Search in sources :

Example 1 with OAuthMessage

use of net.oauth.OAuthMessage in project bigbluebutton by bigbluebutton.

the class IMSJSONRequest method validateRequest.

// Assumes data is all loaded
public void validateRequest(String oauth_consumer_key, String oauth_secret, HttpServletRequest request) {
    valid = false;
    OAuthMessage oam = OAuthServlet.getMessage(request, null);
    OAuthValidator oav = new SimpleOAuthValidator();
    OAuthConsumer cons = new OAuthConsumer("about:blank#OAuth+CallBack+NotUsed", oauth_consumer_key, oauth_secret, null);
    OAuthAccessor acc = new OAuthAccessor(cons);
    try {
        base_string = OAuthSignatureMethod.getBaseString(oam);
    } catch (Exception e) {
        base_string = null;
    }
    try {
        oav.validateMessage(oam, acc);
    } catch (Exception e) {
        errorMessage = "Launch fails OAuth validation: " + e.getMessage();
        return;
    }
    valid = true;
}
Also used : SimpleOAuthValidator(net.oauth.SimpleOAuthValidator) OAuthAccessor(net.oauth.OAuthAccessor) SimpleOAuthValidator(net.oauth.SimpleOAuthValidator) OAuthValidator(net.oauth.OAuthValidator) OAuthMessage(net.oauth.OAuthMessage) OAuthConsumer(net.oauth.OAuthConsumer) IllegalArgumentException(java.lang.IllegalArgumentException)

Example 2 with OAuthMessage

use of net.oauth.OAuthMessage in project bigbluebutton by bigbluebutton.

the class BasicLTIUtil method signProperties.

/**
	 * Add the necessary fields and sign.
	 * 
	 * @param postProp
	 * @param url
	 * @param method
	 * @param oauth_consumer_key
	 * @param oauth_consumer_secret
	 * @param tool_consumer_instance_guid
	 *          See: {@link BasicLTIConstants#TOOL_CONSUMER_INSTANCE_GUID}
	 * @param tool_consumer_instance_description
	 *          See: {@link BasicLTIConstants#TOOL_CONSUMER_INSTANCE_DESCRIPTION}
	 * @param tool_consumer_instance_url
	 *          See: {@link BasicLTIConstants#TOOL_CONSUMER_INSTANCE_URL}
	 * @param tool_consumer_instance_name
	 *          See: {@link BasicLTIConstants#TOOL_CONSUMER_INSTANCE_NAME}
	 * @param tool_consumer_instance_contact_email
	 *          See:
	 *          {@link BasicLTIConstants#TOOL_CONSUMER_INSTANCE_CONTACT_EMAIL}
	 * @return
	 */
public static Map<String, String> signProperties(Map<String, String> postProp, String url, String method, String oauth_consumer_key, String oauth_consumer_secret, String tool_consumer_instance_guid, String tool_consumer_instance_description, String tool_consumer_instance_url, String tool_consumer_instance_name, String tool_consumer_instance_contact_email) {
    postProp = BasicLTIUtil.cleanupProperties(postProp);
    postProp.put(LTI_VERSION, "LTI-1p0");
    postProp.put(LTI_MESSAGE_TYPE, "basic-lti-launch-request");
    // Allow caller to internationalize this for us...
    if (postProp.get(BASICLTI_SUBMIT) == null) {
        postProp.put(BASICLTI_SUBMIT, "Launch Endpoint with BasicLTI Data");
    }
    if (tool_consumer_instance_guid != null)
        postProp.put(TOOL_CONSUMER_INSTANCE_GUID, tool_consumer_instance_guid);
    if (tool_consumer_instance_description != null)
        postProp.put(TOOL_CONSUMER_INSTANCE_DESCRIPTION, tool_consumer_instance_description);
    if (tool_consumer_instance_url != null)
        postProp.put(TOOL_CONSUMER_INSTANCE_URL, tool_consumer_instance_url);
    if (tool_consumer_instance_name != null)
        postProp.put(TOOL_CONSUMER_INSTANCE_NAME, tool_consumer_instance_name);
    if (tool_consumer_instance_contact_email != null)
        postProp.put(TOOL_CONSUMER_INSTANCE_CONTACT_EMAIL, tool_consumer_instance_contact_email);
    if (postProp.get("oauth_callback") == null)
        postProp.put("oauth_callback", "about:blank");
    if (oauth_consumer_key == null || oauth_consumer_secret == null) {
        dPrint("No signature generated in signProperties");
        return postProp;
    }
    OAuthMessage oam = new OAuthMessage(method, url, postProp.entrySet());
    OAuthConsumer cons = new OAuthConsumer("about:blank", oauth_consumer_key, oauth_consumer_secret, null);
    OAuthAccessor acc = new OAuthAccessor(cons);
    try {
        oam.addRequiredParameters(acc);
        // System.out.println("Base Message String\n"+OAuthSignatureMethod.getBaseString(oam)+"\n");
        List<Map.Entry<String, String>> params = oam.getParameters();
        Map<String, String> nextProp = new HashMap<String, String>();
        // Convert to Map<String, String>
        for (final Map.Entry<String, String> entry : params) {
            nextProp.put(entry.getKey(), entry.getValue());
        }
        return nextProp;
    } catch (net.oauth.OAuthException e) {
        M_log.warning("BasicLTIUtil.signProperties OAuth Exception " + e.getMessage());
        throw new Error(e);
    } catch (java.io.IOException e) {
        M_log.warning("BasicLTIUtil.signProperties IO Exception " + e.getMessage());
        throw new Error(e);
    } catch (java.net.URISyntaxException e) {
        M_log.warning("BasicLTIUtil.signProperties URI Syntax Exception " + e.getMessage());
        throw new Error(e);
    }
}
Also used : OAuthMessage(net.oauth.OAuthMessage) HashMap(java.util.HashMap) OAuthConsumer(net.oauth.OAuthConsumer) OAuthAccessor(net.oauth.OAuthAccessor) Entry(java.util.Map.Entry) HashMap(java.util.HashMap) TreeMap(java.util.TreeMap) Map(java.util.Map)

Example 3 with OAuthMessage

use of net.oauth.OAuthMessage in project bigbluebutton by bigbluebutton.

the class OAuthServlet method handleException.

public static void handleException(HttpServletResponse response, Exception e, String realm, boolean sendBody) throws IOException, ServletException {
    if (e instanceof OAuthProblemException) {
        OAuthProblemException problem = (OAuthProblemException) e;
        Object httpCode = problem.getParameters().get(HttpMessage.STATUS_CODE);
        if (httpCode == null) {
            httpCode = PROBLEM_TO_HTTP_CODE.get(problem.getProblem());
        }
        if (httpCode == null) {
            httpCode = SC_FORBIDDEN;
        }
        response.reset();
        response.setStatus(Integer.parseInt(httpCode.toString()));
        OAuthMessage message = new OAuthMessage(null, null, problem.getParameters().entrySet());
        response.addHeader("WWW-Authenticate", message.getAuthorizationHeader(realm));
        if (sendBody) {
            sendForm(response, message.getParameters());
        }
    } else if (e instanceof IOException) {
        throw (IOException) e;
    } else if (e instanceof ServletException) {
        throw (ServletException) e;
    } else if (e instanceof RuntimeException) {
        throw (RuntimeException) e;
    } else {
        throw new ServletException(e);
    }
}
Also used : OAuthProblemException(net.oauth.OAuthProblemException) ServletException(javax.servlet.ServletException) OAuthMessage(net.oauth.OAuthMessage) IOException(java.io.IOException)

Example 4 with OAuthMessage

use of net.oauth.OAuthMessage in project bigbluebutton by bigbluebutton.

the class OAuthClient method getRequestToken.

/** Get a fresh request token from the service provider.
     * 
     * @param accessor
     *            should contain a consumer that contains a non-null consumerKey
     *            and consumerSecret. Also,
     *            accessor.consumer.serviceProvider.requestTokenURL should be
     *            the URL (determined by the service provider) for getting a
     *            request token.
     * @param httpMethod
     *            typically OAuthMessage.POST or OAuthMessage.GET, or null to
     *            use the default method.
     * @param parameters
     *            additional parameters for this request, or null to indicate
     *            that there are no additional parameters.
     * @throws OAuthProblemException
     *             the HTTP response status code was not 200 (OK)
     */
public void getRequestToken(OAuthAccessor accessor, String httpMethod, Collection<? extends Map.Entry> parameters) throws IOException, OAuthException, URISyntaxException {
    accessor.accessToken = null;
    accessor.tokenSecret = null;
    {
        // This code supports the 'Variable Accessor Secret' extension
        // described in http://oauth.pbwiki.com/AccessorSecret
        Object accessorSecret = accessor.getProperty(OAuthConsumer.ACCESSOR_SECRET);
        if (accessorSecret != null) {
            List<Map.Entry> p = (parameters == null) ? new ArrayList<Map.Entry>(1) : new ArrayList<Map.Entry>(parameters);
            p.add(new OAuth.Parameter("oauth_accessor_secret", accessorSecret.toString()));
            parameters = p;
        // But don't modify the caller's parameters.
        }
    }
    OAuthMessage response = invoke(accessor, httpMethod, accessor.consumer.serviceProvider.requestTokenURL, parameters);
    accessor.requestToken = response.getParameter(OAuth.OAUTH_TOKEN);
    accessor.tokenSecret = response.getParameter(OAuth.OAUTH_TOKEN_SECRET);
    response.requireParameters(OAuth.OAUTH_TOKEN, OAuth.OAUTH_TOKEN_SECRET);
}
Also used : OAuthMessage(net.oauth.OAuthMessage) ArrayList(java.util.ArrayList) ArrayList(java.util.ArrayList) List(java.util.List) HashMap(java.util.HashMap) Map(java.util.Map)

Example 5 with OAuthMessage

use of net.oauth.OAuthMessage in project bigbluebutton by bigbluebutton.

the class OAuthClient method getAccessToken.

/**
     * Get an access token from the service provider, in exchange for an
     * authorized request token.
     * 
     * @param accessor
     *            should contain a non-null requestToken and tokenSecret, and a
     *            consumer that contains a consumerKey and consumerSecret. Also,
     *            accessor.consumer.serviceProvider.accessTokenURL should be the
     *            URL (determined by the service provider) for getting an access
     *            token.
     * @param httpMethod
     *            typically OAuthMessage.POST or OAuthMessage.GET, or null to
     *            use the default method.
     * @param parameters
     *            additional parameters for this request, or null to indicate
     *            that there are no additional parameters.
     * @throws OAuthProblemException
     *             the HTTP response status code was not 200 (OK)
     */
public OAuthMessage getAccessToken(OAuthAccessor accessor, String httpMethod, Collection<? extends Map.Entry> parameters) throws IOException, OAuthException, URISyntaxException {
    if (accessor.requestToken != null) {
        if (parameters == null) {
            parameters = OAuth.newList(OAuth.OAUTH_TOKEN, accessor.requestToken);
        } else if (!OAuth.newMap(parameters).containsKey(OAuth.OAUTH_TOKEN)) {
            List<Map.Entry> p = new ArrayList<Map.Entry>(parameters);
            p.add(new OAuth.Parameter(OAuth.OAUTH_TOKEN, accessor.requestToken));
            parameters = p;
        }
    }
    OAuthMessage response = invoke(accessor, httpMethod, accessor.consumer.serviceProvider.accessTokenURL, parameters);
    response.requireParameters(OAuth.OAUTH_TOKEN, OAuth.OAUTH_TOKEN_SECRET);
    accessor.accessToken = response.getParameter(OAuth.OAUTH_TOKEN);
    accessor.tokenSecret = response.getParameter(OAuth.OAUTH_TOKEN_SECRET);
    return response;
}
Also used : OAuthMessage(net.oauth.OAuthMessage) ArrayList(java.util.ArrayList) List(java.util.List) HashMap(java.util.HashMap) Map(java.util.Map)

Aggregations

OAuthMessage (net.oauth.OAuthMessage)30 OAuthAccessor (net.oauth.OAuthAccessor)16 IOException (java.io.IOException)9 HashMap (java.util.HashMap)9 OAuthProblemException (net.oauth.OAuthProblemException)9 Map (java.util.Map)5 ServletException (javax.servlet.ServletException)5 OAuthConsumer (net.oauth.OAuthConsumer)5 OAuthClient (net.oauth.client.OAuthClient)4 OAuthServiceException (org.apache.cxf.rs.security.oauth.provider.OAuthServiceException)4 ArrayList (java.util.ArrayList)3 Parameter (net.oauth.OAuth.Parameter)3 HttpClient4 (net.oauth.client.httpclient4.HttpClient4)3 RequestToken (org.apache.cxf.rs.security.oauth.data.RequestToken)3 HttpRequest (org.apache.shindig.gadgets.http.HttpRequest)3 Account (com.zimbra.cs.account.Account)2 OutputStream (java.io.OutputStream)2 IllegalArgumentException (java.lang.IllegalArgumentException)2 URI (java.net.URI)2 List (java.util.List)2