Example 1 with OAuth1AuthorizationFlow
use of org.glassfish.jersey.client.oauth1.OAuth1AuthorizationFlow in project jersey by jersey.
the class OAuthClientServerTest method testAuthorizationFlow.
/**
* Tests client and server OAuth.
* <p/>
* Tests authorization flow including the request to a protected resource. The test uses {@link OAuth1AuthorizationFlow}
* to perform user authorization and uses authorized client for requesting protected resource.
* <p/>
* The resource {@link OAuthAuthorizationResource} is used to perform user authorization (this is done
* programmatically from the test). Finally, the Access Token is retrieved and used to request the
* protected resource. In this resource the user principal is used to return the name of the user stored
* in {@link SecurityContext}.
*/
@Test
public void testAuthorizationFlow() {
String tempCredUri = UriBuilder.fromUri(getBaseUri()).path("requestTokenSpecialUri").build().toString();
String accessTokenUri = UriBuilder.fromUri(getBaseUri()).path("accessTokenSpecialUri").build().toString();
final String userAuthorizationUri = UriBuilder.fromUri(getBaseUri()).path("user-authorization").build().toString();
final OAuth1AuthorizationFlow authFlow = OAuth1ClientSupport.builder(new ConsumerCredentials(CONSUMER_KEY, SECRET_CONSUMER_KEY)).authorizationFlow(tempCredUri, accessTokenUri, userAuthorizationUri).callbackUri("http://consumer/callback/homer").build();
final String authUri = authFlow.start();
// authorize by a request to authorization URI
final Response userAuthResponse = ClientBuilder.newClient().target(authUri).request().get();
assertEquals(200, userAuthResponse.getStatus());
final String verifier = userAuthResponse.readEntity(String.class);
System.out.println("Verifier: " + verifier);
authFlow.finish(verifier);
final Client authorizedClient = authFlow.getAuthorizedClient();
Response response = authorizedClient.target(getBaseUri()).path("resource").request().get();
assertEquals(200, response.getStatus());
assertEquals("homer", response.readEntity(String.class));
response = authorizedClient.target(getBaseUri()).path("resource").path("admin").request().get();
assertEquals(200, response.getStatus());
assertEquals(false, response.readEntity(boolean.class));
}
Also used :
Response(javax.ws.rs.core.Response)
OAuth1AuthorizationFlow(org.glassfish.jersey.client.oauth1.OAuth1AuthorizationFlow)
ConsumerCredentials(org.glassfish.jersey.client.oauth1.ConsumerCredentials)
Client(javax.ws.rs.client.Client)
JerseyTest(org.glassfish.jersey.test.JerseyTest)
Test(org.junit.Test)
Example 2 with OAuth1AuthorizationFlow
use of org.glassfish.jersey.client.oauth1.OAuth1AuthorizationFlow in project jersey by jersey.
the class OauthClientAuthorizationFlowTest method testOAuthClientFlow.
@Test
public void testOAuthClientFlow() throws Exception {
final String uri = getBaseUri().toString();
final OAuth1AuthorizationFlow authFlow = OAuth1ClientSupport.builder(new ConsumerCredentials("dpf43f3p2l4k3l03", "kd94hf93k423kf44")).timestamp("1191242090").nonce("hsu94j3884jdopsl").signatureMethod("PLAINTEXT").authorizationFlow(uri + "request_token", uri + "access_token", uri + "authorize").enableLogging().build();
// Check we have correct authorization URI.
final String authorizationUri = authFlow.start();
assertThat(authorizationUri, containsString("authorize?oauth_token=hh5s93j4hdidpola"));
// For the purpose of the test I need parameters (and there is no way how to do it now).
final Field paramField = authFlow.getClass().getDeclaredField("parameters");
paramField.setAccessible(true);
final OAuth1Parameters params = (OAuth1Parameters) paramField.get(authFlow);
// Update parameters.
params.timestamp("1191242092").nonce("dji430splmx33448");
final AccessToken accessToken = authFlow.finish();
assertThat(accessToken, equalTo(new AccessToken("nnch734d00sl2jdk", "pfkkdhi9sl3r4s00")));
// Update parameters before creating a feature (i.e. changing signature method).
params.nonce("kllo9940pd9333jh").signatureMethod("HMAC-SHA1").timestamp("1191242096");
// Check Authorized Client.
final Client flowClient = authFlow.getAuthorizedClient().register(LoggingFeature.class);
String responseEntity = flowClient.target(uri).path("/photos").queryParam("file", "vacation.jpg").queryParam("size", "original").request().get(String.class);
assertThat("Flow Authorized Client", responseEntity, equalTo("PHOTO"));
// Check Feature.
final Client featureClient = ClientBuilder.newClient().register(authFlow.getOAuth1Feature()).register(LoggingFeature.class);
responseEntity = featureClient.target(uri).path("/photos").queryParam("file", "vacation.jpg").queryParam("size", "original").request().get(String.class);
assertThat("Feature Client", responseEntity, equalTo("PHOTO"));
}
Also used :
OAuth1AuthorizationFlow(org.glassfish.jersey.client.oauth1.OAuth1AuthorizationFlow)
Field(java.lang.reflect.Field)
OAuth1Parameters(org.glassfish.jersey.oauth1.signature.OAuth1Parameters)
ConsumerCredentials(org.glassfish.jersey.client.oauth1.ConsumerCredentials)
AccessToken(org.glassfish.jersey.client.oauth1.AccessToken)
CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString)
Client(javax.ws.rs.client.Client)
JerseyTest(org.glassfish.jersey.test.JerseyTest)
Test(org.junit.Test)
Example 3 with OAuth1AuthorizationFlow
use of org.glassfish.jersey.client.oauth1.OAuth1AuthorizationFlow in project jersey by jersey.
the class App method main.
/**
* Main method that creates a {@link Client client} and initializes the OAuth support with
* configuration needed to connect to the Twitter and retrieve statuses.
* <p/>
* Execute this method to demo
*
* @param args Command line arguments.
* @throws Exception Thrown when error occurs.
*/
public static void main(final String[] args) throws Exception {
// retrieve consumer key/secret and token/secret from the property file
// or system properties
loadSettings();
final ConsumerCredentials consumerCredentials = new ConsumerCredentials(PROPERTIES.getProperty(PROPERTY_CONSUMER_KEY), PROPERTIES.getProperty(PROPERTY_CONSUMER_SECRET));
final Feature filterFeature;
if (PROPERTIES.getProperty(PROPERTY_TOKEN) == null) {
// we do not have Access Token yet. Let's perfom the Authorization Flow first,
// let the user approve our app and get Access Token.
final OAuth1AuthorizationFlow authFlow = OAuth1ClientSupport.builder(consumerCredentials).authorizationFlow("https://api.twitter.com/oauth/request_token", "https://api.twitter.com/oauth/access_token", "https://api.twitter.com/oauth/authorize").build();
final String authorizationUri = authFlow.start();
System.out.println("Enter the following URI into a web browser and authorize me:");
System.out.println(authorizationUri);
System.out.print("Enter the authorization code: ");
final String verifier;
try {
verifier = IN.readLine();
} catch (final IOException ex) {
throw new RuntimeException(ex);
}
final AccessToken accessToken = authFlow.finish(verifier);
// store access token for next application execution
PROPERTIES.setProperty(PROPERTY_TOKEN, accessToken.getToken());
PROPERTIES.setProperty(PROPERTY_TOKEN_SECRET, accessToken.getAccessTokenSecret());
// get the feature that will configure the client with consumer credentials and
// received access token
filterFeature = authFlow.getOAuth1Feature();
} else {
final AccessToken storedToken = new AccessToken(PROPERTIES.getProperty(PROPERTY_TOKEN), PROPERTIES.getProperty(PROPERTY_TOKEN_SECRET));
// build a new feature from the stored consumer credentials and access token
filterFeature = OAuth1ClientSupport.builder(consumerCredentials).feature().accessToken(storedToken).build();
}
// create a new Jersey client and register filter feature that will add OAuth signatures and
// JacksonFeature that will process returned JSON data.
final Client client = ClientBuilder.newBuilder().register(filterFeature).register(JacksonFeature.class).build();
// make requests to protected resources
// (no need to care about the OAuth signatures)
final Response response = client.target(FRIENDS_TIMELINE_URI).request().get();
if (response.getStatus() != 200) {
String errorEntity = null;
if (response.hasEntity()) {
errorEntity = response.readEntity(String.class);
}
throw new RuntimeException("Request to Twitter was not successful. Response code: " + response.getStatus() + ", reason: " + response.getStatusInfo().getReasonPhrase() + ", entity: " + errorEntity);
}
// persist the current consumer key/secret and token/secret for future use
storeSettings();
final List<Status> statuses = response.readEntity(new GenericType<List<Status>>() {
});
System.out.println("Tweets:\n");
for (final Status s : statuses) {
System.out.println(s.getText());
System.out.println("[posted by " + s.getUser().getName() + " at " + s.getCreatedAt() + "]");
}
}
Also used :
OAuth1AuthorizationFlow(org.glassfish.jersey.client.oauth1.OAuth1AuthorizationFlow)
ConsumerCredentials(org.glassfish.jersey.client.oauth1.ConsumerCredentials)
IOException(java.io.IOException)
Feature(javax.ws.rs.core.Feature)
JacksonFeature(org.glassfish.jersey.jackson.JacksonFeature)
Response(javax.ws.rs.core.Response)
JacksonFeature(org.glassfish.jersey.jackson.JacksonFeature)
AccessToken(org.glassfish.jersey.client.oauth1.AccessToken)
List(java.util.List)
Client(javax.ws.rs.client.Client)
Aggregations
Client (javax.ws.rs.client.Client)3
ConsumerCredentials (org.glassfish.jersey.client.oauth1.ConsumerCredentials)3
OAuth1AuthorizationFlow (org.glassfish.jersey.client.oauth1.OAuth1AuthorizationFlow)3
Response (javax.ws.rs.core.Response)2
AccessToken (org.glassfish.jersey.client.oauth1.AccessToken)2
JerseyTest (org.glassfish.jersey.test.JerseyTest)2
Test (org.junit.Test)2
IOException (java.io.IOException)1
Field (java.lang.reflect.Field)1
List (java.util.List)1
Feature (javax.ws.rs.core.Feature)1
JacksonFeature (org.glassfish.jersey.jackson.JacksonFeature)1
OAuth1Parameters (org.glassfish.jersey.oauth1.signature.OAuth1Parameters)1
CoreMatchers.containsString (org.hamcrest.CoreMatchers.containsString)1
