Examples with OAuthService org.scribe.oauth.OAuthService used on opensource projects

Example 6 with OAuthService

use of org.scribe.oauth.OAuthService in project acs-aem-commons by Adobe-Consulting-Services.

the class LinkedInApi20Test method testAuthorizationWithNoScopes.

@Test
public void testAuthorizationWithNoScopes() {
    String state = RandomStringUtils.randomAlphabetic(10);
    String key = RandomStringUtils.randomAlphabetic(10);
    String secret = RandomStringUtils.randomAlphabetic(10);
    LinkedInApi20 api = new LinkedInApi20(state);
    OAuthService service = new ServiceBuilder().provider(api).apiKey(key).apiSecret(secret).callback("http://localhost:4502/linkedin").build();
    String expected = "https://www.linkedin.com/uas/oauth2/authorization?response_type=code&client_id=" + key + "&state=" + state + "&redirect_uri=" + OAuthEncoder.encode("http://localhost:4502/linkedin");
    assertEquals(expected, service.getAuthorizationUrl(null));
}

Example 7 with OAuthService

use of org.scribe.oauth.OAuthService in project acs-aem-commons by Adobe-Consulting-Services.

the class LinkedInApi20Test method testAuthorizationWithScopes.

@Test
public void testAuthorizationWithScopes() {
    String state = RandomStringUtils.randomAlphabetic(10);
    String key = RandomStringUtils.randomAlphabetic(10);
    String secret = RandomStringUtils.randomAlphabetic(10);
    LinkedInApi20 api = new LinkedInApi20(state);
    OAuthService service = new ServiceBuilder().provider(api).apiKey(key).apiSecret(secret).callback("http://localhost:4502/linkedin").scope("r_basicprofile,r_emailaddress").build();
    String expected = "https://www.linkedin.com/uas/oauth2/authorization?response_type=code&client_id=" + key + "&state=" + state + "&redirect_uri=" + OAuthEncoder.encode("http://localhost:4502/linkedin") + "&scope=" + "r_basicprofile%2Cr_emailaddress";
    assertEquals(expected, service.getAuthorizationUrl(null));
}

Example 8 with OAuthService

use of org.scribe.oauth.OAuthService in project muikku by otavanopisto.

the class OAuthAuthenticationStrategy method processLogin.

@Override
public AuthenticationResult processLogin(AuthSource authSource, Map<String, String[]> requestParameters) {
    if (!"rsp".equals(getFirstRequestParameter(requestParameters, "_stg"))) {
        String[] scopes;
        String[] extraScopes = requestParameters.get("extraScope");
        if ((extraScopes != null) && (extraScopes.length > 0)) {
            int defaultScopesLength = getDefaultScopes() != null ? getDefaultScopes().length : 0;
            int extraScopesLength = extraScopes.length;
            scopes = new String[defaultScopesLength + extraScopesLength];
            for (int i = 0; i < defaultScopesLength; i++) {
                scopes[i] = getDefaultScopes()[i];
            }
            for (int i = 0; i < extraScopesLength; i++) {
                scopes[i + defaultScopesLength] = extraScopes[i];
            }
        } else {
            scopes = requestParameters.get("scope");
        }
        if (scopes == null)
            scopes = defaultScopes;
        loginSessionBean.setRequestedScopes(scopes);
        return performDiscovery(authSource, requestParameters, scopes);
    } else {
        String[] requestedScopes = loginSessionBean.getRequestedScopes();
        loginSessionBean.setRequestedScopes(null);
        OAuthService service = getOAuthService(authSource, requestParameters, requestedScopes);
        return processResponse(authSource, requestParameters, service, requestedScopes);
    }
}

Example 9 with OAuthService

use of org.scribe.oauth.OAuthService in project muikku by otavanopisto.

the class OAuthAuthenticationStrategy method performDiscovery.

protected AuthenticationResult performDiscovery(AuthSource authSource, Map<String, String[]> requestParameters, String... scopes) {
    OAuthService service = getOAuthService(authSource, requestParameters, scopes);
    Token requestToken = null;
    boolean isV1 = getApi() instanceof DefaultApi10a;
    // For OAuth version 1 the request token is fetched, for v2 it's not
    if (isV1)
        requestToken = service.getRequestToken();
    String url = service.getAuthorizationUrl(requestToken);
    loginSessionBean.setRequestToken(requestToken);
    return new AuthenticationResult(AuthenticationResult.Status.PROCESSING, url);
}

Example 10 with OAuthService

use of org.scribe.oauth.OAuthService in project openolat by klemens.

the class OAuthDispatcher method execute.

@Override
public void execute(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
    String uri = request.getRequestURI();
    try {
        uri = URLDecoder.decode(uri, "UTF-8");
    } catch (UnsupportedEncodingException e) {
        throw new AssertException("UTF-8 encoding not supported!!!!");
    }
    String uriPrefix = DispatcherModule.getLegacyUriPrefix(request);
    uri = uri.substring(uriPrefix.length());
    UserRequest ureq = null;
    try {
        // upon creation URL is checked for
        ureq = new UserRequestImpl(uriPrefix, request, response);
    } catch (NumberFormatException nfe) {
        if (log.isDebug()) {
            log.debug("Bad Request " + request.getPathInfo());
        }
        DispatcherModule.sendBadRequest(request.getPathInfo(), response);
        return;
    }
    String error = request.getParameter("error");
    if (null != error) {
        error(ureq, translateOauthError(ureq, error));
        return;
    }
    String problem = request.getParameter("oauth_problem");
    if (problem != null && "token_rejected".equals(problem.trim())) {
        error(ureq, translateOauthError(ureq, error));
        return;
    }
    try {
        HttpSession sess = request.getSession();
        // OAuth 2.0 hasn't any request token
        Token requestToken = (Token) sess.getAttribute(OAuthConstants.REQUEST_TOKEN);
        OAuthService service = (OAuthService) sess.getAttribute(OAuthConstants.OAUTH_SERVICE);
        OAuthSPI provider = (OAuthSPI) sess.getAttribute(OAuthConstants.OAUTH_SPI);
        Token accessToken;
        if (provider == null) {
            log.audit("OAuth Login failed, no provider in request");
            DispatcherModule.redirectToDefaultDispatcher(response);
            return;
        } else if (provider.isImplicitWorkflow()) {
            String idToken = ureq.getParameter("id_token");
            if (idToken == null) {
                redirectImplicitWorkflow(ureq);
                return;
            } else {
                Verifier verifier = OpenIDVerifier.create(ureq, sess);
                accessToken = service.getAccessToken(requestToken, verifier);
            }
        } else {
            String requestVerifier = request.getParameter("oauth_verifier");
            if (requestVerifier == null) {
                // OAuth 2.0 as a code
                requestVerifier = request.getParameter("code");
            }
            accessToken = service.getAccessToken(requestToken, new Verifier(requestVerifier));
        }
        OAuthUser infos = provider.getUser(service, accessToken);
        if (infos == null || !StringHelper.containsNonWhitespace(infos.getId())) {
            error(ureq, translate(ureq, "error.no.id"));
            log.error("OAuth Login failed, no infos extracted from access token: " + accessToken);
            return;
        }
        OAuthRegistration registration = new OAuthRegistration(provider.getProviderName(), infos);
        login(infos, registration);
        if (provider instanceof OAuthUserCreator) {
            Identity newIdentity;
            OAuthUserCreator userCreator = (OAuthUserCreator) provider;
            if (registration.getIdentity() == null) {
                newIdentity = userCreator.createUser(infos);
            } else {
                newIdentity = userCreator.updateUser(infos, registration.getIdentity());
            }
            if (newIdentity != null) {
                registration.setIdentity(newIdentity);
            }
        }
        if (registration.getIdentity() == null) {
            if (CoreSpringFactory.getImpl(OAuthLoginModule.class).isAllowUserCreation()) {
                register(request, response, registration);
            } else {
                error(ureq, translate(ureq, "error.account.creation"));
                log.error("OAuth Login ok but the user has not an account on OpenOLAT: " + infos);
            }
        } else {
            if (ureq.getUserSession() != null) {
                // re-init the activity logger
                ThreadLocalUserActivityLoggerInstaller.initUserActivityLogger(request);
            }
            Identity identity = registration.getIdentity();
            int loginStatus = AuthHelper.doLogin(identity, provider.getProviderName(), ureq);
            if (loginStatus != AuthHelper.LOGIN_OK) {
                if (loginStatus == AuthHelper.LOGIN_NOTAVAILABLE) {
                    DispatcherModule.redirectToServiceNotAvailable(response);
                } else {
                    // error, redirect to login screen
                    DispatcherModule.redirectToDefaultDispatcher(response);
                }
            } else {
                // update last login date and register active user
                UserDeletionManager.getInstance().setIdentityAsActiv(identity);
                MediaResource mr = ureq.getDispatchResult().getResultingMediaResource();
                if (mr instanceof RedirectMediaResource) {
                    RedirectMediaResource rmr = (RedirectMediaResource) mr;
                    rmr.prepare(response);
                } else {
                    // error, redirect to login screen
                    DispatcherModule.redirectToDefaultDispatcher(response);
                }
            }
        }
    } catch (Exception e) {
        log.error("Unexpected error", e);
        error(ureq, translate(ureq, "error.generic"));
    }
}