use of net.oauth.OAuthMessage in project bigbluebutton by bigbluebutton.
the class IMSJSONRequest method validateRequest.
// Assumes data is all loaded
public void validateRequest(String oauth_consumer_key, String oauth_secret, HttpServletRequest request) {
valid = false;
OAuthMessage oam = OAuthServlet.getMessage(request, null);
OAuthValidator oav = new SimpleOAuthValidator();
OAuthConsumer cons = new OAuthConsumer("about:blank#OAuth+CallBack+NotUsed", oauth_consumer_key, oauth_secret, null);
OAuthAccessor acc = new OAuthAccessor(cons);
try {
base_string = OAuthSignatureMethod.getBaseString(oam);
} catch (Exception e) {
base_string = null;
}
try {
oav.validateMessage(oam, acc);
} catch (Exception e) {
errorMessage = "Launch fails OAuth validation: " + e.getMessage();
return;
}
valid = true;
}
use of net.oauth.OAuthMessage in project bigbluebutton by bigbluebutton.
the class BasicLTIUtil method signProperties.
/**
* Add the necessary fields and sign.
*
* @param postProp
* @param url
* @param method
* @param oauth_consumer_key
* @param oauth_consumer_secret
* @param tool_consumer_instance_guid
* See: {@link BasicLTIConstants#TOOL_CONSUMER_INSTANCE_GUID}
* @param tool_consumer_instance_description
* See: {@link BasicLTIConstants#TOOL_CONSUMER_INSTANCE_DESCRIPTION}
* @param tool_consumer_instance_url
* See: {@link BasicLTIConstants#TOOL_CONSUMER_INSTANCE_URL}
* @param tool_consumer_instance_name
* See: {@link BasicLTIConstants#TOOL_CONSUMER_INSTANCE_NAME}
* @param tool_consumer_instance_contact_email
* See:
* {@link BasicLTIConstants#TOOL_CONSUMER_INSTANCE_CONTACT_EMAIL}
* @return
*/
public static Map<String, String> signProperties(Map<String, String> postProp, String url, String method, String oauth_consumer_key, String oauth_consumer_secret, String tool_consumer_instance_guid, String tool_consumer_instance_description, String tool_consumer_instance_url, String tool_consumer_instance_name, String tool_consumer_instance_contact_email) {
postProp = BasicLTIUtil.cleanupProperties(postProp);
postProp.put(LTI_VERSION, "LTI-1p0");
postProp.put(LTI_MESSAGE_TYPE, "basic-lti-launch-request");
// Allow caller to internationalize this for us...
if (postProp.get(BASICLTI_SUBMIT) == null) {
postProp.put(BASICLTI_SUBMIT, "Launch Endpoint with BasicLTI Data");
}
if (tool_consumer_instance_guid != null)
postProp.put(TOOL_CONSUMER_INSTANCE_GUID, tool_consumer_instance_guid);
if (tool_consumer_instance_description != null)
postProp.put(TOOL_CONSUMER_INSTANCE_DESCRIPTION, tool_consumer_instance_description);
if (tool_consumer_instance_url != null)
postProp.put(TOOL_CONSUMER_INSTANCE_URL, tool_consumer_instance_url);
if (tool_consumer_instance_name != null)
postProp.put(TOOL_CONSUMER_INSTANCE_NAME, tool_consumer_instance_name);
if (tool_consumer_instance_contact_email != null)
postProp.put(TOOL_CONSUMER_INSTANCE_CONTACT_EMAIL, tool_consumer_instance_contact_email);
if (postProp.get("oauth_callback") == null)
postProp.put("oauth_callback", "about:blank");
if (oauth_consumer_key == null || oauth_consumer_secret == null) {
dPrint("No signature generated in signProperties");
return postProp;
}
OAuthMessage oam = new OAuthMessage(method, url, postProp.entrySet());
OAuthConsumer cons = new OAuthConsumer("about:blank", oauth_consumer_key, oauth_consumer_secret, null);
OAuthAccessor acc = new OAuthAccessor(cons);
try {
oam.addRequiredParameters(acc);
// System.out.println("Base Message String\n"+OAuthSignatureMethod.getBaseString(oam)+"\n");
List<Map.Entry<String, String>> params = oam.getParameters();
Map<String, String> nextProp = new HashMap<String, String>();
// Convert to Map<String, String>
for (final Map.Entry<String, String> entry : params) {
nextProp.put(entry.getKey(), entry.getValue());
}
return nextProp;
} catch (net.oauth.OAuthException e) {
M_log.warning("BasicLTIUtil.signProperties OAuth Exception " + e.getMessage());
throw new Error(e);
} catch (java.io.IOException e) {
M_log.warning("BasicLTIUtil.signProperties IO Exception " + e.getMessage());
throw new Error(e);
} catch (java.net.URISyntaxException e) {
M_log.warning("BasicLTIUtil.signProperties URI Syntax Exception " + e.getMessage());
throw new Error(e);
}
}
use of net.oauth.OAuthMessage in project bigbluebutton by bigbluebutton.
the class OAuthServlet method handleException.
public static void handleException(HttpServletResponse response, Exception e, String realm, boolean sendBody) throws IOException, ServletException {
if (e instanceof OAuthProblemException) {
OAuthProblemException problem = (OAuthProblemException) e;
Object httpCode = problem.getParameters().get(HttpMessage.STATUS_CODE);
if (httpCode == null) {
httpCode = PROBLEM_TO_HTTP_CODE.get(problem.getProblem());
}
if (httpCode == null) {
httpCode = SC_FORBIDDEN;
}
response.reset();
response.setStatus(Integer.parseInt(httpCode.toString()));
OAuthMessage message = new OAuthMessage(null, null, problem.getParameters().entrySet());
response.addHeader("WWW-Authenticate", message.getAuthorizationHeader(realm));
if (sendBody) {
sendForm(response, message.getParameters());
}
} else if (e instanceof IOException) {
throw (IOException) e;
} else if (e instanceof ServletException) {
throw (ServletException) e;
} else if (e instanceof RuntimeException) {
throw (RuntimeException) e;
} else {
throw new ServletException(e);
}
}
use of net.oauth.OAuthMessage in project bigbluebutton by bigbluebutton.
the class OAuthClient method getRequestToken.
/** Get a fresh request token from the service provider.
*
* @param accessor
* should contain a consumer that contains a non-null consumerKey
* and consumerSecret. Also,
* accessor.consumer.serviceProvider.requestTokenURL should be
* the URL (determined by the service provider) for getting a
* request token.
* @param httpMethod
* typically OAuthMessage.POST or OAuthMessage.GET, or null to
* use the default method.
* @param parameters
* additional parameters for this request, or null to indicate
* that there are no additional parameters.
* @throws OAuthProblemException
* the HTTP response status code was not 200 (OK)
*/
public void getRequestToken(OAuthAccessor accessor, String httpMethod, Collection<? extends Map.Entry> parameters) throws IOException, OAuthException, URISyntaxException {
accessor.accessToken = null;
accessor.tokenSecret = null;
{
// This code supports the 'Variable Accessor Secret' extension
// described in http://oauth.pbwiki.com/AccessorSecret
Object accessorSecret = accessor.getProperty(OAuthConsumer.ACCESSOR_SECRET);
if (accessorSecret != null) {
List<Map.Entry> p = (parameters == null) ? new ArrayList<Map.Entry>(1) : new ArrayList<Map.Entry>(parameters);
p.add(new OAuth.Parameter("oauth_accessor_secret", accessorSecret.toString()));
parameters = p;
// But don't modify the caller's parameters.
}
}
OAuthMessage response = invoke(accessor, httpMethod, accessor.consumer.serviceProvider.requestTokenURL, parameters);
accessor.requestToken = response.getParameter(OAuth.OAUTH_TOKEN);
accessor.tokenSecret = response.getParameter(OAuth.OAUTH_TOKEN_SECRET);
response.requireParameters(OAuth.OAUTH_TOKEN, OAuth.OAUTH_TOKEN_SECRET);
}
use of net.oauth.OAuthMessage in project bigbluebutton by bigbluebutton.
the class OAuthClient method getAccessToken.
/**
* Get an access token from the service provider, in exchange for an
* authorized request token.
*
* @param accessor
* should contain a non-null requestToken and tokenSecret, and a
* consumer that contains a consumerKey and consumerSecret. Also,
* accessor.consumer.serviceProvider.accessTokenURL should be the
* URL (determined by the service provider) for getting an access
* token.
* @param httpMethod
* typically OAuthMessage.POST or OAuthMessage.GET, or null to
* use the default method.
* @param parameters
* additional parameters for this request, or null to indicate
* that there are no additional parameters.
* @throws OAuthProblemException
* the HTTP response status code was not 200 (OK)
*/
public OAuthMessage getAccessToken(OAuthAccessor accessor, String httpMethod, Collection<? extends Map.Entry> parameters) throws IOException, OAuthException, URISyntaxException {
if (accessor.requestToken != null) {
if (parameters == null) {
parameters = OAuth.newList(OAuth.OAUTH_TOKEN, accessor.requestToken);
} else if (!OAuth.newMap(parameters).containsKey(OAuth.OAUTH_TOKEN)) {
List<Map.Entry> p = new ArrayList<Map.Entry>(parameters);
p.add(new OAuth.Parameter(OAuth.OAUTH_TOKEN, accessor.requestToken));
parameters = p;
}
}
OAuthMessage response = invoke(accessor, httpMethod, accessor.consumer.serviceProvider.accessTokenURL, parameters);
response.requireParameters(OAuth.OAUTH_TOKEN, OAuth.OAUTH_TOKEN_SECRET);
accessor.accessToken = response.getParameter(OAuth.OAUTH_TOKEN);
accessor.tokenSecret = response.getParameter(OAuth.OAUTH_TOKEN_SECRET);
return response;
}
Aggregations