use of com.zimbra.cs.account.oauth.OAuthAccessorSerializer in project zm-mailbox by Zimbra.
the class ZimbraAuthProviderForOAuth method authToken.
@Override
protected AuthToken authToken(HttpServletRequest req, boolean isAdminReq) throws AuthProviderException, AuthTokenException {
ZimbraLog.extensions.debug("authToken(HttpServletRequest req, boolean isAdminReq) is requested.");
if (isAdminReq) {
ZimbraLog.extensions.debug("isAdminReq:true");
return null;
}
String origUrl = req.getHeader("X-Zimbra-Orig-Url");
OAuthMessage oAuthMessage;
if (StringUtil.isNullOrEmpty(origUrl)) {
ZimbraLog.extensions.debug("request.getRequestURL(): " + req.getRequestURL());
oAuthMessage = OAuthServlet.getMessage(req, null);
} else {
ZimbraLog.extensions.debug("X-Zimbra-Orig-Url: " + origUrl);
oAuthMessage = OAuthServlet.getMessage(req, origUrl);
}
String accessToken;
try {
accessToken = oAuthMessage.getToken();
} catch (IOException e) {
ZimbraLog.extensions.debug("Error in getting OAuth token from request", e);
throw AuthProviderException.FAILURE(e.getMessage());
}
if (accessToken == null) {
ZimbraLog.extensions.debug("no need for further oauth processing");
throw AuthProviderException.NO_AUTH_DATA();
}
Account account;
try {
account = Provisioning.getInstance().getAccountByForeignPrincipal("oAuthAccessToken:" + accessToken);
} catch (ServiceException e) {
ZimbraLog.extensions.warn("Error in getting account using OAuth access token", e);
throw AuthProviderException.FAILURE(e.getMessage());
}
if (account == null) {
throw AuthProviderException.FAILURE("Could not identify account corresponding to the OAuth request");
}
OAuthAccessor accessor = null;
String[] accessors = account.getOAuthAccessor();
for (String val : accessors) {
if (val.startsWith(accessToken)) {
try {
accessor = new OAuthAccessorSerializer().deserialize(val.substring(accessToken.length() + 2));
} catch (ServiceException e) {
throw AuthProviderException.FAILURE("Error in deserializing OAuth accessor");
}
break;
}
}
if (accessor == null)
throw new AuthTokenException("invalid OAuth token");
try {
OAuthServiceProvider.VALIDATOR.validateMessage(oAuthMessage, accessor);
} catch (OAuthProblemException e) {
for (Map.Entry<String, Object> entry : e.getParameters().entrySet()) {
ZimbraLog.extensions.debug(entry.getKey() + ":" + entry.getValue());
}
ZimbraLog.extensions.debug("Exception in validating OAuth token", e);
throw new AuthTokenException("Exception in validating OAuth token", e);
} catch (Exception e) {
ZimbraLog.extensions.debug("Exception in validating OAuth token", e);
throw new AuthTokenException("Exception in validating OAuth token", e);
}
return AuthProvider.getAuthToken(account);
}
use of com.zimbra.cs.account.oauth.OAuthAccessorSerializer in project zm-mailbox by Zimbra.
the class GetOAuthConsumers method encodeResponse.
private void encodeResponse(Account account, GetOAuthConsumersResponse response) throws ServiceException {
String[] accessors = account.getOAuthAccessor();
OAuthAccessor accessor = null;
for (String val : accessors) {
try {
String accessToken = val.substring(0, val.indexOf("::"));
accessor = new OAuthAccessorSerializer().deserialize(val.substring(val.indexOf("::") + 2));
OAuthConsumer zcsConsumer = createConsumer(accessToken, accessor);
response.addConsumer(zcsConsumer);
} catch (ServiceException e) {
throw AuthProviderException.FAILURE("Error in deserializing OAuth accessor");
}
}
}
Aggregations