private void loadDefaultKey(String signingKeyFile, String signingKeyName) { BasicOAuthStoreConsumerKeyAndSecret key = null; if (!StringUtils.isBlank(signingKeyFile)) { try { if (LOG.isLoggable(Level.INFO)) { LOG.logp(Level.INFO, classname, "loadDefaultKey", MessageKeys.LOAD_KEY_FILE_FROM, new Object[] {signingKeyFile}); } String privateKey = IOUtils.toString(ResourceLoader.open(signingKeyFile), "UTF-8"); privateKey = BasicOAuthStore.convertFromOpenSsl(privateKey); key = new BasicOAuthStoreConsumerKeyAndSecret(null, privateKey, KeyType.RSA_PRIVATE, signingKeyName, null); } catch (Throwable t) { if (LOG.isLoggable(Level.WARNING)) { LOG.logp(Level.WARNING, classname, "loadDefaultKey", MessageKeys.COULD_NOT_LOAD_KEY_FILE, new Object[] {signingKeyFile}); LOG.logp(Level.WARNING, classname, "loadDefaultKey", "",t); } } } if (key != null) { store.setDefaultKey(key); } else { if (LOG.isLoggable(Level.WARNING)) { LOG.logp(Level.WARNING, classname, "loadDefaultKey", MessageKeys.COULD_NOT_LOAD_SIGN_KEY, new Object[] {OAUTH_SIGNING_KEY_FILE,OAUTH_SIGNING_KEY_NAME}); } } }
public ConsumerInfo getConsumerKeyAndSecret( SecurityToken securityToken, String serviceName, OAuthServiceProvider provider) throws GadgetException { ++consumerKeyLookupCount; BasicOAuthStoreConsumerIndex pk = new BasicOAuthStoreConsumerIndex(); pk.setGadgetUri(securityToken.getAppUrl()); pk.setServiceName(serviceName); BasicOAuthStoreConsumerKeyAndSecret cks = consumerInfos.get(pk); if (cks == null) { cks = defaultKey; } if (cks == null) { throw new GadgetException(GadgetException.Code.INTERNAL_SERVER_ERROR, "No key for gadget " + securityToken.getAppUrl() + " and service " + serviceName); } OAuthConsumer consumer = null; if (cks.getKeyType() == KeyType.RSA_PRIVATE) { consumer = new OAuthConsumer(null, cks.getConsumerKey(), null, provider); // The oauth.net java code has lots of magic. By setting this property here, code thousands // of lines away knows that the consumerSecret value in the consumer should be treated as // an RSA private key and not an HMAC key. consumer.setProperty(OAuth.OAUTH_SIGNATURE_METHOD, OAuth.RSA_SHA1); consumer.setProperty(RSA_SHA1.PRIVATE_KEY, cks.getConsumerSecret()); } else { consumer = new OAuthConsumer(null, cks.getConsumerKey(), cks.getConsumerSecret(), provider); consumer.setProperty(OAuth.OAUTH_SIGNATURE_METHOD, OAuth.HMAC_SHA1); } String callback = (cks.getCallbackUrl() != null ? cks.getCallbackUrl() : defaultCallbackUrl); return new ConsumerInfo(consumer, cks.getKeyName(), callback); }
private void loadDefaultKey(String signingKeyFile, String signingKeyName) { BasicOAuthStoreConsumerKeyAndSecret key = null; if (!StringUtils.isBlank(signingKeyFile)) { try { LOG.info("Loading OAuth signing key from " + signingKeyFile); String privateKey = IOUtils.toString(ResourceLoader.open(signingKeyFile), "UTF-8"); privateKey = BasicOAuthStore.convertFromOpenSsl(privateKey); key = new BasicOAuthStoreConsumerKeyAndSecret(null, privateKey, KeyType.RSA_PRIVATE, signingKeyName, null); } catch (Throwable t) { LOG.log(Level.WARNING, "Couldn't load key file " + signingKeyFile, t); } } if (key != null) { store.setDefaultKey(key); } else { LOG.log(Level.WARNING, "Couldn't load OAuth signing key. To create a key, run:\n" + " openssl req -newkey rsa:1024 -days 365 -nodes -x509 -keyout testkey.pem \\\n" + " -out testkey.pem -subj '/CN=mytestkey'\n" + " openssl pkcs8 -in testkey.pem -out oauthkey.pem -topk8 -nocrypt -outform PEM\n" + '\n' + "Then edit shindig.properties and add these lines:\n" + OAUTH_SIGNING_KEY_FILE + "=<path-to-oauthkey.pem>\n" + OAUTH_SIGNING_KEY_NAME + "=mykey\n"); } }
public ConsumerInfo getConsumerKeyAndSecret( SecurityToken securityToken, String serviceName, OAuthServiceProvider provider) throws GadgetException { ++consumerKeyLookupCount; BasicOAuthStoreConsumerIndex pk = new BasicOAuthStoreConsumerIndex(); pk.setGadgetUri(securityToken.getAppUrl()); pk.setServiceName(serviceName); BasicOAuthStoreConsumerKeyAndSecret cks = consumerInfos.get(pk); if (cks == null) { cks = defaultKey; } if (cks == null) { throw new GadgetException(GadgetException.Code.INTERNAL_SERVER_ERROR, "No key for gadget " + securityToken.getAppUrl() + " and service " + serviceName); } OAuthConsumer consumer = null; if (cks.getKeyType() == KeyType.RSA_PRIVATE) { consumer = new OAuthConsumer(null, cks.getConsumerKey(), null, provider); // The oauth.net java code has lots of magic. By setting this property here, code thousands // of lines away knows that the consumerSecret value in the consumer should be treated as // an RSA private key and not an HMAC key. consumer.setProperty(OAuth.OAUTH_SIGNATURE_METHOD, OAuth.RSA_SHA1); consumer.setProperty(RSA_SHA1.PRIVATE_KEY, cks.getConsumerSecret()); } else { consumer = new OAuthConsumer(null, cks.getConsumerKey(), cks.getConsumerSecret(), provider); consumer.setProperty(OAuth.OAUTH_SIGNATURE_METHOD, OAuth.HMAC_SHA1); } String callback = (cks.getCallbackUrl() != null ? cks.getCallbackUrl() : defaultCallbackUrl); return new ConsumerInfo(consumer, cks.getKeyName(), callback); }
private void loadDefaultKey(String signingKeyFile, String signingKeyName) { BasicOAuthStoreConsumerKeyAndSecret key = null; if (!StringUtils.isBlank(signingKeyFile)) { try { LOG.info("Loading OAuth signing key from " + signingKeyFile); String privateKey = IOUtils.toString(ResourceLoader.open(signingKeyFile), "UTF-8"); privateKey = BasicOAuthStore.convertFromOpenSsl(privateKey); key = new BasicOAuthStoreConsumerKeyAndSecret(null, privateKey, KeyType.RSA_PRIVATE, signingKeyName, null); } catch (Throwable t) { LOG.log(Level.WARNING, "Couldn't load key file " + signingKeyFile, t); } } if (key != null) { store.setDefaultKey(key); } else { LOG.log(Level.WARNING, "Couldn't load OAuth signing key. To create a key, run:\n" + " openssl req -newkey rsa:1024 -days 365 -nodes -x509 -keyout testkey.pem \\\n" + " -out testkey.pem -subj '/CN=mytestkey'\n" + " openssl pkcs8 -in testkey.pem -out oauthkey.pem -topk8 -nocrypt -outform PEM\n" + '\n' + "Then edit shindig.properties and add these lines:\n" + OAUTH_SIGNING_KEY_FILE + "=<path-to-oauthkey.pem>\n" + OAUTH_SIGNING_KEY_NAME + "=mykey\n"); } }
final KeyType keyType = cks.getKeyType(); if (keyType == KeyType.RSA_PRIVATE) { consumer = new OAuthConsumer(null, cks.getConsumerKey(), null, provider); consumer.setProperty(RSA_SHA1.PRIVATE_KEY, cks.getConsumerSecret()); } else if (keyType == KeyType.PLAINTEXT) { consumer = new OAuthConsumer(null, cks.getConsumerKey(), cks.getConsumerSecret(), provider); consumer.setProperty(OAuth.OAUTH_SIGNATURE_METHOD, "PLAINTEXT"); } else { consumer = new OAuthConsumer(null, cks.getConsumerKey(), cks.getConsumerSecret(), provider); consumer.setProperty(OAuth.OAUTH_SIGNATURE_METHOD, OAuth.HMAC_SHA1); String callback = (cks.getCallbackUrl() != null ? cks.getCallbackUrl() : defaultCallbackUrl); return new ConsumerInfo(consumer, cks.getKeyName(), callback, cks.isOauthBodyHash());
private void realStoreConsumerInfo(URI gadgetUri, String serviceName, JSONObject consumerInfo) throws JSONException { String callbackUrl = consumerInfo.optString(CALLBACK_URL, null); String consumerSecret = consumerInfo.getString(CONSUMER_SECRET_KEY); String consumerKey = consumerInfo.getString(CONSUMER_KEY_KEY); String keyTypeStr = consumerInfo.getString(KEY_TYPE_KEY); KeyType keyType = KeyType.HMAC_SYMMETRIC; if ("RSA_PRIVATE".equals(keyTypeStr)) { keyType = KeyType.RSA_PRIVATE; consumerSecret = convertFromOpenSsl(consumerSecret); } BasicOAuthStoreConsumerKeyAndSecret kas = new BasicOAuthStoreConsumerKeyAndSecret( consumerKey, consumerSecret, keyType, null, callbackUrl); BasicOAuthStoreConsumerIndex index = new BasicOAuthStoreConsumerIndex(); index.setGadgetUri(gadgetUri.toASCIIString()); index.setServiceName(serviceName); setConsumerKeyAndSecret(index, kas); }
private void realStoreConsumerInfo(URI gadgetUri, String serviceName, JSONObject consumerInfo) throws JSONException { String callbackUrl = consumerInfo.optString(CALLBACK_URL, null); String consumerSecret = consumerInfo.getString(CONSUMER_SECRET_KEY); String consumerKey = consumerInfo.getString(CONSUMER_KEY_KEY); String keyTypeStr = consumerInfo.getString(KEY_TYPE_KEY); KeyType keyType = KeyType.HMAC_SYMMETRIC; if ("RSA_PRIVATE".equals(keyTypeStr)) { keyType = KeyType.RSA_PRIVATE; consumerSecret = convertFromOpenSsl(consumerSecret); } BasicOAuthStoreConsumerKeyAndSecret kas = new BasicOAuthStoreConsumerKeyAndSecret( consumerKey, consumerSecret, keyType, null, callbackUrl); BasicOAuthStoreConsumerIndex index = new BasicOAuthStoreConsumerIndex(); index.setGadgetUri(gadgetUri.toASCIIString()); index.setServiceName(serviceName); setConsumerKeyAndSecret(index, kas); }
private void realStoreConsumerInfo(URI gadgetUri, String serviceName, JSONObject consumerInfo) throws JSONException { String callbackUrl = consumerInfo.optString(CALLBACK_URL, null); String consumerSecret = consumerInfo.getString(CONSUMER_SECRET_KEY); String consumerKey = consumerInfo.getString(CONSUMER_KEY_KEY); String keyTypeStr = consumerInfo.getString(KEY_TYPE_KEY); boolean oauthBodyHash = true; String oauthBodyHashString = consumerInfo.optString(OAUTH_BODY_HASH_KEY); if ("false".equalsIgnoreCase(oauthBodyHashString)) { oauthBodyHash = false; } KeyType keyType = KeyType.HMAC_SYMMETRIC; if ("RSA_PRIVATE".equals(keyTypeStr)) { keyType = KeyType.RSA_PRIVATE; consumerSecret = convertFromOpenSsl(consumerSecret); } else if ("PLAINTEXT".equals(keyTypeStr)) { keyType = KeyType.PLAINTEXT; } BasicOAuthStoreConsumerKeyAndSecret kas = new BasicOAuthStoreConsumerKeyAndSecret( consumerKey, consumerSecret, keyType, null, callbackUrl, oauthBodyHash); BasicOAuthStoreConsumerIndex index = new BasicOAuthStoreConsumerIndex(); index.setGadgetUri(gadgetUri.toASCIIString()); index.setServiceName(serviceName); setConsumerKeyAndSecret(index, kas); }
private static void addDefaultKey(BasicOAuthStore base) { BasicOAuthStoreConsumerKeyAndSecret defaultKey = new BasicOAuthStoreConsumerKeyAndSecret( "signedfetch", FakeOAuthServiceProvider.PRIVATE_KEY_TEXT, KeyType.RSA_PRIVATE, "foo", null); base.setDefaultKey(defaultKey); }
private static void addDefaultKey(BasicOAuthStore base) { BasicOAuthStoreConsumerKeyAndSecret defaultKey = new BasicOAuthStoreConsumerKeyAndSecret( "signedfetch", FakeOAuthServiceProvider.PRIVATE_KEY_TEXT, KeyType.RSA_PRIVATE, "foo", null); base.setDefaultKey(defaultKey); }
private static void addDefaultKey(BasicOAuthStore base) { BasicOAuthStoreConsumerKeyAndSecret defaultKey = new BasicOAuthStoreConsumerKeyAndSecret( "signedfetch", FakeOAuthServiceProvider.PRIVATE_KEY_TEXT, KeyType.RSA_PRIVATE, "foo", null); base.setDefaultKey(defaultKey); }
private static void addConsumer( BasicOAuthStore base, String gadgetUrl, String serviceName, String consumerKey, String consumerSecret) { BasicOAuthStoreConsumerIndex providerKey = new BasicOAuthStoreConsumerIndex(); providerKey.setGadgetUri(gadgetUrl); providerKey.setServiceName(serviceName); BasicOAuthStoreConsumerKeyAndSecret kas = new BasicOAuthStoreConsumerKeyAndSecret( consumerKey, consumerSecret, KeyType.HMAC_SYMMETRIC, null, null); base.setConsumerKeyAndSecret(providerKey, kas); }
private static void addConsumer( BasicOAuthStore base, String gadgetUrl, String serviceName, String consumerKey, String consumerSecret) { BasicOAuthStoreConsumerIndex providerKey = new BasicOAuthStoreConsumerIndex(); providerKey.setGadgetUri(gadgetUrl); providerKey.setServiceName(serviceName); BasicOAuthStoreConsumerKeyAndSecret kas = new BasicOAuthStoreConsumerKeyAndSecret( consumerKey, consumerSecret, KeyType.HMAC_SYMMETRIC, null, null); base.setConsumerKeyAndSecret(providerKey, kas); }
private static void addConsumer( BasicOAuthStore base, String gadgetUrl, String serviceName, String consumerKey, String consumerSecret) { BasicOAuthStoreConsumerIndex providerKey = new BasicOAuthStoreConsumerIndex(); providerKey.setGadgetUri(gadgetUrl); providerKey.setServiceName(serviceName); BasicOAuthStoreConsumerKeyAndSecret kas = new BasicOAuthStoreConsumerKeyAndSecret( consumerKey, consumerSecret, KeyType.HMAC_SYMMETRIC, null, null); base.setConsumerKeyAndSecret(providerKey, kas); }
@Test public void testGetOAuthAccessor_signedFetch_badServiceName() throws Exception { BasicOAuthStoreConsumerIndex index = new BasicOAuthStoreConsumerIndex(); index.setGadgetUri(GADGET_URL); index.setServiceName("otherservice"); BasicOAuthStoreConsumerKeyAndSecret cks = new BasicOAuthStoreConsumerKeyAndSecret("hmac", "hmacsecret", KeyType.HMAC_SYMMETRIC, null, null); backingStore.setConsumerKeyAndSecret(index, cks); OAuthArguments arguments = new OAuthArguments(); arguments.setUseToken(UseToken.NEVER); arguments.setServiceName("hmac"); AccessorInfo info = store.getOAuthAccessor(socialToken, arguments, clientState, responseParams, fetcherConfig); assertEquals("keyname", info.getConsumer().getKeyName()); assertEquals("key", info.getConsumer().getConsumer().consumerKey); }
@Test public void testGetOAuthAccessor_signedFetch_badServiceName() throws Exception { BasicOAuthStoreConsumerIndex index = new BasicOAuthStoreConsumerIndex(); index.setGadgetUri(GADGET_URL); index.setServiceName("otherservice"); BasicOAuthStoreConsumerKeyAndSecret cks = new BasicOAuthStoreConsumerKeyAndSecret("hmac", "hmacsecret", KeyType.HMAC_SYMMETRIC, null, null); backingStore.setConsumerKeyAndSecret(index, cks); OAuthArguments arguments = new OAuthArguments(); arguments.setUseToken(UseToken.NEVER); arguments.setServiceName("hmac"); AccessorInfo info = store.getOAuthAccessor(socialToken, arguments, clientState, responseParams, fetcherConfig); assertEquals("keyname", info.getConsumer().getKeyName()); assertEquals("key", info.getConsumer().getConsumer().consumerKey); }
@Test public void testGetOAuthAccessor_signedFetch_badServiceName() throws Exception { BasicOAuthStoreConsumerIndex index = new BasicOAuthStoreConsumerIndex(); index.setGadgetUri(GADGET_URL); index.setServiceName("otherservice"); BasicOAuthStoreConsumerKeyAndSecret cks = new BasicOAuthStoreConsumerKeyAndSecret("hmac", "hmacsecret", KeyType.HMAC_SYMMETRIC, null, null); backingStore.setConsumerKeyAndSecret(index, cks); OAuthArguments arguments = new OAuthArguments(); arguments.setUseToken(UseToken.NEVER); arguments.setServiceName("hmac"); AccessorInfo info = store.getOAuthAccessor(socialToken, arguments, clientState, responseParams, fetcherConfig); assertEquals("keyname", info.getConsumer().getKeyName()); assertEquals("key", info.getConsumer().getConsumer().consumerKey); }
@Before public void setUp() throws Exception { backingStore = new BasicOAuthStore(); backingStore.setDefaultKey(new BasicOAuthStoreConsumerKeyAndSecret("key", "secret", KeyType.RSA_PRIVATE, "keyname", null)); backingStore.setDefaultCallbackUrl(DEFAULT_CALLBACK); store = new GadgetOAuthTokenStore(backingStore, new FakeGadgetSpecFactory()); socialToken = new FakeGadgetToken(); socialToken.setOwnerId("owner"); socialToken.setViewerId("viewer"); socialToken.setAppUrl(GADGET_URL); privateToken = new FakeGadgetToken(); privateToken.setOwnerId("owner"); privateToken.setViewerId("owner"); privateToken.setAppUrl(GADGET_URL); stateCrypter = new BasicBlobCrypter("abcdefghijklmnop".getBytes()); clientState = new OAuthClientState(stateCrypter); responseParams = new OAuthResponseParams(socialToken, null, stateCrypter); fetcherConfig = new OAuthFetcherConfig(stateCrypter, store, new FakeTimeSource(), null, false); }
@Before public void setUp() throws Exception { backingStore = new BasicOAuthStore(); backingStore.setDefaultKey(new BasicOAuthStoreConsumerKeyAndSecret("key", "secret", KeyType.RSA_PRIVATE, "keyname", null)); backingStore.setDefaultCallbackUrl(DEFAULT_CALLBACK); store = new GadgetOAuthTokenStore(backingStore, new FakeGadgetSpecFactory()); socialToken = new FakeGadgetToken(); socialToken.setOwnerId("owner"); socialToken.setViewerId("viewer"); socialToken.setAppUrl(GADGET_URL); privateToken = new FakeGadgetToken(); privateToken.setOwnerId("owner"); privateToken.setViewerId("owner"); privateToken.setAppUrl(GADGET_URL); stateCrypter = new BasicBlobCrypter("abcdefghijklmnop".getBytes()); clientState = new OAuthClientState(stateCrypter); responseParams = new OAuthResponseParams(socialToken, null, stateCrypter); fetcherConfig = new OAuthFetcherConfig(stateCrypter, store, new FakeTimeSource(), null, false); }