public Authenticator.Result authenticate(HttpServletRequest request, HttpServletResponse response) { if (OAuthRequestUtils.is2LOAuthAccessAttempt(request)) { return authenticate2LORequest(request, response); } else if (OAuthRequestUtils.is3LOAuthAccessAttempt(request)) { return authenticate3LORequest(request, response); } else { throw new IllegalArgumentException("This Authenticator only works with OAuth requests"); } }
void validate3LOMessage(OAuthMessage message, ServiceProviderToken token) throws OAuthException, IOException, URISyntaxException { printMessageToDebug(message); validator.validateMessage(message, converter.toOAuthAccessor(token)); }
private Result handleException(HttpServletResponse response, OAuthMessage message, Exception e) { // this isn't likely to happen, it would result from some unknown error with the request that the OAuth.net // library couldn't handle appropriately LOG.error("Failed to validate OAuth message", e); sendError(response, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, message); return new Result.Error(new OAuthProblem.System(e)); }
public Authenticator.Result authenticate3LORequest(HttpServletRequest request, HttpServletResponse response) { OAuthMessage message = OAuthServlet.getMessage(request, getLogicalUri(request)); sendError(response, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, message); return new Result.Error(new OAuthProblem.UnreadableToken(e)); try { token = getToken(tokenStr); } catch (InvalidTokenException e) { LOG.debug(String.format("3-Legged-OAuth Consumer provided token [%s] rejected by ServiceProviderTokenStore", tokenStr), e); validate3LOMessage(message, token); consumer = validateConsumer(message); return handleOAuthProblemException(response, message, tokenStr, ope); } catch (Exception e) { return handleException(response, message, e); LOG.debug(String.format("3-Legged-OAuth successful. Request marked with consumer key set to [%s]", consumer.getKey())); return getUserLoginResult(request, response, message, consumer, user);
public Authenticator.Result authenticate2LORequest(HttpServletRequest request, HttpServletResponse response) { OAuthMessage message = OAuthServlet.getMessage(request, getLogicalUri(request)); consumer = validateConsumer(message); validate2LOMessage(message, consumer); } catch (OAuthProblemException ope) { return handleOAuthProblemException(response, message, null, ope); } catch (Exception e) { return handleException(response, message, e); sendError(response, HttpServletResponse.SC_UNAUTHORIZED, message); return new Authenticator.Result.Failure(new OAuthProblem.PermissionDenied(userId)); sendError(response, HttpServletResponse.SC_UNAUTHORIZED, message); return new Authenticator.Result.Failure(new OAuthProblem.PermissionDenied()); return getUserLoginResult(request, response, message, consumer, user);
private Result getUserLoginResult(HttpServletRequest request, HttpServletResponse response, OAuthMessage message, Consumer consumer, Principal user) { // if a user is provided, they must exist and be able to login if (user != null && !authenticationController.canLogin(user, request)) { LOG.info("Access denied because user:'{}' cannot login", user.getName()); sendError(response, HttpServletResponse.SC_UNAUTHORIZED, message); return new Result.Failure(new OAuthProblem.PermissionDenied(user.getName())); } LOG.info("Authenticated app '{}' as user '{}' successfully", consumer.getKey(), user == null ? "null" : user.getName()); return new Result.Success(user); }
void validate2LOMessage(OAuthMessage message, Consumer consumer) throws OAuthException, IOException, URISyntaxException { final OAuthConsumer oauthConsumer = converter.toOAuthConsumer(consumer); oauthConsumer.setProperty(RSA_SHA1.PUBLIC_KEY, consumer.getPublicKey().getEncoded()); final OAuthAccessor oauthAccessor = new OAuthAccessor(oauthConsumer); printMessageToDebug(message); validator.validateMessage(message, oauthAccessor); }