Examples with OAuthMessage net.oauth.OAuthMessage used on opensource projects

Search in sources :

Example 6 with OAuthMessage

use of net.oauth.OAuthMessage in project zm-mailbox by Zimbra.

the class OAuthAccessTokenServlet method processRequest.

public void processRequest(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException {
    try {
        String origUrl = request.getHeader("X-Zimbra-Orig-Url");
        OAuthMessage oAuthMessage = StringUtil.isNullOrEmpty(origUrl) ? OAuthServlet.getMessage(request, null) : OAuthServlet.getMessage(request, origUrl);
        OAuthAccessor accessor = OAuthServiceProvider.getAccessor(oAuthMessage);
        OAuthServiceProvider.VALIDATOR.validateAccTokenMessage(oAuthMessage, accessor);
        // make sure token is authorized
        if (!Boolean.TRUE.equals(accessor.getProperty("authorized"))) {
            OAuthProblemException problem = new OAuthProblemException("permission_denied");
            LOG.debug("permission_denied");
            throw problem;
        }
        AuthToken userAuthToken = ZimbraAuthToken.getAuthToken((String) accessor.getProperty("ZM_AUTH_TOKEN"));
        String accountId = userAuthToken.getAccountId();
        Account account = Provisioning.getInstance().getAccountById(accountId);
        // generate access token and secret
        OAuthServiceProvider.generateAccessToken(accessor);
        account.addForeignPrincipal("oAuthAccessToken:" + accessor.accessToken);
        account.addOAuthAccessor(accessor.accessToken + "::" + new OAuthAccessorSerializer().serialize(accessor));
        response.setContentType("text/plain");
        OutputStream out = response.getOutputStream();
        OAuth.formEncode(OAuth.newList("oauth_token", accessor.accessToken, "oauth_token_secret", accessor.tokenSecret), out);
        out.close();
    } catch (Exception e) {
        LOG.debug("AccessTokenHandler exception", e);
        OAuthServiceProvider.handleException(e, request, response, true);
    }
}
Also used : OAuthAccessor(net.oauth.OAuthAccessor) OAuthProblemException(net.oauth.OAuthProblemException) Account(com.zimbra.cs.account.Account) OAuthMessage(net.oauth.OAuthMessage) OutputStream(java.io.OutputStream) ZimbraAuthToken(com.zimbra.cs.account.ZimbraAuthToken) AuthToken(com.zimbra.cs.account.AuthToken) ServletException(javax.servlet.ServletException) IOException(java.io.IOException) OAuthProblemException(net.oauth.OAuthProblemException)

Example 7 with OAuthMessage

use of net.oauth.OAuthMessage in project zm-mailbox by Zimbra.

the class OAuthRequestTokenServlet method processRequest.

public void processRequest(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException {
    try {
        OAuthMessage oAuthMessage = OAuthServlet.getMessage(request, null);
        OAuthConsumer consumer = OAuthServiceProvider.getConsumer(oAuthMessage);
        //TODO: This property is applicable for mobile client.
        //For other types of consumers there will be more fields(e.g. Browser)
        String device = request.getParameter("device");
        consumer.setProperty("device", device);
        OAuthAccessor accessor = new OAuthAccessor(consumer);
        OAuthServiceProvider.VALIDATOR.validateReqTokenMessage(oAuthMessage, accessor);
        // generate request_token and secret
        OAuthServiceProvider.generateRequestToken(accessor);
        response.setContentType("text/plain");
        OutputStream out = response.getOutputStream();
        OAuth.formEncode(OAuth.newList("oauth_token", accessor.requestToken, "oauth_token_secret", accessor.tokenSecret, OAuth.OAUTH_CALLBACK_CONFIRMED, "true"), out);
        out.close();
    } catch (Exception e) {
        LOG.debug("RequestTokenHandler exception", e);
        OAuthServiceProvider.handleException(e, request, response, true);
    }
}
Also used : OAuthAccessor(net.oauth.OAuthAccessor) OAuthMessage(net.oauth.OAuthMessage) OutputStream(java.io.OutputStream) OAuthConsumer(net.oauth.OAuthConsumer) ServletException(javax.servlet.ServletException) IOException(java.io.IOException)

Example 8 with OAuthMessage

use of net.oauth.OAuthMessage in project cxf by apache.

the class AccessTokenHandler method handle.

public Response handle(MessageContext mc, OAuthDataProvider dataProvider, OAuthValidator validator) {
    try {
        OAuthMessage oAuthMessage = OAuthUtils.getOAuthMessage(mc, mc.getHttpServletRequest(), REQUIRED_PARAMETERS);
        RequestToken requestToken = dataProvider.getRequestToken(oAuthMessage.getToken());
        if (requestToken == null) {
            throw new OAuthProblemException(OAuth.Problems.TOKEN_REJECTED);
        }
        String oauthVerifier = oAuthMessage.getParameter(OAuth.OAUTH_VERIFIER);
        if (StringUtils.isEmpty(oauthVerifier)) {
            if (requestToken.getSubject() != null && requestToken.isPreAuthorized()) {
                LOG.fine("Preauthorized request token");
            } else {
                throw new OAuthProblemException(OAuthConstants.VERIFIER_INVALID);
            }
        } else if (!oauthVerifier.equals(requestToken.getVerifier())) {
            throw new OAuthProblemException(OAuthConstants.VERIFIER_INVALID);
        }
        OAuthUtils.validateMessage(oAuthMessage, requestToken.getClient(), requestToken, dataProvider, validator);
        AccessTokenRegistration reg = new AccessTokenRegistration();
        reg.setRequestToken(requestToken);
        AccessToken accessToken = dataProvider.createAccessToken(reg);
        // create response
        Map<String, Object> responseParams = new HashMap<>();
        responseParams.put(OAuth.OAUTH_TOKEN, accessToken.getTokenKey());
        responseParams.put(OAuth.OAUTH_TOKEN_SECRET, accessToken.getTokenSecret());
        String responseString = OAuth.formEncode(responseParams.entrySet());
        return Response.ok(responseString).build();
    } catch (OAuthProblemException e) {
        LOG.log(Level.WARNING, "An OAuth-related problem: {0}", new Object[] { e.fillInStackTrace() });
        int code = e.getHttpStatusCode();
        if (code == HttpServletResponse.SC_OK) {
            code = e.getProblem() == OAuth.Problems.CONSUMER_KEY_UNKNOWN ? 401 : 400;
        }
        return OAuthUtils.handleException(mc, e, code);
    } catch (OAuthServiceException e) {
        return OAuthUtils.handleException(mc, e, HttpServletResponse.SC_BAD_REQUEST);
    } catch (Exception e) {
        LOG.log(Level.SEVERE, "Unexpected internal server exception: {0}", new Object[] { e.fillInStackTrace() });
        return OAuthUtils.handleException(mc, e, HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
    }
}
Also used : OAuthProblemException(net.oauth.OAuthProblemException) OAuthMessage(net.oauth.OAuthMessage) HashMap(java.util.HashMap) OAuthServiceException(org.apache.cxf.rs.security.oauth.provider.OAuthServiceException) RequestToken(org.apache.cxf.rs.security.oauth.data.RequestToken) AccessToken(org.apache.cxf.rs.security.oauth.data.AccessToken) AccessTokenRegistration(org.apache.cxf.rs.security.oauth.data.AccessTokenRegistration) OAuthProblemException(net.oauth.OAuthProblemException) OAuthServiceException(org.apache.cxf.rs.security.oauth.provider.OAuthServiceException)

Example 9 with OAuthMessage

use of net.oauth.OAuthMessage in project cxf by apache.

the class OAuthUtils method getOAuthMessage.

public static OAuthMessage getOAuthMessage(MessageContext mc, HttpServletRequest request, String[] requiredParams) throws Exception {
    OAuthMessage oAuthMessage = OAuthServlet.getMessage(request, request.getRequestURL().toString());
    OAuthUtils.addParametersIfNeeded(mc, request, oAuthMessage);
    oAuthMessage.requireParameters(requiredParams);
    return oAuthMessage;
}
Also used : OAuthMessage(net.oauth.OAuthMessage)

Example 10 with OAuthMessage

use of net.oauth.OAuthMessage in project cxf by apache.

the class GetProtectedResourceController method handleRequest.

@RequestMapping("/getProtectedResource")
protected ModelAndView handleRequest(@ModelAttribute("oAuthParams") OAuthParams oAuthParams, HttpServletRequest request) throws Exception {
    OAuthServiceProvider provider = new OAuthServiceProvider(oAuthParams.getTemporaryCredentialsEndpoint(), oAuthParams.getResourceOwnerAuthorizationEndpoint(), null);
    OAuthConsumer consumer = new OAuthConsumer(null, oAuthParams.getClientID(), oAuthParams.getClientSecret(), provider);
    OAuthAccessor accessor = new OAuthAccessor(consumer);
    accessor.requestToken = oAuthParams.getOauthToken();
    accessor.tokenSecret = oAuthParams.getOauthTokenSecret();
    Map<String, String> parameters = new HashMap<>();
    parameters.put(OAuth.OAUTH_SIGNATURE_METHOD, oAuthParams.getSignatureMethod());
    parameters.put(OAuth.OAUTH_NONCE, UUID.randomUUID().toString());
    parameters.put(OAuth.OAUTH_TIMESTAMP, String.valueOf(System.currentTimeMillis() / 1000));
    parameters.put(OAuth.OAUTH_TOKEN, oAuthParams.getOauthToken());
    parameters.put(OAuth.OAUTH_CONSUMER_KEY, oAuthParams.getClientID());
    OAuthMessage msg = null;
    String method = request.getParameter("op");
    if ("GET".equals(method)) {
        msg = accessor.newRequestMessage(OAuthMessage.GET, oAuthParams.getGetResourceURL(), parameters.entrySet());
    } else {
        msg = accessor.newRequestMessage(OAuthMessage.POST, oAuthParams.getPostResourceURL(), parameters.entrySet());
    }
    OAuthClient client = new OAuthClient(new URLConnectionClient());
    msg = client.access(msg, ParameterStyle.QUERY_STRING);
    StringBuilder bodyBuffer = readBody(msg);
    oAuthParams.setResourceResponse(bodyBuffer.toString());
    String authHeader = msg.getHeader("WWW-Authenticate");
    String oauthHeader = msg.getHeader("OAuth");
    String header = "";
    if (authHeader != null) {
        header += "WWW-Authenticate:" + authHeader;
    }
    if (oauthHeader != null) {
        header += "OAuth:" + oauthHeader;
    }
    oAuthParams.setHeader(header);
    oAuthParams.setResponseCode(((OAuthResponseMessage) msg).getHttpResponse().getStatusCode());
    return new ModelAndView("accessToken");
}
Also used : OAuthAccessor(net.oauth.OAuthAccessor) OAuthServiceProvider(net.oauth.OAuthServiceProvider) OAuthMessage(net.oauth.OAuthMessage) URLConnectionClient(net.oauth.client.URLConnectionClient) HashMap(java.util.HashMap) OAuthClient(net.oauth.client.OAuthClient) OAuthResponseMessage(net.oauth.client.OAuthResponseMessage) ModelAndView(org.springframework.web.servlet.ModelAndView) OAuthConsumer(net.oauth.OAuthConsumer) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Aggregations

OAuthMessage (net.oauth.OAuthMessage)22 OAuthAccessor (net.oauth.OAuthAccessor)10 HashMap (java.util.HashMap)9 OAuthProblemException (net.oauth.OAuthProblemException)8 IOException (java.io.IOException)7 Map (java.util.Map)5 ServletException (javax.servlet.ServletException)5 OAuthConsumer (net.oauth.OAuthConsumer)5 OAuthServiceException (org.apache.cxf.rs.security.oauth.provider.OAuthServiceException)4 ArrayList (java.util.ArrayList)3 RequestToken (org.apache.cxf.rs.security.oauth.data.RequestToken)3 Account (com.zimbra.cs.account.Account)2 OutputStream (java.io.OutputStream)2 IllegalArgumentException (java.lang.IllegalArgumentException)2 URI (java.net.URI)2 List (java.util.List)2 HttpServletRequest (javax.servlet.http.HttpServletRequest)2 OAuthValidator (net.oauth.OAuthValidator)2 SimpleOAuthValidator (net.oauth.SimpleOAuthValidator)2 AccessToken (org.apache.cxf.rs.security.oauth.data.AccessToken)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial