/**
* Computes RFC 2104-compliant HMAC signature.
*
* @param data the data to be signed
* @param token the token
* @return signature
* @see <a href="http://oauth.net/core/1.0a/#rfc.section.9.2.1">OAuth Core - 9.2.1. Generating
* Signature</a>
*/
/*package*/ String generateSignature(String data, OAuthToken token) {
byte[] byteHMAC = null;
try {
Mac mac = Mac.getInstance(HMAC_SHA1);
SecretKeySpec spec;
if (null == token) {
String oauthSignature = encode(consumerSecret) + "&";
spec = new SecretKeySpec(oauthSignature.getBytes(), HMAC_SHA1);
} else {
spec = token.getSecretKeySpec();
if (null == spec) {
String oauthSignature = encode(consumerSecret) + "&" + encode(token.getTokenSecret());
spec = new SecretKeySpec(oauthSignature.getBytes(), HMAC_SHA1);
token.setSecretKeySpec(spec);
}
}
mac.init(spec);
byteHMAC = mac.doFinal(data.getBytes());
} catch (InvalidKeyException e) {
e.printStackTrace();
} catch (NoSuchAlgorithmException ignore) {
// should never happen
}
return BASE64Encoder.encode(byteHMAC);
}
/**
* Computes RFC 2104-compliant HMAC signature.
*
* @param data the data to be signed
* @param token the token
* @return signature
* @see <a href="http://oauth.net/core/1.0a/#rfc.section.9.2.1">OAuth Core - 9.2.1. Generating
* Signature</a>
*/
/* package */ String generateSignature(final String data, final OAuthToken token) {
byte[] byteHMAC = null;
try {
final Mac mac = Mac.getInstance(HMAC_SHA1);
SecretKeySpec spec;
if (null == token) {
final String oauthSignature = HttpParameter.encode(consumerSecret) + "&";
spec = new SecretKeySpec(oauthSignature.getBytes(), HMAC_SHA1);
} else {
spec = token.getSecretKeySpec();
if (null == spec) {
final String oauthSignature =
HttpParameter.encode(consumerSecret)
+ "&"
+ HttpParameter.encode(token.getTokenSecret());
spec = new SecretKeySpec(oauthSignature.getBytes(), HMAC_SHA1);
token.setSecretKeySpec(spec);
}
}
mac.init(spec);
byteHMAC = mac.doFinal(data.getBytes());
} catch (final InvalidKeyException ike) {
logger.error("Failed initialize \"Message Authentication Code\" (MAC)", ike);
throw new AssertionError(ike);
} catch (final NoSuchAlgorithmException nsae) {
logger.error("Failed to get HmacSHA1 \"Message Authentication Code\" (MAC)", nsae);
throw new AssertionError(nsae);
}
return BASE64Encoder.encode(byteHMAC);
}
@Override
public int hashCode() {
int result = consumerKey != null ? consumerKey.hashCode() : 0;
result = 31 * result + (consumerSecret != null ? consumerSecret.hashCode() : 0);
result = 31 * result + (oauthToken != null ? oauthToken.hashCode() : 0);
return result;
}
public List<HttpParameter> generateOAuthSignatureHttpParams(String method, String url) {
long timestamp = System.currentTimeMillis() / 1000;
long nonce = timestamp + RAND.nextInt();
List<HttpParameter> oauthHeaderParams = new ArrayList<HttpParameter>(5);
oauthHeaderParams.add(new HttpParameter("oauth_consumer_key", consumerKey));
oauthHeaderParams.add(OAUTH_SIGNATURE_METHOD);
oauthHeaderParams.add(new HttpParameter("oauth_timestamp", timestamp));
oauthHeaderParams.add(new HttpParameter("oauth_nonce", nonce));
oauthHeaderParams.add(new HttpParameter("oauth_version", "1.0"));
if (null != oauthToken) {
oauthHeaderParams.add(new HttpParameter("oauth_token", oauthToken.getToken()));
}
List<HttpParameter> signatureBaseParams =
new ArrayList<HttpParameter>(oauthHeaderParams.size());
signatureBaseParams.addAll(oauthHeaderParams);
parseGetParameters(url, signatureBaseParams);
StringBuffer base =
new StringBuffer(method).append("&").append(encode(constructRequestURL(url))).append("&");
base.append(encode(normalizeRequestParameters(signatureBaseParams)));
String oauthBaseString = base.toString();
String signature = generateSignature(oauthBaseString, oauthToken);
oauthHeaderParams.add(new HttpParameter("oauth_signature", signature));
return oauthHeaderParams;
}
@Override
public boolean equals(Object obj) {
if (this == obj) return true;
if (obj == null) return false;
if (getClass() != obj.getClass()) return false;
HttpClient other = (HttpClient) obj;
if (accessTokenURL == null) {
if (other.accessTokenURL != null) return false;
} else if (!accessTokenURL.equals(other.accessTokenURL)) return false;
if (authenticationURL == null) {
if (other.authenticationURL != null) return false;
} else if (!authenticationURL.equals(other.authenticationURL)) return false;
if (authorizationURL == null) {
if (other.authorizationURL != null) return false;
} else if (!authorizationURL.equals(other.authorizationURL)) return false;
if (connectionTimeout != other.connectionTimeout) return false;
if (oauth == null) {
if (other.oauth != null) return false;
} else if (!oauth.equals(other.oauth)) return false;
if (oauthToken == null) {
if (other.oauthToken != null) return false;
} else if (!oauthToken.equals(other.oauthToken)) return false;
if (password == null) {
if (other.password != null) return false;
} else if (!password.equals(other.password)) return false;
if (proxyAuthPassword == null) {
if (other.proxyAuthPassword != null) return false;
} else if (!proxyAuthPassword.equals(other.proxyAuthPassword)) return false;
if (proxyAuthUser == null) {
if (other.proxyAuthUser != null) return false;
} else if (!proxyAuthUser.equals(other.proxyAuthUser)) return false;
if (proxyHost == null) {
if (other.proxyHost != null) return false;
} else if (!proxyHost.equals(other.proxyHost)) return false;
if (proxyPort != other.proxyPort) return false;
if (readTimeout != other.readTimeout) return false;
if (requestHeaders == null) {
if (other.requestHeaders != null) return false;
} else if (!requestHeaders.equals(other.requestHeaders)) return false;
if (requestTokenURL == null) {
if (other.requestTokenURL != null) return false;
} else if (!requestTokenURL.equals(other.requestTokenURL)) return false;
if (retryCount != other.retryCount) return false;
if (retryIntervalMillis != other.retryIntervalMillis) return false;
if (token == null) {
if (other.token != null) return false;
} else if (!token.equals(other.token)) return false;
if (userId == null) {
if (other.userId != null) return false;
} else if (!userId.equals(other.userId)) return false;
return true;
}
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token)
throws DisabledAccountException {
OAuthToken oauthToken = (OAuthToken) token;
Profile credential = oauthToken.getCredentials();
String openid = credential.getValidatedId();
throw Lang.makeThrow(LockedAccountException.class, "Account [ %s ] is locked.", openid);
/*Sys_user user = getUserService().fetchByOpenID(openid);
if (Lang.isEmpty(user)) {
boolean isUpdated = StringUtils.isNotBlank(credential.getDisplayName());
String nickName = StringUtils.defaultString(credential.getDisplayName(), openid);
String providerid = credential.getProviderId();
//user = getUserService().initUser(nickName, openid, providerid, oauthToken.getAddr(), isUpdated);
}
//if (user.isLocked()) {
//throw Lang.makeThrow(LockedAccountException.class, "Account [ %s ] is locked.", user.getName());
//}
//oauthToken.setRname(!user.isUpdated());
oauthToken.setUserId(openid);
SimpleAuthenticationInfo account = new SimpleAuthenticationInfo(user, credential, getName());
oauthToken.getSession().setAttribute(org.nutz.web.Webs.ME, user);
return account;*/
}
@Override
public boolean equals(Object o) {
if (this == o) return true;
if (!(o instanceof OAuthSupport)) return false;
OAuthAuthorization that = (OAuthAuthorization) o;
if (consumerKey != null ? !consumerKey.equals(that.consumerKey) : that.consumerKey != null)
return false;
if (consumerSecret != null
? !consumerSecret.equals(that.consumerSecret)
: that.consumerSecret != null) return false;
if (oauthToken != null ? !oauthToken.equals(that.oauthToken) : that.oauthToken != null)
return false;
return true;
}
/* package */ String generateAuthorizationHeader(
final String method,
final String url,
HttpParameter[] params,
final String nonce,
final String timestamp,
final OAuthToken otoken) {
if (null == params) {
params = new HttpParameter[0];
}
final List<HttpParameter> oauthHeaderParams = new ArrayList<HttpParameter>(5);
oauthHeaderParams.add(new HttpParameter("oauth_consumer_key", consumerKey));
oauthHeaderParams.add(OAUTH_SIGNATURE_METHOD);
oauthHeaderParams.add(new HttpParameter("oauth_timestamp", timestamp));
oauthHeaderParams.add(new HttpParameter("oauth_nonce", nonce));
oauthHeaderParams.add(new HttpParameter("oauth_version", "1.0"));
if (otoken != null) {
oauthHeaderParams.add(new HttpParameter("oauth_token", otoken.getToken()));
}
final List<HttpParameter> signatureBaseParams =
new ArrayList<HttpParameter>(oauthHeaderParams.size() + params.length);
signatureBaseParams.addAll(oauthHeaderParams);
if (!HttpParameter.containsFile(params)) {
signatureBaseParams.addAll(toParamList(params));
}
parseGetParameters(url, signatureBaseParams);
final StringBuffer base =
new StringBuffer(method)
.append("&")
.append(HttpParameter.encode(constructRequestURL(url)))
.append("&");
base.append(HttpParameter.encode(normalizeRequestParameters(signatureBaseParams)));
final String oauthBaseString = base.toString();
logger.debug("OAuth base string: ", oauthBaseString);
final String signature = generateSignature(oauthBaseString, otoken);
logger.debug("OAuth signature: ", signature);
oauthHeaderParams.add(new HttpParameter("oauth_signature", signature));
// http://oauth.net/core/1.0/#rfc.section.9.1.1
if (realm != null) {
oauthHeaderParams.add(new HttpParameter("realm", realm));
}
return "OAuth " + encodeParameters(oauthHeaderParams, ",", true);
}
/*package*/ String generateAuthorizationHeader(
String method,
String url,
PostParameter[] params,
String nonce,
String timestamp,
OAuthToken otoken) {
if (null == params) {
params = new PostParameter[0];
}
List<PostParameter> oauthHeaderParams = new ArrayList<PostParameter>(5);
oauthHeaderParams.add(new PostParameter("oauth_consumer_key", consumerKey));
oauthHeaderParams.add(OAUTH_SIGNATURE_METHOD);
oauthHeaderParams.add(new PostParameter("oauth_timestamp", timestamp));
oauthHeaderParams.add(new PostParameter("oauth_nonce", nonce));
oauthHeaderParams.add(new PostParameter("oauth_version", "1.0"));
if (null != otoken) {
oauthHeaderParams.add(new PostParameter("oauth_token", otoken.getToken()));
}
List<PostParameter> signatureBaseParams =
new ArrayList<PostParameter>(oauthHeaderParams.size() + params.length);
signatureBaseParams.addAll(oauthHeaderParams);
signatureBaseParams.addAll(toParamList(params));
parseGetParameters(url, signatureBaseParams);
StringBuffer base =
new StringBuffer(method).append("&").append(encode(constructRequestURL(url))).append("&");
base.append(encode(normalizeRequestParameters(signatureBaseParams)));
String oauthBaseString = base.toString();
log("OAuth base string:", oauthBaseString);
String signature = generateSignature(oauthBaseString, otoken);
log("OAuth signature:", signature);
oauthHeaderParams.add(new PostParameter("oauth_signature", signature));
return "OAuth " + encodeParameters(oauthHeaderParams, ",", true);
}
@Override
public int hashCode() {
final int prime = 31;
int result = 1;
result = prime * result + ((accessTokenURL == null) ? 0 : accessTokenURL.hashCode());
result = prime * result + ((authenticationURL == null) ? 0 : authenticationURL.hashCode());
result = prime * result + ((authorizationURL == null) ? 0 : authorizationURL.hashCode());
result = prime * result + connectionTimeout;
result = prime * result + ((oauth == null) ? 0 : oauth.hashCode());
result = prime * result + ((oauthToken == null) ? 0 : oauthToken.hashCode());
result = prime * result + ((password == null) ? 0 : password.hashCode());
result = prime * result + ((proxyAuthPassword == null) ? 0 : proxyAuthPassword.hashCode());
result = prime * result + ((proxyAuthUser == null) ? 0 : proxyAuthUser.hashCode());
result = prime * result + ((proxyHost == null) ? 0 : proxyHost.hashCode());
result = prime * result + proxyPort;
result = prime * result + readTimeout;
result = prime * result + ((requestHeaders == null) ? 0 : requestHeaders.hashCode());
result = prime * result + ((requestTokenURL == null) ? 0 : requestTokenURL.hashCode());
result = prime * result + retryCount;
result = prime * result + retryIntervalMillis;
result = prime * result + ((token == null) ? 0 : token.hashCode());
result = prime * result + ((userId == null) ? 0 : userId.hashCode());
return result;
}
