumerToken();
    token.setResourceId("resourceId");
    token.setValue("mytoken");
    when(details.getUserAuthorizationURL()).thenReturn("http://user-auth/context?with=some&queryParams");
    when(details.isUse10a()).thenReturn(false);
    assertEquals(
        "http://user-auth/context?with=some&queryParams&oauth_token=mytoken&oauth_callback=urn%3A%2F%2Fcallback%3Fwith%3Dsome%26query%3Dparams",
        filter.getUserAuthorizationRedirectURL(details, token, "urn://callback?with=some&query=params"));

    doThrow(new AccessTokenRequiredException(resource)).when(filterChain).doFilter(request, response);
    when(tokenServices.getToken("dep1")).thenReturn(null);
    when(request.getParameter("oauth_verifier")).thenReturn(null);
    when(response.encodeRedirectURL("urn:callback")).thenReturn("urn:callback?query");

    OAuthConsumerToken token = new OAuthConsumerToken();
    token.setAccessToken(false);
    token.setResourceId(resource.getId());
    when(support.getUnauthorizedRequestToken("dep1", "urn:callback?query")).thenReturn(token);

    filter.doFilter(request, response, filterChain);

    verify(filterChain).doFilter(request, response);
    verify(tokenServices).storeToken("dep1", token);
    verify(response).sendRedirect("urn:callback?query&dep1");
    verify(request,times(2)).setAttribute(anyString(), anyObject());
    reset(request,response,filterChain);

    doThrow(new AccessTokenRequiredException(resource)).when(filterChain).doFilter(request, response);
    when(tokenServices.getToken("dep1")).thenReturn(token);
    when(request.getParameter(OAuthProviderParameter.oauth_verifier.toString())).thenReturn("verifier");
    OAuthConsumerToken accessToken = new OAuthConsumerToken();
    when(support.getAccessToken(token, "verifier")).thenReturn(accessToken);
    when(response.isCommitted()).thenReturn(false);

    filter.doFilter(request, response, filterChain);

    HttpSessionOAuthRememberMeServices oAuthRememberMeService = new HttpSessionOAuthRememberMeServices();

    Map<String, OAuthConsumerToken> tokens = new HashMap<String, OAuthConsumerToken>();

    {
      OAuthConsumerToken token = new OAuthConsumerToken();
      token.setAccessToken(false);
      tokens.put("resourceID1", token);
    }

    {
      OAuthConsumerToken token = new OAuthConsumerToken();
      token.setAccessToken(true);
      tokens.put("resourceID2", token);
    }

    oAuthRememberMeService.rememberTokens(tokens, request, response);

    HttpSessionOAuthRememberMeServices oAuthRememberMeService = new HttpSessionOAuthRememberMeServices();

    Map<String, OAuthConsumerToken> tokens = new HashMap<String, OAuthConsumerToken>();

    {
      OAuthConsumerToken token = new OAuthConsumerToken();
      token.setAccessToken(false);
      tokens.put("resourceID1", token);
    }

    {
      OAuthConsumerToken token = new OAuthConsumerToken();
      token.setAccessToken(true);
      tokens.put("resourceID2", token);
    }

    oAuthRememberMeService.rememberTokens(tokens, request, response);

   * readResouce
   */
  @Test
  public void testReadResouce() throws Exception {

    OAuthConsumerToken token = new OAuthConsumerToken();
    URL url = new URL("http://myhost.com/resource?with=some&query=params&too");
    final ConnectionProps connectionProps = new ConnectionProps();
    final ByteArrayInputStream inputStream = new ByteArrayInputStream(new byte[0]);

    final HttpURLConnectionForTestingPurposes connectionMock = new HttpURLConnectionForTestingPurposes(url) {

          URL url, String httpMethod, Map<String, String> additionalParameters) {
        return "myquerystring";
      }
    };
    support.setStreamHandlerFactory(new DefaultOAuthURLStreamHandlerFactory());
    OAuthConsumerToken token = new OAuthConsumerToken();
    URL url = new URL("https://myhost.com/somepath?with=some&query=params&too");

    when(details.isAcceptsAuthorizationHeader()).thenReturn(true);
    assertEquals("https://myhost.com/somepath?with=some&query=params&too",
        support.configureURLForProtectedAccess(url, token, details, "GET", null).toString());