/** * Computes RFC 2104-compliant HMAC signature. * * @param data the data to be signed * @param token the token * @return signature * @see <a href="http://oauth.net/core/1.0a/#rfc.section.9.2.1">OAuth Core - 9.2.1. Generating * Signature</a> */ /*package*/ String generateSignature(String data, OAuthToken token) { byte[] byteHMAC = null; try { Mac mac = Mac.getInstance(HMAC_SHA1); SecretKeySpec spec; if (null == token) { String oauthSignature = encode(consumerSecret) + "&"; spec = new SecretKeySpec(oauthSignature.getBytes(), HMAC_SHA1); } else { spec = token.getSecretKeySpec(); if (null == spec) { String oauthSignature = encode(consumerSecret) + "&" + encode(token.getTokenSecret()); spec = new SecretKeySpec(oauthSignature.getBytes(), HMAC_SHA1); token.setSecretKeySpec(spec); } } mac.init(spec); byteHMAC = mac.doFinal(data.getBytes()); } catch (InvalidKeyException e) { e.printStackTrace(); } catch (NoSuchAlgorithmException ignore) { // should never happen } return BASE64Encoder.encode(byteHMAC); }
/** * Computes RFC 2104-compliant HMAC signature. * * @param data the data to be signed * @param token the token * @return signature * @see <a href="http://oauth.net/core/1.0a/#rfc.section.9.2.1">OAuth Core - 9.2.1. Generating * Signature</a> */ /* package */ String generateSignature(final String data, final OAuthToken token) { byte[] byteHMAC = null; try { final Mac mac = Mac.getInstance(HMAC_SHA1); SecretKeySpec spec; if (null == token) { final String oauthSignature = HttpParameter.encode(consumerSecret) + "&"; spec = new SecretKeySpec(oauthSignature.getBytes(), HMAC_SHA1); } else { spec = token.getSecretKeySpec(); if (null == spec) { final String oauthSignature = HttpParameter.encode(consumerSecret) + "&" + HttpParameter.encode(token.getTokenSecret()); spec = new SecretKeySpec(oauthSignature.getBytes(), HMAC_SHA1); token.setSecretKeySpec(spec); } } mac.init(spec); byteHMAC = mac.doFinal(data.getBytes()); } catch (final InvalidKeyException ike) { logger.error("Failed initialize \"Message Authentication Code\" (MAC)", ike); throw new AssertionError(ike); } catch (final NoSuchAlgorithmException nsae) { logger.error("Failed to get HmacSHA1 \"Message Authentication Code\" (MAC)", nsae); throw new AssertionError(nsae); } return BASE64Encoder.encode(byteHMAC); }
@Override public int hashCode() { int result = consumerKey != null ? consumerKey.hashCode() : 0; result = 31 * result + (consumerSecret != null ? consumerSecret.hashCode() : 0); result = 31 * result + (oauthToken != null ? oauthToken.hashCode() : 0); return result; }
public List<HttpParameter> generateOAuthSignatureHttpParams(String method, String url) { long timestamp = System.currentTimeMillis() / 1000; long nonce = timestamp + RAND.nextInt(); List<HttpParameter> oauthHeaderParams = new ArrayList<HttpParameter>(5); oauthHeaderParams.add(new HttpParameter("oauth_consumer_key", consumerKey)); oauthHeaderParams.add(OAUTH_SIGNATURE_METHOD); oauthHeaderParams.add(new HttpParameter("oauth_timestamp", timestamp)); oauthHeaderParams.add(new HttpParameter("oauth_nonce", nonce)); oauthHeaderParams.add(new HttpParameter("oauth_version", "1.0")); if (null != oauthToken) { oauthHeaderParams.add(new HttpParameter("oauth_token", oauthToken.getToken())); } List<HttpParameter> signatureBaseParams = new ArrayList<HttpParameter>(oauthHeaderParams.size()); signatureBaseParams.addAll(oauthHeaderParams); parseGetParameters(url, signatureBaseParams); StringBuffer base = new StringBuffer(method).append("&").append(encode(constructRequestURL(url))).append("&"); base.append(encode(normalizeRequestParameters(signatureBaseParams))); String oauthBaseString = base.toString(); String signature = generateSignature(oauthBaseString, oauthToken); oauthHeaderParams.add(new HttpParameter("oauth_signature", signature)); return oauthHeaderParams; }
@Override public boolean equals(Object obj) { if (this == obj) return true; if (obj == null) return false; if (getClass() != obj.getClass()) return false; HttpClient other = (HttpClient) obj; if (accessTokenURL == null) { if (other.accessTokenURL != null) return false; } else if (!accessTokenURL.equals(other.accessTokenURL)) return false; if (authenticationURL == null) { if (other.authenticationURL != null) return false; } else if (!authenticationURL.equals(other.authenticationURL)) return false; if (authorizationURL == null) { if (other.authorizationURL != null) return false; } else if (!authorizationURL.equals(other.authorizationURL)) return false; if (connectionTimeout != other.connectionTimeout) return false; if (oauth == null) { if (other.oauth != null) return false; } else if (!oauth.equals(other.oauth)) return false; if (oauthToken == null) { if (other.oauthToken != null) return false; } else if (!oauthToken.equals(other.oauthToken)) return false; if (password == null) { if (other.password != null) return false; } else if (!password.equals(other.password)) return false; if (proxyAuthPassword == null) { if (other.proxyAuthPassword != null) return false; } else if (!proxyAuthPassword.equals(other.proxyAuthPassword)) return false; if (proxyAuthUser == null) { if (other.proxyAuthUser != null) return false; } else if (!proxyAuthUser.equals(other.proxyAuthUser)) return false; if (proxyHost == null) { if (other.proxyHost != null) return false; } else if (!proxyHost.equals(other.proxyHost)) return false; if (proxyPort != other.proxyPort) return false; if (readTimeout != other.readTimeout) return false; if (requestHeaders == null) { if (other.requestHeaders != null) return false; } else if (!requestHeaders.equals(other.requestHeaders)) return false; if (requestTokenURL == null) { if (other.requestTokenURL != null) return false; } else if (!requestTokenURL.equals(other.requestTokenURL)) return false; if (retryCount != other.retryCount) return false; if (retryIntervalMillis != other.retryIntervalMillis) return false; if (token == null) { if (other.token != null) return false; } else if (!token.equals(other.token)) return false; if (userId == null) { if (other.userId != null) return false; } else if (!userId.equals(other.userId)) return false; return true; }
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws DisabledAccountException { OAuthToken oauthToken = (OAuthToken) token; Profile credential = oauthToken.getCredentials(); String openid = credential.getValidatedId(); throw Lang.makeThrow(LockedAccountException.class, "Account [ %s ] is locked.", openid); /*Sys_user user = getUserService().fetchByOpenID(openid); if (Lang.isEmpty(user)) { boolean isUpdated = StringUtils.isNotBlank(credential.getDisplayName()); String nickName = StringUtils.defaultString(credential.getDisplayName(), openid); String providerid = credential.getProviderId(); //user = getUserService().initUser(nickName, openid, providerid, oauthToken.getAddr(), isUpdated); } //if (user.isLocked()) { //throw Lang.makeThrow(LockedAccountException.class, "Account [ %s ] is locked.", user.getName()); //} //oauthToken.setRname(!user.isUpdated()); oauthToken.setUserId(openid); SimpleAuthenticationInfo account = new SimpleAuthenticationInfo(user, credential, getName()); oauthToken.getSession().setAttribute(org.nutz.web.Webs.ME, user); return account;*/ }
@Override public boolean equals(Object o) { if (this == o) return true; if (!(o instanceof OAuthSupport)) return false; OAuthAuthorization that = (OAuthAuthorization) o; if (consumerKey != null ? !consumerKey.equals(that.consumerKey) : that.consumerKey != null) return false; if (consumerSecret != null ? !consumerSecret.equals(that.consumerSecret) : that.consumerSecret != null) return false; if (oauthToken != null ? !oauthToken.equals(that.oauthToken) : that.oauthToken != null) return false; return true; }
/* package */ String generateAuthorizationHeader( final String method, final String url, HttpParameter[] params, final String nonce, final String timestamp, final OAuthToken otoken) { if (null == params) { params = new HttpParameter[0]; } final List<HttpParameter> oauthHeaderParams = new ArrayList<HttpParameter>(5); oauthHeaderParams.add(new HttpParameter("oauth_consumer_key", consumerKey)); oauthHeaderParams.add(OAUTH_SIGNATURE_METHOD); oauthHeaderParams.add(new HttpParameter("oauth_timestamp", timestamp)); oauthHeaderParams.add(new HttpParameter("oauth_nonce", nonce)); oauthHeaderParams.add(new HttpParameter("oauth_version", "1.0")); if (otoken != null) { oauthHeaderParams.add(new HttpParameter("oauth_token", otoken.getToken())); } final List<HttpParameter> signatureBaseParams = new ArrayList<HttpParameter>(oauthHeaderParams.size() + params.length); signatureBaseParams.addAll(oauthHeaderParams); if (!HttpParameter.containsFile(params)) { signatureBaseParams.addAll(toParamList(params)); } parseGetParameters(url, signatureBaseParams); final StringBuffer base = new StringBuffer(method) .append("&") .append(HttpParameter.encode(constructRequestURL(url))) .append("&"); base.append(HttpParameter.encode(normalizeRequestParameters(signatureBaseParams))); final String oauthBaseString = base.toString(); logger.debug("OAuth base string: ", oauthBaseString); final String signature = generateSignature(oauthBaseString, otoken); logger.debug("OAuth signature: ", signature); oauthHeaderParams.add(new HttpParameter("oauth_signature", signature)); // http://oauth.net/core/1.0/#rfc.section.9.1.1 if (realm != null) { oauthHeaderParams.add(new HttpParameter("realm", realm)); } return "OAuth " + encodeParameters(oauthHeaderParams, ",", true); }
/*package*/ String generateAuthorizationHeader( String method, String url, PostParameter[] params, String nonce, String timestamp, OAuthToken otoken) { if (null == params) { params = new PostParameter[0]; } List<PostParameter> oauthHeaderParams = new ArrayList<PostParameter>(5); oauthHeaderParams.add(new PostParameter("oauth_consumer_key", consumerKey)); oauthHeaderParams.add(OAUTH_SIGNATURE_METHOD); oauthHeaderParams.add(new PostParameter("oauth_timestamp", timestamp)); oauthHeaderParams.add(new PostParameter("oauth_nonce", nonce)); oauthHeaderParams.add(new PostParameter("oauth_version", "1.0")); if (null != otoken) { oauthHeaderParams.add(new PostParameter("oauth_token", otoken.getToken())); } List<PostParameter> signatureBaseParams = new ArrayList<PostParameter>(oauthHeaderParams.size() + params.length); signatureBaseParams.addAll(oauthHeaderParams); signatureBaseParams.addAll(toParamList(params)); parseGetParameters(url, signatureBaseParams); StringBuffer base = new StringBuffer(method).append("&").append(encode(constructRequestURL(url))).append("&"); base.append(encode(normalizeRequestParameters(signatureBaseParams))); String oauthBaseString = base.toString(); log("OAuth base string:", oauthBaseString); String signature = generateSignature(oauthBaseString, otoken); log("OAuth signature:", signature); oauthHeaderParams.add(new PostParameter("oauth_signature", signature)); return "OAuth " + encodeParameters(oauthHeaderParams, ",", true); }
@Override public int hashCode() { final int prime = 31; int result = 1; result = prime * result + ((accessTokenURL == null) ? 0 : accessTokenURL.hashCode()); result = prime * result + ((authenticationURL == null) ? 0 : authenticationURL.hashCode()); result = prime * result + ((authorizationURL == null) ? 0 : authorizationURL.hashCode()); result = prime * result + connectionTimeout; result = prime * result + ((oauth == null) ? 0 : oauth.hashCode()); result = prime * result + ((oauthToken == null) ? 0 : oauthToken.hashCode()); result = prime * result + ((password == null) ? 0 : password.hashCode()); result = prime * result + ((proxyAuthPassword == null) ? 0 : proxyAuthPassword.hashCode()); result = prime * result + ((proxyAuthUser == null) ? 0 : proxyAuthUser.hashCode()); result = prime * result + ((proxyHost == null) ? 0 : proxyHost.hashCode()); result = prime * result + proxyPort; result = prime * result + readTimeout; result = prime * result + ((requestHeaders == null) ? 0 : requestHeaders.hashCode()); result = prime * result + ((requestTokenURL == null) ? 0 : requestTokenURL.hashCode()); result = prime * result + retryCount; result = prime * result + retryIntervalMillis; result = prime * result + ((token == null) ? 0 : token.hashCode()); result = prime * result + ((userId == null) ? 0 : userId.hashCode()); return result; }