Example 1 with RequestTokenRegistration
use of org.apache.cxf.rs.security.oauth.data.RequestTokenRegistration in project cxf by apache.
the class RequestTokenHandler method handle.
public Response handle(MessageContext mc, OAuthDataProvider dataProvider, OAuthValidator validator) {
try {
OAuthMessage oAuthMessage = OAuthUtils.getOAuthMessage(mc, mc.getHttpServletRequest(), REQUIRED_PARAMETERS);
Client client = dataProvider.getClient(oAuthMessage.getParameter(OAuth.OAUTH_CONSUMER_KEY));
// client credentials not found
if (client == null) {
throw new OAuthProblemException(OAuth.Problems.CONSUMER_KEY_UNKNOWN);
}
OAuthUtils.validateMessage(oAuthMessage, client, null, dataProvider, validator);
String callback = oAuthMessage.getParameter(OAuth.OAUTH_CALLBACK);
validateCallbackURL(client, callback);
List<String> scopes = OAuthUtils.parseParamValue(oAuthMessage.getParameter(OAuthConstants.X_OAUTH_SCOPE), defaultScope);
RequestTokenRegistration reg = new RequestTokenRegistration();
reg.setClient(client);
reg.setCallback(callback);
reg.setState(oAuthMessage.getParameter(OAuthConstants.X_OAUTH_STATE));
reg.setScopes(scopes);
reg.setLifetime(tokenLifetime);
reg.setIssuedAt(System.currentTimeMillis() / 1000);
RequestToken requestToken = dataProvider.createRequestToken(reg);
if (LOG.isLoggable(Level.FINE)) {
LOG.log(Level.FINE, "Preparing Temporary Credentials Endpoint correct response");
}
// create response
Map<String, Object> responseParams = new HashMap<>();
responseParams.put(OAuth.OAUTH_TOKEN, requestToken.getTokenKey());
responseParams.put(OAuth.OAUTH_TOKEN_SECRET, requestToken.getTokenSecret());
responseParams.put(OAuth.OAUTH_CALLBACK_CONFIRMED, Boolean.TRUE);
String responseBody = OAuth.formEncode(responseParams.entrySet());
return Response.ok(responseBody).build();
} catch (OAuthProblemException e) {
LOG.log(Level.WARNING, "An OAuth-related problem: {0}", new Object[] { e.fillInStackTrace() });
int code = e.getHttpStatusCode();
if (code == HttpServletResponse.SC_OK) {
code = e.getProblem() == OAuth.Problems.CONSUMER_KEY_UNKNOWN ? 401 : 400;
}
return OAuthUtils.handleException(mc, e, code);
} catch (OAuthServiceException e) {
return OAuthUtils.handleException(mc, e, HttpServletResponse.SC_BAD_REQUEST);
} catch (Exception e) {
LOG.log(Level.SEVERE, "Unexpected internal server exception: {0}", new Object[] { e.fillInStackTrace() });
return OAuthUtils.handleException(mc, e, HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
}
}
Also used :
OAuthProblemException(net.oauth.OAuthProblemException)
OAuthMessage(net.oauth.OAuthMessage)
HashMap(java.util.HashMap)
OAuthServiceException(org.apache.cxf.rs.security.oauth.provider.OAuthServiceException)
RequestToken(org.apache.cxf.rs.security.oauth.data.RequestToken)
Client(org.apache.cxf.rs.security.oauth.data.Client)
OAuthProblemException(net.oauth.OAuthProblemException)
OAuthServiceException(org.apache.cxf.rs.security.oauth.provider.OAuthServiceException)
RequestTokenRegistration(org.apache.cxf.rs.security.oauth.data.RequestTokenRegistration)
Aggregations
HashMap (java.util.HashMap)1
OAuthMessage (net.oauth.OAuthMessage)1
OAuthProblemException (net.oauth.OAuthProblemException)1
Client (org.apache.cxf.rs.security.oauth.data.Client)1
RequestToken (org.apache.cxf.rs.security.oauth.data.RequestToken)1
RequestTokenRegistration (org.apache.cxf.rs.security.oauth.data.RequestTokenRegistration)1
OAuthServiceException (org.apache.cxf.rs.security.oauth.provider.OAuthServiceException)1
