use of net.oauth.OAuthException in project bigbluebutton by bigbluebutton.
the class HMAC_SHA1 method isValid.
@Override
public boolean isValid(String signature, String baseString) throws OAuthException {
try {
byte[] expected = computeSignature(baseString);
byte[] actual = decodeBase64(signature);
return Arrays.equals(expected, actual);
} catch (GeneralSecurityException e) {
throw new OAuthException(e);
} catch (UnsupportedEncodingException e) {
throw new OAuthException(e);
}
}
use of net.oauth.OAuthException in project candlepin by candlepin.
the class OAuth method getPrincipal.
/**
* Attempt to pull a principal off of an oauth signed message.
*
* @return the principal if it can be created, null otherwise
*/
public Principal getPrincipal(HttpRequest httpRequest) {
Principal principal = null;
I18n i18n = i18nProvider.get();
try {
if (AuthUtil.getHeader(httpRequest, "Authorization").contains("oauth")) {
OAuthMessage requestMessage = new RestEasyOAuthMessage(httpRequest);
OAuthAccessor accessor = this.getAccessor(requestMessage);
// TODO: This is known to be memory intensive.
VALIDATOR.validateMessage(requestMessage, accessor);
// If we got here, it is a valid oauth message.
// Figure out which kind of principal we should create, based on header
log.debug("Using OAuth");
if (!AuthUtil.getHeader(httpRequest, TrustedUserAuth.USER_HEADER).equals("")) {
principal = userAuth.getPrincipal(httpRequest);
} else if (!AuthUtil.getHeader(httpRequest, TrustedConsumerAuth.CONSUMER_HEADER).equals("")) {
principal = consumerAuth.getPrincipal(httpRequest);
} else {
// The external system is acting on behalf of itself
principal = systemAuth.getPrincipal(httpRequest);
}
}
} catch (OAuthProblemException e) {
log.debug("OAuth Problem", e);
// status code of 200. make it 401 unauthorized instead.
if (e.getProblem().equals("signature_invalid")) {
throw new NotAuthorizedException(i18n.tr("Invalid OAuth unit or secret"));
}
Response.Status returnCode = Response.Status.fromStatusCode(e.getHttpStatusCode());
String message = i18n.tr("OAuth problem encountered. Internal message is: {0}", e.getMessage());
throw new CandlepinException(returnCode, message);
} catch (OAuthException e) {
log.debug("OAuth Error", e);
String message = i18n.tr("OAuth error encountered. Internal message is: {0}", e.getMessage());
throw new BadRequestException(message);
} catch (URISyntaxException e) {
throw new IseException(e.getMessage(), e);
} catch (IOException e) {
throw new IseException(e.getMessage(), e);
}
return principal;
}
use of net.oauth.OAuthException in project bigbluebutton by bigbluebutton.
the class OAuthSignatureMethod method newMethod.
/** The factory for signature methods. */
public static OAuthSignatureMethod newMethod(String name, OAuthAccessor accessor) throws OAuthException {
try {
Class methodClass = NAME_TO_CLASS.get(name);
if (methodClass != null) {
OAuthSignatureMethod method = (OAuthSignatureMethod) methodClass.newInstance();
method.initialize(name, accessor);
return method;
}
OAuthProblemException problem = new OAuthProblemException(OAuth.Problems.SIGNATURE_METHOD_REJECTED);
String acceptable = OAuth.percentEncode(NAME_TO_CLASS.keySet());
if (acceptable.length() > 0) {
problem.setParameter("oauth_acceptable_signature_methods", acceptable.toString());
}
throw problem;
} catch (InstantiationException e) {
throw new OAuthException(e);
} catch (IllegalAccessException e) {
throw new OAuthException(e);
}
}
use of net.oauth.OAuthException in project bigbluebutton by bigbluebutton.
the class RSA_SHA1 method initialize.
@Override
protected void initialize(String name, OAuthAccessor accessor) throws OAuthException {
super.initialize(name, accessor);
// The stream may not be markable so it can't be read again.
try {
Object privateKeyObject = accessor.consumer.getProperty(PRIVATE_KEY);
if (privateKeyObject != null) {
privateKey = loadPrivateKey(privateKeyObject);
}
Object publicKeyObject = accessor.consumer.getProperty(PUBLIC_KEY);
if (publicKeyObject != null) {
publicKey = loadPublicKey(publicKeyObject, false);
} else {
// public key was null. perhaps they gave us a X509 cert.
Object certObject = accessor.consumer.getProperty(X509_CERTIFICATE);
if (certObject != null) {
publicKey = loadPublicKey(certObject, true);
}
}
} catch (GeneralSecurityException e) {
throw new OAuthException(e);
} catch (IOException e) {
throw new OAuthException(e);
}
}
use of net.oauth.OAuthException in project cxf by apache.
the class MD5SequenceGenerator method generate.
public String generate(byte[] input) throws OAuthException {
if (input == null) {
throw new OAuthException("You have to pass input to Token Generator");
}
try {
MessageDigest algorithm = MessageDigest.getInstance("MD5");
algorithm.reset();
algorithm.update(input);
byte[] messageDigest = algorithm.digest();
StringBuilder hexString = new StringBuilder();
for (int i = 0; i < messageDigest.length; i++) {
hexString.append(Integer.toHexString(0xFF & messageDigest[i]));
}
return hexString.toString();
} catch (NoSuchAlgorithmException e) {
throw new OAuthException(e);
}
}
Aggregations