private void redirectBackToConsumerVersion1(HttpServletRequest request, HttpServletResponse response, ServiceProviderToken token) throws IOException { String callback = request.getParameter(OAUTH_CALLBACK); if (isEmpty(callback) && token.getConsumer().getCallback() != null) { callback = token.getConsumer().getCallback().toString(); } if (isEmpty(callback)) { // no call back it must be a client response.setContentType("text/html"); if (token.getAuthorization() == Authorization.AUTHORIZED) { // no call back, display the verification code so the user can enter it manually templateRenderer.render(AUTH_NO_CALLBACK_APPROVAL_V1_TEMPLATE, ImmutableMap.<String, Object>of("token", token), response.getWriter()); } else { templateRenderer.render(AUTH_NO_CALLBACK_DENIED_TEMPLATE, ImmutableMap.<String, Object>of("token", token), response.getWriter()); } } else { if (token.getToken() != null) { callback = addParameters(callback, "oauth_token", token.getToken()); } response.sendRedirect(callback); } }
private void redirectBackToConsumerVersion1a(HttpServletRequest request, HttpServletResponse response, ServiceProviderToken token) throws IOException { URI callback = token.getCallback() == null ? token.getConsumer().getCallback() : token.getCallback(); if (callback == null) { response.setContentType("text/html"); if (token.getAuthorization() == Authorization.AUTHORIZED) { // no call back, display the verification code so the user can enter it manually templateRenderer.render(AUTH_NO_CALLBACK_APPROVAL_V1A_TEMPLATE, ImmutableMap.<String, Object>of("token", token), response.getWriter()); } else { templateRenderer.render(AUTH_NO_CALLBACK_DENIED_TEMPLATE, ImmutableMap.<String, Object>of("token", token), response.getWriter()); } } else { // add the token and verifier parameters to the callback and send the redirect // if the token was denied, then the verifier is set to a placeholder value in case consumers don't handle // a blank or missing verifier parameter response.sendRedirect(addParameters(callback.toString(), OAUTH_TOKEN, token.getToken(), OAUTH_VERIFIER, token.getAuthorization() == Authorization.AUTHORIZED ? token.getVerifier() : "denied") ); } }
/** * Converts a {@code Consumer} to an {@code OAuthConsumer}, uses the {@code sharedSecret} in the * {@code OAuthConsumer}s constructor so that it is suitable for signing. * * @param consumer {@code Consumer} to be converted to an {@code OAuthConsumer} * @param sharedSecret shared secret to use to sign requests * @param oauthServiceProvider {@code OAuthServiceProvider} to set as the {@link OAuthConsumer#serviceProvider} attribute * @return {@code OAuthConsumer} converted from the {@code Consumer} */ public static OAuthConsumer asOAuthConsumer(Consumer consumer, String sharedSecret, OAuthServiceProvider oauthServiceProvider) { checkNotNull(consumer, "consumer"); checkNotNull(oauthServiceProvider, "oauthServiceProvider"); String callback = consumer.getCallback() != null ? consumer.getCallback().toString() : null; OAuthConsumer oauthConsumer = new OAuthConsumer(callback, consumer.getKey(), sharedSecret, oauthServiceProvider); oauthConsumer.setProperty(ConsumerProperty.NAME, consumer.getName()); oauthConsumer.setProperty(ConsumerProperty.DESCRIPTION, consumer.getDescription()); if (consumer.getSignatureMethod() == SignatureMethod.RSA_SHA1) { oauthConsumer.setProperty(OAuth.OAUTH_SIGNATURE_METHOD, OAuth.RSA_SHA1); oauthConsumer.setProperty(RSA_SHA1.PUBLIC_KEY, consumer.getPublicKey()); } else { oauthConsumer.setProperty(OAuth.OAUTH_SIGNATURE_METHOD, OAuth.HMAC_SHA1); } return oauthConsumer; }
.publicKey(consumer.getPublicKey()) .signatureMethod(consumer.getSignatureMethod()) .callback(consumer.getCallback()) .twoLOAllowed(twoLoEnabled)
public static Consumer.InstanceBuilder consumerBuilder(@Nonnull Consumer consumer) { checkNotNull(consumer, "consumer"); Consumer.InstanceBuilder builder = new Consumer.InstanceBuilder(consumer.getKey()) .name(consumer.getName()) .description(consumer.getDescription()) .signatureMethod(consumer.getSignatureMethod()) .callback(consumer.getCallback()) .twoLOAllowed(consumer.getTwoLOAllowed()) .executingTwoLOUser(consumer.getExecutingTwoLOUser()) .twoLOImpersonationAllowed(consumer.getTwoLOImpersonationAllowed()); if (consumer.getPublicKey() != null) { builder.publicKey(consumer.getPublicKey()); } return builder; } }
public RestConsumer(@Nonnull Consumer consumer) { checkNotNull(consumer, "consumer"); put(KEY, consumer.getKey()); put(NAME, consumer.getName()); putIfNotNull(DESCRIPTION, consumer.getDescription()); put(SIGNATURE_METHOD, consumer.getSignatureMethod().name()); if (consumer.getPublicKey() != null) { put(PUBLIC_KEY, RSAKeys.toPemEncoding(consumer.getPublicKey())); } putAsString(CALLBACK, consumer.getCallback()); put(TWO_LO_ALLOWED, consumer.getTwoLOAllowed()); putIfNotNull(EXECUTING_TWO_LO_USER, consumer.getExecutingTwoLOUser()); put(TWO_LO_IMPERSONATION_ALLOWED, consumer.getTwoLOImpersonationAllowed()); }
@Nonnull public ConsumerEntity build() { String publicKey; if (consumer.getPublicKey() != null) { publicKey = RSAKeys.toPemEncoding(consumer.getPublicKey()); } else { publicKey = null; } return new ConsumerEntity(self, consumer.getKey(), consumer.getName(), consumer.getDescription(), consumer.getSignatureMethod().name(), publicKey, consumer.getCallback(), consumer.getTwoLOAllowed(), consumer.getExecutingTwoLOUser(), consumer.getTwoLOImpersonationAllowed() ); } }
@Test public void testServiceProviderConsumerStoreCanStoreConfiguration() throws Exception { PublicKey publicKey = RSAKeys.fromPemEncodingToPublicKey(CONSUMER_PUBLIC_KEY); final Consumer consumer = Consumer.key(CONSUMER_KEY) .name("Test Consumer Name") .publicKey(publicKey) .description("Consumer Description") .callback(URI.create(appProp.getBaseUrl() + "/consumer/oauthcallback1")) .build(); consumerStore.put(consumer); final Consumer savedConsumer = consumerStore.get(CONSUMER_KEY); assertEquals(CONSUMER_KEY, savedConsumer.getKey()); assertEquals("Test Consumer Name", savedConsumer.getName()); assertEquals(publicKey, savedConsumer.getPublicKey()); assertEquals("Consumer Description", savedConsumer.getDescription()); assertEquals(URI.create(appProp.getBaseUrl() + "/consumer/oauthcallback1"), savedConsumer.getCallback()); }
.publicKey(consumer.getPublicKey()) .signatureMethod(consumer.getSignatureMethod()) .callback(consumer.getCallback()) .twoLOAllowed(consumerEntity.isTwoLOAllowed()) .executingTwoLOUser(consumerEntity.getExecutingTwoLOUser()) .publicKey(consumer.getPublicKey()) .signatureMethod(consumer.getSignatureMethod()) .callback(consumer.getCallback()) .twoLOAllowed(consumerEntity.isTwoLOAllowed()) .executingTwoLOUser(consumerEntity.getExecutingTwoLOUser())