OAUTH_TOKEN_SECRET, accessToken.getTokenSecret(), OAUTH_EXPIRES_IN, Long.toString(accessToken.getTimeToLive() / 1000), OAUTH_SESSION_HANDLE, accessToken.getSession().getHandle(), OAUTH_AUTHORIZATION_EXPIRES_IN, Long.toString(accessToken.getSession().getTimeToLive() / 1000) ), out);
/** * Check the given {code token} to see if its a valid access token * * @param requestMessage the {@link net.oauth.OAuthMessage} * @param token the {@link com.atlassian.oauth.serviceprovider.ServiceProviderToken access token} * @throws OAuthProblemException * @throws IOException */ private void checkAccessToken(OAuthMessage requestMessage, ServiceProviderToken token) throws OAuthProblemException, IOException { if (token.getSession() == null) { throw new OAuthProblemException(OAuth.Problems.TOKEN_REJECTED); } requestMessage.requireParameters(Request.OAUTH_SESSION_HANDLE); if (!token.getSession().getHandle().equals(requestMessage.getParameter(Request.OAUTH_SESSION_HANDLE))) { throw new OAuthProblemException(OAuth.Problems.TOKEN_REJECTED); } if (token.getSession().hasExpired(clock)) { throw new OAuthProblemException(OAuth.Problems.PERMISSION_DENIED); } }
.authorizedBy(userManager.resolve("fred")) .version(Version.V_1_0_A) .session(newSession("Bohro1ziaefaJ1FiAifaKai8Phah5ahH").timeToLive(Long.MAX_VALUE).build()) .build(); store.put(renewableAccessToken); .authorizedBy(userManager.resolve("fred")) .version(Version.V_1_0_A) .session(newSession("Ohs5ux1kzohJu4Eeaiv0no3Ujoowae8F").creationTime(0).lastRenewalTime(100).build()) .build(); store.put(nonRenewableAccessToken);
OAuth.OAUTH_TOKEN_SECRET, accessToken.getTokenSecret(), Request.OAUTH_EXPIRES_IN, Long.toString(accessToken.getTimeToLive() / 1000), Request.OAUTH_SESSION_HANDLE, accessToken.getSession().getHandle(), Request.OAUTH_AUTHORIZATION_EXPIRES_IN, Long.toString(accessToken.getSession().getTimeToLive() / 1000) ), response.getOutputStream());
/** * Create a new {@link com.atlassian.oauth.serviceprovider.ServiceProviderToken.Session} for the given {@code token} * * @param token the {@link com.atlassian.oauth.serviceprovider.ServiceProviderToken} to create the session for * @return the new {@link com.atlassian.oauth.serviceprovider.ServiceProviderToken.Session} */ private ServiceProviderToken.Session newSession(ServiceProviderToken token) { ServiceProviderToken.Session.Builder builder = ServiceProviderToken.Session.newSession(RandomStringUtils.randomAlphanumeric(32)); if (token.getSession() != null) { builder.creationTime(token.getSession().getCreationTime()); } return builder.build(); }
private void checkAccessToken(OAuthMessage requestMessage, ServiceProviderToken token) throws Exception { if (token.getSession() == null) { throw new OAuthProblemException(TOKEN_REJECTED); } requestMessage.requireParameters(OAUTH_SESSION_HANDLE); if (!token.getSession().getHandle().equals(requestMessage.getParameter(OAUTH_SESSION_HANDLE))) { throw new OAuthProblemException(TOKEN_REJECTED); } if (token.getSession().hasExpired(clock)) { throw new OAuthProblemException(PERMISSION_DENIED); } } }
private Session newSession(ServiceProviderToken token) { Session.Builder builder = Session.newSession(randomizer.randomAlphanumericString(32)); if (token.getSession() != null) { builder.creationTime(token.getSession().getCreationTime()); } return builder.build(); } }