Search in sources :

Example 1 with OAuthException

use of org.gatein.security.oauth.exception.OAuthException in project gatein-portal by Meeds-io.

the class OAuthUtils method createQueryString.

// HTTP related utils
/**
 * Given a {@link java.util.Map} of params, construct a query string
 *
 * @param params parameters for query
 * @return query string
 */
public static String createQueryString(Map<String, String> params) {
    StringBuilder queryString = new StringBuilder();
    boolean first = true;
    for (Map.Entry<String, String> entry : params.entrySet()) {
        String paramName = entry.getKey();
        String paramValue = entry.getValue();
        if (first) {
            first = false;
        } else {
            queryString.append("&");
        }
        queryString.append(paramName).append("=");
        String encodedParamValue;
        try {
            if (paramValue == null)
                throw new RuntimeException("paramValue is null for paramName=" + paramName);
            encodedParamValue = URLEncoder.encode(paramValue, "UTF-8");
        } catch (UnsupportedEncodingException e) {
            throw new OAuthException(OAuthExceptionCode.UNKNOWN_ERROR, e);
        }
        queryString.append(encodedParamValue);
    }
    return queryString.toString();
}
Also used : OAuthException(org.gatein.security.oauth.exception.OAuthException) UnsupportedEncodingException(java.io.UnsupportedEncodingException) HashMap(java.util.HashMap) Map(java.util.Map)

Example 2 with OAuthException

use of org.gatein.security.oauth.exception.OAuthException in project gatein-portal by Meeds-io.

the class GateInFacebookProcessorImpl method processOAuthInteractionImpl.

protected InteractionState<FacebookAccessTokenContext> processOAuthInteractionImpl(HttpServletRequest httpRequest, HttpServletResponse httpResponse, FacebookProcessor facebookProcessor) throws IOException {
    HttpSession session = httpRequest.getSession();
    String state = (String) session.getAttribute(OAuthConstants.ATTRIBUTE_AUTH_STATE);
    if (log.isTraceEnabled()) {
        log.trace("state=" + state);
    }
    // Very initial request to portal
    if (state == null || state.isEmpty()) {
        String verificationState = String.valueOf(secureRandomService.getSecureRandom().nextLong());
        facebookProcessor.initialInteraction(httpRequest, httpResponse, verificationState);
        state = InteractionState.State.AUTH.name();
        session.setAttribute(OAuthConstants.ATTRIBUTE_AUTH_STATE, state);
        session.setAttribute(OAuthConstants.ATTRIBUTE_VERIFICATION_STATE, verificationState);
        return new InteractionState<FacebookAccessTokenContext>(InteractionState.State.valueOf(state), null);
    }
    // We are authenticated in Facebook and our app is authorized. Finish OAuth handshake by obtaining accessToken and initial info
    if (state.equals(InteractionState.State.AUTH.name())) {
        String accessToken = facebookProcessor.getAccessToken(httpRequest, httpResponse);
        if (accessToken == null) {
            throw new OAuthException(OAuthExceptionCode.FACEBOOK_ERROR, "AccessToken was null");
        } else {
            Set<String> scopes = facebookProcessor.getScopes(accessToken);
            state = InteractionState.State.FINISH.name();
            // Clear session attributes
            session.removeAttribute(OAuthConstants.ATTRIBUTE_AUTH_STATE);
            session.removeAttribute(OAuthConstants.ATTRIBUTE_VERIFICATION_STATE);
            FacebookAccessTokenContext accessTokenContext = new FacebookAccessTokenContext(accessToken, scopes);
            return new InteractionState<FacebookAccessTokenContext>(InteractionState.State.valueOf(state), accessTokenContext);
        }
    }
    // Likely shouldn't happen...
    return new InteractionState<FacebookAccessTokenContext>(InteractionState.State.valueOf(state), null);
}
Also used : HttpSession(javax.servlet.http.HttpSession) InteractionState(org.gatein.security.oauth.spi.InteractionState) OAuthException(org.gatein.security.oauth.exception.OAuthException)

Example 3 with OAuthException

use of org.gatein.security.oauth.exception.OAuthException in project gatein-portal by Meeds-io.

the class SocialNetworkServiceImpl method findUserByOAuthProviderUsername.

@Override
public User findUserByOAuthProviderUsername(OAuthProviderType oauthProviderType, String oauthProviderUsername) {
    try {
        begin();
        UserHandler userHandler = orgService.getUserHandler();
        try {
            // TODO: Ugly, but it's used due to OrganizationService API limitations because it doesn't allow to find user by unique userProfile attribute
            Method m = userHandler.getClass().getMethod("findUserByUniqueAttribute", String.class, String.class, UserStatus.class);
            return (User) m.invoke(userHandler, oauthProviderType.getUserNameAttrName(), oauthProviderUsername, UserStatus.ANY);
        } catch (NoSuchMethodException e) {
            String error = "Method findUserByUniqueAttribute(String, String, boolean) is not available on userHandler object " + userHandler + "of class " + userHandler.getClass();
            log.error(error);
            throw new OAuthException(OAuthExceptionCode.PERSISTENCE_ERROR, error, e);
        } catch (Exception e) {
            throw new OAuthException(OAuthExceptionCode.PERSISTENCE_ERROR, e);
        }
    } finally {
        end();
    }
}
Also used : User(org.exoplatform.services.organization.User) OAuthException(org.gatein.security.oauth.exception.OAuthException) UserHandler(org.exoplatform.services.organization.UserHandler) Method(java.lang.reflect.Method) OAuthException(org.gatein.security.oauth.exception.OAuthException) TokenServiceInitializationException(org.exoplatform.web.security.security.TokenServiceInitializationException)

Example 4 with OAuthException

use of org.gatein.security.oauth.exception.OAuthException in project gatein-portal by Meeds-io.

the class SocialNetworkServiceImpl method updateOAuthInfo.

@Override
public <T extends AccessTokenContext> void updateOAuthInfo(OAuthProviderType<T> oauthProviderType, String username, String oauthUsername, T accessToken) {
    try {
        begin();
        UserProfileHandler userProfileHandler = orgService.getUserProfileHandler();
        UserProfile userProfile = userProfileHandler.findUserProfileByName(username);
        if (userProfile == null) {
            userProfile = userProfileHandler.createUserProfileInstance(username);
        }
        userProfile.setAttribute(oauthProviderType.getUserNameAttrName(), oauthUsername);
        OAuthProviderProcessor<T> oauthProviderProcessor = oauthProviderType.getOauthProviderProcessor();
        oauthProviderProcessor.saveAccessTokenAttributesToUserProfile(userProfile, this, accessToken);
        userProfileHandler.saveUserProfile(userProfile, true);
    } catch (OAuthException oauthEx) {
        throw oauthEx;
    } catch (Exception e) {
        throw new OAuthException(OAuthExceptionCode.PERSISTENCE_ERROR, e);
    } finally {
        end();
    }
}
Also used : UserProfile(org.exoplatform.services.organization.UserProfile) OAuthException(org.gatein.security.oauth.exception.OAuthException) UserProfileHandler(org.exoplatform.services.organization.UserProfileHandler) OAuthException(org.gatein.security.oauth.exception.OAuthException) TokenServiceInitializationException(org.exoplatform.web.security.security.TokenServiceInitializationException)

Example 5 with OAuthException

use of org.gatein.security.oauth.exception.OAuthException in project gatein-portal by Meeds-io.

the class SocialNetworkServiceImpl method updateOAuthAccessToken.

@Override
public <T extends AccessTokenContext> void updateOAuthAccessToken(OAuthProviderType<T> oauthProviderType, String username, T accessToken) {
    try {
        begin();
        UserProfileHandler userProfileHandler = orgService.getUserProfileHandler();
        UserProfile userProfile = userProfileHandler.findUserProfileByName(username);
        if (userProfile == null) {
            userProfile = userProfileHandler.createUserProfileInstance(username);
        }
        OAuthProviderProcessor<T> oauthProviderProcessor = oauthProviderType.getOauthProviderProcessor();
        oauthProviderProcessor.saveAccessTokenAttributesToUserProfile(userProfile, this, accessToken);
        userProfileHandler.saveUserProfile(userProfile, true);
    } catch (OAuthException oauthEx) {
        throw oauthEx;
    } catch (Exception e) {
        throw new OAuthException(OAuthExceptionCode.PERSISTENCE_ERROR, e);
    } finally {
        end();
    }
}
Also used : UserProfile(org.exoplatform.services.organization.UserProfile) OAuthException(org.gatein.security.oauth.exception.OAuthException) UserProfileHandler(org.exoplatform.services.organization.UserProfileHandler) OAuthException(org.gatein.security.oauth.exception.OAuthException) TokenServiceInitializationException(org.exoplatform.web.security.security.TokenServiceInitializationException)

Aggregations

OAuthException (org.gatein.security.oauth.exception.OAuthException)31 IOException (java.io.IOException)10 HttpSession (javax.servlet.http.HttpSession)8 UserProfile (org.exoplatform.services.organization.UserProfile)7 URL (java.net.URL)6 UserProfileHandler (org.exoplatform.services.organization.UserProfileHandler)6 JSONException (org.json.JSONException)6 HashMap (java.util.HashMap)5 User (org.exoplatform.services.organization.User)5 TokenServiceInitializationException (org.exoplatform.web.security.security.TokenServiceInitializationException)5 HttpResponseContext (org.gatein.security.oauth.utils.HttpResponseContext)5 JSONObject (org.json.JSONObject)5 HttpServletRequest (javax.servlet.http.HttpServletRequest)4 OAuthPrincipal (org.gatein.security.oauth.spi.OAuthPrincipal)4 GoogleTokenResponse (com.google.api.client.googleapis.auth.oauth2.GoogleTokenResponse)3 HttpURLConnection (java.net.HttpURLConnection)3 HttpServletResponse (javax.servlet.http.HttpServletResponse)3 ApplicationMessage (org.exoplatform.web.application.ApplicationMessage)3 UIComponent (org.exoplatform.webui.core.UIComponent)3 InteractionState (org.gatein.security.oauth.spi.InteractionState)3