use of org.apache.oltu.oauth2.common.exception.OAuthSystemException in project intermine by intermine.
the class Authenticator method execute.
/**
* Method called for login in
*
* @param mapping The ActionMapping used to select this instance
* @param form The optional ActionForm bean for this request (if any)
* @param request The HTTP request we are processing
* @param response The HTTP response we are creating
* @return an ActionForward object defining where control goes next
* @exception Exception if the application business logic throws an exception
*/
@Override
public ActionForward execute(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
OAuthClientRequest authRequest;
OAuthProviderType provider;
Properties webProperties = InterMineContext.getWebProperties();
// Suitable values are: GOOGLE, GITHUB, FACEBOOK, etc.
String providerName = request.getParameter("provider");
String redirectUri = getRedirectUri(webProperties, providerName);
String realm = webProperties.getProperty("webapp.baseurl");
String state = UUID.randomUUID().toString();
request.getSession().setAttribute("oauth2.state", state);
String authorisationUrl = webProperties.getProperty("oauth2." + providerName + ".url.auth");
if (authorisationUrl == null) {
try {
provider = OAuthProviderType.valueOf(providerName);
authorisationUrl = provider.getAuthzEndpoint();
} catch (IllegalArgumentException e) {
ActionErrors errors = new ActionErrors();
errors.add(ActionErrors.GLOBAL_MESSAGE, new ActionMessage("oauth2.error.unknown-provider"));
saveErrors(request, errors);
return mapping.findForward("login");
}
}
try {
authRequest = OAuthClientRequest.authorizationLocation(authorisationUrl).setClientId(webProperties.getProperty("oauth2." + providerName + ".client-id")).setRedirectURI(redirectUri).setScope(webProperties.getProperty("oauth2." + providerName + ".scopes")).setState(state).setParameter("response_type", "code").setParameter("openid.realm", // link open-id 2.0 accounts [1]
realm).buildQueryMessage();
String goHere = authRequest.getLocationUri();
// various providers require the response_type parameter.
LOG.info("[OAuth2]: Redirecting to " + goHere);
response.sendRedirect(goHere);
return null;
} catch (OAuthSystemException e) {
ActionErrors errors = new ActionErrors();
errors.add(ActionErrors.GLOBAL_MESSAGE, new ActionMessage("oauth2.error.system-exception", e));
saveErrors(request, errors);
return mapping.findForward("login");
}
// [1]: see https://developers.google.com/identity/protocols/OpenID2Migration
}
use of org.apache.oltu.oauth2.common.exception.OAuthSystemException in project intermine by intermine.
the class CallbackService method getSaneProviderUserInfo.
/**
* Get user info for services which are sane enough to have an identity resource
* that serves json
* with <code>id</code>, <code>email</code> and <code>name</code> keys.
* @param provider Who to ask.
* @param accessToken An access token.
* @return The delegated identity.
* @throws OAuthSystemException
* @throws OAuthProblemException
* @throws JSONException If things aren't so sane after all.
*/
private DelegatedIdentity getSaneProviderUserInfo(String provider, String accessToken) throws OAuthSystemException, OAuthProblemException, JSONException {
Properties props = InterMineContext.getWebProperties();
String prefix = "oauth2." + provider;
String identityEndpoint = props.getProperty(prefix + ".identity-resource");
String envelopeKey = props.getProperty(prefix + ".identity-envelope");
String idKey = props.getProperty(prefix + ".id-key", "id");
String nameKey = props.getProperty(prefix + ".name-key", "name");
String emailKey = props.getProperty(prefix + ".email-key", "email");
String authMechanism = props.getProperty(prefix + ".resource-auth-mechanism", "queryparam");
OAuthBearerClientRequest requestBuilder = new OAuthBearerClientRequest(identityEndpoint).setAccessToken(accessToken);
OAuthClientRequest bearerClientRequest;
if ("queryparam".equals(authMechanism)) {
bearerClientRequest = requestBuilder.buildQueryMessage();
} else if ("header".equals(authMechanism)) {
bearerClientRequest = requestBuilder.buildHeaderMessage();
} else if ("body".equals(authMechanism)) {
bearerClientRequest = requestBuilder.buildBodyMessage();
} else {
throw new OAuthSystemException("Unknown authorisation mechanism: " + authMechanism);
}
LOG.debug("Requesting identity information:" + " URI = " + bearerClientRequest.getLocationUri() + " HEADERS = " + bearerClientRequest.getHeaders() + " BODY = " + bearerClientRequest.getBody());
bearerClientRequest.setHeader("Accept", "application/json");
OAuthClient oauthClient = new OAuthClient(new URLConnectionClient());
OAuthResourceResponse resp = oauthClient.resource(bearerClientRequest, OAuth.HttpMethod.GET, OAuthResourceResponse.class);
return parseIdentity(provider, envelopeKey, idKey, nameKey, emailKey, resp.getBody());
}
use of org.apache.oltu.oauth2.common.exception.OAuthSystemException in project aos-MediaLib by nova-video-player.
the class TraktV2 method getAccessToken.
/**
* Request an access token from trakt. Builds the request with {@link #getAccessTokenRequest(String, String, String,
* String)} and executes it, then returns the response which includes the access token.
*
* <p> Supply the received access token to {@link #setAccessToken(String)}.
*
* <p> On failure re-authorization of your app is required (see {@link #getAuthorizationRequest(String, String,
* String, String)}).
*
* @param clientId The OAuth client id obtained from trakt.
* @param clientSecret The OAuth client secret obtained from trakt.
* @param redirectUri The redirect URI previously used for obtaining the auth code.
* @param authCode A valid authorization code (see {@link #getAuthorizationRequest(String, String, String,
* String)}).
*/
public static OAuthAccessTokenResponse getAccessToken(String clientId, String clientSecret, String redirectUri, String authCode) throws OAuthSystemException, OAuthProblemException {
OAuthClientRequest request = getAccessTokenRequest(clientId, clientSecret, redirectUri, authCode);
OAuthClient client = new OAuthClient(new TraktHttpClient());
return client.accessToken(request);
}
use of org.apache.oltu.oauth2.common.exception.OAuthSystemException in project mbed-cloud-sdk-java by ARMmbed.
the class OAuthOkHttpClient method execute.
@SuppressWarnings("resource")
@Override
public <T extends OAuthClientResponse> T execute(OAuthClientRequest request, Map<String, String> headers, String requestMethod, Class<T> responseClass) throws OAuthSystemException, OAuthProblemException {
MediaType mediaType = MediaType.parse("application/json");
Request.Builder requestBuilder = new Request.Builder().url(request.getLocationUri());
if (headers != null) {
for (Entry<String, String> entry : headers.entrySet()) {
if (entry.getKey().equalsIgnoreCase("Content-Type")) {
mediaType = MediaType.parse(entry.getValue());
} else {
requestBuilder.addHeader(entry.getKey(), entry.getValue());
}
}
}
RequestBody body = request.getBody() != null ? RequestBody.create(mediaType, request.getBody()) : null;
requestBuilder.method(requestMethod, body);
try {
Response response = client.newCall(requestBuilder.build()).execute();
return OAuthClientResponseFactory.createCustomResponse(response.body().string(), response.body().contentType().toString(), response.code(), null, responseClass);
} catch (IOException e) {
throw new OAuthSystemException(e);
}
}
use of org.apache.oltu.oauth2.common.exception.OAuthSystemException in project java-demos by powerLeePlus.
the class AuthAccessController method getCode.
/**
* 这里省略了一步,父工程README.md的详细步骤图的第一步
*/
/**
* 一、请求授权 (Authorization Request)(对应父工程README.md的流程图)
* 向服务端获取code
* 1、拼接url然后访问,获取code
* 2、服务端检查成功,然后会回调到 另一个接口 /oauth-client/callbackCode
*/
@RequestMapping("/getCode")
public String getCode() throws OAuthProblemException {
String requestUrl = null;
try {
// 配置请求参数,构建oauthd的请求。设置请求服务地址(authorizeUrl)、clientId、response_type、redirectUrl
OAuthClientRequest accessTokenRequest = OAuthClientRequest.authorizationLocation(server_authorizeUrl).setResponseType(response_type).setClientId(client_clientId).setRedirectURI(client_redirectUrl_getAccessToken).buildQueryMessage();
requestUrl = accessTokenRequest.getLocationUri();
} catch (OAuthSystemException e) {
e.printStackTrace();
}
System.out.println("==> 向服务端发起获取code的请求: " + requestUrl);
// 这是向服务端发起获取code的请求,这是客户端的一次重定向。
return "redirect:" + requestUrl;
}
Aggregations