protected String getCallbackValue(RequestToken token) throws OAuthProblemException { String callback = token.getCallback(); if (callback == null) { callback = token.getClient().getApplicationURI(); } if (callback == null) { throw new OAuthProblemException(OAuth.Problems.TOKEN_REJECTED); } return callback; }
protected void validateCallbackURL(Client client, String oauthCallback) throws OAuthProblemException { // the callback must not be empty or null, and it should either match // the registered callback URI or have the common root with the // the registered application URI (but only if no callback was registered) if (!StringUtils.isEmpty(oauthCallback)) { boolean registeredCallbackIsEmpty = StringUtils.isEmpty(client.getCallbackURI()); if (!registeredCallbackIsEmpty && oauthCallback.equals(client.getCallbackURI())) { return; } if (registeredCallbackIsEmpty && !StringUtils.isEmpty(client.getApplicationURI()) && oauthCallback.startsWith(client.getApplicationURI())) { return; } } OAuthProblemException problemEx = new OAuthProblemException( OAuth.Problems.PARAMETER_REJECTED + " - " + OAuth.OAUTH_CALLBACK); problemEx .setParameter(OAuthProblemException.HTTP_STATUS_CODE, HttpServletResponse.SC_BAD_REQUEST); throw problemEx; }
protected OAuthAuthorizationData addAdditionalParams(OAuthAuthorizationData secData, OAuthDataProvider dataProvider, RequestToken token) throws OAuthProblemException { secData.setOauthToken(token.getTokenKey()); secData.setApplicationName(token.getClient().getApplicationName()); secData.setApplicationURI(token.getClient().getApplicationURI()); secData.setCallbackURI(getCallbackValue(token)); secData.setApplicationDescription(token.getClient().getApplicationDescription()); secData.setLogoUri(token.getClient().getLogoUri()); secData.setPermissions(token.getScopes()); return secData; }