private boolean verifySignature(OAuthServerRequest osr, OAuth1Parameters params, OAuth1Secrets secrets) { try { return oAuth1Signature.verify(osr, params, secrets); } catch (OAuth1SignatureException ose) { throw newBadRequestException(); } }
/** * Generates and returns an OAuth signature for the given request, * parameters and secrets. * * @param request the request to generate signature for. * @param params the OAuth authorization parameters. * @param secrets the secrets used to generate the OAuth signature. * @return the OAuth digital signature. * @throws OAuth1SignatureException if an error occurred generating the signature. */ public String generate(final OAuth1Request request, final OAuth1Parameters params, final OAuth1Secrets secrets) throws OAuth1SignatureException { return getSignatureMethod(params).sign(baseString(request, params), secrets); }
/** * Assembles request base string for which a digital signature is to be * generated/verified, per section 9.1.3 of the OAuth 1.0 specification. * * @param request the request from which to assemble baseString. * @param params the OAuth authorization parameters from which to assemble baseString. * @return the concatenated baseString, ready to sign/verify */ private String baseString(final OAuth1Request request, final OAuth1Parameters params) throws OAuth1SignatureException { // HTTP request method final StringBuilder builder = new StringBuilder(request.getRequestMethod().toUpperCase()); // request URL, see section 3.4.1.2 http://tools.ietf.org/html/draft-hammer-oauth-10#section-3.4.1.2 builder.append('&').append(UriComponent.encode(constructRequestURL(request).toASCIIString(), UriComponent.Type.UNRESERVED)); // normalized request parameters, see section 3.4.1.3.2 http://tools.ietf.org/html/draft-hammer-oauth-10#section-3.4.1.3.2 builder.append('&').append(UriComponent.encode(normalizeParameters(request, params), UriComponent.Type.UNRESERVED)); return builder.toString(); }
oAuthSignature.get().sign(new RequestWrapper(request, messageBodyWorkers.get()), paramCopy, secretsCopy); } catch (OAuth1SignatureException se) { throw new ProcessingException(LocalizationMessages.ERROR_REQUEST_SIGNATURE(), se);
/** * Generates an OAuth signature for the given request, parameters and * secrets, and stores it as a signature parameter, and writes the * OAuth parameters to the request as an Authorization header. * * @param request the request to generate signature for and write header to. * @param params the OAuth authorization parameters. * @param secrets the secrets used to generate the OAuth signature. * @throws OAuth1SignatureException if an error occurred generating the signature. */ public void sign(final OAuth1Request request, OAuth1Parameters params, final OAuth1Secrets secrets) throws OAuth1SignatureException { params = params.clone(); // don't modify caller's parameters params.setSignature(generate(request, params, secrets)); params.writeRequest(request); }
/** * Assembles request base string for which a digital signature is to be * generated/verified, per section 9.1.3 of the OAuth 1.0 specification. * * @param request the request from which to assemble baseString. * @param params the OAuth authorization parameters from which to assemble baseString. * @return the concatenated baseString, ready to sign/verify */ private String baseString(final OAuth1Request request, final OAuth1Parameters params) throws OAuth1SignatureException { // HTTP request method final StringBuilder builder = new StringBuilder(request.getRequestMethod().toUpperCase()); // request URL, see section 3.4.1.2 http://tools.ietf.org/html/draft-hammer-oauth-10#section-3.4.1.2 builder.append('&').append(UriComponent.encode(constructRequestURL(request).toASCIIString(), UriComponent.Type.UNRESERVED)); // normalized request parameters, see section 3.4.1.3.2 http://tools.ietf.org/html/draft-hammer-oauth-10#section-3.4.1.3.2 builder.append('&').append(UriComponent.encode(normalizeParameters(request, params), UriComponent.Type.UNRESERVED)); return builder.toString(); }
oAuthSignature.get().sign(new RequestWrapper(request, messageBodyWorkers.get()), paramCopy, secretsCopy); } catch (OAuth1SignatureException se) { throw new ProcessingException(LocalizationMessages.ERROR_REQUEST_SIGNATURE(), se);
/** * Generates an OAuth signature for the given request, parameters and * secrets, and stores it as a signature parameter, and writes the * OAuth parameters to the request as an Authorization header. * * @param request the request to generate signature for and write header to. * @param params the OAuth authorization parameters. * @param secrets the secrets used to generate the OAuth signature. * @throws OAuth1SignatureException if an error occurred generating the signature. */ public void sign(final OAuth1Request request, OAuth1Parameters params, final OAuth1Secrets secrets) throws OAuth1SignatureException { params = params.clone(); // don't modify caller's parameters params.setSignature(generate(request, params, secrets)); params.writeRequest(request); }
sigIsOk = oAuth1Signature.verify(request, params, secrets); } catch (OAuth1SignatureException ex) { Logger.getLogger(AccessTokenResource.class.getName()).log(Level.SEVERE, null, ex);
/** * Verifies the OAuth signature for a given request, parameters and * secrets. * * @param request the request to verify the signature from. * @param params the OAuth authorization parameters * @param secrets the secrets used to verify the OAuth signature. * @return true if the signature is verified. * @throws OAuth1SignatureException if an error occurred generating the signature. */ public boolean verify(final OAuth1Request request, final OAuth1Parameters params, final OAuth1Secrets secrets) throws OAuth1SignatureException { return getSignatureMethod(params).verify(baseString(request, params), secrets, params.getSignature()); }
/** * Assembles request base string for which a digital signature is to be * generated/verified, per section 9.1.3 of the OAuth 1.0 specification. * * @param request the request from which to assemble baseString. * @param params the OAuth authorization parameters from which to assemble baseString. * @return the concatenated baseString, ready to sign/verify */ private String baseString(final OAuth1Request request, final OAuth1Parameters params) throws OAuth1SignatureException { // HTTP request method final StringBuilder builder = new StringBuilder(request.getRequestMethod().toUpperCase()); // request URL, see section 3.4.1.2 http://tools.ietf.org/html/draft-hammer-oauth-10#section-3.4.1.2 builder.append('&').append(UriComponent.encode(constructRequestURL(request).toASCIIString(), UriComponent.Type.UNRESERVED)); // normalized request parameters, see section 3.4.1.3.2 http://tools.ietf.org/html/draft-hammer-oauth-10#section-3.4.1.3.2 builder.append('&').append(UriComponent.encode(normalizeParameters(request, params), UriComponent.Type.UNRESERVED)); return builder.toString(); }
oAuthSignature.get().sign(new RequestWrapper(request, messageBodyWorkers.get()), paramCopy, secretsCopy); } catch (OAuth1SignatureException se) { throw new ProcessingException(LocalizationMessages.ERROR_REQUEST_SIGNATURE(), se);
/** * Generates an OAuth signature for the given request, parameters and * secrets, and stores it as a signature parameter, and writes the * OAuth parameters to the request as an Authorization header. * * @param request the request to generate signature for and write header to. * @param params the OAuth authorization parameters. * @param secrets the secrets used to generate the OAuth signature. * @throws OAuth1SignatureException if an error occurred generating the signature. */ public void sign(final OAuth1Request request, OAuth1Parameters params, final OAuth1Secrets secrets) throws OAuth1SignatureException { params = params.clone(); // don't modify caller's parameters params.setSignature(generate(request, params, secrets)); params.writeRequest(request); }
sigIsOk = oAuth1Signature.verify(request, params, secrets); } catch (OAuth1SignatureException ex) { Logger.getLogger(RequestTokenResource.class.getName()).log(Level.SEVERE, null, ex);
/** * Generates and returns an OAuth signature for the given request, * parameters and secrets. * * @param request the request to generate signature for. * @param params the OAuth authorization parameters. * @param secrets the secrets used to generate the OAuth signature. * @return the OAuth digital signature. * @throws OAuth1SignatureException if an error occurred generating the signature. */ public String generate(final OAuth1Request request, final OAuth1Parameters params, final OAuth1Secrets secrets) throws OAuth1SignatureException { return getSignatureMethod(params).sign(baseString(request, params), secrets); }
oAuthSignature.get().sign(new RequestWrapper(request, messageBodyWorkers.get()), paramCopy, secretsCopy); } catch (OAuth1SignatureException se) { throw new ProcessingException(LocalizationMessages.ERROR_REQUEST_SIGNATURE(), se);
private boolean verifySignature(OAuthServerRequest osr, OAuth1Parameters params, OAuth1Secrets secrets) { try { return oAuth1Signature.verify(osr, params, secrets); } catch (OAuth1SignatureException ose) { throw newBadRequestException(); } }