public OAuthProtocolException(int status, OAuthMessage reply) { String problem = OAuthUtil.getParameter(reply, OAuthProblemException.OAUTH_PROBLEM); if (problem == null) { throw new IllegalArgumentException("No problem reported for OAuthProtocolException"); } this.problemCode = problem; if (fatalProblems.contains(problem)) { startFromScratch = true; canRetry = false; canExtend = false; } else if (temporaryProblems.contains(problem)) { startFromScratch = false; canRetry = false; canExtend = false; } else if (extensionProblems.contains(problem)) { startFromScratch = false; canRetry = true; canExtend = true; } else { // fallback to status to figure out behavior if (status == HttpResponse.SC_UNAUTHORIZED) { startFromScratch = true; canRetry = true; } else { startFromScratch = false; canRetry = false; } canExtend = false; } }
/** * Extracts only those parameters from an OAuthMessage that are OAuth-related. * An OAuthMessage may hold a whole bunch of non-OAuth-related parameters * because they were all needed for signing. But when constructing a request * we need to be able to extract just the OAuth-related parameters because * they, and only they, may have to be put into an Authorization: header or * some such thing. * * @param message the OAuthMessage object, which holds non-OAuth parameters * such as foo=bar (which may have been in the original URI query part, or * perhaps in the POST body), as well as OAuth-related parameters (such as * oauth_timestamp or oauth_signature). * * @return a list that contains only the oauth_related parameters. */ static List<Map.Entry<String, String>> selectOAuthParams(OAuthMessage message) { List<Map.Entry<String, String>> result = Lists.newArrayList(); for (Map.Entry<String, String> param : OAuthUtil.getParameters(message)) { if (isContainerInjectedParameter(param.getKey())) { result.add(param); } } return result; }
accessor.accessToken = OAuthUtil.getParameter(reply, OAuth.OAUTH_TOKEN); accessor.tokenSecret = OAuthUtil.getParameter(reply, OAuth.OAUTH_TOKEN_SECRET); accessorInfo.setSessionHandle(OAuthUtil.getParameter(reply, OAuthConstants.OAUTH_SESSION_HANDLE)); accessorInfo.setTokenExpireMillis(ACCESS_TOKEN_EXPIRE_UNKNOWN); if (OAuthUtil.getParameter(reply, OAuthConstants.OAUTH_EXPIRES_IN) != null) { try { int expireSecs = Integer.parseInt(OAuthUtil.getParameter(reply, OAuthConstants.OAUTH_EXPIRES_IN)); long expireMillis = fetcherConfig.getClock().currentTimeMillis() + expireSecs * 1000L; for (Entry<String, String> param : OAuthUtil.getParameters(reply)) { if (!param.getKey().startsWith("oauth")) { accessTokenData.put(param.getKey(), param.getValue());
params.addAll(sanitize(OAuth.decodeForm(query))); switch(OAuthUtil.getSignatureType(tokenEndpoint, base.getHeader("Content-Type"))) { case URL_ONLY: break; OAuthMessage signed = OAuthUtil.newRequestMessage(accessorInfo.getAccessor(), base.getMethod(), target.toString(), params); HttpRequest oauthHttpRequest = createHttpRequest(base, selectOAuthParams(signed));
"type x-www-form-urlencoded"); String oauthData = OAuthUtil.formEncode(oauthParams); if (result.getPostBodyLength() == 0) { result.setPostBody(CharsetUtil.getUtf8Bytes(oauthData)); result.setUri(Uri.parse(OAuthUtil.addParameters(result.getUri().toString(), oauthParams))); break;
throw new RuntimeException("Can't have body hash on token endpoints"); SignatureType sigType = OAuthUtil.getSignatureType(tokenEndpoint, info.request.getHeader("Content-Type")); switch (sigType) {
accessor.accessToken = OAuthUtil.getParameter(reply, OAuth.OAUTH_TOKEN); accessor.tokenSecret = OAuthUtil.getParameter(reply, OAuth.OAUTH_TOKEN_SECRET); accessorInfo.setSessionHandle(OAuthUtil.getParameter(reply, OAuthConstants.OAUTH_SESSION_HANDLE)); accessorInfo.setTokenExpireMillis(ACCESS_TOKEN_EXPIRE_UNKNOWN); if (OAuthUtil.getParameter(reply, OAuthConstants.OAUTH_EXPIRES_IN) != null) { try { int expireSecs = Integer.parseInt(OAuthUtil.getParameter(reply, OAuthConstants.OAUTH_EXPIRES_IN)); long expireMillis = fetcherConfig.getClock().currentTimeMillis() + expireSecs * 1000; for (Entry<String, String> param : OAuthUtil.getParameters(reply)) { if (!param.getKey().startsWith("oauth")) { accessTokenData.put(param.getKey(), param.getValue());
params.addAll(sanitize(OAuth.decodeForm(query))); switch(OAuthUtil.getSignatureType(tokenEndpoint, base.getHeader("Content-Type"))) { case URL_ONLY: break; OAuthMessage signed = OAuthUtil.newRequestMessage(accessorInfo.getAccessor(), base.getMethod(), target.toString(), params); HttpRequest oauthHttpRequest = createHttpRequest(base, selectOAuthParams(signed));
"type x-www-form-urlencoded"); String oauthData = OAuthUtil.formEncode(oauthParams); if (result.getPostBodyLength() == 0) { result.setPostBody(CharsetUtil.getUtf8Bytes(oauthData)); result.setUri(Uri.parse(OAuthUtil.addParameters(result.getUri().toString(), oauthParams))); break;
throw new RuntimeException("Can't have body hash on token endpoints"); SignatureType sigType = OAuthUtil.getSignatureType(tokenEndpoint, info.request.getHeader("Content-Type")); switch (sigType) {
public OAuthProtocolException(int status, OAuthMessage reply) { String problem = OAuthUtil.getParameter(reply, OAuthProblemException.OAUTH_PROBLEM); if (problem == null) { throw new IllegalArgumentException("No problem reported for OAuthProtocolException"); } this.problemCode = problem; if (fatalProblems.contains(problem)) { startFromScratch = true; canRetry = false; canExtend = false; } else if (temporaryProblems.contains(problem)) { startFromScratch = false; canRetry = false; canExtend = false; } else if (extensionProblems.contains(problem)) { startFromScratch = false; canRetry = true; canExtend = true; } else { // fallback to status to figure out behavior if (status == HttpResponse.SC_UNAUTHORIZED) { startFromScratch = true; canRetry = true; } else { startFromScratch = false; canRetry = false; } canExtend = false; } }
accessor.accessToken = OAuthUtil.getParameter(reply, OAuth.OAUTH_TOKEN); accessor.tokenSecret = OAuthUtil.getParameter(reply, OAuth.OAUTH_TOKEN_SECRET); accessorInfo.setSessionHandle(OAuthUtil.getParameter(reply, OAuthConstants.OAUTH_SESSION_HANDLE)); accessorInfo.setTokenExpireMillis(ACCESS_TOKEN_EXPIRE_UNKNOWN); if (OAuthUtil.getParameter(reply, OAuthConstants.OAUTH_EXPIRES_IN) != null) { try { int expireSecs = Integer.parseInt(OAuthUtil.getParameter(reply, OAuthConstants.OAUTH_EXPIRES_IN)); long expireMillis = fetcherConfig.getClock().currentTimeMillis() + expireSecs * 1000L; for (Entry<String, String> param : OAuthUtil.getParameters(reply)) { if (!param.getKey().startsWith("oauth")) { accessTokenData.put(param.getKey(), param.getValue());
params.addAll(sanitize(OAuth.decodeForm(query))); switch(OAuthUtil.getSignatureType(tokenEndpoint, base.getHeader("Content-Type"))) { case URL_ONLY: break; OAuthMessage signed = OAuthUtil.newRequestMessage(accessorInfo.getAccessor(), base.getMethod(), target.toString(), params); HttpRequest oauthHttpRequest = createHttpRequest(base, selectOAuthParams(signed));
/** * Extracts only those parameters from an OAuthMessage that are OAuth-related. * An OAuthMessage may hold a whole bunch of non-OAuth-related parameters * because they were all needed for signing. But when constructing a request * we need to be able to extract just the OAuth-related parameters because * they, and only they, may have to be put into an Authorization: header or * some such thing. * * @param message the OAuthMessage object, which holds non-OAuth parameters * such as foo=bar (which may have been in the original URI query part, or * perhaps in the POST body), as well as OAuth-related parameters (such as * oauth_timestamp or oauth_signature). * * @return a list that contains only the oauth_related parameters. */ static List<Map.Entry<String, String>> selectOAuthParams(OAuthMessage message) { List<Map.Entry<String, String>> result = Lists.newArrayList(); for (Map.Entry<String, String> param : OAuthUtil.getParameters(message)) { if (isContainerInjectedParameter(param.getKey())) { result.add(param); } } return result; }
"type x-www-form-urlencoded"); String oauthData = OAuthUtil.formEncode(oauthParams); if (result.getPostBodyLength() == 0) { result.setPostBody(CharsetUtil.getUtf8Bytes(oauthData)); result.setUri(Uri.parse(OAuthUtil.addParameters(result.getUri().toString(), oauthParams))); break;
throw new RuntimeException("Can't have body hash on token endpoints"); SignatureType sigType = OAuthUtil.getSignatureType(tokenEndpoint, info.request.getHeader("Content-Type")); switch (sigType) {
public OAuthProtocolException(int status, OAuthMessage reply) { String problem = OAuthUtil.getParameter(reply, OAuthProblemException.OAUTH_PROBLEM); if (problem == null) { throw new IllegalArgumentException("No problem reported for OAuthProtocolException"); } this.problemCode = problem; if (fatalProblems.contains(problem)) { startFromScratch = true; canRetry = false; canExtend = false; } else if (temporaryProblems.contains(problem)) { startFromScratch = false; canRetry = false; canExtend = false; } else if (extensionProblems.contains(problem)) { startFromScratch = false; canRetry = true; canExtend = true; } else { // fallback to status to figure out behavior if (status == HttpResponse.SC_UNAUTHORIZED) { startFromScratch = true; canRetry = true; } else { startFromScratch = false; canRetry = false; } canExtend = false; } }
/** * Extracts only those parameters from an OAuthMessage that are OAuth-related. * An OAuthMessage may hold a whole bunch of non-OAuth-related parameters * because they were all needed for signing. But when constructing a request * we need to be able to extract just the OAuth-related parameters because * they, and only they, may have to be put into an Authorization: header or * some such thing. * * @param message the OAuthMessage object, which holds non-OAuth parameters * such as foo=bar (which may have been in the original URI query part, or * perhaps in the POST body), as well as OAuth-related parameters (such as * oauth_timestamp or oauth_signature). * * @return a list that contains only the oauth_related parameters. */ static List<Map.Entry<String, String>> selectOAuthParams(OAuthMessage message) { List<Map.Entry<String, String>> result = Lists.newArrayList(); for (Map.Entry<String, String> param : OAuthUtil.getParameters(message)) { if (isContainerInjectedParameter(param.getKey())) { result.add(param); } } return result; }
"type x-www-form-urlencoded"); String oauthData = OAuthUtil.formEncode(message.getParameters()); request.setPostBody(CharsetUtil.getUtf8Bytes(oauthData)); break; request.setUri(Uri.parse(OAuthUtil.addParameters(request.getUri().toString(), entryList))); break;
private void fetchRequestToken() throws OAuthRequestException, OAuthProtocolException { OAuthAccessor accessor = accessorInfo.getAccessor(); HttpRequest request = createRequestTokenRequest(accessor); List<Parameter> requestTokenParams = Lists.newArrayList(); addCallback(requestTokenParams); HttpRequest signed = sanitizeAndSign(request, requestTokenParams, true); OAuthMessage reply = sendOAuthMessage(signed); accessor.requestToken = OAuthUtil.getParameter(reply, OAuth.OAUTH_TOKEN); accessor.tokenSecret = OAuthUtil.getParameter(reply, OAuth.OAUTH_TOKEN_SECRET); }