Search in sources :

Example 1 with BoxAPIConnection

use of com.box.sdk.BoxAPIConnection in project camel by apache.

the class BoxConnectionHelper method createStandardAuthenticatedConnection.

public static BoxAPIConnection createStandardAuthenticatedConnection(BoxConfiguration configuration) {
    // Create web client for first leg of OAuth2
    //
    final WebClient webClient = new WebClient();
    final WebClientOptions options = webClient.getOptions();
    options.setRedirectEnabled(true);
    options.setJavaScriptEnabled(false);
    options.setThrowExceptionOnFailingStatusCode(true);
    options.setThrowExceptionOnScriptError(true);
    options.setPrintContentOnFailingStatusCode(LOG.isDebugEnabled());
    try {
        // use default SSP to create supported non-SSL protocols list
        final SSLContext sslContext = new SSLContextParameters().createSSLContext(null);
        options.setSSLClientProtocols(sslContext.createSSLEngine().getEnabledProtocols());
    } catch (GeneralSecurityException e) {
        throw ObjectHelper.wrapRuntimeCamelException(e);
    } catch (IOException e) {
        throw ObjectHelper.wrapRuntimeCamelException(e);
    } finally {
        if (webClient != null) {
            webClient.close();
        }
    }
    // disable default gzip compression, as htmlunit does not negotiate
    // pages sent with no compression
    new WebConnectionWrapper(webClient) {

        @Override
        public WebResponse getResponse(WebRequest request) throws IOException {
            request.setAdditionalHeader(HttpHeaders.ACCEPT_ENCODING, "identity");
            return super.getResponse(request);
        }
    };
    // add HTTP proxy if set
    final Map<String, Object> httpParams = configuration.getHttpParams();
    if (httpParams != null && httpParams.get("http.route.default-proxy") != null) {
        final HttpHost proxyHost = (HttpHost) httpParams.get("http.route.default-proxy");
        final Boolean socksProxy = (Boolean) httpParams.get("http.route.socks-proxy");
        final ProxyConfig proxyConfig = new ProxyConfig(proxyHost.getHostName(), proxyHost.getPort(), socksProxy != null ? socksProxy : false);
        options.setProxyConfig(proxyConfig);
    }
    // authorize application on user's behalf
    try {
        // generate anti-forgery token to prevent/detect CSRF attack
        final String csrfToken = String.valueOf(new SecureRandom().nextLong());
        final HtmlPage authPage = webClient.getPage(authorizationUrl(configuration.getClientId(), csrfToken));
        // look for <div role="error_message">
        final HtmlDivision div = authPage.getFirstByXPath("//div[contains(concat(' ', @class, ' '), ' error_message ')]");
        if (div != null) {
            final String errorMessage = div.getTextContent().replaceAll("\\s+", " ").replaceAll(" Show Error Details", ":").trim();
            throw new IllegalArgumentException("Error authorizing application: " + errorMessage);
        }
        // submit login credentials
        final HtmlForm loginForm = authPage.getFormByName("login_form");
        final HtmlTextInput login = loginForm.getInputByName("login");
        login.setText(configuration.getUserName());
        final HtmlPasswordInput password = loginForm.getInputByName("password");
        password.setText(configuration.getUserPassword());
        final HtmlSubmitInput submitInput = loginForm.getInputByName("login_submit");
        // submit consent
        final HtmlPage consentPage = submitInput.click();
        final HtmlForm consentForm = consentPage.getFormByName("consent_form");
        final HtmlButton consentAccept = consentForm.getButtonByName("consent_accept");
        // disable redirect to avoid loading redirect URL
        webClient.getOptions().setRedirectEnabled(false);
        // validate CSRF and get authorization code
        String redirectQuery;
        try {
            final Page redirectPage = consentAccept.click();
            redirectQuery = redirectPage.getUrl().getQuery();
        } catch (FailingHttpStatusCodeException e) {
            // escalate non redirect errors
            if (e.getStatusCode() != HttpStatus.SC_MOVED_TEMPORARILY) {
                throw e;
            }
            final String location = e.getResponse().getResponseHeaderValue("Location");
            redirectQuery = new URL(location).getQuery();
        }
        final Map<String, String> params = new HashMap<String, String>();
        final Matcher matcher = QUERY_PARAM_PATTERN.matcher(redirectQuery);
        while (matcher.find()) {
            params.put(matcher.group(1), matcher.group(2));
        }
        final String state = params.get("state");
        if (!csrfToken.equals(state)) {
            throw new SecurityException("Invalid CSRF code!");
        } else {
            // get authorization code
            final String authorizationCode = params.get("code");
            return new BoxAPIConnection(configuration.getClientId(), configuration.getClientSecret(), authorizationCode);
        }
    } catch (BoxAPIException e) {
        throw new RuntimeCamelException(String.format("Box API connection failed: API returned the error code %d\n\n%s", e.getResponseCode(), e.getResponse()), e);
    } catch (Exception e) {
        throw new RuntimeCamelException(String.format("Box API connection failed: %s", e.getMessage()), e);
    }
}
Also used : WebClientOptions(com.gargoylesoftware.htmlunit.WebClientOptions) HtmlTextInput(com.gargoylesoftware.htmlunit.html.HtmlTextInput) HtmlPage(com.gargoylesoftware.htmlunit.html.HtmlPage) HashMap(java.util.HashMap) Matcher(java.util.regex.Matcher) HtmlPasswordInput(com.gargoylesoftware.htmlunit.html.HtmlPasswordInput) HtmlPage(com.gargoylesoftware.htmlunit.html.HtmlPage) Page(com.gargoylesoftware.htmlunit.Page) HtmlDivision(com.gargoylesoftware.htmlunit.html.HtmlDivision) BoxAPIException(com.box.sdk.BoxAPIException) URL(java.net.URL) WebRequest(com.gargoylesoftware.htmlunit.WebRequest) HtmlForm(com.gargoylesoftware.htmlunit.html.HtmlForm) HtmlSubmitInput(com.gargoylesoftware.htmlunit.html.HtmlSubmitInput) HttpHost(org.apache.http.HttpHost) FailingHttpStatusCodeException(com.gargoylesoftware.htmlunit.FailingHttpStatusCodeException) GeneralSecurityException(java.security.GeneralSecurityException) BoxAPIConnection(com.box.sdk.BoxAPIConnection) SecureRandom(java.security.SecureRandom) GeneralSecurityException(java.security.GeneralSecurityException) SSLContext(javax.net.ssl.SSLContext) IOException(java.io.IOException) ProxyConfig(com.gargoylesoftware.htmlunit.ProxyConfig) WebClient(com.gargoylesoftware.htmlunit.WebClient) BoxAPIException(com.box.sdk.BoxAPIException) GeneralSecurityException(java.security.GeneralSecurityException) FailingHttpStatusCodeException(com.gargoylesoftware.htmlunit.FailingHttpStatusCodeException) RuntimeCamelException(org.apache.camel.RuntimeCamelException) IOException(java.io.IOException) SSLContextParameters(org.apache.camel.util.jsse.SSLContextParameters) HtmlButton(com.gargoylesoftware.htmlunit.html.HtmlButton) RuntimeCamelException(org.apache.camel.RuntimeCamelException) WebConnectionWrapper(com.gargoylesoftware.htmlunit.util.WebConnectionWrapper)

Aggregations

BoxAPIConnection (com.box.sdk.BoxAPIConnection)1 BoxAPIException (com.box.sdk.BoxAPIException)1 FailingHttpStatusCodeException (com.gargoylesoftware.htmlunit.FailingHttpStatusCodeException)1 Page (com.gargoylesoftware.htmlunit.Page)1 ProxyConfig (com.gargoylesoftware.htmlunit.ProxyConfig)1 WebClient (com.gargoylesoftware.htmlunit.WebClient)1 WebClientOptions (com.gargoylesoftware.htmlunit.WebClientOptions)1 WebRequest (com.gargoylesoftware.htmlunit.WebRequest)1 HtmlButton (com.gargoylesoftware.htmlunit.html.HtmlButton)1 HtmlDivision (com.gargoylesoftware.htmlunit.html.HtmlDivision)1 HtmlForm (com.gargoylesoftware.htmlunit.html.HtmlForm)1 HtmlPage (com.gargoylesoftware.htmlunit.html.HtmlPage)1 HtmlPasswordInput (com.gargoylesoftware.htmlunit.html.HtmlPasswordInput)1 HtmlSubmitInput (com.gargoylesoftware.htmlunit.html.HtmlSubmitInput)1 HtmlTextInput (com.gargoylesoftware.htmlunit.html.HtmlTextInput)1 WebConnectionWrapper (com.gargoylesoftware.htmlunit.util.WebConnectionWrapper)1 IOException (java.io.IOException)1 URL (java.net.URL)1 GeneralSecurityException (java.security.GeneralSecurityException)1 SecureRandom (java.security.SecureRandom)1