/** * The token string. */ public String getToken() { return token.getToken(); }
public static Matcher<? super ServiceProviderToken> equalTo(ServiceProviderToken token) { // Hamcrest's is/equalTo matcher uses Object.equals so Consumer and Session properties // need to be explicitly checked Consumer consumer = token.getConsumer(); Matcher<?> consumerMatcher = consumer == null ? nullValue() : samePropertyValuesAs(consumer); ServiceProviderToken.Session session = token.getSession(); Matcher<?> sessionMatcher = session == null ? nullValue() : samePropertyValuesAs(session); return allOf(hasProperty("consumer", consumerMatcher), hasProperty("session", sessionMatcher), hasProperty("authorization", is(token.getAuthorization())), hasProperty("callback", is(token.getCallback())), hasProperty("creationTime", is(token.getCreationTime())), hasProperty("timeToLive", is(token.getTimeToLive())), hasProperty("user", is(token.getUser())), hasProperty("verifier", is(token.getVerifier())), hasProperty("version", is(token.getVersion())), hasProperty("properties", is(token.getProperties())), hasProperty("token", is(token.getToken())), hasProperty("tokenSecret", is(token.getTokenSecret()))); }
tokenStore.removeAndNotify(token.getToken()); } catch (Exception e) { handleException(response, e, applicationProperties.getBaseUrl(), true); OutputStream out = response.getOutputStream(); formEncode(newList( OAUTH_TOKEN, accessToken.getToken(), OAUTH_TOKEN_SECRET, accessToken.getTokenSecret(), OAUTH_EXPIRES_IN, Long.toString(accessToken.getTimeToLive() / 1000),
/** * Store the given {@code token} * * @param token the {@link com.atlassian.oauth.serviceprovider.ServiceProviderToken} to store * @return the original {@code token} * @throws IOException in case of storage issues */ public synchronized ServiceProviderToken addToken(ServiceProviderToken token) throws IOException { tokens.put(token.getToken(), token); save(); return token; }
private static void setTokenData(OAuthAccessor accessor, ServiceProviderToken token) { Tokens.setCommonTokenData(accessor, token); if (token.isRequestToken()) { if (token.getAuthorization() == Authorization.AUTHORIZED) { accessor.setProperty(Tokens.AccessorProperty.USER, token.getUser()); accessor.setProperty(Tokens.AccessorProperty.AUTHORIZED, true); } else if (token.getAuthorization() == Authorization.DENIED) { accessor.setProperty(Tokens.AccessorProperty.USER, token.getUser()); accessor.setProperty(Tokens.AccessorProperty.AUTHORIZED, false); } } else { accessor.accessToken = token.getToken(); accessor.setProperty(Tokens.AccessorProperty.USER, token.getUser()); accessor.setProperty(Tokens.AccessorProperty.AUTHORIZED, true); } accessor.tokenSecret = token.getTokenSecret(); accessor.setProperty(Tokens.AccessorProperty.CREATION_TIME, token.getCreationTime()); } }
@DELETE @Path("service-provider/{applinkId}/{username}") public Response removeServiceProviderAccessTokens(@PathParam("applinkId") String applinkId, @PathParam("username") String username) throws TypeNotInstalledException { Consumer consumer = getConsumerForApplink(new ApplicationId(applinkId)); Iterable<ServiceProviderToken> tokens = serviceProviderTokenStore.getAccessTokensForUser(username); for (ServiceProviderToken token : tokens) { if (token.getConsumer().getKey().equals(consumer.getKey())) { serviceProviderTokenStore.removeAndNotify(token.getToken()); } } return Response.noContent().build(); }
.session(newSession(token)) .build()); tokenStore.removeToken(token.getToken()); } catch (Exception e) { handleException(response, e, ApplicationLinkStore.getStore().getApplicationUrl(), true); OAuth.OAUTH_TOKEN, accessToken.getToken(), OAuth.OAUTH_TOKEN_SECRET, accessToken.getTokenSecret(), Request.OAUTH_EXPIRES_IN, Long.toString(accessToken.getTimeToLive() / 1000),
public void render(HttpServletRequest request, HttpServletResponse response, ServiceProviderToken token) throws IOException { response.setContentType("text/html;charset=UTF-8"); ConsumerInformationRenderer consumerInfoRenderer = findConsumerInfoRenderer(request, token); Map<String, Object> context = new HashMap<>(); context.put("applicationProperties", applicationProperties); context.put("token", token.getToken()); context.put("csrfToken", xsrfTokenAccessor.getXsrfToken(request, response, true)); context.put("csrfTokenParamName", xsrfTokenValidator.getXsrfParameterName()); context.put("consumer", token.getConsumer()); context.put("consumerRenderer", new AuthorizationConsumerRenderer(consumerInfoRenderer, token, request, response.getWriter())); context.put("accessTokensAdminUri", applicationProperties.getBaseUrl() + AccessTokensServlet.PATH); String callback = request.getParameter(OAUTH_CALLBACK); if (callback != null) { context.put("callback", callback); } try { renderer.render("templates/auth/authorize.vm", unmodifiableMap(context), response.getWriter()); } catch (RenderingException e) { throw new ConsumerInformationRenderException("Could not render consumer information", e); } }
private void redirectBackToConsumerVersion1(HttpServletRequest request, HttpServletResponse response, ServiceProviderToken token) throws IOException { String callback = request.getParameter(OAUTH_CALLBACK); if (isEmpty(callback) && token.getConsumer().getCallback() != null) { callback = token.getConsumer().getCallback().toString(); } if (isEmpty(callback)) { // no call back it must be a client response.setContentType("text/html"); if (token.getAuthorization() == Authorization.AUTHORIZED) { // no call back, display the verification code so the user can enter it manually templateRenderer.render(AUTH_NO_CALLBACK_APPROVAL_V1_TEMPLATE, ImmutableMap.<String, Object>of("token", token), response.getWriter()); } else { templateRenderer.render(AUTH_NO_CALLBACK_DENIED_TEMPLATE, ImmutableMap.<String, Object>of("token", token), response.getWriter()); } } else { if (token.getToken() != null) { callback = addParameters(callback, "oauth_token", token.getToken()); } response.sendRedirect(callback); } }
private void redirectBackToConsumerVersion1a(HttpServletRequest request, HttpServletResponse response, ServiceProviderToken token) throws IOException { URI callback = token.getCallback() == null ? token.getConsumer().getCallback() : token.getCallback(); if (callback == null) { response.setContentType("text/html"); if (token.getAuthorization() == Authorization.AUTHORIZED) { // no call back, display the verification code so the user can enter it manually templateRenderer.render(AUTH_NO_CALLBACK_APPROVAL_V1A_TEMPLATE, ImmutableMap.<String, Object>of("token", token), response.getWriter()); } else { templateRenderer.render(AUTH_NO_CALLBACK_DENIED_TEMPLATE, ImmutableMap.<String, Object>of("token", token), response.getWriter()); } } else { // add the token and verifier parameters to the callback and send the redirect // if the token was denied, then the verifier is set to a placeholder value in case consumers don't handle // a blank or missing verifier parameter response.sendRedirect(addParameters(callback.toString(), OAUTH_TOKEN, token.getToken(), OAUTH_VERIFIER, token.getAuthorization() == Authorization.AUTHORIZED ? token.getVerifier() : "denied") ); } }
String newCallback = OAuth.addParameters(callback.toString(), OAuth.OAUTH_TOKEN, token.getToken()); if (token.getVersion() == ServiceProviderToken.Version.V_1_0_A) { newCallback = OAuth.addParameters(newCallback, OAuth.OAUTH_VERIFIER, token.getAuthorization() == ServiceProviderToken