/** * Validate the given {@code message} as 3 Legged OAuth and get the {@link OAuthConsumer} * * @param message the {@link OAuthMessage} to validate * @return the {@link OAuthConsumer} * @throws Exception */ private OAuthConsumer validate3LOAuthMessage(OAuthMessage message, ServiceProviderToken token) throws Exception { if (token == null || !token.isAccessToken() || !token.getConsumer().getKey().equals(message.getConsumerKey())) { throw new OAuthProblemException(TOKEN_REJECTED); } if (token.hasExpired(clock)) { throw new OAuthProblemException(TOKEN_EXPIRED); } return ConsumerUtils.toOAuthConsumer(token); }
if (token.hasExpired(clock)) { if (LOG.isDebugEnabled()) { LOG.debug(String.format("3-Legged-OAuth token rejected. Token has expired. Token creation time [%d] time to live [%d] clock (contains logging delay) [%d]", token.getCreationTime(), token.getTimeToLive(), clock.timeInMilliseconds()));
private void checkRequestToken(OAuthMessage requestMessage, ServiceProviderToken token) throws Exception { if (token.hasExpired(clock)) { throw new OAuthProblemException(TOKEN_EXPIRED); } if (token.getAuthorization() == Authorization.NONE) { throw new OAuthProblemException(PERMISSION_UNKNOWN); } if (token.getAuthorization() == Authorization.DENIED) { throw new OAuthProblemException(PERMISSION_DENIED); } if (!token.getConsumer().getKey().equals(requestMessage.getConsumerKey())) { throw new OAuthProblemException(TOKEN_REJECTED); } if (V_1_0_A.equals(token.getVersion())) { requestMessage.requireParameters(OAUTH_VERIFIER); if (!token.getVerifier().equals(requestMessage.getParameter(OAUTH_VERIFIER))) { throw new OAuthProblemException(TOKEN_REJECTED); } } }
/** * Check the given {code token} to see if its a valid request token * * @param requestMessage the {@link net.oauth.OAuthMessage} * @param token the {@link com.atlassian.oauth.serviceprovider.ServiceProviderToken request token} * @throws OAuthProblemException * @throws IOException */ private void checkRequestToken(OAuthMessage requestMessage, ServiceProviderToken token) throws OAuthProblemException, IOException { if (token.hasExpired(clock)) { throw new OAuthProblemException(OAuth.Problems.TOKEN_EXPIRED); } if (token.getAuthorization() == ServiceProviderToken.Authorization.NONE) { throw new OAuthProblemException(OAuth.Problems.PERMISSION_UNKNOWN); } if (token.getAuthorization() == ServiceProviderToken.Authorization.DENIED) { throw new OAuthProblemException(OAuth.Problems.PERMISSION_DENIED); } if (!token.getConsumer().getKey().equals(requestMessage.getConsumerKey())) { throw new OAuthProblemException(OAuth.Problems.TOKEN_REJECTED); } if (ServiceProviderToken.Version.V_1_0_A.equals(token.getVersion())) { requestMessage.requireParameters(OAuth.OAUTH_VERIFIER); if (token.getVerifier() != null && !token.getVerifier().equals(requestMessage.getParameter(OAuth.OAUTH_VERIFIER))) { throw new OAuthProblemException(OAuth.Problems.TOKEN_REJECTED); } } }
public ServiceProviderToken getTokenForAuthorization(HttpServletRequest request) throws OAuthProblemException, IOException { OAuthMessage requestMessage = OAuthServlet.getMessage(request, null); requestMessage.requireParameters(OAUTH_TOKEN); ServiceProviderToken token; try { token = store.get(requestMessage.getToken()); } catch (InvalidTokenException e) { throw new OAuthProblemException(TOKEN_REJECTED); } if (token == null || token.isAccessToken()) { throw new OAuthProblemException(TOKEN_REJECTED); } if (token.getAuthorization() == Authorization.AUTHORIZED || token.getAuthorization() == Authorization.DENIED) { throw new OAuthProblemException(TOKEN_USED); } if (token.hasExpired(clock)) { throw new OAuthProblemException(TOKEN_EXPIRED); } return token; }
ServiceProviderToken.Authorization.DENIED) { throw new OAuthProblemException(OAuth.Problems.TOKEN_USED); } else if (token.hasExpired(clock)) { throw new OAuthProblemException(OAuth.Problems.TOKEN_EXPIRED);