use of org.pac4j.oauth.credentials.OAuth10Credentials in project pac4j by pac4j.
the class OAuth10Authenticator method retrieveAccessToken.
@Override
protected void retrieveAccessToken(final WebContext context, final OAuthCredentials credentials) {
OAuth10Credentials oAuth10Credentials = (OAuth10Credentials) credentials;
final OAuth1RequestToken tokenRequest = oAuth10Credentials.getRequestToken();
final String token = oAuth10Credentials.getToken();
final String verifier = oAuth10Credentials.getVerifier();
logger.debug("tokenRequest: {}", tokenRequest);
logger.debug("token: {}", token);
logger.debug("verifier: {}", verifier);
if (tokenRequest == null) {
final String message = "Token request expired";
throw new OAuthCredentialsException(message);
}
final String savedToken = tokenRequest.getToken();
logger.debug("savedToken: {}", savedToken);
if (savedToken == null || !savedToken.equals(token)) {
final String message = "Token received: " + token + " is different from saved token: " + savedToken;
throw new OAuthCredentialsException(message);
}
final OAuth1AccessToken accessToken;
try {
accessToken = this.configuration.buildService(context, client, null).getAccessToken(tokenRequest, verifier);
} catch (final IOException | InterruptedException | ExecutionException e) {
throw new HttpCommunicationException("Error getting token:" + e.getMessage());
}
logger.debug("accessToken: {}", accessToken);
oAuth10Credentials.setAccessToken(accessToken);
}
use of org.pac4j.oauth.credentials.OAuth10Credentials in project pac4j by pac4j.
the class OAuth10CredentialsExtractor method getOAuthCredentials.
@Override
protected OAuth10Credentials getOAuthCredentials(final WebContext context) {
final String tokenParameter = context.getRequestParameter(OAuth10Configuration.OAUTH_TOKEN);
final String verifierParameter = context.getRequestParameter(OAuth10Configuration.OAUTH_VERIFIER);
if (tokenParameter != null && verifierParameter != null) {
// get request token from session
final OAuth1RequestToken tokenSession = (OAuth1RequestToken) context.getSessionStore().get(context, configuration.getRequestTokenSessionAttributeName(client.getName()));
logger.debug("tokenRequest: {}", tokenSession);
final String token = OAuthEncoder.decode(tokenParameter);
final String verifier = OAuthEncoder.decode(verifierParameter);
logger.debug("token: {} / verifier: {}", token, verifier);
return new OAuth10Credentials(tokenSession, token, verifier);
} else {
final String message = "No credential found";
throw new OAuthCredentialsException(message);
}
}
Aggregations