Search in sources :

Example 1 with OAuthCredentials

use of io.gravitee.am.identityprovider.twitter.authentication.utils.OAuthCredentials in project gravitee-access-management by gravitee-io.

the class TwitterAuthenticationProvider method authenticate.

@Override
protected Maybe<Token> authenticate(Authentication authentication) {
    final String oauthToken = authentication.getContext().request().parameters().getFirst(configuration.getCodeParameter());
    final String tokenVerifier = authentication.getContext().request().parameters().getFirst(configuration.getTokenVerifier());
    if (oauthToken == null || oauthToken.isEmpty() || tokenMemory.getIfPresent(oauthToken) == null) {
        LOGGER.debug("OAuth Token is missing, skip authentication");
        return Maybe.error(new BadCredentialsException("Missing OAuth Token"));
    }
    if (tokenVerifier == null || tokenVerifier.isEmpty()) {
        LOGGER.debug("Token Verifier is missing, skip authentication");
        return Maybe.error(new BadCredentialsException("Missing Token Verifier"));
    }
    Map<String, String> parameters = Maps.<String, String>builder().put(OAUTH_VERIFIER, tokenVerifier).build();
    Map<String, String> oauthParams = Maps.<String, String>builder().put(OAUTH_CONSUMER_KEY, configuration.getClientId()).put(OAUTH_TOKEN, oauthToken).put(OAUTH_SIGNATURE_METHOD, OAUTH_SIGNATURE_METHOD_VALUE).put(OAUTH_VERSION, OAUTH_VERSION_VALUE).build();
    String authorization = getAuthorizationHeader("POST", configuration.getAccessTokenUri(), parameters, oauthParams, new OAuthCredentials(configuration, oauthToken, tokenMemory.getIfPresent(oauthToken)));
    tokenMemory.invalidate(oauthToken);
    MultiMap form = MultiMap.caseInsensitiveMultiMap().set(OAUTH_VERIFIER, tokenVerifier);
    return client.postAbs(configuration.getAccessTokenUri()).putHeader(HttpHeaders.AUTHORIZATION, authorization).rxSendForm(form).toMaybe().flatMap(httpResponse -> {
        if (httpResponse.statusCode() != 200) {
            return Maybe.error(new BadCredentialsException(httpResponse.bodyAsString()));
        }
        String[] tokenInfo = httpResponse.bodyAsString().split("&");
        String token = "";
        String secret = "";
        for (String pairString : tokenInfo) {
            String[] pair = pairString.split("=");
            if (pair.length > 1) {
                if (pair[0].equalsIgnoreCase(OAUTH_TOKEN)) {
                    token = pair[1];
                }
                if (pair[0].equalsIgnoreCase(OAUTH_TOKEN_SECRET)) {
                    secret = pair[1];
                }
            }
        }
        return Maybe.just(new Token(token, secret, TokenTypeHint.ACCESS_TOKEN));
    });
}
Also used : MultiMap(io.vertx.reactivex.core.MultiMap) OAuthCredentials(io.gravitee.am.identityprovider.twitter.authentication.utils.OAuthCredentials) BadCredentialsException(io.gravitee.am.common.exception.authentication.BadCredentialsException)

Example 2 with OAuthCredentials

use of io.gravitee.am.identityprovider.twitter.authentication.utils.OAuthCredentials in project gravitee-access-management by gravitee-io.

the class TwitterAuthenticationProvider method profile.

@Override
protected Maybe<User> profile(Token token, Authentication authentication) {
    Map<String, String> parameters = Maps.<String, String>builder().put("include_email", "true").build();
    Map<String, String> oauthParams = Maps.<String, String>builder().put(OAUTH_CONSUMER_KEY, configuration.getClientId()).put(OAUTH_TOKEN, token.getValue()).put(OAUTH_SIGNATURE_METHOD, OAUTH_SIGNATURE_METHOD_VALUE).put(OAUTH_VERSION, OAUTH_VERSION_VALUE).build();
    String authorization = getAuthorizationHeader("GET", configuration.getUserProfileUri(), parameters, oauthParams, new OAuthCredentials(configuration, token.getValue(), token.getSecret()));
    return client.getAbs(configuration.getUserProfileUri() + "?include_email=true").putHeader(HttpHeaders.AUTHORIZATION, authorization).rxSend().toMaybe().flatMap(httpResponse -> {
        if (httpResponse.statusCode() != 200) {
            return Maybe.error(new BadCredentialsException(httpResponse.bodyAsString()));
        }
        JsonObject jsonObject = httpResponse.bodyAsJsonObject();
        DefaultUser user = new DefaultUser(jsonObject.getString(TWITTER_SCREEN_NAME));
        user.setId(jsonObject.getString(TWITTER_ID));
        Map<String, Object> additionalInfos = new HashMap<>();
        additionalInfos.putAll(applyUserMapping(authentication.getContext(), jsonObject.getMap()));
        user.setAdditionalInformation(additionalInfos);
        user.setRoles(applyRoleMapping(authentication.getContext(), jsonObject.getMap()));
        return Maybe.just(user);
    });
}
Also used : HashMap(java.util.HashMap) OAuthCredentials(io.gravitee.am.identityprovider.twitter.authentication.utils.OAuthCredentials) JsonObject(io.vertx.core.json.JsonObject) JsonObject(io.vertx.core.json.JsonObject) BadCredentialsException(io.gravitee.am.common.exception.authentication.BadCredentialsException)

Example 3 with OAuthCredentials

use of io.gravitee.am.identityprovider.twitter.authentication.utils.OAuthCredentials in project gravitee-access-management by gravitee-io.

the class TwitterAuthenticationProvider method asyncSignInUrl.

@Override
public Maybe<Request> asyncSignInUrl(String redirectUri, String state) {
    try {
        if (!StringUtils.isEmpty(state)) {
            // Add state to redirect uri if specified. Note: Twitter is not oidc compliant and does not allow to specify a 'state' query parameter on its own authorization url.
            final UriBuilder uriBuilder = UriBuilder.fromURIString(redirectUri).addParameter(Parameters.STATE, state);
            redirectUri = uriBuilder.buildString();
        }
        Map<String, String> parameters = Maps.<String, String>builder().put(OAUTH_CALLBACK, redirectUri).put(OAUTH_CONSUMER_KEY, configuration.getClientId()).put(OAUTH_SIGNATURE_METHOD, OAUTH_SIGNATURE_METHOD_VALUE).put(OAUTH_VERSION, OAUTH_VERSION_VALUE).build();
        String authorization = getAuthorizationHeader("POST", configuration.getRequestTokenUrl(), emptyMap(), parameters, new OAuthCredentials(configuration));
        return getClient().postAbs(getConfiguration().getRequestTokenUrl()).putHeader(HttpHeaders.AUTHORIZATION, authorization).rxSend().toMaybe().map(httpResponse -> {
            if (httpResponse.statusCode() != 200) {
                throw new BadCredentialsException(httpResponse.statusMessage());
            }
            String body = httpResponse.bodyAsString();
            String[] tokenResponse = body.split("&");
            String token = null;
            String tokenSecret = null;
            String callbackState = null;
            for (String responsePair : tokenResponse) {
                String[] pair = responsePair.split("=");
                if (pair.length > 1) {
                    if (OAUTH_TOKEN.equals(pair[0])) {
                        token = pair[1];
                    }
                    if (OAUTH_TOKEN_SECRET.equals(pair[0])) {
                        tokenSecret = pair[1];
                    }
                    if ("oauth_callback_confirmed".equals(pair[0])) {
                        callbackState = pair[1];
                    }
                }
            }
            if ("true".equalsIgnoreCase(callbackState)) {
                // preserve toke & token secret for the next steps
                tokenMemory.put(token, tokenSecret);
                UriBuilder builder = UriBuilder.fromHttpUrl(configuration.getUserAuthorizationUri());
                builder.addParameter(OAUTH_TOKEN, token);
                Request request = new Request();
                request.setMethod(HttpMethod.GET);
                request.setUri(builder.build().toString());
                return request;
            }
            throw new BadCredentialsException("Token returned by Twitter mismatch");
        });
    } catch (BadCredentialsException e) {
        LOGGER.error("An error occurs while building Sign In URL", e);
        return Maybe.empty();
    }
}
Also used : OAuthCredentials(io.gravitee.am.identityprovider.twitter.authentication.utils.OAuthCredentials) Request(io.gravitee.am.identityprovider.api.common.Request) UriBuilder(io.gravitee.am.common.web.UriBuilder) BadCredentialsException(io.gravitee.am.common.exception.authentication.BadCredentialsException)

Aggregations

BadCredentialsException (io.gravitee.am.common.exception.authentication.BadCredentialsException)3 OAuthCredentials (io.gravitee.am.identityprovider.twitter.authentication.utils.OAuthCredentials)3 UriBuilder (io.gravitee.am.common.web.UriBuilder)1 Request (io.gravitee.am.identityprovider.api.common.Request)1 JsonObject (io.vertx.core.json.JsonObject)1 MultiMap (io.vertx.reactivex.core.MultiMap)1 HashMap (java.util.HashMap)1