Ejemplo n.º 1
0
  /**
   * Add some of the parameters needed to request access to a protected resource, if they aren't
   * already in the message.
   *
   * @throws IOException
   * @throws URISyntaxException
   */
  public void addRequiredParameters(OAuthAccessor accessor)
      throws OAuthException, IOException, URISyntaxException {
    final Map<String, String> pMap = OAuth.newMap(parameters);
    if (pMap.get(OAuth.OAUTH_TOKEN) == null && accessor.accessToken != null) {
      addParameter(OAuth.OAUTH_TOKEN, accessor.accessToken);
    }
    final OAuthConsumer consumer = accessor.consumer;
    if (pMap.get(OAuth.OAUTH_CONSUMER_KEY) == null) {
      addParameter(OAuth.OAUTH_CONSUMER_KEY, consumer.consumerKey);
    }
    if (pMap.get(OAuth.OAUTH_CALLBACK) == null) {
      if (consumer.callbackURL != null) {
        addParameter(OAuth.OAUTH_CALLBACK, consumer.callbackURL);
      }
    }

    if (pMap.get(OAuth.OAUTH_VERIFIER) == null) {
      if (accessor.getProperty(OAuth.OAUTH_VERIFIER) != null) {
        addParameter(OAuth.OAUTH_VERIFIER, accessor.getProperty(OAuth.OAUTH_VERIFIER).toString());
      }
    }
    String signatureMethod = pMap.get(OAuth.OAUTH_SIGNATURE_METHOD);
    if (signatureMethod == null) {
      signatureMethod = (String) consumer.getProperty(OAuth.OAUTH_SIGNATURE_METHOD);
      if (signatureMethod == null) {
        signatureMethod = OAuth.HMAC_SHA1;
      }
      addParameter(OAuth.OAUTH_SIGNATURE_METHOD, signatureMethod);
    }
    if (pMap.get(OAuth.OAUTH_TIMESTAMP) == null) {
      addParameter(OAuth.OAUTH_TIMESTAMP, (System.currentTimeMillis() / 1000) + "");
    }
    if (pMap.get(OAuth.OAUTH_NONCE) == null) {
      addParameter(OAuth.OAUTH_NONCE, System.nanoTime() + "");
    }
    if (pMap.get(OAuth.OAUTH_VERSION) == null) {
      addParameter(OAuth.OAUTH_VERSION, OAuth.VERSION_1_0);
    }
    this.sign(accessor);
  }
Ejemplo n.º 2
0
  private OAuthEntry getValidatedEntry(OAuthMessage requestMessage)
      throws IOException, ServletException, OAuthException, URISyntaxException {

    OAuthEntry entry = dataStore.getEntry(requestMessage.getToken());
    if (entry == null) throw new OAuthProblemException(OAuth.Problems.TOKEN_REJECTED);

    if (entry.type != OAuthEntry.Type.REQUEST)
      throw new OAuthProblemException(OAuth.Problems.TOKEN_USED);

    if (entry.isExpired()) throw new OAuthProblemException(OAuth.Problems.TOKEN_EXPIRED);

    // find consumer key, compare with supplied value, if present.

    if (requestMessage.getConsumerKey() == null) {
      OAuthProblemException e = new OAuthProblemException(OAuth.Problems.PARAMETER_ABSENT);
      e.setParameter(OAuth.Problems.OAUTH_PARAMETERS_ABSENT, OAuth.OAUTH_CONSUMER_KEY);
      throw e;
    }

    String consumerKey = entry.consumerKey;
    if (!consumerKey.equals(requestMessage.getConsumerKey()))
      throw new OAuthProblemException(OAuth.Problems.CONSUMER_KEY_REFUSED);

    OAuthConsumer consumer = dataStore.getConsumer(consumerKey);

    if (consumer == null) throw new OAuthProblemException(OAuth.Problems.CONSUMER_KEY_UNKNOWN);

    OAuthAccessor accessor = new OAuthAccessor(consumer);

    accessor.requestToken = entry.token;
    accessor.tokenSecret = entry.tokenSecret;

    VALIDATOR.validateMessage(requestMessage, accessor);

    return entry;
  }