Example 11 with OAuthMessage
use of net.oauth.OAuthMessage in project uPortal by Jasig.
the class ZeroLeggedOAuthInterceptor method getOAuthAuthString.
/**
* Get the oauth Authorization string.
*
* @param req the request
* @return the Authorization string
*/
private String getOAuthAuthString(HttpRequest req) throws OAuthException, IOException, URISyntaxException {
RealmOAuthConsumer consumer = getConsumer();
OAuthAccessor accessor = new OAuthAccessor(consumer);
String method = req.getMethod().name();
URI uri = req.getURI();
OAuthMessage msg = accessor.newRequestMessage(method, uri.toString(), null);
return msg.getAuthorizationHeader(consumer.getRealm());
}
Also used :
OAuthAccessor(net.oauth.OAuthAccessor)
OAuthMessage(net.oauth.OAuthMessage)
URI(java.net.URI)
Example 12 with OAuthMessage
use of net.oauth.OAuthMessage in project bigbluebutton by bigbluebutton.
the class OAuthClient method invoke.
/**
* Construct a request message, send it to the service provider and get the
* response.
*
* @param httpMethod
* the HTTP request method, or null to use the default method
* @return the response
* @throws URISyntaxException
* the given url isn't valid syntactically
* @throws OAuthProblemException
* the HTTP response status code was not 200 (OK)
*/
public OAuthMessage invoke(OAuthAccessor accessor, String httpMethod, String url, Collection<? extends Map.Entry> parameters) throws IOException, OAuthException, URISyntaxException {
OAuthMessage request = accessor.newRequestMessage(httpMethod, url, parameters);
Object accepted = accessor.consumer.getProperty(OAuthConsumer.ACCEPT_ENCODING);
if (accepted != null) {
request.getHeaders().add(new OAuth.Parameter(HttpMessage.ACCEPT_ENCODING, accepted.toString()));
}
Object ps = accessor.consumer.getProperty(PARAMETER_STYLE);
net.oauth.ParameterStyle style = (ps == null) ? net.oauth.ParameterStyle.BODY : Enum.valueOf(net.oauth.ParameterStyle.class, ps.toString());
return invoke(request, style);
}
Also used :
OAuthMessage(net.oauth.OAuthMessage)
OAuth(net.oauth.OAuth)
Example 13 with OAuthMessage
use of net.oauth.OAuthMessage in project bigbluebutton by bigbluebutton.
the class IMSPOXRequest method validateRequest.
// Assumes data is all loaded
public void validateRequest(String oauth_consumer_key, String oauth_secret, HttpServletRequest request) {
valid = false;
OAuthMessage oam = OAuthServlet.getMessage(request, null);
OAuthValidator oav = new SimpleOAuthValidator();
OAuthConsumer cons = new OAuthConsumer("about:blank#OAuth+CallBack+NotUsed", oauth_consumer_key, oauth_secret, null);
OAuthAccessor acc = new OAuthAccessor(cons);
try {
base_string = OAuthSignatureMethod.getBaseString(oam);
} catch (Exception e) {
base_string = null;
}
try {
oav.validateMessage(oam, acc);
} catch (Exception e) {
errorMessage = "Launch fails OAuth validation: " + e.getMessage();
return;
}
valid = true;
}
Also used :
SimpleOAuthValidator(net.oauth.SimpleOAuthValidator)
OAuthAccessor(net.oauth.OAuthAccessor)
SimpleOAuthValidator(net.oauth.SimpleOAuthValidator)
OAuthValidator(net.oauth.OAuthValidator)
OAuthMessage(net.oauth.OAuthMessage)
OAuthConsumer(net.oauth.OAuthConsumer)
IllegalArgumentException(java.lang.IllegalArgumentException)
ParserConfigurationException(javax.xml.parsers.ParserConfigurationException)
Example 14 with OAuthMessage
use of net.oauth.OAuthMessage in project spring-security-oauth by spring-projects.
the class GoogleCodeCompatibilityTests method testCalculateSignatureBaseString.
/**
* tests compatibility of calculating the signature base string.
*/
@Test
public void testCalculateSignatureBaseString() throws Exception {
final String baseUrl = "http://www.springframework.org/schema/security/";
CoreOAuthProviderSupport support = new CoreOAuthProviderSupport() {
@Override
protected String getBaseUrl(HttpServletRequest request) {
return baseUrl;
}
};
Map<String, String[]> parameterMap = new HashMap<String, String[]>();
parameterMap.put("a", new String[] { "value-a" });
parameterMap.put("b", new String[] { "value-b" });
parameterMap.put("c", new String[] { "value-c" });
parameterMap.put("param[1]", new String[] { "aaa", "bbb" });
when(request.getParameterNames()).thenReturn(Collections.enumeration(parameterMap.keySet()));
for (Map.Entry<String, String[]> param : parameterMap.entrySet()) {
when(request.getParameterValues(param.getKey())).thenReturn(param.getValue());
}
String header = "OAuth realm=\"http://sp.example.com/\"," + " oauth_consumer_key=\"0685bd9184jfhq22\"," + " oauth_token=\"ad180jjd733klru7\"," + " oauth_signature_method=\"HMAC-SHA1\"," + " oauth_signature=\"wOJIO9A2W5mFwDgiDvZbTSMK%2FPY%3D\"," + " oauth_timestamp=\"137131200\"," + " oauth_callback=\"" + OAuthCodec.oauthEncode("http://myhost.com/callback") + "\"," + " oauth_nonce=\"4572616e48616d6d65724c61686176\"," + " oauth_version=\"1.0\"";
when(request.getHeaders("Authorization")).thenReturn(Collections.enumeration(Arrays.asList(header)));
when(request.getMethod()).thenReturn("GET");
String ours = support.getSignatureBaseString(request);
when(request.getHeaders("Authorization")).thenReturn(Collections.enumeration(Arrays.asList(header)));
when(request.getParameterMap()).thenReturn(parameterMap);
when(request.getHeaderNames()).thenReturn(null);
OAuthMessage message = OAuthServlet.getMessage(request, baseUrl);
String theirs = OAuthSignatureMethod.getBaseString(message);
assertEquals(theirs, ours);
}
Also used :
HttpServletRequest(javax.servlet.http.HttpServletRequest)
OAuthMessage(net.oauth.OAuthMessage)
HashMap(java.util.HashMap)
CoreOAuthProviderSupport(org.springframework.security.oauth.provider.filter.CoreOAuthProviderSupport)
HashMap(java.util.HashMap)
Map(java.util.Map)
Test(org.junit.Test)
Example 15 with OAuthMessage
use of net.oauth.OAuthMessage in project zm-mailbox by Zimbra.
the class ZimbraAuthProviderForOAuth method authToken.
@Override
protected AuthToken authToken(HttpServletRequest req, boolean isAdminReq) throws AuthProviderException, AuthTokenException {
ZimbraLog.extensions.debug("authToken(HttpServletRequest req, boolean isAdminReq) is requested.");
if (isAdminReq) {
ZimbraLog.extensions.debug("isAdminReq:true");
return null;
}
String origUrl = req.getHeader("X-Zimbra-Orig-Url");
OAuthMessage oAuthMessage;
if (StringUtil.isNullOrEmpty(origUrl)) {
ZimbraLog.extensions.debug("request.getRequestURL(): " + req.getRequestURL());
oAuthMessage = OAuthServlet.getMessage(req, null);
} else {
ZimbraLog.extensions.debug("X-Zimbra-Orig-Url: " + origUrl);
oAuthMessage = OAuthServlet.getMessage(req, origUrl);
}
String accessToken;
try {
accessToken = oAuthMessage.getToken();
} catch (IOException e) {
ZimbraLog.extensions.debug("Error in getting OAuth token from request", e);
throw AuthProviderException.FAILURE(e.getMessage());
}
if (accessToken == null) {
ZimbraLog.extensions.debug("no need for further oauth processing");
throw AuthProviderException.NO_AUTH_DATA();
}
Account account;
try {
account = Provisioning.getInstance().getAccountByForeignPrincipal("oAuthAccessToken:" + accessToken);
} catch (ServiceException e) {
ZimbraLog.extensions.warn("Error in getting account using OAuth access token", e);
throw AuthProviderException.FAILURE(e.getMessage());
}
if (account == null) {
throw AuthProviderException.FAILURE("Could not identify account corresponding to the OAuth request");
}
OAuthAccessor accessor = null;
String[] accessors = account.getOAuthAccessor();
for (String val : accessors) {
if (val.startsWith(accessToken)) {
try {
accessor = new OAuthAccessorSerializer().deserialize(val.substring(accessToken.length() + 2));
} catch (ServiceException e) {
throw AuthProviderException.FAILURE("Error in deserializing OAuth accessor");
}
break;
}
}
if (accessor == null)
throw new AuthTokenException("invalid OAuth token");
try {
OAuthServiceProvider.VALIDATOR.validateMessage(oAuthMessage, accessor);
} catch (OAuthProblemException e) {
for (Map.Entry<String, Object> entry : e.getParameters().entrySet()) {
ZimbraLog.extensions.debug(entry.getKey() + ":" + entry.getValue());
}
ZimbraLog.extensions.debug("Exception in validating OAuth token", e);
throw new AuthTokenException("Exception in validating OAuth token", e);
} catch (Exception e) {
ZimbraLog.extensions.debug("Exception in validating OAuth token", e);
throw new AuthTokenException("Exception in validating OAuth token", e);
}
return AuthProvider.getAuthToken(account);
}
Also used :
OAuthAccessor(net.oauth.OAuthAccessor)
OAuthProblemException(net.oauth.OAuthProblemException)
Account(com.zimbra.cs.account.Account)
OAuthMessage(net.oauth.OAuthMessage)
ServiceException(com.zimbra.common.service.ServiceException)
OAuthAccessorSerializer(com.zimbra.cs.account.oauth.OAuthAccessorSerializer)
AuthTokenException(com.zimbra.cs.account.AuthTokenException)
IOException(java.io.IOException)
IOException(java.io.IOException)
ServiceException(com.zimbra.common.service.ServiceException)
OAuthProblemException(net.oauth.OAuthProblemException)
AuthTokenException(com.zimbra.cs.account.AuthTokenException)
Aggregations
OAuthMessage (net.oauth.OAuthMessage)22
OAuthAccessor (net.oauth.OAuthAccessor)10
HashMap (java.util.HashMap)9
OAuthProblemException (net.oauth.OAuthProblemException)8
IOException (java.io.IOException)7
Map (java.util.Map)5
ServletException (javax.servlet.ServletException)5
OAuthConsumer (net.oauth.OAuthConsumer)5
OAuthServiceException (org.apache.cxf.rs.security.oauth.provider.OAuthServiceException)4
ArrayList (java.util.ArrayList)3
RequestToken (org.apache.cxf.rs.security.oauth.data.RequestToken)3
Account (com.zimbra.cs.account.Account)2
OutputStream (java.io.OutputStream)2
IllegalArgumentException (java.lang.IllegalArgumentException)2
URI (java.net.URI)2
List (java.util.List)2
HttpServletRequest (javax.servlet.http.HttpServletRequest)2
OAuthValidator (net.oauth.OAuthValidator)2
SimpleOAuthValidator (net.oauth.SimpleOAuthValidator)2
AccessToken (org.apache.cxf.rs.security.oauth.data.AccessToken)2
