Search in sources :

Example 11 with OAuthMessage

use of net.oauth.OAuthMessage in project uPortal by Jasig.

the class ZeroLeggedOAuthInterceptor method getOAuthAuthString.

/**
 * Get the oauth Authorization string.
 *
 * @param req the request
 * @return the Authorization string
 */
private String getOAuthAuthString(HttpRequest req) throws OAuthException, IOException, URISyntaxException {
    RealmOAuthConsumer consumer = getConsumer();
    OAuthAccessor accessor = new OAuthAccessor(consumer);
    String method = req.getMethod().name();
    URI uri = req.getURI();
    OAuthMessage msg = accessor.newRequestMessage(method, uri.toString(), null);
    return msg.getAuthorizationHeader(consumer.getRealm());
}
Also used : OAuthAccessor(net.oauth.OAuthAccessor) OAuthMessage(net.oauth.OAuthMessage) URI(java.net.URI)

Example 12 with OAuthMessage

use of net.oauth.OAuthMessage in project bigbluebutton by bigbluebutton.

the class OAuthClient method invoke.

/**
     * Construct a request message, send it to the service provider and get the
     * response.
     * 
     * @param httpMethod
     *            the HTTP request method, or null to use the default method
     * @return the response
     * @throws URISyntaxException
     *             the given url isn't valid syntactically
     * @throws OAuthProblemException
     *             the HTTP response status code was not 200 (OK)
     */
public OAuthMessage invoke(OAuthAccessor accessor, String httpMethod, String url, Collection<? extends Map.Entry> parameters) throws IOException, OAuthException, URISyntaxException {
    OAuthMessage request = accessor.newRequestMessage(httpMethod, url, parameters);
    Object accepted = accessor.consumer.getProperty(OAuthConsumer.ACCEPT_ENCODING);
    if (accepted != null) {
        request.getHeaders().add(new OAuth.Parameter(HttpMessage.ACCEPT_ENCODING, accepted.toString()));
    }
    Object ps = accessor.consumer.getProperty(PARAMETER_STYLE);
    net.oauth.ParameterStyle style = (ps == null) ? net.oauth.ParameterStyle.BODY : Enum.valueOf(net.oauth.ParameterStyle.class, ps.toString());
    return invoke(request, style);
}
Also used : OAuthMessage(net.oauth.OAuthMessage) OAuth(net.oauth.OAuth)

Example 13 with OAuthMessage

use of net.oauth.OAuthMessage in project bigbluebutton by bigbluebutton.

the class IMSPOXRequest method validateRequest.

// Assumes data is all loaded
public void validateRequest(String oauth_consumer_key, String oauth_secret, HttpServletRequest request) {
    valid = false;
    OAuthMessage oam = OAuthServlet.getMessage(request, null);
    OAuthValidator oav = new SimpleOAuthValidator();
    OAuthConsumer cons = new OAuthConsumer("about:blank#OAuth+CallBack+NotUsed", oauth_consumer_key, oauth_secret, null);
    OAuthAccessor acc = new OAuthAccessor(cons);
    try {
        base_string = OAuthSignatureMethod.getBaseString(oam);
    } catch (Exception e) {
        base_string = null;
    }
    try {
        oav.validateMessage(oam, acc);
    } catch (Exception e) {
        errorMessage = "Launch fails OAuth validation: " + e.getMessage();
        return;
    }
    valid = true;
}
Also used : SimpleOAuthValidator(net.oauth.SimpleOAuthValidator) OAuthAccessor(net.oauth.OAuthAccessor) SimpleOAuthValidator(net.oauth.SimpleOAuthValidator) OAuthValidator(net.oauth.OAuthValidator) OAuthMessage(net.oauth.OAuthMessage) OAuthConsumer(net.oauth.OAuthConsumer) IllegalArgumentException(java.lang.IllegalArgumentException) ParserConfigurationException(javax.xml.parsers.ParserConfigurationException)

Example 14 with OAuthMessage

use of net.oauth.OAuthMessage in project spring-security-oauth by spring-projects.

the class GoogleCodeCompatibilityTests method testCalculateSignatureBaseString.

/**
	 * tests compatibility of calculating the signature base string.
	 */
@Test
public void testCalculateSignatureBaseString() throws Exception {
    final String baseUrl = "http://www.springframework.org/schema/security/";
    CoreOAuthProviderSupport support = new CoreOAuthProviderSupport() {

        @Override
        protected String getBaseUrl(HttpServletRequest request) {
            return baseUrl;
        }
    };
    Map<String, String[]> parameterMap = new HashMap<String, String[]>();
    parameterMap.put("a", new String[] { "value-a" });
    parameterMap.put("b", new String[] { "value-b" });
    parameterMap.put("c", new String[] { "value-c" });
    parameterMap.put("param[1]", new String[] { "aaa", "bbb" });
    when(request.getParameterNames()).thenReturn(Collections.enumeration(parameterMap.keySet()));
    for (Map.Entry<String, String[]> param : parameterMap.entrySet()) {
        when(request.getParameterValues(param.getKey())).thenReturn(param.getValue());
    }
    String header = "OAuth realm=\"http://sp.example.com/\"," + "                oauth_consumer_key=\"0685bd9184jfhq22\"," + "                oauth_token=\"ad180jjd733klru7\"," + "                oauth_signature_method=\"HMAC-SHA1\"," + "                oauth_signature=\"wOJIO9A2W5mFwDgiDvZbTSMK%2FPY%3D\"," + "                oauth_timestamp=\"137131200\"," + "                oauth_callback=\"" + OAuthCodec.oauthEncode("http://myhost.com/callback") + "\"," + "                oauth_nonce=\"4572616e48616d6d65724c61686176\"," + "                oauth_version=\"1.0\"";
    when(request.getHeaders("Authorization")).thenReturn(Collections.enumeration(Arrays.asList(header)));
    when(request.getMethod()).thenReturn("GET");
    String ours = support.getSignatureBaseString(request);
    when(request.getHeaders("Authorization")).thenReturn(Collections.enumeration(Arrays.asList(header)));
    when(request.getParameterMap()).thenReturn(parameterMap);
    when(request.getHeaderNames()).thenReturn(null);
    OAuthMessage message = OAuthServlet.getMessage(request, baseUrl);
    String theirs = OAuthSignatureMethod.getBaseString(message);
    assertEquals(theirs, ours);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) OAuthMessage(net.oauth.OAuthMessage) HashMap(java.util.HashMap) CoreOAuthProviderSupport(org.springframework.security.oauth.provider.filter.CoreOAuthProviderSupport) HashMap(java.util.HashMap) Map(java.util.Map) Test(org.junit.Test)

Example 15 with OAuthMessage

use of net.oauth.OAuthMessage in project zm-mailbox by Zimbra.

the class ZimbraAuthProviderForOAuth method authToken.

@Override
protected AuthToken authToken(HttpServletRequest req, boolean isAdminReq) throws AuthProviderException, AuthTokenException {
    ZimbraLog.extensions.debug("authToken(HttpServletRequest req, boolean isAdminReq) is requested.");
    if (isAdminReq) {
        ZimbraLog.extensions.debug("isAdminReq:true");
        return null;
    }
    String origUrl = req.getHeader("X-Zimbra-Orig-Url");
    OAuthMessage oAuthMessage;
    if (StringUtil.isNullOrEmpty(origUrl)) {
        ZimbraLog.extensions.debug("request.getRequestURL(): " + req.getRequestURL());
        oAuthMessage = OAuthServlet.getMessage(req, null);
    } else {
        ZimbraLog.extensions.debug("X-Zimbra-Orig-Url: " + origUrl);
        oAuthMessage = OAuthServlet.getMessage(req, origUrl);
    }
    String accessToken;
    try {
        accessToken = oAuthMessage.getToken();
    } catch (IOException e) {
        ZimbraLog.extensions.debug("Error in getting OAuth token from request", e);
        throw AuthProviderException.FAILURE(e.getMessage());
    }
    if (accessToken == null) {
        ZimbraLog.extensions.debug("no need for further oauth processing");
        throw AuthProviderException.NO_AUTH_DATA();
    }
    Account account;
    try {
        account = Provisioning.getInstance().getAccountByForeignPrincipal("oAuthAccessToken:" + accessToken);
    } catch (ServiceException e) {
        ZimbraLog.extensions.warn("Error in getting account using OAuth access token", e);
        throw AuthProviderException.FAILURE(e.getMessage());
    }
    if (account == null) {
        throw AuthProviderException.FAILURE("Could not identify account corresponding to the OAuth request");
    }
    OAuthAccessor accessor = null;
    String[] accessors = account.getOAuthAccessor();
    for (String val : accessors) {
        if (val.startsWith(accessToken)) {
            try {
                accessor = new OAuthAccessorSerializer().deserialize(val.substring(accessToken.length() + 2));
            } catch (ServiceException e) {
                throw AuthProviderException.FAILURE("Error in deserializing OAuth accessor");
            }
            break;
        }
    }
    if (accessor == null)
        throw new AuthTokenException("invalid OAuth token");
    try {
        OAuthServiceProvider.VALIDATOR.validateMessage(oAuthMessage, accessor);
    } catch (OAuthProblemException e) {
        for (Map.Entry<String, Object> entry : e.getParameters().entrySet()) {
            ZimbraLog.extensions.debug(entry.getKey() + ":" + entry.getValue());
        }
        ZimbraLog.extensions.debug("Exception in validating OAuth token", e);
        throw new AuthTokenException("Exception in validating OAuth token", e);
    } catch (Exception e) {
        ZimbraLog.extensions.debug("Exception in validating OAuth token", e);
        throw new AuthTokenException("Exception in validating OAuth token", e);
    }
    return AuthProvider.getAuthToken(account);
}
Also used : OAuthAccessor(net.oauth.OAuthAccessor) OAuthProblemException(net.oauth.OAuthProblemException) Account(com.zimbra.cs.account.Account) OAuthMessage(net.oauth.OAuthMessage) ServiceException(com.zimbra.common.service.ServiceException) OAuthAccessorSerializer(com.zimbra.cs.account.oauth.OAuthAccessorSerializer) AuthTokenException(com.zimbra.cs.account.AuthTokenException) IOException(java.io.IOException) IOException(java.io.IOException) ServiceException(com.zimbra.common.service.ServiceException) OAuthProblemException(net.oauth.OAuthProblemException) AuthTokenException(com.zimbra.cs.account.AuthTokenException)

Aggregations

OAuthMessage (net.oauth.OAuthMessage)22 OAuthAccessor (net.oauth.OAuthAccessor)10 HashMap (java.util.HashMap)9 OAuthProblemException (net.oauth.OAuthProblemException)8 IOException (java.io.IOException)7 Map (java.util.Map)5 ServletException (javax.servlet.ServletException)5 OAuthConsumer (net.oauth.OAuthConsumer)5 OAuthServiceException (org.apache.cxf.rs.security.oauth.provider.OAuthServiceException)4 ArrayList (java.util.ArrayList)3 RequestToken (org.apache.cxf.rs.security.oauth.data.RequestToken)3 Account (com.zimbra.cs.account.Account)2 OutputStream (java.io.OutputStream)2 IllegalArgumentException (java.lang.IllegalArgumentException)2 URI (java.net.URI)2 List (java.util.List)2 HttpServletRequest (javax.servlet.http.HttpServletRequest)2 OAuthValidator (net.oauth.OAuthValidator)2 SimpleOAuthValidator (net.oauth.SimpleOAuthValidator)2 AccessToken (org.apache.cxf.rs.security.oauth.data.AccessToken)2