Example 11 with OAuthAccessor
use of net.oauth.OAuthAccessor in project zm-mailbox by Zimbra.
the class ZimbraAuthProviderForOAuth method authToken.
@Override
protected AuthToken authToken(HttpServletRequest req, boolean isAdminReq) throws AuthProviderException, AuthTokenException {
ZimbraLog.extensions.debug("authToken(HttpServletRequest req, boolean isAdminReq) is requested.");
if (isAdminReq) {
ZimbraLog.extensions.debug("isAdminReq:true");
return null;
}
String origUrl = req.getHeader("X-Zimbra-Orig-Url");
OAuthMessage oAuthMessage;
if (StringUtil.isNullOrEmpty(origUrl)) {
ZimbraLog.extensions.debug("request.getRequestURL(): " + req.getRequestURL());
oAuthMessage = OAuthServlet.getMessage(req, null);
} else {
ZimbraLog.extensions.debug("X-Zimbra-Orig-Url: " + origUrl);
oAuthMessage = OAuthServlet.getMessage(req, origUrl);
}
String accessToken;
try {
accessToken = oAuthMessage.getToken();
} catch (IOException e) {
ZimbraLog.extensions.debug("Error in getting OAuth token from request", e);
throw AuthProviderException.FAILURE(e.getMessage());
}
if (accessToken == null) {
ZimbraLog.extensions.debug("no need for further oauth processing");
throw AuthProviderException.NO_AUTH_DATA();
}
Account account;
try {
account = Provisioning.getInstance().getAccountByForeignPrincipal("oAuthAccessToken:" + accessToken);
} catch (ServiceException e) {
ZimbraLog.extensions.warn("Error in getting account using OAuth access token", e);
throw AuthProviderException.FAILURE(e.getMessage());
}
if (account == null) {
throw AuthProviderException.FAILURE("Could not identify account corresponding to the OAuth request");
}
OAuthAccessor accessor = null;
String[] accessors = account.getOAuthAccessor();
for (String val : accessors) {
if (val.startsWith(accessToken)) {
try {
accessor = new OAuthAccessorSerializer().deserialize(val.substring(accessToken.length() + 2));
} catch (ServiceException e) {
throw AuthProviderException.FAILURE("Error in deserializing OAuth accessor");
}
break;
}
}
if (accessor == null)
throw new AuthTokenException("invalid OAuth token");
try {
OAuthServiceProvider.VALIDATOR.validateMessage(oAuthMessage, accessor);
} catch (OAuthProblemException e) {
for (Map.Entry<String, Object> entry : e.getParameters().entrySet()) {
ZimbraLog.extensions.debug(entry.getKey() + ":" + entry.getValue());
}
ZimbraLog.extensions.debug("Exception in validating OAuth token", e);
throw new AuthTokenException("Exception in validating OAuth token", e);
} catch (Exception e) {
ZimbraLog.extensions.debug("Exception in validating OAuth token", e);
throw new AuthTokenException("Exception in validating OAuth token", e);
}
return AuthProvider.getAuthToken(account);
}
Also used :
OAuthAccessor(net.oauth.OAuthAccessor)
OAuthProblemException(net.oauth.OAuthProblemException)
Account(com.zimbra.cs.account.Account)
OAuthMessage(net.oauth.OAuthMessage)
ServiceException(com.zimbra.common.service.ServiceException)
OAuthAccessorSerializer(com.zimbra.cs.account.oauth.OAuthAccessorSerializer)
AuthTokenException(com.zimbra.cs.account.AuthTokenException)
IOException(java.io.IOException)
IOException(java.io.IOException)
ServiceException(com.zimbra.common.service.ServiceException)
OAuthProblemException(net.oauth.OAuthProblemException)
AuthTokenException(com.zimbra.cs.account.AuthTokenException)
Example 12 with OAuthAccessor
use of net.oauth.OAuthAccessor in project zm-mailbox by Zimbra.
the class GetOAuthConsumers method encodeResponse.
private void encodeResponse(Account account, GetOAuthConsumersResponse response) throws ServiceException {
String[] accessors = account.getOAuthAccessor();
OAuthAccessor accessor = null;
for (String val : accessors) {
try {
String accessToken = val.substring(0, val.indexOf("::"));
accessor = new OAuthAccessorSerializer().deserialize(val.substring(val.indexOf("::") + 2));
OAuthConsumer zcsConsumer = createConsumer(accessToken, accessor);
response.addConsumer(zcsConsumer);
} catch (ServiceException e) {
throw AuthProviderException.FAILURE("Error in deserializing OAuth accessor");
}
}
}
Also used :
OAuthAccessor(net.oauth.OAuthAccessor)
ServiceException(com.zimbra.common.service.ServiceException)
OAuthAccessorSerializer(com.zimbra.cs.account.oauth.OAuthAccessorSerializer)
OAuthConsumer(com.zimbra.soap.account.message.OAuthConsumer)
Example 13 with OAuthAccessor
use of net.oauth.OAuthAccessor in project zm-mailbox by Zimbra.
the class OAuthAccessorSerializer method deserialize.
@Override
public OAuthAccessor deserialize(Object obj) throws ServiceException {
String value = (String) obj;
LOG.debug("get value: " + value);
String consumer_key = value.substring(0, value.indexOf(",token_secret")).substring(13);
String token_secret = value.substring(value.indexOf(",token_secret"), value.indexOf(",callback")).substring(14);
String callback = value.substring(value.indexOf(",callback"), value.indexOf(",user")).substring(10);
String user = value.substring(value.indexOf(",user"), value.indexOf(",authorized")).substring(6);
String authorized = value.substring(value.indexOf(",authorized"), value.indexOf(",zauthtoken")).substring(12);
String zauthtoken = value.substring(value.indexOf(",zauthtoken"), value.indexOf(",verifier")).substring(12);
String verifier = value.substring(value.indexOf(",verifier"), value.indexOf(",approved_on")).substring(10);
String approved_on = value.substring(value.indexOf(",approved_on"), value.indexOf(",device")).substring(13);
String device = value.substring(value.indexOf(",device")).substring(8);
LOG.debug("[consumer_key:%s, callback:%s, user:%s, authorized:%s, zauthtoken:%s, verifier:%s, approved_on:%s, device:%s]", consumer_key, callback, user, authorized, zauthtoken, verifier, approved_on, device);
try {
OAuthConsumer consumer = OAuthServiceProvider.getConsumer(consumer_key);
OAuthAccessor accessor = new OAuthAccessor(consumer);
accessor.tokenSecret = token_secret;
accessor.setProperty(OAuth.OAUTH_CALLBACK, callback);
if (!user.equals("null")) {
accessor.setProperty("user", user);
}
if (authorized.equalsIgnoreCase(Boolean.FALSE.toString())) {
accessor.setProperty("authorized", Boolean.FALSE);
} else if (authorized.equalsIgnoreCase(Boolean.TRUE.toString())) {
accessor.setProperty("authorized", Boolean.TRUE);
}
if (!zauthtoken.equals("null")) {
accessor.setProperty("ZM_AUTH_TOKEN", zauthtoken);
AuthToken zimbraAuthToken = ZimbraAuthToken.getAuthToken(zauthtoken);
final Account account = zimbraAuthToken.getAccount();
OAuthServiceProvider.setAccountPropertiesForAccessor(account, accessor);
}
if (!verifier.equals("null")) {
accessor.setProperty(OAuth.OAUTH_VERIFIER, verifier);
}
if (null != approved_on) {
accessor.consumer.setProperty("approved_on", approved_on);
}
if (null != device) {
accessor.consumer.setProperty("device", device);
}
return accessor;
} catch (Exception e) {
//need more hack here for hadnling IOException properly
throw ServiceException.FAILURE("IOException", e);
}
}
Also used :
OAuthAccessor(net.oauth.OAuthAccessor)
Account(com.zimbra.cs.account.Account)
ZimbraAuthToken(com.zimbra.cs.account.ZimbraAuthToken)
AuthToken(com.zimbra.cs.account.AuthToken)
OAuthConsumer(net.oauth.OAuthConsumer)
ServiceException(com.zimbra.common.service.ServiceException)
Example 14 with OAuthAccessor
use of net.oauth.OAuthAccessor in project zm-mailbox by Zimbra.
the class OAuthServiceProvider method getAccessor.
/**
* Get the access token and token secret for the given oauth_token.
*/
public static synchronized OAuthAccessor getAccessor(OAuthMessage requestMessage) throws IOException, OAuthProblemException, ServiceException {
// try to load from memcache if not throw exception
String consumer_token = requestMessage.getToken();
OAuthAccessor accessor = null;
accessor = OAuthTokenCache.get(consumer_token, OAuthTokenCache.REQUEST_TOKEN_TYPE);
if (accessor == null) {
accessor = OAuthTokenCache.get(consumer_token, OAuthTokenCache.ACCESS_TOKEN_TYPE);
}
if (accessor == null) {
OAuthProblemException problem = new OAuthProblemException("token_expired");
throw problem;
}
return accessor;
}
Also used :
OAuthAccessor(net.oauth.OAuthAccessor)
OAuthProblemException(net.oauth.OAuthProblemException)
Example 15 with OAuthAccessor
use of net.oauth.OAuthAccessor in project zm-mailbox by Zimbra.
the class OAuthAuthorizationServlet method doPost.
@Override
public void doPost(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException {
LOG.debug("Authorization Handler doPost requested!");
try {
OAuthMessage requestMessage = OAuthServlet.getMessage(request, null);
OAuthAccessor accessor = OAuthServiceProvider.getAccessor(requestMessage);
//status can be yes/no(accept/declined)
String status = (String) request.getAttribute("STATUS");
if (null != status && status.equals("no")) {
LOG.debug("Access to zimbra message is denied.");
OAuthTokenCache.remove(accessor.requestToken, OAuthTokenCache.REQUEST_TOKEN_TYPE);
sendUnauthorizedResponse(response, accessor);
return;
}
String username = request.getParameter("username");
String zmtoken = (String) request.getAttribute("ZM_AUTH_TOKEN");
LOG.debug("[AuthorizationHandlerInput] username = %s, oauth_token = %s, ZM_AUTH_TOKEN = %s", username, request.getParameter("oauth_token"), zmtoken);
if (zmtoken == null) {
sendToAuthorizePage(request, response, accessor);
} else {
OAuthServiceProvider.markAsAuthorized(accessor, request.getParameter("username"), zmtoken);
OAuthServiceProvider.generateVerifier(accessor);
returnToConsumer(request, response, accessor);
}
} catch (Exception e) {
LOG.debug("AuthorizationHandler exception", e);
OAuthServiceProvider.handleException(e, request, response, true);
}
}
Also used :
OAuthAccessor(net.oauth.OAuthAccessor)
OAuthMessage(net.oauth.OAuthMessage)
ServletException(javax.servlet.ServletException)
IOException(java.io.IOException)
Aggregations
OAuthAccessor (net.oauth.OAuthAccessor)20
OAuthMessage (net.oauth.OAuthMessage)10
OAuthConsumer (net.oauth.OAuthConsumer)9
HashMap (java.util.HashMap)7
IOException (java.io.IOException)6
ServletException (javax.servlet.ServletException)4
OAuthProblemException (net.oauth.OAuthProblemException)4
ServiceException (com.zimbra.common.service.ServiceException)3
Account (com.zimbra.cs.account.Account)3
OAuthServiceProvider (net.oauth.OAuthServiceProvider)3
OAuthClient (net.oauth.client.OAuthClient)3
URLConnectionClient (net.oauth.client.URLConnectionClient)3
RequestMapping (org.springframework.web.bind.annotation.RequestMapping)3
ModelAndView (org.springframework.web.servlet.ModelAndView)3
AuthToken (com.zimbra.cs.account.AuthToken)2
ZimbraAuthToken (com.zimbra.cs.account.ZimbraAuthToken)2
OAuthAccessorSerializer (com.zimbra.cs.account.oauth.OAuthAccessorSerializer)2
OutputStream (java.io.OutputStream)2
IllegalArgumentException (java.lang.IllegalArgumentException)2
OAuthValidator (net.oauth.OAuthValidator)2
