/** * Use the {@link Credential} to request a new access token from the * authorization endpoint. * * @return whether a new access token was successfully retrieved */ public boolean refreshToken() throws AuthenticationException { try { return this.credential.refreshToken(); } catch (IOException e) { AuthenticationException ae = new AuthenticationException("Failed to refresh access token: " + e.getMessage()); ae.initCause(e); throw ae; } } }
/** * Constructs a new AuthenticationException instance based upon * the contents of a WWW-Authenticate header as described by * RFC2617. */ public AuthenticationException(String message, String authHeader) { super(message); initFromAuthHeader(authHeader); }
@Override protected void handleErrorResponse() throws IOException, ServiceException { try { switch (httpConn.getResponseCode()) { case HttpURLConnection.HTTP_MOVED_PERM: case HttpURLConnection.HTTP_MOVED_TEMP: throw new RedirectRequiredException(httpConn); } super.handleErrorResponse(); } catch (AuthenticationException e) { // Throw a more specific exception for session expiration. String msg = e.getMessage(); if (msg != null && msg.contains("Token expired")) { SessionExpiredException se = new SessionExpiredException(e.getMessage()); se.setResponse(e.getResponseContentType(), e.getResponseBody()); throw se; } throw e; } } }
/** * Revokes the specified token. * <p> * If the <code>key</code> is non-null, the token will be used securely * and the request to revoke the token will be signed. * * @param protocol the protocol to use to communicate with the server * @param domain the domain at which the authentication server exists * @param token the AuthSub token to revoke * @param key the private key to sign the request * @throws IOException if error in writing/reading the request * @throws GeneralSecurityException if error in signing the request * @throws AuthenticationException if the token is rejected */ public static void revokeToken(String protocol, String domain, String token, PrivateKey key) throws IOException, GeneralSecurityException, AuthenticationException { String revokeUrl = getRevokeTokenUrl(protocol, domain); URL url = new URL(revokeUrl); HttpURLConnection httpConn = (HttpURLConnection) url.openConnection(); String header = formAuthorizationHeader(token, key, url, "GET"); httpConn.setRequestProperty("Authorization", header); if (httpConn.getResponseCode() != HttpURLConnection.HTTP_OK) { throw new AuthenticationException(httpConn.getResponseCode() + ": " + httpConn.getResponseMessage()); } }
@Override protected void handleErrorResponse() throws IOException, ServiceException { try { switch (httpConn.getResponseCode()) { case HttpURLConnection.HTTP_MOVED_PERM: case HttpURLConnection.HTTP_MOVED_TEMP: throw new RedirectRequiredException(httpConn); } super.handleErrorResponse(); } catch (AuthenticationException e) { // Throw a more specific exception for session expiration. String msg = e.getMessage(); if (msg != null && msg.contains("Token expired")) { SessionExpiredException se = new SessionExpiredException(e.getMessage()); se.setResponse(e.getResponseContentType(), e.getResponseBody()); throw se; } throw e; } } }
/** * Revokes the specified token. * <p> * If the <code>key</code> is non-null, the token will be used securely * and the request to revoke the token will be signed. * * @param protocol the protocol to use to communicate with the server * @param domain the domain at which the authentication server exists * @param token the AuthSub token to revoke * @param key the private key to sign the request * @throws IOException if error in writing/reading the request * @throws GeneralSecurityException if error in signing the request * @throws AuthenticationException if the token is rejected */ public static void revokeToken(String protocol, String domain, String token, PrivateKey key) throws IOException, GeneralSecurityException, AuthenticationException { String revokeUrl = getRevokeTokenUrl(protocol, domain); URL url = new URL(revokeUrl); HttpURLConnection httpConn = (HttpURLConnection) url.openConnection(); String header = formAuthorizationHeader(token, key, url, "GET"); httpConn.setRequestProperty("Authorization", header); if (httpConn.getResponseCode() != HttpURLConnection.HTTP_OK) { throw new AuthenticationException(httpConn.getResponseCode() + ": " + httpConn.getResponseMessage()); } }
@Override protected void handleErrorResponse() throws IOException, ServiceException { try { switch (httpConn.getResponseCode()) { case HttpURLConnection.HTTP_MOVED_PERM: case HttpURLConnection.HTTP_MOVED_TEMP: throw new RedirectRequiredException(httpConn); } super.handleErrorResponse(); } catch (AuthenticationException e) { // Throw a more specific exception for session expiration. String msg = e.getMessage(); if ((msg != null && msg.contains("Token expired")) || (this.authToken != null && this.authToken instanceof OAuth2Token)) { SessionExpiredException se = new SessionExpiredException(e.getMessage()); se.setResponse(e.getResponseContentType(), e.getResponseBody()); throw se; } throw e; } } }
/** * Encapsulates the OAuth information used by applications to login on behalf * of a user. This class generates an unique authorization header for each * request. */ public static class OAuthToken implements HttpAuthToken { OAuthParameters parameters; GoogleOAuthHelper oauthHelper; /** * Create a new {@link OAuthToken} object. Store the * {@link OAuthParameters} and {@link OAuthSigner} to use when generating * the header. The following OAuth parameters are required: * <ul> * <li>oauth_consumer_key * <li>oauth_token * </ul> * * @param parameters the required OAuth parameters * @param signer the {@link OAuthSigner} object to use when to generate the * OAuth signature. */ public OAuthToken(OAuthParameters parameters, OAuthSigner signer) { this.parameters = parameters; oauthHelper = new GoogleOAuthHelper(signer); } /** * Generates the OAuth authorization header using the user's OAuth
/** * Revokes the specified token. * <p> * If the <code>key</code> is non-null, the token will be used securely * and the request to revoke the token will be signed. * * @param protocol the protocol to use to communicate with the server * @param domain the domain at which the authentication server exists * @param token the AuthSub token to revoke * @param key the private key to sign the request * @throws IOException if error in writing/reading the request * @throws GeneralSecurityException if error in signing the request * @throws AuthenticationException if the token is rejected */ public static void revokeToken(String protocol, String domain, String token, PrivateKey key) throws IOException, GeneralSecurityException, AuthenticationException { String revokeUrl = getRevokeTokenUrl(protocol, domain); URL url = new URL(revokeUrl); HttpURLConnection httpConn = (HttpURLConnection) url.openConnection(); String header = formAuthorizationHeader(token, key, url, "GET"); httpConn.setRequestProperty("Authorization", header); if (httpConn.getResponseCode() != HttpURLConnection.HTTP_OK) { throw new AuthenticationException(httpConn.getResponseCode() + ": " + httpConn.getResponseMessage()); } }
/** * Constructs a new AuthenticationException instance based upon * the contents of a WWW-Authenticate header as described by * RFC2617. */ public AuthenticationException(String message, String authHeader) { super(message); initFromAuthHeader(authHeader); }
/** * Encapsulates the OAuth 2.0 information used by applications to login on * behalf of a user. */ public static class OAuth2Token implements HttpAuthToken { static final String HEADER_PREFIX = "Bearer "; final Credential credential; /** * Create a new {@link OAuth2Token} object. Store the {@link Credential} to * use when generating the header. * * @param credential the required OAuth 2.0 credentials */ public OAuth2Token(Credential credential) { this.credential = credential; } /** * Returns the authorization header using the user's OAuth 2.0 credentials. * * @param requestUrl the URL being requested * @param requestMethod the HTTP method of the request * @return the authorization header to be used for the request */ public String getAuthorizationHeader(URL requestUrl, String requestMethod) { return HEADER_PREFIX + this.credential.getAccessToken(); }
throw new AuthenticationException(httpConn.getResponseCode() + ": " + httpConn.getResponseMessage());
/** * Constructs a new AuthenticationException instance based upon * the contents of a WWW-Authenticate header as described by * RFC2617. */ public AuthenticationException(String message, String authHeader) { super(message); initFromAuthHeader(authHeader); }
/** * Encapsulates the OAuth information used by applications to login on behalf * of a user. This class generates an unique authorization header for each * request. */ public static class OAuthToken implements HttpAuthToken { OAuthParameters parameters; final OAuthSigner signer; /** * Create a new {@link OAuthToken} object. Store the * {@link OAuthParameters} and {@link OAuthSigner} to use when generating * the header. The following OAuth parameters are required: * <ul> * <li>oauth_consumer_key * <li>oauth_token * </ul> * * @param parameters the required OAuth parameters * @param signer the {@link OAuthSigner} object to use when to generate the * OAuth signature. */ public OAuthToken(OAuthParameters parameters, OAuthSigner signer) { this.parameters = parameters; this.signer = signer; } /** * Generates the OAuth authorization header using the user's OAuth
throw new AuthenticationException(httpConn.getResponseCode() + ": " + httpConn.getResponseMessage());
/** * Constructs a new AuthenticationException using header and error * stream information from an HTTP connection. */ public AuthenticationException(HttpURLConnection httpConn) throws IOException { super(httpConn); initFromAuthHeader(httpConn.getHeaderField("WWW-Authenticate")); }
return new AuthenticationException("Error authenticating " + "(check service name)");
/** * Constructs a new AuthenticationException using header and error * stream information from an HTTP connection. */ public AuthenticationException(HttpURLConnection httpConn) throws IOException { super(httpConn); initFromAuthHeader(httpConn.getHeaderField("WWW-Authenticate")); }
return new AuthenticationException("Error authenticating " + "(check service name)");
/** * Constructs a new AuthenticationException using header and error * stream information from an HTTP connection. */ public AuthenticationException(HttpURLConnection httpConn) throws IOException { super(httpConn); initFromAuthHeader(httpConn.getHeaderField("WWW-Authenticate")); }